Large-step semantics of IMP We define big-step evaluation relations for commands and expressions. For arithmetic expressions, we need a relation => n, and for boolean expressions a relation => t, where t in {true,false}. These evaluation relations are similar to what we've seen before. For commands, the big-step evaluation of a configuration yields a final store s'. Hence, the evaluation relation for commands is of the form => s'. The rules that define this relation are as follows. (skip) ------------- => s => n (assign) ------------------- => s[x->n] => s' => s'' (seq) --------------------------- => s'' => true => s' (tif) ------------------------------ => s' => false => s' (fif) ------------------------------ => s' => false (fwhile) ---------------------- => s => true => s' => s'' (twhile) ------------------------- => s'' It's interesting to see that the rule for while loops does not rely on using an if command (as we needed in the case of small-step semantics). Why does this rule work? The small-step semantics suggest that the loop construct "while b do c" should be equivalent to "if b then (c; while b do c) else skip". Can we show that this indeed the case that the language is defined using the above large-step evaluation? First, we need to to be more precise about what "equivalent commands" mean. Our formal model allows us to define this concept using large-step evaluations as follows (one can write a similar definition using ->* in small-step semantics).. [Equivalence] Two commands c, c' are equivalent (written c ~ c') if, for any states s and s', we have: => s' <=> => s'. So we'd like to prove: while b do c ~ if b then (c; while b do c) else skip Let W be an abbreviation for "while b do c". We want to show: => s' iff => s', for all s, s'. For this, we must show that both implications => and <= hold. We'll show only direction =>; the other is similar. Assume that s and s' are stores such that => s'. It means that there is some derivation that proves for this fact. Inspecting the evaluation rules, we see that there are two possible rules whose conclusions match this fact. We analyze each of them in turn. One rule is the (fwhile) rule, in which case the proof tree for => s' looks as follows: ... (1) -------------- => false (fwhile) ---------------------- => s We can use subtree (1) to derive a proof tree showing that the evaluation of if b then (c;W) else skip yields the same final state s: ... (1) -------------- => false (fif) ----------------------------------- => s The other alternative is that => s has been derived using the (twhile) rule. In this case, the proof tree has the following form: ... (2) ... (3) ... (4) ------------- ----------- ------------------------- => true => s' => s'' (twhile) --------------------------------------------------- => s'' We can use subderivations (2), (3), and (4) to show that if b then (c;W) else skip evaluates to the same final state s'': ... (3) ... (4) ----------- ------------------------- ... (2) => s' => s'' ------------- ------------------------------------- => true => s'' (tif) --------------------------------------------------- => s'' Hence, we showed that in each of the two possible cases, the if command evaluates to the same final state as the while command.