Re: Formal semantics for C

• To: fjh@cs.mu.oz.au
• Subject: Re: Formal semantics for C
• From: Matthias Felleisen <matthias@ccs.neu.edu>
• Date: Wed, 26 Dec 2001 15:30:40 -0500 (EST)
• Cc: kfl@it.edu, types@cis.upenn.edu, S.J.Thompson@ukc.ac.uk, Michael.Norrish@cl.cam.ac.uk
• In-reply-to: <20011225143316.GA2616@earth.cs.mu.oz.au> (message from Fergus Henderson on Wed, 26 Dec 2001 01:33:16 +1100)
• References: <200112221456.fBMEunr29447@saul.cis.upenn.edu> <200112221624.fBMGOdq04891@saul.cis.upenn.edu> <200112231526.fBNFQbM08076@saul.cis.upenn.edu> <20011225143316.GA2616@earth.cs.mu.oz.au>
• Reply-To: matthias@ccs.neu.edu

Corky has made the most important points. 

My conjecture is that you probably didn't mean "non-deterministic" but
indeterminate. Perhaps you're trying to say that all unsafe operations
should be bottom (denotationally speaking), since we have no
information about them. This, however, would be a bad mistake that was
made in the early history of the full abstraction problem. When you
computation is erroneous, there is information. (You may not like it,
but it is not absence of information, as bottom would make you think.) 
[See the papers that Corky and I wrote on full abstraction for
sequential higher-order languages.]

In C's case the real problem is that you don't even know when to
specify that your semantics is unspecified without going through an
extreme detour. Just think about how you would specify that an array
access is out of bounds. When the array is passed to a procedure, you
typically don't even have access to its bound. If you do, what exactly
are you going to say? 

-- Matthias

• Re: Formal semantics for C
• From: Fergus Henderson <fjh@cs.mu.oz.au>

• Re: Formal semantics for C
• From: Fergus Henderson <fjh@cs.mu.oz.au>

• Prev: Re: Formal semantics for C
• Next: Re: Nondeterminism (was: Formal semantics for C)
• Index(es):
  • Main
  • Thread