Showing papers on "Denotational semantics published in 2009"
TL;DR: The formal semantics of a large subset of the C language called Clight is presented, which includes pointer arithmetic, struct and union types, C loops and structured switch statements, and is mechanized using the Coq proof assistant.
Abstract: This article presents the formal semantics of a large subset of the C language called Clight. Clight includes pointer arithmetic, struct and union types, C loops and structured switch statements. Clight is the source language of the CompCert verified compiler. The formal semantics of Clight is a big-step operational semantics that observes both terminating and diverging executions and produces traces of input/output events. The formal semantics of Clight is mechanized using the Coq proof assistant. In addition to the semantics of Clight, this article describes its integration in the CompCert verified compiler and several ways by which the semantics was validated.
185 citations
TL;DR: This work presents a final reference for the Circus denotational semantics based on Hoare and He’s Unifying Theories of Programming (UTP) that allows the proof of meta-theorems about Circus including the refinement laws in which it is interested.
Abstract: Circus specifications define both data and behavioural aspects of systems using a combination of Z and CSP constructs. Previously, a denotational semantics has been given to Circus; however, a shallow embedding of Circus in Z, in which the mapping from Circus constructs to their semantic representation as a Z specification, with yet another language being used as a meta-language, was not useful for proving properties like the refinement laws that justify the distinguishing development technique associated with Circus. This work presents a final reference for the Circus denotational semantics based on Hoare and He’s Unifying Theories of Programming (UTP); as such, it allows the proof of meta-theorems about Circus including the refinement laws in which we are interested. Its correspondence with the CSP semantics is illustrated with some examples. We also discuss the library of lemmas and theorems used in the proofs of the refinement laws. Finally, we give an account of the mechanisation of the Circus semantics and of the mechanical proofs of the refinement laws.
137 citations
20 Jan 2009
TL;DR: A rigorous semantics is developed for Power and ARM multiprocessor programs, including their relaxed memory model and the behaviour of reasonable fragments of their instruction sets, and for the design and compilation of high-level concurrent languages.
Abstract: We develop a rigorous semantics for Power and ARM multiprocessor programs, including their relaxed memory model and the behaviour of reasonable fragments of their instruction sets. The semantics is mechanised in the HOL proof assistant. This should provide a good basis for informal reasoning and formal verification of low-level code for these weakly consistent architectures, and, together with our x86 semantics, for the design and compilation of high-level concurrent languages.
120 citations
TL;DR: This work combines the well-known domains modelling nondeterminism - the lower, upper and convex powerdomains, with the probabilistic powerdomain of Jones and Plotkin, and shows that the semantic domains work well for the language used by Morgan and McIver.
119 citations
31 Aug 2009
TL;DR: In this paper, logical relations between the denotational semantics of a simply typed functional language with recursion and the operational behaviour of low-level programs in a variant SECD machine are defined using biorthogonality and stepindexing.
Abstract: We define logical relations between the denotational semantics of a simply typed functional language with recursion and the operational behaviour of low-level programs in a variant SECD machine. The relations, which are defined using biorthogonality and stepindexing, capture what it means for a piece of low-level code to implement a mathematical, domain-theoretic function and are used to prove correctness of a simple compiler. The results have been formalized in the Coq proof assistant.
109 citations
TL;DR: A major goal of this paper is to show that RLS does not force or pre-impose any given language definitional style, and that its flexibility and ease of use makes RLS an appealing framework for exploring new definitional styles.
Abstract: This paper shows how rewriting logic semantics (RLS) can be used as a computational logic framework for operational semantic definitions of programming languages. Several operational semantics styles are addressed: big-step and small-step structural operational semantics (SOS), modular SOS, reduction semantics with evaluation contexts, continuation-based semantics, and the chemical abstract machine. Each of these language definitional styles can be faithfully captured as an RLS theory, in the sense that there is a one-to-one correspondence between computational steps in the original language definition and computational steps in the corresponding RLS theory. A major goal of this paper is to show that RLS does not force or pre-impose any given language definitional style, and that its flexibility and ease of use makes RLS an appealing framework for exploring new definitional styles.
103 citations
21 Jan 2009
TL;DR: This work proposes a new approach to formalizing a memory model in which the model itself is part of a weak operational semantics for a (possibly concurrent) programming language, and formalizes in this way a model that allows write operations to the store to be buffered.
Abstract: Memory models define an interface between programs written in some language and their implementation, determining which behaviour the memory (and thus a program) is allowed to have in a given model. A minimal guarantee memory models should provide to the programmer is that well-synchronized, that is, data-race free code has a standard semantics. Traditionally, memory models are defined axiomatically, setting constraints on the order in which memory operations are allowed to occur, and the programming language semantics is implicit as determining some of these constraints. In this work we propose a new approach to formalizing a memory model in which the model itself is part of a weak operational semantics for a (possibly concurrent) programming language. We formalize in this way a model that allows write operations to the store to be buffered. This enables us to derive the ordering constraints from the weak semantics of programs, and to prove, at the programming language level, that the weak semantics implements the usual interleaving semantics for data-race free programs, hence in particular that it implements the usual semantics for sequential code.
93 citations
TL;DR: This paper develops the formal foundations for the structural semantics of domain-specific modeling languages (DSML), including the mechanisms by which metamodels specify theStructural semantics of DSMLs.
Abstract: Model-based approaches to system design are now widespread and successful. These approaches make extensive use of model structure to describe systems using domain-specific abstractions, to specify and implement model transformations, and to analyze structural properties of models. In spite of its general importance the structural semantics of modeling languages are not well-understood. In this paper we develop the formal foundations for the structural semantics of domain-specific modeling languages (DSML), including the mechanisms by which metamodels specify the structural semantics of DSMLs. Additionally, we show how our formalization can complement existing tools, and how it yields algorithms for the analysis of DSMLs and model transformations.
83 citations
TL;DR: This work introduces a pragmatic and instrumented approach to define a translational semantics and to validate it against a reference operational semantics expressed by the DSL designer and applies this approach to the XSPEM process description language in order to verify process models.
Abstract: In the context of MDE (Model-Driven Engineering), our objective is to define the semantics for a given DSL (Domain Specific Language) either to simulate its models or to check properties on them using model-checking techniques. In both cases, the purpose is to formalize the DSL semantics as it is known by the DSL designer but often in an informal way. After several experiments to define operational semantics on the one hand, and translational semantics on the other hand, we discuss both approaches and we specify in which cases these semantics seem to be judicious. As a second step, we introduce a pragmatic and instrumented approach to define a translational semantics and to validate it against a reference operational semantics expressed by the DSL designer. We apply this approach to the XSPEM process description language in order to verify process models.
75 citations
20 Aug 2009
TL;DR: A Coq formalization of constructive *** -cpos up to and including the inverse-limit construction of solutions to mixed-variance recursive domain equations, and the existence of invariant relations on those solutions, is presented.
Abstract: We present a Coq formalization of constructive *** -cpos (extending earlier work by Paulin-Mohring) up to and including the inverse-limit construction of solutions to mixed-variance recursive domain equations, and the existence of invariant relations on those solutions. We then define operational and denotational semantics for both a simply-typed CBV language with recursion and an untyped CBV language, and establish soundness and adequacy results in each case.
Book•
09 Nov 2009
TL;DR: With an up-to-date view of the results of UML semantics and the practical applications of semantics development, this book presents the only coherent and integrated account of the leading UML 2 semantics work and its applications.
Abstract: With an up-to-date view of the results of UML semantics and the practical applications of semantics development, this book presents the only coherent and integrated account of the leading UML 2 semantics work and its applications. With contributions from renowned experts in the area of UML 2 semantics and its applications, the book covers semantics of UML 2 diagrams, OCL, state machine diagrams, interactions, use cases, and activities. "UML Semantics and Applications" is an excellent reference for researchers and students in the model-driven development community.
20 Aug 2009
TL;DR: Four coinductive operational semantics for the While language accounting for both terminating and non-terminating program runs are presented and their equivalence proofs are formalized in the constructive setting of Coq.
Abstract: We present four coinductive operational semantics for the While language accounting for both terminating and non-terminating program runs: big-step and small-step relational semantics and big-step and small-step functional semantics. The semantics employ traces (possibly infinite sequences of states) to record the states that program runs go through. The relational semantics relate statement-state pairs to traces, whereas the functional semantics return traces for statement-state pairs. All four semantics are equivalent. We formalize the semantics and their equivalence proofs in the constructive setting of Coq.
Posted Content•
TL;DR: In this article, it was shown that the size of the type derivations and the type size are closely related to the execution time of lambda-terms in a particular environment machine, Krivine's machine.
Abstract: The multiset based relational model of linear logic induces a semantics of the type free lambda-calculus, which corresponds to a non-idempotent intersection type system, System R. We prove that, in System R, the size of the type derivations and the size of the types are closely related to the execution time of lambda-terms in a particular environment machine, Krivine's machine.
01 Sep 2009
TL;DR: Building upon a reductive approach to designing aggregates, reformulations of some existing semantics in terms of propositional formulas are provided, which help to compare the semantics of aggregates and understand their properties in Terms of their propositional formula representations.
Abstract: Several proposals of the semantics of aggregates are based on different extensions of the stable model semantics, which makes it difficult to compare them. In this note, building upon a reductive approach to designing aggregates, we provide reformulations of some existing semantics in terms of propositional formulas, which help us compare the semantics and understand their properties in terms of their propositional formula representations. We also present a generalization of semantics of aggregates without involving grounding, and define loop formulas for programs with aggregates guided by the reductive approach.
TL;DR: This paper develops denotational semantics of arrows as monoids in categories of bifunctors Cop × C → C and considers Eilenberg–Moore and Kleisli constructions for arrows, mathematically formulating the folklore claim ‘Arrows are Freyd categories.’
Abstract: Arrows are an extension of the well-established notion of a monad in functional-programming languages. This paper presents several examples and constructions and develops denotational semantics of arrows as monoids in categories of bifunctors Cop × C → C. Observing similarities to monads – which are monoids in categories of endofunctors C → C – it then considers Eilenberg–Moore and Kleisli constructions for arrows. The latter yields Freyd categories, mathematically formulating the folklore claim ‘Arrows are Freyd categories.’
29 Mar 2009
TL;DR: This paper develops three possible semantics for aggregate queries: the range, distribution, and expected value semantics, and shows that these three semantics combine with the by-table and by-tuple semantics in six ways.
Abstract: Recent interest in managing uncertainty in data integration has led to the introduction of probabilistic schema mappings and the use of probabilistic methods to answer queries across multiple databases using two semantics: by-table and by-tuple. In this paper, we develop three possible semantics for aggregate queries: the range, distribution, and expected value semantics, and show that these three semantics combine with the by-table and by-tuple semantics in six ways. We present algorithms to process COUNT, AVG, SUM, MIN, and MAX queries under all six semantics and develop results on the complexity of processing such queries under all six semantics. We show that computing COUNT is in PTIME for all six semantics and computing SUM is in PTIME for all but the by-tuple/distribution semantics. Finally, we show that AVG, MIN, and MAX are PTIME computable for all by-table semantics and for the by-tuple/range semantics.We developed a prototype implementation and experimented with both real-world traces and simulated data. We show that, as expected, naive processing of aggregates does not scale beyond small databases with a small number of mappings. The results also show that the polynomial time algorithms are scalable up to several million tuples as well as with a large number of mappings.
TL;DR: This chapter is to report on work that has been done in the REWERSE project concerning hybrid reasoning with rules and ontologies, and variants and derivations of the formalisms have been conceived.
Abstract: The purpose of this chapter is to report on work that has been done in the REWERSE project concerning hybrid reasoning with rules and ontologies. Two major streams of work have been pursued within REWERSE. They start from the predominant semantics of nonmonotonic rules in logic programming. The one stream was an extension of non-monotonic logic programs under answer set semantics, with query interfaces to external knowledge sources. The other stream, in the spirit of the AL-log approach of enhanced deductive databases, was an extension of Datalog (with the well-founded semantics, which is predominant in the database area). The former stream led to so-called nonmonotonic dl-programs and HEX-programs, and the latter stream to hybrid wellfounded semantics. Further variants and derivations of the formalisms (like a well-founded semantics for dl-programs, respecting probabilistic knowledge, priorities, etc.) have been conceived.
01 Sep 2009
TL;DR: It is shown that sequences of firings define a continuous Kahn process as the least fixed point of an appropriately constructed functional, and solve some compositionality problems in the dataflow model.
Abstract: Dataflow models of computation have intrigued computer scientists since the 1970s. They were first introduced by Jack Dennis as a basis for parallel programming languages and architectures, and by Gilles Kahn as a model of concurrency. Interest in these models of computation has been recently rekindled by the resurrection of parallel computing, due to the emergence of multicore architectures. However, Dennis and Kahn approached dataflow very differently. Dennis' approach was based on an operational notion of atomic firings driven by certain firing rules. Kahn's approach was based on a denotational notion of processes as continuous functions on infinite streams. This paper bridges the gap between these two points of view, showing that sequences of firings define a continuous Kahn process as the least fixed point of an appropriately constructed functional. The Dennis firing rules are sets of finite prefixes satisfying certain conditions that ensure determinacy. These conditions result in firing rules that are strictly more general than the blocking reads of the Kahn–MacQueen implementation of Kahn process networks, and solve some compositionality problems in the dataflow model. This work was supported in part by the Center for Hybrid and Embedded Software Systems (CHESS) at UC Berkeley, which receives support from the National Science Foundation (NSF awards #0720882 (CSR-EHS: PRET), #0647591 (CSR-SGER), and #0720841 (CSR-CPS)), the US Army Research Office (ARO #W911NF-07-2-0019), the US Air Force Office of Scientific Research (MURI #FA9550-06-0312 and AF-TRUST #FA9550-06-1-0244), the Air Force Research Lab (AFRL), the State of California Micro Program, and the following companies: Agilent, Bosch, DGIST, National Instruments, and Toyota.
21 Jan 2009
TL;DR: This work develops a model of concurrent imperative programming with threads which execute without interruption until they terminate or explicitly yield control, and gives an equational theory for the computational effects that underlie the language, including thread spawning.
Abstract: We develop a model of concurrent imperative programming with threads. We focus on a small imperative language with cooperative threads which execute without interruption until they terminate or explicitly yield control. We define and study a trace-based denotational semantics for this language; this semantics is fully abstract but mathematically elementary. We also give an equational theory for the computational effects that underlie the language, including thread spawning. We then analyze threads in terms of the free algebra monad for this theory.
Proceedings Article•
01 Jan 2009TL;DR: A semantics for MLSC is presented that builds on the earlier work on formal feature model semantics to which it adds the concepts of level and configuration path and intends to pave the way for safer, more efficient and more comprehensive automation of configuration tasks.
Abstract: Multi-level staged configuration (MLSC) of feature diagrams has been proposed as a means to facilitate configuration in software product line engineering. Based on the observation that configuration often is a lengthy undertaking with many participants, MLSC splits it up into different levels that can be assigned to different stakeholders. This makes configuration more scalable to realistic environments. Although its supporting language (cardinality based feature diagrams) received various formal semantics, the MLSC process never received one. Nonetheless, a formal semantics is the primary indicator for precision and unambiguity and an important prerequisite for reliable toolsupport. We present a semantics for MLSC that builds on our earlier work on formal feature model semantics to which it adds the concepts of level and configuration path. With the formal semantics, we were able to make the original definition more precise and to reveal some of its subtleties and incompletenesses. We also discovered some important properties that an MLSC process should possess and a configuration tool should guarantee. Our contribution is primarily of a fundamental nature, clarifying central, yet ambiguous, concepts and properties related to MLSC. Thereby, we intend to pave the way for safer, more efficient and more comprehensive automation of configuration tasks.
07 Sep 2009
TL;DR: A denotational semantics is given to a type and effect system tracking reading and writing to global variables holding values that may include higher-order effectful functions.
Abstract: We give a denotational semantics to a type and effect system tracking reading and writing to global variables holding values that may include higher-order effectful functions. Refined types are modelled as partial equivalence relations over a recursively-defined domain interpreting the untyped language, with effect information interpreted in terms of the preservation of certain sets of binary relations on the store.The semantics validates a number of effect-dependent program equivalences and can thus serve as a foundation for effect-based compiler transformations.The definition of the semantics requires the solution of a mixed-variance equation which is not accessible to the hitherto known methods. We illustrate the difficulties with a number of small example equations one of which is still not known to have a solution.
TL;DR: The correctness of the semantics is shown by proving that the interleaving semantics induced by the PTI semantics is fully abstract with respect to theinterleaving early semantics originally defined in terms of labelled transition systems.
15 Jun 2009
TL;DR: This paper presents an approach to define the semantics for object-oriented modeling languages that is supported by tools that do not constrain the semantics definition's expressiveness and flexibility while making it machine-checkable.
Abstract: In this paper, we present an approach to define the semantics for object-oriented modeling languages. One important property of this semantics is to support underspecified and incomplete models. To this end, semantics is given as predicates over elements of the semantic domain. This domain is called the system model which is a general declarative characterization of object systems. The system model is very detailed since it captures various relevant structural, behavioral, and interaction aspects. This allows us to re-use the system model as a domain for various kinds of object-oriented modeling languages. As a major consequence, the integration of language semantics is straight-forward. The whole approach is supported by tools that do not constrain the semantics definition's expressiveness and flexibility while making it machine-checkable.
Book•
01 Jan 2009
TL;DR: This work discusses models and methods for Real-World Security Protocols, types, Maps and Separation Logic, and formalising FinFuns - Generating Code for Functions as Data from Isabelle/HOL.
Abstract: Invited Papers- Let's Get Physical: Models and Methods for Real-World Security Protocols- VCC: A Practical System for Verifying Concurrent C- Without Loss of Generality- Invited Tutorials- HOL Light: An Overview- A Brief Overview of Mizar- A Brief Overview of Agda - A Functional Language with Dependent Types- The Twelf Proof Assistant- Regular Papers- Hints in Unification- Psi-calculi in Isabelle- Some Domain Theory and Denotational Semantics in Coq- Turning Inductive into Equational Specifications- Formalizing the Logic-Automaton Connection- Extended First-Order Logic- Formalising Observer Theory for Environment-Sensitive Bisimulation- Formal Certification of a Resource-Aware Language Implementation- A Certified Data Race Analysis for a Java-like Language- Formal Analysis of Optical Waveguides in HOL- The HOL-Omega Logic- A Purely Definitional Universal Domain- Types, Maps and Separation Logic- Acyclic Preferences and Existence of Sequential Nash Equilibria: A Formal and Constructive Equivalence- Formalising FinFuns - Generating Code for Functions as Data from Isabelle/HOL- Packaging Mathematical Structures- Practical Tactics for Separation Logic- Verified LISP Implementations on ARM, x86 and PowerPC- Trace-Based Coinductive Operational Semantics for While- A Better x86 Memory Model: x86-TSO- Formal Verification of Exact Computations Using Newton's Method- Construction of Buchi Automata for LTL Model Checking Verified in Isabelle/HOL- A Hoare Logic for the State Monad- Certification of Termination Proofs Using CeTA- A Formalisation of Smallfoot in HOL- Liveness Reasoning with Isabelle/HOL- Mind the Gap
TL;DR: The natural semantics for the acyclic calculus is revised from the previous presentation by Maraist et al, and its adequacy is ascribed to its correspondence with the reduction semantics, which has been proved equivalent to call-by-name by Ariola and Felleisen.
Abstract: We present natural semantics for acyclic as well as cyclic call-by-need lambda calculi, which are proved equivalent to the reduction semantics given by Ariola and Felleisen (J. Funct. Program., vol. 7, no. 3, 1997). The natural semantics are big-step and use global heaps, where evaluation is suspended and memorized. The reduction semantics are small-step, and evaluation is suspended and memorized locally in let-bindings. Thus two styles of formalization describe the call-by-need strategy from different angles. The natural semantics for the acyclic calculus is revised from the previous presentation by Maraist et al. (J. Funct. Program., vol. 8, no. 3, 1998), and its adequacy is ascribed to its correspondence with the reduction semantics, which has been proved equivalent to call-by-name by Ariola and Felleisen. The natural semantics for the cyclic calculus is inspired by that of Launchbury (1993) and Sestoft (1997), and we state its adequacy using a denotational semantics in the style of Launchbury; adequacy of the reduction semantics for the cyclic calculus is in turn ascribed to its correspondence with the natural semantics.
07 Sep 2009
TL;DR: A model-theoretic semantics for a pure subset of this language is given: the notion of least fuzzy Herbrand model is formalized as the declarative semantics for definite programs, and various important properties of these models are proved.
Abstract: Bousi~Prolog is a fuzzy logic programming language with an operational semantics which is an adaptation of the SLD resolution principle, where classical unification has been replaced by a fuzzy unification algorithm based on proximity relations. Hence, it is a programming language well suited for dealing with uncertainty and approximate reasoning. There are several practical applications where Bousi~Prolog can be useful: flexible query answering; advanced pattern matching; information retrieval where textual information is selected or analyzed using an ontology; text cataloging and analysis; etc. In this paper we give a model-theoretic semantics for a pure subset of this language: we formalize the notion of least fuzzy Herbrand model as the declarative semantics for definite programs. We prove various important properties of these models. Finally we define an immediate consequences operator, which is proved monotonous and continuous, obtaining a fixpoint characterization of the least fuzzy Herbrand model.
02 Mar 2009
TL;DR: In this article, the authors propose an architecture for aspect-oriented languages with an explicit meta-interface to language semantics, and demonstrate the benefits of such an architecture by presenting several scenarios in which aspectoriented programs use the metainterface of the language to tailor its semantics to a particular application execution context.
Abstract: Alternative semantics for aspect-oriented abstractions can be defined by language designers using extensible aspect compiler frameworks. However, application developers are prevented from tailoring the language semantics in an application-specific manner. To address this problem, we propose an architecture for aspect-oriented languages with an explicit meta-interface to language semantics. We demonstrate the benefits of such an architecture by presenting several scenarios in which aspect-oriented programs use the meta-interface of the language to tailor its semantics to a particular application execution context.
29 Aug 2009
TL;DR: This paper shows how the same RLS style employed for giving formal definitions of languages can be used to define type systems, giving type checkers or type inferencers.
Abstract: Meseguer and Rosu proposed rewriting logic semantics (RLS) as a programing language definitional framework that unifies operational and algebraic denotational semantics. RLS has already been used to define a series of didactic and real languages, but its benefits in connection with defining and reasoning about type systems have not been fully investigated. This paper shows how the same RLS style employed for giving formal definitions of languages can be used to define type systems. The same term-rewriting mechanism used to execute RLS language definitions can now be used to execute type systems, giving type checkers or type inferencers. The proposed approach is exemplified by defining the Hindley-Milner polymorphic type inferencer $\mathcal{W}$ as a rewrite logic theory and using this definition to obtain a type inferencer by executing it in a rewriting logic engine. The inferencer obtained this way compares favorably with other definitions or implementations of $\mathcal{W}$. The performance of the executable definition is within an order of magnitude of that of highly optimized implementations of type inferencers, such as that of OCaml.