Denotational Semantics 8–12 lectures for Part II CST 2010/11 Marcelo Fiore Course web page: http://www.cl.cam.ac.uk/teaching/1011/DenotSem/ 1 Lecture 1 Introduction 2 What is this course about? • General area. Formal methods: Mathematical techniques for the specification, development, and verification of software and hardware systems. • Specific area. Formal semantics: Mathematical theories for ascribing meanings to computer languages. 3 Why do we care? 4 Why do we care? • Rigour. specification of programming languages . justification of program transformations 4 Why do we care? • Rigour. specification of programming languages . justification of program transformations • Insight. generalisations of notions computability . higher-order functions ... data structures 4 • Feedback into language design. continuations . monads 5 • Feedback into language design. continuations . monads • Reasoning principles. Scott induction . Logical relations . Co-induction 5 Styles of formal semantics Operational. Axiomatic. Denotational. 6 Styles of formal semantics Operational. Meanings for program phrases defined in terms of the steps of computation they can take during program execution. Axiomatic. Denotational. 6 Styles of formal semantics Operational. Meanings for program phrases defined in terms of the steps of computation they can take during program execution. Axiomatic. Meanings for program phrases defined indirectly via the ax- ioms and rules of some logic of program properties. Denotational. 6 Styles of formal semantics Operational. Meanings for program phrases defined in terms of the steps of computation they can take during program execution. Axiomatic. Meanings for program phrases defined indirectly via the ax- ioms and rules of some logic of program properties. Denotational. Concerned with giving mathematical models of programming languages. Meanings for program phrases defined abstractly as elements of some suitable mathematical structure. 6 Basic idea of denotational semantics [[−]] Syntax −→ Semantics P 7→ [[P ]] 7 Basic idea of denotational semantics [[−]] Syntax −→ Semantics Recursive program 7→ Partial recursive function P 7→ [[P ]] 7 Basic idea of denotational semantics [[−]] Syntax −→ Semantics Recursive program 7→ Partial recursive function Boolean circuit 7→ Boolean function P 7→ [[P ]] 7 Basic idea of denotational semantics [[−]] Syntax −→ Semantics Recursive program 7→ Partial recursive function Boolean circuit 7→ Boolean function P 7→ [[P ]] Concerns: • Abstract models (i.e. implementation/machine independent). Lectures 2, 3 and 4. 7 Basic idea of denotational semantics [[−]] Syntax −→ Semantics Recursive program 7→ Partial recursive function Boolean circuit 7→ Boolean function P 7→ [[P ]] Concerns: • Abstract models (i.e. implementation/machine independent). Lectures 2, 3 and 4. • Compositionality. Lectures 5 and 6. 7 Basic idea of denotational semantics [[−]] Syntax −→ Semantics Recursive program 7→ Partial recursive function Boolean circuit 7→ Boolean function P 7→ [[P ]] Concerns: • Abstract models (i.e. implementation/machine independent). Lectures 2, 3 and 4. • Compositionality. Lectures 5 and 6. • Relationship to computation (e.g. operational semantics). Lectures 7 and 8. 7 Characteristic features of a denotational semantics • Each phrase (= part of a program), P , is given a denotation, [[P ]] — a mathematical object representing the contribution of P to the meaning of any complete program in which it occurs. • The denotation of a phrase is determined just by the denotations of its subphrases (one says that the semantics is compositional). 8 Basic example of denotational semantics (I) IMP− syntax Arithmetic expressions A ∈ Aexp ::= n | L | A + A | ... where n ranges over integers and L over a specified set of locations L Boolean expressions B ∈ Bexp ::= true | false | A = A | ... | ¬B | ... Commands C ∈ Comm ::= skip | L := A | C; C | if B then C else C 9 Basic example of denotational semantics (II) Semantic functions A : Aexp → (State → Z) where Z = { ..., −1, 0, 1,... } State = (L → Z) 10 Basic example of denotational semantics (II) Semantic functions A : Aexp → (State → Z) B : Bexp → (State → B) where Z = { ..., −1, 0, 1,... } B = { true, false } State = (L → Z) 10 Basic example of denotational semantics (II) Semantic functions A : Aexp → (State → Z) B : Bexp → (State → B) C : Comm → (State ⇀ State) where Z = { ..., −1, 0, 1,... } B = { true, false } State = (L → Z) 10 Basic example of denotational semantics (III) Semantic function A A[[n]] = λs ∈ State.n A[[L]] = λs ∈ State. s(L) A[[A1 + A2]] = λs ∈ State. A[[A1]](s)+ A[[A2]](s) 11 Basic example of denotational semantics (IV) Semantic function B B[[true]] = λs ∈ State. true B[[false]] = λs ∈ State. false B[[A1 = A2]] = λs ∈ State. eq A[[A1]](s), A[[A2]](s) true if a = a′ where ′ eq(a,a )= ′ ( false if a 6= a 12 Basic example of denotational semantics (V) Semantic function C [[skip]] = λs ∈ State. s NB: From now on the names of semantic functions are omitted! 13 A simple example of compositionality Given partial functions [[C]], [[C′]] : State ⇀ State and a function [[B]] : State → {true, false}, we can define [[if B then C else C′]] = λs ∈ State. if [[B]](s), [[C]](s), [[C′]](s) where ′ x if b = true if (b, x, x )= ′ (x if b = false 14 Basic example of denotational semantics (VI) Semantic function C [[L := A]] = λs ∈ State. λℓ ∈ L. if ℓ = L, [[A]](s), s(ℓ) 15 Denotational semantics of sequential composition Denotation of sequential composition C; C′ of two commands [[C; C′]] = [[C′]] ◦ [[C]] = λs ∈ State. [[C′]] [[C]](s) given by composition of the partial functions from states to states [[C]], [[C′]] : State ⇀ State which are the denotations of the commands. 16 Denotational semantics of sequential composition Denotation of sequential composition C; C′ of two commands [[C; C′]] = [[C′]] ◦ [[C]] = λs ∈ State. [[C′]] [[C]](s) given by composition of the partial functions from states to states [[C]], [[C′]] : State ⇀ State which are the denotations of the commands. Cf. operational semantics of sequential composition: C,s ⇓ s′ C′,s′ ⇓ s′′ . C; C′,s ⇓ s′′ 16 [[while B do C]] 17 Fixed point property of [[while B do C]] [[while B do C]] = f[[B]],[[C]]([[while B do C]]) where, for each b : State → {true, false} and c : State ⇀ State, we define fb,c :(State ⇀ State) → (State ⇀ State) as fb,c = λw ∈ (State⇀State). λs ∈ State. if b(s),w(c(s)), s . 17 Fixed point property of [[while B do C]] [[while B do C]] = f[[B]],[[C]]([[while B do C]]) where, for each b : State → {true, false} and c : State ⇀ State, we define fb,c :(State ⇀ State) → (State ⇀ State) as fb,c = λw ∈ (State⇀State). λs ∈ State. if b(s),w(c(s)), s . • Why does w = f[[B]],[[C]](w) have a solution? • What if it has several solutions—which one do we take to be [[while B do C]]? 17 Approximating [[while B do C]] 18 Approximating [[while B do C]] n f[[B]],[[C]] (⊥) = λs ∈ State. [[C]]k(s) if ∃ 0 ≤ k <n. [[B]]([[C]]k(s)) = false i and ∀ 0 ≤ i<k. [[B]]([[C]] (s)) = true ↑ if ∀ 0 ≤ i<n. [[B]]([[C]]i(s)) = true 18 def D = (State ⇀ State) • Partial order ⊑ on D: w ⊑ w′ iff for all s ∈ State, if w is defined at s then so is w′ and moreover w(s)= w′(s). iff the graph of w is included in the graph of w′. • Least element ⊥∈ D w.r.t. ⊑: ⊥ = totally undefined partial function = partial function with empty graph (satisfies ⊥⊑ w, for all w ∈ D). 19 Lecture 2 Least Fixed Points 20 Thesis All domains of computation are partial orders with a least element. 21 Thesis All domains of computation are partial orders with a least element. All computable functions are mononotic. 21 Partially ordered sets A binary relation ⊑ on a set D is a partial order iff it is reflexive: ∀d ∈ D. d ⊑ d transitive: ∀d,d′,d′′ ∈ D. d ⊑ d′ ⊑ d′′ ⇒ d ⊑ d′′ anti-symmetric: ∀d,d′ ∈ D. d ⊑ d′ ⊑ d ⇒ d = d′. Such a pair (D, ⊑) is called a partially ordered set, or poset. 22 x ⊑ x x ⊑ y y ⊑ z x ⊑ z x ⊑ y y ⊑ x x = y 23 Domain of partial functions, X ⇀ Y 24 Domain of partial functions, X ⇀ Y Underlying set: all partial functions, f, with domain of definition dom(f) ⊆ X and taking values in Y . 24 Domain of partial functions, X ⇀ Y Underlying set: all partial functions, f, with domain of definition dom(f) ⊆ X and taking values in Y . Partial order: f ⊑ g iff dom(f) ⊆ dom(g) and ∀x ∈ dom(f).f(x)= g(x) iff graph(f) ⊆ graph(g) 24 Monotonicity • A function f : D → E between posets is monotone iff ∀d,d′ ∈ D. d ⊑ d′ ⇒ f(d) ⊑ f(d′). x ⊑ y (f monotone) f(x) ⊑ f(y) 25 Least Elements Suppose that D is a poset and that S is a subset of D. An element d ∈ S is the least element of S if it satisfies ∀x ∈ S. d ⊑ x . • Note that because ⊑ is anti-symmetric, S has at most one least element. • Note also that a poset may not have least element. 26 Pre-fixed points Let D be a poset and f : D → D be a function. An element d ∈ D is a pre-fixed point of f if it satisfies f(d) ⊑ d. The least pre-fixed point of f, if it exists, will be written fix(f) It is thus (uniquely) specified by the two properties: f(fix(f)) ⊑ fix(f) (lfp1) ∀d ∈ D. f(d) ⊑ d ⇒ fix(f) ⊑ d. (lfp2) 27 Proof principle 2. Let D be a poset and let f : D → D be a function with a least pre-fixed point fix(f) ∈ D. For all x ∈ D, to prove that fix(f) ⊑ x it is enough to establish that f(x) ⊑ x. 28 Proof principle 2. Let D be a poset and let f : D → D be a function with a least pre-fixed point fix(f) ∈ D. For all x ∈ D, to prove that fix(f) ⊑ x it is enough to establish that f(x) ⊑ x.