relating static and dynamic semantics

Relating Static and Dynamic Semantics

COS 441

Princeton University

Fall 2004

Motivations

• We want to know that when evaluating certain well-formed programs certain errors never occur

• Example– Transition semantics for -calculus is “stuck”

when applied to expressions with free variables in it

– So if {} ` E ok then E should never be “stuck”

Formal Statement

isFinal(e) = e 2 F

steps(e) = 9 e’. e e’

stuck(e) = :(steps(e) or isFinal(e))

Soundness Theorem:

If {} ` E ok and E * E’ then :stuck(E’)

Formal Statement

isFinal(e) = e 2 F

steps(e) = 9 e’. e e’

stuck(e) = :(steps(e) or isFinal(e))

Soundness Theorem:

If {} ` E ok and E * E’ then

(steps(E’) or isFinal(E’))

Proof: Soundness Theorem

By induction on derivations of * with Preservation and Progress Lemmas

Preservation Lemma:

If {} ` E ok and E E’ then {} ` E’ ok

Progress Lemma:

If {} ` E ok then (steps(E) or isFinal(E))

Warning!!

• The remainder of the lecture consists of a series of tedious proofs – Take that swig of coffee now– Slides will be on web-site

• Last set of tedious proofs in lecture– I’ll assign them as homework from now on! ;)– What we discuss today is a template for

Assignment 3

Proof by Induction over *

To show 8 e,e’ P(e,e’) we must show

case Z*: IH(E,E)

case S*: If E E’ and IH(E’,E’’) then IH(E,E’’)

IH(e,e’) = If {} ` e ok and e * e’ then

(steps(e’) or isFinal(e’))

S * SZ*

S * S’’

S S’ S’ * S’’S*

case Z*: IH(E,E)

case Z*: If {} ` E ok and E * E then (steps(E) or isFinal(E))

case Z*: (steps(E) or isFinal(E))

1. {} ` E ok and E * E by assumption

case Z*:

2. (steps(E) or isFinal(E))

case Z*:

2. (steps(E) or isFinal(E))

by Progress Lemma with (1)

case S*: If E E’ and IH(E’,E’’) then IH(E,E’’)

case S*: IH(E,E’’)

1. E E’ and IH(E’,E’’) by assumption

case S*: If {} ` E ok and E * E’’ then

(steps(E’’) or isFinal(E’’))

case S*: (steps(E’’) or isFinal(E’’))

2. {} ` E ok and E * E’’ by assumption

3. ` E’ ok by Preservation with (2,1)

4. E’ * E’’ by inversion of S* and (2)

5. (steps(E) or isFinal(E’’))

by IH with (3, 4)

3. {} ` E’ ok by ?? E’ * E’’ by inversion of S* and (2)

by IH with (3, 4)

3. {} ` E’ ok by Preservation with (2,1)

by IH with (3, 4)

4. E’ * E’’ by ??

5. (steps(E’’) or isFinal(E’’))

by IH with (3, 4)

case S*:

by IH(E’,E’’) with (3, 4)

Notes About our Proof

• Note our Proof works for any single step relation ()

• Specific details of step function factored into Progress and Preservation lemmas

• Need to refer to the static and dynamic semantics of the step relation to prove Progress and Preservation Lemmas

Static Semantics for -calculus

Names x 2 …Expressions e ::= lam(x.e) | apply(e1,e2)| x

` X okX 2

` apply(E1,E2)ok

` E1 ok ` E2 okok-A

` lam(X.E)ok

[ {X} ` E ok X ok-L

Dynamic Semantics for -calculus

((x.e1) e2) ((x.e1) e’2)

e2 e’2A2

((x.e1) (y.e2)) [xÃ(y.e2)] e1 A1

(e1 e2) (e’1 e2)

e1 e’1 A3

I = { E | {} ` E ok }

S = { E | 9. ` E ok }

F = { x.e | {} ` x.e ok }

Proof: Preservation Lemma

Proof by induction on the derivations of E E’

case A1: IH(((X.E1) (Y.E2)),[X Ã (Y.E2)] E1)

case A2: If IH(E2,E’2) then

IH(((X.E1) E2)),((X.E1) E’2))

IH((E1 E2)),(E’1 E2))

IH(e,e’) = If {} ` e ok and e e’ then {} ` e’ ok

case A1: If {} ` ((X.E1) (Y.E1)) ok and ((X.E1) (Y.E1)) [X Ã (Y.E2)] E1 then {} ` [X Ã (Y.E2)] E1 ok

case A1: {} ` [X Ã (Y.E2)] E1 ok

1. {} ` ((X.E1) (Y.E2)) ok and ((X.E1) (Y.E2)) [X Ã (Y.E2)] E1 by assumption

2. {} ` (X.E1) ok and {} ` (Y.E2) okby inversion of ok-A and (1)

3. {} [ {X} ` E1 ok by inversion of ok-L and (2)

4. {} ` [X Ã (Y.E2)] E1 ok by Substitution Lemma with (3) and (2)

case A1: {} ` [X Ã (Y.E2)] E1 ok

2. {} ` (X.E1) ok and {} ` (Y.E2) okby ??

case A1: {} ` [X Ã (Y.E2)] E1 ok

3. {} [ {X} ` E1 ok by ??

case A1: {} ` [X Ã (Y.E2)] E1 ok

4. {} ` [X Ã (Y.E2)] E1 ok by ??

case A1: {} ` [X Ã (Y.E2)] E1 ok

Substitution Lemma

Proof by induction on the derivations of ` E ok

If [ {X} ` E ok and {} ` E’ ok then

` [XÃE’]E ok

case ok-V: …

case ok-L: …

case ok-A: …

IH(env,e) = If env [ {X} ` e ok and {} ` E’ ok then env ` [XÃE’]e ok

Substitution

Proof by induction on the derivations of ` E okIf [ {X} ` E ok and {} ` E’ ok then ` [XÃE’]E ok

case ok-V: If X 2 then IH(,X)case ok-L: If IH( [ {X}, E) and X then

IH(,(X.E))case ok-A: If IH(,E1) and IH(,E2) then

IH(,(E1 E2))

IH(env,e) = If env [ {X} ` e ok and {} ` E’ ok then env ` [XÃE’]e ok

Proof: Substitution

case ok-V: 1. X 2 by assumption2.[ {Y} ` X ok and {} ` E’ ok by assumption3. ` [YÃE’]X ok by casescase X = Y:

3.1. [YÃE’]X = E’ by def of subst.3.2. ` E’ ok by (2)3.3. ` [YÃE’]X ok by (3.1) and (3.2)

case X Y:3.1. [YÃE’]X = X by def of subst.3.2. ` X ok by ok-V and (1)3.3. ` [YÃE’]X ok by (3.1) and (3.2)

Proof: Substitution

case ok-L: If IH( [ {X}, E) and X then IH(,(X.E))

Proof: Substitution

case ok-A: If IH(,E1) and IH(,E2) then IH(,(E1 E2))

IH(((X.E1) E2)),((X.E1) E’2))

case A2: IH(((X.E1) E2)),((X.E1) E’2))

1. IH(E2,E’2) by assumption

case A2: If {} ` ((X.E1) E2)) ok and

((X.E1) E2)) ((X.E1) E’2) then

{} ` ((X.E1) E’2) ok

case A2: {} ` ((X.E1) E’2) ok

2. {} ` ((X.E1) E2)) ok and ((X.E1) E2)) ((X.E1) E’2) by assumption

3. {} ` (X.E1) ok and {} ` E2 ok by inversion of ok-A and (2)

4. E2 E’2 by inversion of A2

5. {} ` E’2 ok by IH(E2,E’2) with (3) and (4)

6. {} ` ((X.E1) E’2) okby ok-A with (3) and (5)

case A2: {} ` ((X.E1) E’2) ok

3. {} ` (X.E1) ok and {} ` E2 ok by ??

case A2: {} ` ((X.E1) E’2) ok

4. E2 E’2 by ??

case A2: {} ` ((X.E1) E’2) ok

4. E2 E’2 by inversion of A2 and (2)

case A2: {} ` ((X.E1) E’2) ok

5. {} ` E’2 ok by ??

case A2: {} ` ((X.E1) E’2) ok

6. {} ` ((X.E1) E’2) okby ??

case A2: {} ` ((X.E1) E’2) ok

IH(E1 E2)),(E’1 E2))

case A3: IH((E1 E2)),((E’1 E2))

case A3: If {} ` (E1 E2) ok and

(E1 E2) (E’1 E2) then {} ` (E’1 E2) ok

case A3: {} ` (E’1 E2) ok

2. {} ` (E1 E2) ok and (E1 E2) (E’1 E’2)by assumption

3. {} ` E1 ok and {} ` E2 ok by inversion of ok-A and (2)

6. {} ` (E’1 E2) ok by ok-A with (5) and (3)

case A3: {} ` (E’1 E2) ok

Progress Lemma

Proof by induction on the derivations of ` E ok

case ok-V: If X 2 then IH(,X)case ok-L: If IH([ {X}, E) and X then

IH(,(X.E))

IH(env,e) = If env = {} and env ` e ok then (steps(e) or isFinal(e))

Proof: Progress Lemma

case ok-V: If X 2 then IH(,X)

case ok-V: IH(,X)

1. X 2 by assumption

case ok-V: If = {} and ` X ok then

(steps(X) or isFinal(X))

case ok-V: If = {} and {} ` X ok then

(steps(X) or isFinal(X))

case ok-V: steps(X) or isFinal(X)

2. = {} and {} ` X ok by assumption

3. X 2 {} by (1) and (2)

4. (steps(X) or isFinal(X)) by contradiction implied by (3)

3. X 2 {} by ??

3. X 2 {} by (1) and (2)

case ok-V: (steps(X) or isFinal(X))

3. X 2 {} by (2) and invert-ok-V

4. steps(X) or isFinal(X) by ??

case ok-V: (steps(X) or isFinal(X))

3. X 2 {} by (2) and invert-ok-V

4. steps(X) or isFinal(X) by contradiction implied by (3)

case ok-L: If IH([ {X}, E) and X then IH(,(X.E))

case ok-L: IH(,(X.E))

1. IH([ {X}, E) and X by assumption

case ok-L: If = {} and ` (X.E) ok then (steps((X.E)) or isFinal((X.E)))

case ok-L: steps((X.E)) or isFinal((X.E))

2. = {} and ` (X.E) ok by assumption

3. {} ` (X.E) ok by (2)

4. (X.E) 2 F by definition of F and (3)

5. isFinal((X.E)) by definition of isFinal and (4)

6. steps((X.E)) or isFinal((X.E)) by (5)

3. {} ` (X.E) ok by ??

3. {} ` (X.E) ok by (2)

4. (X.E) 2 F by ??

3. {} ` (X.E) ok by (2)

5. isFinal((X.E)) by ??

3. {} ` (X.E) ok by (2)

6. steps((X.E)) or isFinal((X.E)) by ??

3. {} ` (X.E) ok by (2)

case ok-A: IH(,(E1 E2))

1. IH(,E1) and IH(,E2)

case ok-A: If = {} and ` (E1 E2) ok then (steps((E1 E2)) or isFinal((E1 E2)))

1. IH(,E1) and IH(,E2) by assumption

case ok-A: steps((E1 E2)) or isFinal((E1 E2))

2. = {} and ` (E1 E2) ok by assumption

3. {} ` (E1 E2) ok by (2)

4. {} ` E1 ok and {} ` E2 ok by inversion of ok-A

5. 9 e. (E1 E2) e by induction on (E1 E2) e …

6. steps((E1 E2)) by definition of steps and (5)

7. steps((E1 E2)) or isFinal((E1 E2)) by (6)

3. {} ` (E1 E2) ok by (2)

5. 9 e. (E1 E2) e by cases …

3. {} ` (E1 E2) ok by (2)

5. 9 e. (E1 E2) e by cases …

3. {} ` (E1 E2) ok by (2)

5. 9 e. (E1 E2) e by cases …

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

case E1 = (X’.E’) and E2 F:

5.1. E2 E’2 by IH({},E2) with (4) and E2 F

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by ??

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.1. E2 E’2 by ??

5.2. (E1 E2) (E1 E’2)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.2. (E1 E2) (E1 E’2) by ??

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.1. E1 E’1 by ??

5.2. (E’1 E2) (E’1 E2)

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by ??

5. 9 e. (E1 E2) e by cases (E1 E2)

case E1 = (X’.E’) and E2 = (X’’.E’’):

5.1. (E1 E2) [X’ Ã(X’’.E’’) ] E’ by A1

5.2. (E1 E2) (E1 E’2) by A2 with (5.1)

case E1 F :

5.2. (E’1 E2) (E’1 E2) by A3 with (5.1)

Summary

Soundness Theorem:If {} ` E ok and E * E’ then :stuck(E’)

Preservation Lemma: If {} ` E ok and E E’ then {} ` E’ ok

Progress Lemma:If {} ` E ok then (steps(E) or isFinal(E))

Substitution Lemma:If [ {X} ` E ok and {} ` E’ ok then

` [XÃE’]E ok

Summary

• Soundness follows from Preservation and Progress by induction on the ?? relation– Soundness means well formed programs

don’t get “stuck”

Summary

• Soundness follows from Preservation and Progress by induction on the * relation– Soundness means well formed programs

Summary

• Preservation follows by induction on the ?? relation

Summary

• Preservation follows by induction on the relation

Summary

• Progress follows by induction on the wellformedness relation ??

Summary

• Progress follows by induction on the wellformedness relation ( ` E ok)

Lesson Learned

• High-level structure of soundness proof– All soundness for SOS semantics proofs are

basically the same – The details vary in small but important ways

• Proofs are straightforward but tedious – Details easy to get confused if not organized

• Someone ought to automate these proofs or at least their checking – See Twelf, Coq, Isabella/HOL … etc.

relating static and dynamic semantics

isfinale e e

e estucke

e ok progress lemma

soundness theoremcase

soundness theoremcase

isfinale proof

inversion of s

ecase s

Documents

relating static and dynamic machine code measurements

declarative semantics definition - static analysis and error...

semantics “semantics” has to do with the meaning of a...

linguistics.ucla.edulinguistics.ucla.edu/people/hunter/dissertation/dissertation-draft.pdf ·...

semantics 1: lexical semantics

1 semantic analysis check semantics error reporting...

a semantics for static type...

static-curis.ku.dk€¦ · formal semantics and functional...

static and dynamic semantics of nosql...

static analysis and veriﬁcation of aerospace...

graph-based semantics of the .net intermediate...

relating complexity and precision in control flow...

chapter 3 semantics chapter 3: semantics · chapter 3:...

semantic analysis iii static semantics

cosc252: programming languages: runtime stack and...

a semantics for static type inference

semantics and computational semantics

a review: relating low level features to high level ... ·...

copyright © 2006 addison-wesley. all rights reserved. 3.5...

spectral correlates of timbral semantics relating to the...