Modular, compositional, and executable formal semantics for LLVM IR

This paper presents a novel formal semantics, mechanized in Coq, for a large, sequential subset of the LLVM IR. In contrast to previous approaches, which use relationally-specified operational semantics, this new semantics is based on monadic interpretation of interaction trees, a structure that provides a more compositional approach to defining language semantics while retaining the ability to extract an executable interpreter. Our semantics handles many of the LLVM IR's non-trivial language features and is constructed modularly in terms of event handlers, including those that deal with nondeterminism in the specification. We show how this semantics admits compositional reasoning principles derived from the interaction trees equational theory of weak bisimulation, which we extend here to better deal with nondeterminism, and we use them to prove that the extracted reference interpreter faithfully refines the semantic model. We validate the correctness of the semantics by evaluating it on unit tests and LLVM IR programs generated by HELIX.

Download Full-text

A call-by-need lambda calculus with locally bottom-avoiding choice: context lemma and correctness of transformations

Mathematical Structures in Computer Science ◽

10.1017/s0960129508006774 ◽

2008 ◽

Vol 18 (3) ◽

pp. 501-553 ◽

Cited By ~ 20

Author(s):

DAVID SABEL ◽

MANFRED SCHMIDT-SCHAUSS

Keyword(s):

Operational Semantics ◽

Lambda Calculus ◽

Equational Theory ◽

Order Reduction ◽

Single Step ◽

Program Transformations ◽

Normal Order ◽

Choice Context ◽

Contextual Equivalence ◽

Fairness Condition

We present a higher-order call-by-need lambda calculus enriched with constructors, case expressions, recursive letrec expressions, a seq operator for sequential evaluation and a non-deterministic operator amb that is locally bottom-avoiding. We use a small-step operational semantics in the form of a single-step rewriting system that defines a (non-deterministic) normal-order reduction. This strategy can be made fair by adding resources for book-keeping. As equational theory, we use contextual equivalence (that is, terms are equal if, when plugged into any program context, their termination behaviour is the same), in which we use a combination of may- and must-convergence, which is appropriate for non-deterministic computations. We show that we can drop the fairness condition for equational reasoning, since the valid equations with respect to normal-order reduction are the same as for fair normal-order reduction. We develop a number of proof tools for proving correctness of program transformations. In particular, we prove a context lemma for both may- and must- convergence that restricts the number of contexts that need to be examined for proving contextual equivalence. Combining this with so-called complete sets of commuting and forking diagrams, we show that all the deterministic reduction rules and some additional transformations preserve contextual equivalence. We also prove a standardisation theorem for fair normal-order reduction. The structure of the ordering ≤c is also analysed, and we show that Ω is not a least element and ≤c already implies contextual equivalence with respect to may-convergence.

Download Full-text

TaDA Live: Compositional Reasoning for Termination of Fine-grained Concurrent Programs

ACM Transactions on Programming Languages and Systems ◽

10.1145/3477082 ◽

2021 ◽

Vol 43 (4) ◽

pp. 1-134

Author(s):

Emanuele D’Osualdo ◽

Julian Sutherland ◽

Azadeh Farzan ◽

Philippa Gardner

Keyword(s):

Case Studies ◽

Separation Logic ◽

Proof System ◽

Concurrent Programs ◽

Semantic Model ◽

Compositional Reasoning ◽

Fine Grained ◽

Fundamental Innovation ◽

Concurrent Separation Logic

We present TaDA Live, a concurrent separation logic for reasoning compositionally about the termination of blocking fine-grained concurrent programs. The crucial challenge is how to deal with abstract atomic blocking : that is, abstract atomic operations that have blocking behaviour arising from busy-waiting patterns as found in, for example, fine-grained spin locks. Our fundamental innovation is with the design of abstract specifications that capture this blocking behaviour as liveness assumptions on the environment. We design a logic that can reason about the termination of clients that use such operations without breaking their abstraction boundaries, and the correctness of the implementations of the operations with respect to their abstract specifications. We introduce a novel semantic model using layered subjective obligations to express liveness invariants and a proof system that is sound with respect to the model. The subtlety of our specifications and reasoning is illustrated using several case studies.

Download Full-text

Mechanizing proofs with logical relations – Kripke-style

Mathematical Structures in Computer Science ◽

10.1017/s0960129518000154 ◽

2018 ◽

Vol 28 (9) ◽

pp. 1606-1638 ◽

Cited By ~ 2

Author(s):

ANDREW CAVE ◽

BRIGITTE PIENTKA

Keyword(s):

Case Studies ◽

Operational Semantics ◽

Lambda Calculus ◽

Equational Theory ◽

Higher Order ◽

Abstract Syntax ◽

Completeness Proof ◽

Typed Lambda Calculus ◽

Contextual Equivalence ◽

The Right

Proofs with logical relations play a key role to establish rich properties such as normalization or contextual equivalence. They are also challenging to mechanize. In this paper, we describe two case studies using the proof environmentBeluga: First, we explain the mechanization of the weak normalization proof for the simply typed lambda-calculus; second, we outline how to mechanize the completeness proof of algorithmic equality for simply typed lambda-terms where we reason about logically equivalent terms. The development of these proofs inBelugarelies on three key ingredients: (1) we encode lambda-terms together with their typing rules, operational semantics, algorithmic and declarative equality using higher order abstract syntax (HOAS) thereby avoiding the need to manipulate and deal with binders, renaming and substitutions, (2) we take advantage ofBeluga's support for representing derivations that depend on assumptions and first-class contexts to directly state inductive properties such as logical relations and inductive proofs, (3) we exploitBeluga's rich equational theory for simultaneous substitutions; as a consequence, users do not need to establish and subsequently use substitution properties, and proofs are not cluttered with references to them. We believe these examples demonstrate thatBelugaprovides the right level of abstractions and primitives to mechanize challenging proofs using HOAS encodings. It also may serve as a valuable benchmark for other proof environments.

Download Full-text

Baby Modula-3 and a theory of objects

Journal of Functional Programming ◽

10.1017/s0956796800001052 ◽

1994 ◽

Vol 4 (2) ◽

pp. 249-283 ◽

Cited By ~ 14

Author(s):

Martin Abadi

Keyword(s):

Programming Language ◽

Formal Semantics ◽

Operational Semantics ◽

Object Oriented ◽

Denotational Semantics ◽

Object Oriented Programming ◽

The Core ◽

Functional Object ◽

Oriented Programming Language

AbstractBaby Modula-3 is a small, functional, object-oriented programming language. It is intended as a vehicle for explaining the core of Modula-3 from a biased perspective: Baby Modula-3 includes the main features of Modula-3 related to objects, but not much else. To the theoretician, Baby Modula-3 provides a tractable, concrete example of an object-oriented language, and we use it to study the formal semantics of objects. Baby Modula-3 is defined with a structured operational semantics and with a set of static type rules. A denotational semantics guarantees the soundness of this definition.

Download Full-text

STEIM: A Spatiotemporal Event Interaction Model in V2X Systems Based on a Time Period and a Raster Map

Mobile Information Systems ◽

10.1155/2020/1375426 ◽

2020 ◽

Vol 2020 ◽

pp. 1-20

Author(s):

Cheng Xu ◽

Hengjie Luo ◽

Hong Bao ◽

Pengfei Wang

Keyword(s):

Spatial Information ◽

Formal Semantics ◽

Operational Semantics ◽

Interaction Model ◽

Research Field ◽

Event Stream ◽

Spatiotemporal Information ◽

Time Period ◽

Temporal Model ◽

Event Flow

The Internet of Vehicles (IoV) is an important artificial intelligence research field for intelligent transportation applications. Complex event interactions are important methods for data flow processing in a Vehicle to Everything (V2X) environment. Unlike the classic Internet of Things (IoT) systems, data streams in V2X include both temporal information and spatial information. Thus, effectively expressing and addressing spatiotemporal data interactions in the IoV is an urgent problem. To solve this problem, we propose a spatiotemporal event interaction model (STEIM). STEIM uses a time period and a raster map for its temporal model and spatial model, respectively. In this paper, first, we provide a spatiotemporal operator and a complete STEIM grammar that effectively expresses the spatiotemporal information of the spatiotemporal event flow in the V2X environment. Second, we describe the design of the operational semantics of the STEIM from the formal semantics. In addition, we provide a spatiotemporal event-stream processing algorithm that is based on the Petri net model. The STEIM establishes a mechanism for V2X event-stream temporal and spatial processing. Finally, the effectiveness of the STEIM-based system is demonstrated experimentally.

Download Full-text

Domain equations for probabilistic processes

Mathematical Structures in Computer Science ◽

10.1017/s0960129599002984 ◽

2000 ◽

Vol 10 (6) ◽

pp. 665-717 ◽

Cited By ~ 17

Author(s):

CHRISTEL BAIER ◽

MARTA KWIATKOWSKA

Keyword(s):

Metric Spaces ◽

Operational Semantics ◽

Denotational Semantics ◽

Semantic Model ◽

Transition Systems ◽

Probabilistic Choice ◽

Bisimulation Equivalence ◽

Metric Semantics ◽

Continuous Domains ◽

Probabilistic Processes

In this paper we consider Milner's calculus CCS enriched by a probabilistic choice operator. The calculus is given operational semantics based on probabilistic transition systems. We define operational notions of preorder and equivalence as probabilistic extensions of the simulation preorder and the bisimulation equivalence respectively. We extend existing category-theoretic techniques for solving domain equations to the probabilistic case and give two denotational semantics for the calculus. The first, ‘smooth’, semantic model arises as a solution of a domain equation involving the probabilistic powerdomain and solved in the category CONT⊥ of continuous domains. The second model also involves an appropriately restricted probabilistic powerdomain, but is constructed in the category CUM of complete ultra-metric spaces, and hence is necessarily ‘discrete’. We show that the domain-theoretic semantics is fully abstract with respect to the simulation preorder, and that the metric semantics is fully abstract with respect to bisimulation.

Download Full-text

Transactional events

Journal of Functional Programming ◽

10.1017/s0956796808006916 ◽

2008 ◽

Vol 18 (5-6) ◽

pp. 649-706 ◽

Cited By ~ 10

Author(s):

KEVIN DONNELLY ◽

MATTHEW FLUET

Keyword(s):

Message Passing ◽

Formal Semantics ◽

Concurrent Programming ◽

Expressive Power ◽

Detailed Account ◽

Concurrent Programs ◽

Compositional Reasoning ◽

Compositional Structure ◽

High Level

AbstractConcurrent programs require high-level abstractions in order to manage complexity and enable compositional reasoning. In this paper, we introduce a novel concurrency abstraction, dubbed transactional events, which combines first-class synchronous message passing events with all-or-nothing transactions. This combination enables simple solutions to interesting problems in concurrent programming. For example, guarded synchronous receive can be implemented as an abstract transactional event, whereas in other languages it requires a non-abstract, non-modular protocol. As another example, three-way rendezvous can be implemented as an abstract transactional event, which is impossible using first-class events alone. Both solutions are easy to code and easy to reason about.The expressive power of transactional events arises from a sequencing combinator whose semantics enforces an all-or-nothing transactional property – either both of the constituent events synchronize in sequence or neither of them synchronizes. This sequencing combinator, along with a non-deterministic choice combinator, gives transactional events the compositional structure of a monad-with-plus. We provide a formal semantics for transactional events and give a detailed account of an implementation.

Download Full-text

Parallel functional programming on recursively defined data via data-parallel recursion

Journal of Functional Programming ◽

10.1017/s0956796899003457 ◽

1999 ◽

Vol 9 (4) ◽

pp. 427-462 ◽

Cited By ~ 4

Author(s):

SUSUMU NISHIMURA ◽

ATSUSHI OHORI

Keyword(s):

Parallel Processing ◽

Functional Programming ◽

Formal Semantics ◽

Operational Semantics ◽

Type System ◽

Parallel Execution ◽

System Of Equations ◽

Functional Language ◽

Data Parallel ◽

Evaluation Mechanism

This article proposes a new language mechanism for data-parallel processing of dynamically allocated recursively defined data. Different from the conventional array-based data- parallelism, it allows parallel processing of general recursively defined data such as lists or trees in a functional way. This is achieved by representing a recursively defined datum as a system of equations, and defining new language constructs for parallel transformation of a system of equations. By integrating them with a higher-order functional language, we obtain a functional programming language suitable for describing data-parallel algorithms on recursively defined data in a declarative way. The language has an ML style polymorphic type system and a type sound operational semantics that uniformly integrates the parallel evaluation mechanism with the semantics of a typed functional language. We also show the intended parallel execution model behind the formal semantics, assuming an idealized distributed memory multicomputer.

Download Full-text

An Operational Semantics for a Fragment of PRS

Proceedings of the Twenty-Seventh International Joint Conference on Artificial Intelligence ◽

10.24963/ijcai.2018/27 ◽

2018 ◽

Cited By ~ 1

Author(s):

Lavindra de Silva ◽

Felipe Meneguzzi ◽

Brian Logan

Keyword(s):

Programming Languages ◽

Formal Semantics ◽

Operational Semantics ◽

Expressive Power ◽

Reasoning System ◽

Agent Programming ◽

Agent Programming Languages ◽

Bdi Agent

The Procedural Reasoning System (PRS) is arguably the first implementation of the Belief--Desire--Intention (BDI) approach to agent programming. PRS remains extremely influential, directly or indirectly inspiring the development of subsequent BDI agent programming languages. However, perhaps surprisingly given its centrality in the BDI paradigm, PRS lacks a formal operational semantics, making it difficult to determine its expressive power relative to other agent programming languages. This paper takes a first step towards closing this gap, by giving a formal semantics for a significant fragment of PRS. We prove key properties of the semantics relating to PRS-specific programming constructs, and show that even the fragment of PRS we consider is strictly more expressive than the plan constructs found in typical BDI languages.

Download Full-text

Formal Semantics for Java-like Languages and Research Opportunities

Revista de Informática Teórica e Aplicada ◽

10.22456/2175-2745.80912 ◽

2018 ◽

Vol 25 (3) ◽

pp. 62

Author(s):

Samuel Da Silva Feitosa ◽

Rodrigo Geraldo Ribeiro ◽

Andre Rauber Du Bois

Keyword(s):

Formal Specification ◽

Formal Semantics ◽

Operational Semantics ◽

Object Oriented ◽

The State ◽

Small Step ◽

Research Opportunities ◽

Type Safety ◽

State Of Art ◽

Object Oriented Languages

The objective of this paper is twofold: first, we discuss the state of art on Java-like semantics, focusing on those that provide formal specification using operational semantics (big-step or small-step), studying in detail the most cited projects and presenting some derivative works that extend the originals aggregating useful features. Also, we filter our research for those that provide some insights in type-safety proofs. Furthermore, we provide a comparison between the most used projects in order to show which functionalities are covered in such projects. Second, our effort is focused towards the research opportunities in this area, showing some important works that can be applied to the previously presented projects to study features of object-oriented languages, and pointing for some possibilities to explore in future researches.

Download Full-text