Softbound. March 23, Type 2. 2 Env primitives defined functions axioms well-formed environment...

Similar documents
0.1 Random useful facts. 0.2 Language Definition

Reference counting:

Roy L. Crole. Operational Semantics Abstract Machines and Correctness. University of Leicester, UK

T h e C S E T I P r o j e c t

Bayesian Learning, Randomness and Logic. Marc Snir

Research Article Simplicity and Commutative Bases of Derivations in Polynomial and Power Series Rings

List Coloring Graphs

Executive Committee and Officers ( )

Verified Characteristic Formulae for CakeML. Armaël Guéneau, Magnus O. Myreen, Ramana Kumar, Michael Norrish April 18, 2017

Program Verification Using Separation Logic

Software Process Models there are many process model s in th e li t e ra t u re, s om e a r e prescriptions and some are descriptions you need to mode

EE1. Solutions of Problems 7

Divide and Conquer Algorithms

Erasable Contracts. Abstract. 1. Introduction. Harvard University {jchinlee,

Alles Taylor & Duke, LLC Bob Wright, PE RECORD DRAWINGS. CPOW Mini-Ed Conf er ence Mar ch 27, 2015

Abstracting Definitional Interpreters. David Van Horn

Well-Posedness of Feedback Loop:

Program verification. 18 October 2017

CIS 500 Software Foundations Midterm II Answer key November 17, 2004

Structuring the verification of heap-manipulating programs

Pairwise RNA Edit Distance

Statically Detecting Uninitialized Array Element Usage in Perl Program

Inductive Definitions with Inference Rules 1 / 27

The Lifting Lemma. Ralf Hinze

Syntax and semantics of a GPU kernel programming language

Predicate Logic. Xinyu Feng 09/26/2011. University of Science and Technology of China (USTC)

Divide and Conquer Algorithms

Foundations of Programming Languages and Software Engineering

Principles of AI Planning

Program Verification using Separation Logic Lecture 0 : Course Introduction and Assertion Language. Hongseok Yang (Queen Mary, Univ.

How To Do Piecewise Exponential Survival Analysis in Stata 7 (Allison 1995:Output 4.20) revised

I M P O R T A N T S A F E T Y I N S T R U C T I O N S W h e n u s i n g t h i s e l e c t r o n i c d e v i c e, b a s i c p r e c a u t i o n s s h o

Predicate Logic. Xinyu Feng 11/20/2013. University of Science and Technology of China (USTC)

Online Appendix to: Types for Atomicity: Static Checking and Inference for Java

Functional Big-step Semantics

Hoare Logic (I): Axiomatic Semantics and Program Correctness

Reasoning about Trace Properties of Higher-order Programs

CSE 505, Fall 2008, Midterm Examination 29 October Please do not turn the page until everyone is ready.

Solutions to EoPL3 Exercises

CSE20: Discrete Mathematics

Collecting garbage concurrently (but correctly)

A Short Introduction to Hoare Logic

H STO RY OF TH E SA NT

Predicate Logic. x. x + 0 = x. Predicate logic over integer expressions: a language of logical assertions, for example. Why discuss predicate logic?

Hoare Logic: Reasoning About Imperative Programs

A B CDE F B FD D A C AF DC A F

CIS 500 Software Foundations. Final Exam. May 9, Answer key. Hoare Logic

Use precise language and domain-specific vocabulary to inform about or explain the topic. CCSS.ELA-LITERACY.WHST D

Software Engineering

Applied Logic. Lecture 1 - Propositional logic. Marcin Szczuka. Institute of Informatics, The University of Warsaw

Compiling Techniques

COSE212: Programming Languages. Lecture 1 Inductive Definitions (1)

Static Program Analysis

P a g e 3 6 of R e p o r t P B 4 / 0 9

Chapter 4. The Laplace Transform Method

P ( N m=na c m) (σ-additivity) exp{ P (A m )} (1 x e x for x 0) m=n P (A m ) 0

A CONSTRUCTION OF ARITHMETIC PROGRESSION-FREE SEQUENCES AND ITS ANALYSIS

OH BOY! Story. N a r r a t iv e a n d o bj e c t s th ea t e r Fo r a l l a g e s, fr o m th e a ge of 9

arxiv: v4 [math.co] 21 Sep 2014

COMP2111 Glossary. Kai Engelhardt. Contents. 1 Symbols. 1 Symbols 1. 2 Hoare Logic 3. 3 Refinement Calculus 5. rational numbers Q, real numbers R.

MP 5 Program Transition Systems and Linear Temporal Logic

CHBE320 LECTURE V LAPLACE TRANSFORM AND TRANSFER FUNCTION. Professor Dae Ryook Yang

P a g e 5 1 of R e p o r t P B 4 / 0 9

Agenda Rationale for ETG S eek ing I d eas ETG fram ew ork and res u lts 2

Use precise language and domain-specific vocabulary to inform about or explain the topic. CCSS.ELA-LITERACY.WHST D

Homework 5 Solutions

176 5 t h Fl oo r. 337 P o ly me r Ma te ri al s

EDA045F: Program Analysis LECTURE 10: TYPES 1. Christoph Reichenbach

S-P wave phase shift extraction procedure in D + K - π + e + ν decay channel ( & c.c.) with BaBar João Costa, LAL Orsay

The Interval Shapley Value for Type-2 Interval Games

c. What is the average rate of change of f on the interval [, ]? Answer: d. What is a local minimum value of f? Answer: 5 e. On what interval(s) is f

Homework 05 - H Atom and Electron Configuration

Exercises for lectures 19 Polynomial methods

Algebraic theories in the presence of binding operators, substitution, etc.

Suggestions - Problem Set (a) Show the discriminant condition (1) takes the form. ln ln, # # R R

Principles of Program Analysis: A Sampler of Approaches

A Brief History of Shared memory C M U

Completeness of Pointer Program Verification by Separation Logic

Connected Graphs and Spanning Trees

Program verification. Hoare triples. Assertional semantics (cont) Example: Semantics of assignment. Assertional semantics of a program

Homework 05 - H Atom and Electron Configuration

Hoare Logic for Realistically Modelled Machine Code

Table of C on t en t s Global Campus 21 in N umbe r s R e g ional Capac it y D e v e lopme nt in E-L e ar ning Structure a n d C o m p o n en ts R ea

Secure Information Flow Based on Data Flow Analysis

CHE302 LECTURE V LAPLACE TRANSFORM AND TRANSFER FUNCTION. Professor Dae Ryook Yang

Principles of Program Analysis: Control Flow Analysis

Concurrent separation logic and operational semantics

Generalized Bell polynomials and the combinatorics of Poisson central moments

VIII. Addition of Angular Momenta

Designing Control Loops for Linear and Switching Power Supplies: A Tutorial Guide Christophe Basso October 2012 Last update March 3 rd 2014

Lecture 6: Resonance II. Announcements

Theoretical Computer Science. Optimal algorithms for online scheduling with bounded rearrangement at the end

Spring 2016 Program Analysis and Verification. Lecture 3: Axiomatic Semantics I. Roman Manevich Ben-Gurion University

ECEN 651: Microprogrammed Control of Digital Systems Department of Electrical and Computer Engineering Texas A&M University

CONGRUENCES. 1. History

Appendix. Proof of relation (3) for α 0.05.

Analysis-directed semantics

Specification of Chemical Formulæ in XL with Operator Overloading

DESIGN SPECTRA FOR BURIED PIPELINES

Lecture 21. The Lovasz splitting-off lemma Topics in Combinatorial Optimization April 29th, 2004

Transcription:

Softbound March 23, 2009 Content 1 Tye 2 2 Env 7 2.1 rimitive............................................. 7 2.2 defined function......................................... 7 2.3 axiom............................................... 8 2.4 we-formed environment..................................... 8 3 Syntax 10 4 Semantic 13 5 Proertie 18 A Notationa Convention 21 Lit of Figure 1 Tye................................................ 2 2 Tye Equivaence......................................... 3 3 Tye Converion.......................................... 4 4 Tame Pointer Coure....................................... 5 5 We-formed Tye......................................... 6 6 We-formed Environment..................................... 9 7 Syntax............................................... 10 8 We-formed LHS.......................................... 11 9 We-formed RHS......................................... 12 10 We-formed CMD......................................... 12 11 Reut................................................ 13 12 Data Cat............................................. 13 13 Aertion.............................................. 13 14 Evauation LHS.......................................... 14 15 Evauation RHS.......................................... 15 16 Evauation RHS - Con....................................... 16 17 Evauation CMD.......................................... 17 1

1 Tye Quaifier: Tye: Size of Tye: q ::= afe eq tame Quaifier a ::= atomic tye int int q ointer tye ::= ointer tye a atomic tye anonymou truct tye id named truct tye void void ::= truct tye ni truct ; id:a con truct tab ::= id otion named truct ook-u tabe aize(a) ::= ize() ::= ize() ::= where 1 a = int 1 a = q where aize(a) = a ize() = ize() = n tab n = ome 1 = void where 0 = ize( ) + aize(a) = ; id:a Figure 1: Tye. 2

a a a int a int (E-Int) 1 2 q 1 = q 2 1 q 1 a 2 q 2 (E-Pointer) a 1 a a 2 a 1 a 2 (E-Atomic) 1 2 1 2 (E-AStruct) tab n 1 = ome 1 tab n 2 = ome 2 1 2 n 1 n 2 (E-NStruct) n n (E-EqName) void void (E-Void) (E-Ni) 1 2 a 1 a a 2 1 ; id 1 :a 1 2 ; id 2 :a 2 (E-Con) Figure 2: Tye Equivaence. 3

a a int int (C-Int) q int (C-Ptr-Int) q afe int q (C-Int-Ptr) 1 2 1 afe 2 afe (C-SafePtr) 1 2 1 afe 2 eq (C-SafeSeqPtr) 1 2 1 eq 2 afe (C-SeqSafePtr) 1 2 1 eq 2 eq (C-SeqPtr) 1 tame 2 tame (C-TamePtr) Figure 3: Tye Converion. 4

a a a int (TC-Int) a tame (TC-Ptr) a a a (TC-Atomic) (TC-AStruct) tab n = ome n (TC-NStruct) void (TC-Void) (TC-Ni) a a ; id:a (TC-Con) Figure 4: Tame Pointer Coure. 5

a a a int (WFT-Int) q tame void a q (WFT-NonTamePtr) a tame (WFT-TamePtr) a a a (WFT-Atomic) (WFT-AStruct) tab n = ome n (WFT-NStruct) void (WFT-Void) (WFt-Ni) a a ; id:a (WFT-Con) Figure 5: We-formed Tye. 6

2 Env 2.1 rimitive Tabe 1: rimitive Name Function baeaddr N owet uer-acceibe addr maxaddr N max uer-acceibe addr TOP N tack to addr Stack v otion (d a) tack Mem d (b,e) memory TyeInfo a tye information Env (Stack, M em, T yeinf o) environment Vaue N Vaue of Memory Bae N MetaData, Bae of Memory End N MetaData, Bound of Memory Loc N Location of Memory readmem Mem Loc otion V aue read data readmemmeta Mem Loc otion V aue (Bae,End) read data with meta writemem Mem Loc V aue otion Mem write data writememmeta Mem Loc V aue (Bae,End) otion Mem write data with meta maoc Env N otion (Env Loc) memory aocation udateti T yeinfo Loc P trt ye N T yeinfo udating tye information readmem M : read data from the ocation if it i acceibe readmemmeta M : read data with meta from the ocation if it i acceibe writemem M d: write data to the ocation if it i acceibe writememmeta M d (b,e) : write data with meta to the ocation if it i acceibe maoc : memory aocation udateti : udating tye information 2.2 defined function readmembock M ize readmemmetabock M ize writemembock M d ize writememmetabock M d ize coymembock M d ize coymemmetabock M d ize vaidmem M d.readmem M = ome d d. M.writeMem M d = ome M vaidmembock M ize 7

2.3 axiom axiom 2.1 (vaidaddrerange) 0 < baeaddr maxaddr axiom 2.2 (vaid memory) 1. (M, ). ( d.readmem M = ome d) ( d. M.writeMem M d). 2. (M, ). ( d (b,e).readmemmeta M = ome d (b,e) ) ( d (b,e). M.writeMemMeta M d (b,e) ). 3. (M, ). ( d.readmem M = ome d) ( d (b,e).readmemmeta M = ome d (b,e) ). 4. (M, ). ( d. M.writeMem M d) ( d (b,e). M.writeMemMeta M d (b,e) ). axiom 2.3 (unique reut) 1. (M, ). ( (d, d ). readmem M = ome d readmem M = ome d d = d ). 2. (M, ). ( (d (b,e), d (b,e ) ). readmemmeta M = ome d (b,e) readmemmeta M = ome d (b,e ) d (b,e) = d (b,e ) ). 3. (M, ). ( (d, d ). M.writeMem M d M.writeMem M d ). 4. (M, ). ( (d (b,e), d (b,e ) ). M.writeMemMeta M d (b,e) M.writeMemMeta M d (b,e ) ). axiom 2.4 (udatetyeinfo inverion) 1. If a q, q tame, ize() > 0 and udatetyeinfo T I ize = T I, then ( [, + ize)). T I ( ) = [( ) mod ize()] t and ( < + ize)). T I( ) = T I ( ). 2. If a tame, ize() > 0 and udatetyeinfo T I ize = T I, then ( [, +ize)). T I ( ) = void tame and ( < + ize)). T I( ) = T I ( ). axiom 2.5 (maoc inverion) If maoc E ize = ome ((M, S, T I ), ), then 1. M, T I.E = (M, S, T I) 2. baeaddr + ize < maxaddr ize > 0 3. (readmemmeta M = ome d (b,e) ). readmemmeta M = ome d (b,e) 4. ( < + ize). readmemmeta M = none readmemmeta M = none 5. ( < + ize). readmemmeta M = none readmemmeta M = ome 0 (0,0) 6. ( < + ize). T I( ) = T I ( ) 7. ( < + ize). T I ( ) = int axiom 2.6 (writemem Inverion) 1. If writememmeta M d (b,e) = ome M, then (a) readmemmeta M = ome d (b,e) (b) If ( ). readmemmeta M = d, then readmemmeta M = d (c) If. readmemmeta M = none, then readmemmeta M = none 2. If writemem M d = ome M, then (a) If readmemmeta M = ome d (b,e), then readmemmeta M = ome d (b,e) (b) If ( ). readmemmeta M = d, then readmemmeta M = d (c) If. readmemmeta M = none, then readmemmeta M = none 2.4 we-formed environment 8

M ; T I S S baeaddr T OP maxaddr (v,, a). (v (, a)) S (T OP ) (( + aize(a)) < maxaddr) (v,, a). (v (, a)) S (v,, a ). (v (, a )) S ( ( + aize(a))) ( ( + aize(a ))) M ; T I S S (WF-Stack) M ; T I D d (b,e) : a M ; T I D d (b,e) : int true (WFD-Int) M ; T I D d (b,e) : a afe (d = 0) (WFD-ASafe) ((baeaddr d) (d + 1 < maxaddr) (vaidmem M d) (T I(d) = a)) M ; T I D d (b,e) : afe (d = 0) (WFD-SSafe) ((ize() > 0) (baeaddr d) (d + ize() < maxaddr) ( (i [0, ize())). (vaidmem M d + i (T I(d + i) = [i]))) M ; T I D d (b,e) : n afe (d = 0) (WFD-NSafe) (. tab n = ome (ize() > 0) (baeaddr d) (d + ize() < maxaddr) ( (i [0, ize())). (vaidmem M d + i (T I(d + i) = [i]))) M ; T I D d (b,e) : void afe fae (WFD-VSafe) M ; T I D d (b,e) : eq (b = 0) (WFD-Seq) ((b 0) (baeaddr b e < maxaddr) ( (i [b, e)). (vaidmem M i (T I(i) = [(i d) mod ize()]))) M ; T I D d (b,e) : tame (b = 0) (WFD-Tame) ((b 0) (baeaddr b e < maxaddr) ( (i [b, e)). (vaidmem M i q.t I(i) = q tame)) M M ; T I (, d, b, e). readmemmeta M = d (b,e) M ; T I D M M ; T I d (b,e) : T I() (WF-MemTI) E E M E.M ; E.T I E.M ; E.T I S E.S (v,, a). (v (, a)) E.S vaidmem E.M E.T I() = a E E (WF-Env) Figure 6: We-formed Environment. 9

3 Syntax Syntax: h ::= rh ::= c ::= h exreion v variabe h dereference h id truct o h n id name o rh exreion i int contant h h exreion (a q)&h reference rh + rh addition (a)rh cat (izeof)a ize (a q)maoc rh aoc command ki ki c ; c equence h = rh aignment Figure 7: Syntax. 10

S h:a (v (, a)) S a a S v :a (WFL-Var) S h:a q S h:a (WFL-Def) S h: q [id] = a S h id:a (WFL-StructPo) S h:n q tab n = ome [id] = a S h n id:a (WFL-NamePo) S!tame h:a (v (, a)) S a a S v :a (WFLNT-Var) S!tame h: q q tame [id] = a S!tame h id:a S!tame h:n q q tame tab n = ome [id] = a S!tame h n id:a (WFLNT-StructPo) (WFLNT-NamePo) S tame h:a (v (, void tame)) S S tame v :void tame (WFLT-Var) S tame h: tame [id] = void tame S tame h id:void tame (WFLT-StructPo) S tame h:n tame tab n = ome [id] = void tame S tame h n id:void tame (WFLT-NamePo) Figure 8: We-formed LHS. 11

S r rh:a S r i:int (WFR-Cont) S h:a S r h:a (WFR-Lh) S!tame h:a a a afe S r (a afe)&h:a afe (WFR-RefSafe) S!tame h:a a a eq S r (a eq)&h:a eq S tame h:a a a tame S r (a tame)&h:a tame (WFR-RefSeq) (WFR-RefTame) S r rh 1 :int S r rh 2 :int S r rh 1 + rh 2 :int (WFR-Add) S r rh 1 : q q afe S r rh 2 :int S r rh 1 + rh 2 : q (WFR-AddPtr) S r rh:a a a S r (a )rh:a (WFR-Cat) a a S r izeof(a):int (WFR-Size) S r rh:int a q ize() > 0 S r ( q)maoc rh: q (WFR-Aoc) Figure 9: We-formed RHS. S c c S c ki (WFC-Ski) S c c 1 S c c 2 S c c 1 ; c 2 (WFC-Seq) S h:a S r rh:a r a r a S c h = rh (WFC-Aign) Figure 10: We-formed CMD. 12

4 Semantic Annotation USAGE d (b,e) d with meta (b, e) d id (b,e) d with meta (b, e), id i the name of d ub fied [id] off the offet ub fied id [id] t the tye ub fied id Reut: r ::= err ::= reut ok Succ ocation (d (b,e), a) data with meta Abort Abort OutOf M em OutOfMem error Abort Abort OutOf M em OutOfMem Figure 11: Reut. datacat: from to aertion (d (b,e), q) (d (b,e), int) (d (b,e), int) (0 (0,0), afe) d = 0 (d (b,e), int) (d (0,0), eq) (d (b,e), int) (d (0,0), tame) (d (b,e), eq) (d (b,e), afe) (d (b,e), afe) (d (d,d+ize()), eq) (v = 0) (b 0 b d <= (e ize())) (d (b,e), ) (d (b,e), ) Figure 12: Data Cat. Aertion: aert d (b,e) a afe d 0 aert d (b,e) a eq b 0 b d d + aize(a) <= e aert d (b,e) a tame b 0 b d d + aize(a) <= e aert d id (b,e) afe d 0 aert d id (b,e) eq b 0 b d + [id] off + aize([id] t ) <= e aert d id (b,e) tame b 0 b d + [id] off + aize([id] t ) <= e Figure 13: Aertion. 13

E h r :a (v (, a)) E.S E v :a (Ev-Var) E h :a q readmem E.M = ome (b,e ) aert (b,e ) a q E h :a (Ev-Def) E h e:a E h e:a (Ev-Def-ErrorPro) E h :a q readmem E.M = ome (b,e ) aert (b,e ) a q E h Abort:a (Ev-Def-Abort) E h : q readmem E.M = ome (b,e ) aert id (b,e ) q E h id + [id] off :[id] t E h e:a E h id e:a (Ev-StructPo-ErrorPro) (Ev-StructPo) E h : q readmem E.M = ome (b,e ) aert id (b,e ) q E h id Abort:[id] t (Ev-StructPo-Abort) E h :n q tab n = ome readmem E.M = ome (b,e ) aert (b id,e ) q E h n id + [id] off :[id] t (Ev-NamePo) E h e:a E h n id e:a (Ev-NamePo-ErrorPro) E h :n q tab n = ome readmem E.M = ome (b,e ) aert (b id,e ) q E h n id Abort:[id] t (Ev-NamePo-Abort) Figure 14: Evauation LHS. 14

E r rh r :a r E E r i (i (0,0), int):int r E (Ev-Cont) E h :a readmemmeta E.M = ome d (b,e) E r h d (b,e), E.T I():a r E (Ev-Lh) E h e:a E r h e:a r E (Ev-Lh-ErrorPro) a a afe E.S!tame h:a E h :a E r (a afe)&h ( (0,0), a afe):a afe r E (Ev-RefSafe) a a afe E.S!tame h:a E h :a E r (a eq)&h ( (,+aize(a)), a eq):a eq r E (Ev-RefSeq) a a afe E.S tame h:a E h :a E r (a tame)&h ( (,+aize(a)), a tame):a tame r E (Ev-RefTame) E h e:a E r &h e:a r E (Ev-Ref-ErrorPro) E r rh 1 (d 1(b1,e 1), a 1 ):int r E E r rh 2 (d 2(b2,e 2), a 2 ):int r E E r rh 1 + rh 2 (d 1 + d 2(0,0), int):int r E (Ev-Add) E r rh 1 e:a r E E r rh 1 + rh 2 e:a r E (Ev-Add-ErrorPro1) E r rh 1 (d 1(b1,e 1), a 1 ):int r E E r rh 2 e:a r E E r rh 1 + rh 2 e:a r E (Ev-Add-ErrorPro2) E r rh 1 (d 1(b1,e 1), a 1 ): q r E E r rh 2 (d 2(b2,e 2), a 2 ):int r E E r rh 1 + rh 2 (d 1 + d 2 ize() (b1,e 1), q): q r E (Ev-AddPtr) E r rh 1 e:a r E E r rh 1 + rh 2 e:a r E (Ev-AddPtr-ErrorPro1) E r rh 1 (d 1(b1,e 1), a 1 ): q r E E r rh 2 e:a r E E r rh 1 + rh 2 e:e r E (Ev-AddPtr-ErrorPro2) Figure 15: Evauation RHS. 15

E r rh r :a r E E r rh (d (b,e), a 0 ):a r E datacat d (b,e) a a = d (b,e ) E r (a )rh (d (b,e ), a 0):a r E (Ev-Cat) E r rh e:a r E E r (a )rh e:a r E (Ev-Cat-ErrorPro) E r rh (d (b,e), a 0 ):a r E datacat d (b,e) a a = d (b,e ) E r (a )rh Abort:a r E (Ev-Cat-Abort) E r izeof(a) (aize(a) (0,0), int):int r E (Ev-Size) E r rh (d (b,e), a):int r E d ize() maoc E d = ome (E, ) E r ( afe)maoc rh ( (0,0), afe): afe r (E.M, E.S, udatetyeinfo E.T I d) (Ev-AocSafe) E r rh (d (b,e), a):int r E maoc E d = ome (E, ) E r ( eq)maoc rh ( (,+d), eq): eq r (E.M, E.S, udatetyeinfo E.T I d) (Ev-AocSeq) E r rh (d (b,e), a):int r E maoc E d = ome (E, ) E r ( tame)maoc rh ( (,+d), tame): tame r (E.M, E.S, udatetyeinfo E.T I d) (Ev-AocTame) E r rh e:a r E E r ( q)maoc rh e:a r E (Ev-Aoc-ErrorPro) E r rh (d (b,e), a):int r E maoc E d = none E r ( q)maoc rh OutofMem:a r (E (Ev-Aoc-OutofMem) E r rh (d (b,e), a):int r E d < ize() E r ( afe)maoc rh Abort:a r (E ) (Ev-AocSafe-Abort) Figure 16: Evauation RHS - Con. 16

E c c r c E E c ki ok c E (Ev-Ski) E c c 1 ok c E E c c 2 ok c E E c c 1 ; c 2 ok c E (Ev-Seq) E c c 1 e c E E c c 1 ; c 2 e c E (Ev-Seq-ErrorPro1) E c c 1 ok c E E c c 2 e c E E c c 1 ; c 2 e c E (Ev-Seq-ErrorPro2) E h : q E r rh (d (b,e), ):a r r E datacat d (b,e) q a r writememmeta E.M d (b,e) = ome M E c h = rh ok c (M, E.S, E.T I) (Ev-Aign-Ptr) E h :int E r rh (d (b,e), ):a r r E datacat d (b,e) int a r writemem E.M d = ome M E c h = rh ok c (M, E.S, E.T I) (Ev-Aign-NPtr) E h e:a E c h = rh e c E (Ev-Aign-ErrorPro1) E h :a E r rh e:a r r E E c h = rh e c E (Ev-Aign-ErrorPro2) E h : q E r rh (d (b,e), ):a r r E datacat d (b,e) q a r E c h = rh Abort c E (Ev-Aign-Ptr-Abort) Figure 17: Evauation CMD. 17

5 Proertie Lemma 5.1 (tack invariance) 1. If E E, E.S r rh:a and E r rh r :a r E, then E.S = E.S. 2. If E E, E.S c c and E c c r c E, then E.S = E.S. Proof: Part 1 i by induction on E r rh r :a r E, art 2 i by induction on E c c r c E. Lemma 5.2 (h inverion) If E E and E h : a, then vaidmem E.M and 0 baeaddr + aize(a) < maxaddr. Proof: By induction on E h :a. Lemma 5.3 (h tr inverion) If E E and E h :a, then 1. If a = afe, then E.T I() = afe 2. If a = eq, then E.T I() = eq 3. If a = tame, then.e.t I() = tame Lemma 5.4 (rh tr inverion) If E E and E r rh (d (b,e), a ):a r E, then 1. If a = eq and a = int, then b = e = 0 or d = b = 0 2. If a = afe, then a int or a = int d = b = 0 3. If a = tame, a = q and q tame, then b = e = 0 4. If a = tame, a = int, then b = e = 0 5. If a = afe, a = eq, then d = 0 or b 0 b d < e ize() 6. If a = afe, a = tame, then d = 0. 7. If a = eq, a = tame, then d = 0 or b = e = 0. 8. If a = afe, a = eq, then d = b = e = 0 or d = b e = b + ize(). Lemma 5.5 (rh inverion) If E E and E r rh (d (b,e), a ) : a r E, then E.M ; E.T I d (b,e) : a. D Proof: By h tr inverion 5.3, rh tr inverion 5.4. Theorem 5.1 (rh we-formed environment invariance) If E E, E.S r rh:a and E r rh r :a r E, then E E. Proof: By induction on E r rh r :a r E, other cae are trivia excet Ev-AocSafe, Ev- AocSeq and Ev-AocTame. 1. Ev-AocSafe: E r rh (d (b,e), a):int r E and maoc E d = ome (E, ). t.. W F Env(E.M, E.S, udatetyeinfo E.T I d). It i ufficient to how (a) E.M ; udatetyeinfo E.T I d S inverion 2.4. E.S: By maoc inverion 2.5 and udatetyeinfo 18

(b) M E.M ; udatetyeinfo E.T I d: By definition, it i to how (, d, b, e ). readmemmeta E.M = d (b,e ) E.M ; udatetyeinfo E.T I d d (b,e ) : (udatetyeinfo E.T I d)( ). i. +d < : By udatetyeinfo inverion 2.4, E.T I( ) = (udatetyeinfo E.T I d)( ). By detruct E.T I( ), each cae i by maoc inverion 2.5 and udatetyeinfo inverion 2.4. ii. < + d: By maoc inverion 2.5 and udatetyeinfo inverion 2.4. 2. Ev-AocSeq,Ev-AocTame: imiar to Ev-AocSafe. D Theorem 5.2 (cmd we-formed environment invariance) If E E, E.S c c and E c c r c E, then E E. Proof: By induction on E c c r c E, 1. Ev-Aign-Ptr: By rh inverion 5.5. 2. other: immediate. Theorem 5.3 (h rogre) If E E and E.S h : a, then.e h : a or E h Abort:a. Proof: By induction on E.S h:a, 1. WFL-Var: Immediate. 2. WFL-Def: E.S h 0 :a 0 q with h = h 0 and a = a 0. t.. E.S h 0 :a 0. By IH, (a) E h 0 : a 0 : By h inverion 5.2, we have readmemmeta E.M = ome (b,e ). The reut foow by that aert (b,e ) a 0 q i decidabe. (b) E h 0 Abort:a 0 : Immediate by Ev-Def-ErrorPro. 3. WFL-StructPo and WFL-NamePo: imiar to Cae WFL-Def. Theorem 5.4 (rh rogre) If E E and E.S r rh:a, then (d (b,e), a ), E.E r rh (d (b,e), a ): a r E or E, a.e r rh OutofMem:a r E or E, a.e r rh Abort:a r E. Proof: By induction on E.S r rh:a, 1. WFR-Cont: Immediate. 2. WFR-Lh: E.S h:a with rh = h and a = a. By h rogre 5.3, (a) E h : a : By h inverion 5.2, we have readmemmeta E.M = ome (b,e ). The reut foow by Ev-Lh. (b) E h Abort:a : Immediate by Ev-Lh-ErrorPro. 3. WFR-Ref-Safe: E!tame h:a with rh = &h and a = a afe. We have E h:a becaue E!tame h:a E h:a. By h rogre 5.3. 4. WFR-Ref-Seq: imiar to Ev-Ref-Safe. 19

5. WFR-Ref-Tame: imiar to Ev-Ref-Safe, but by E tame h:a E h:a. 6. WFR-Add: S r rh 1 : int and S r rh 2 : int with rh = rh 1 + rh 2 and a = int. By IH of rh 1, (a) E r rh 1 (d (b,e), a ) : a r E : By rh we-formed environment invariance 5.1, E E. By tack invariance 5.1, E.S = E.S. The deired reut i by IH of rh 2. (b) ee: By Ev-Add-ErrorPro1. 7. WFR-AddPtr: imiar to Cae WFR-Add. 8. WFR-Cat: S r rh :a with rh = (a)rh and a = a. By IH, (a) E r rh (d (b,e), a ):a r E : If datacat d (b,e) a a hod, then the reut i by Ev-Cat, ee it i by Ev-Cat-Abort. (b) ee: By Ev-Cat-ErrorPro. 9. WFR-Size: Immediate. 10. WFR-Aoc:S r rh :int with rh = ( q)maoc rh and a = q. By IH, (a) E r rh (d (b,e), a):int r E : i. maoc E d = ome (E, ): If q afe, then the reut i by Ev-Aoc-Seq and Ev- Aoc-Tame. Otherwie, if d ize(), the reut i by Ev-Aoc-Safe, ee by Ev-Aoc- SafeAbort. ii. maoc E d = none:by Ev-Aoc-OutofMem. (b) ee: By Ev-Aoc-ErrorPro. Theorem 5.5 (cmd rogre) If E E and E.S c c, then E.E c c ok c E or E.E c c OutofMem c E or E.E c c Abort c E. Proof: By induction on E.S c c, 1. WFC-Ski: Immediate. 2. WFC-Seq: S c c 1 and S c c 2 with c = c 1 ; c 2. By IH of c 1, (a) E c c 1 ok c E : By cmd we-formed environment invariance 5.2, W F EnvE. By tack invariance 5.1, E.S = E.S. The deired reut i by IH of c 2. (b) ee: By Ev-Seq-ErrorPro1. 3. WFC-Aign: S h:a, S r rh:a r and a r a where c = h = rh. By h rogre 5.3, (a) E h :a : By rh rogre 5.4, i. E rh (d (b,e), a r):a r E : A. a = int : By h inverion 5.2, writemem E.M d = ome M. In cae, datacat d (b,e) int a r hod. The reut i by Ev-Aign-NPtr. B. a = q : By h inverion 5.2, writememmeta E.M d(b, e) = ome M. In cae, the reut i by the decidabiity of datacat d (b,e) q a r ii. ee: By Ev-Aign-ErrorPro2. (b) ee: By Ev-Aign-ErrorPro1. 20

A Notationa Convention TEXT a b c d e err E i id h rh M n q r S t TI v USAGE atomic tye bae command vaue end error Environment int contant identity ocation eft hand ide exreion right hand ide exreion Memory named truct ointer tye quaifier reut anonymou truct Stack tye Tye Information variabe 21

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback