HW 1 Reminder. Principles of Programming Languages. Lets try another proof. Induction. Induction on Derivations. CSE 230: Winter 2007

Similar documents
Programming Languages

Proof Techniques for Operational Semantics

Proof Techniques for Operational Semantics

Proof Techniques for Operational Semantics. Questions? Why Bother? Mathematical Induction Well-Founded Induction Structural Induction

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Semantics with Applications 2b. Structural Operational Semantics

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Semantics and Verification of Software

In this lecture, we will use the semantics of our simple language of arithmetic expressions,

Lecture Notes on Bidirectional Type Checking

A semantics for concurrent permission logic. Stephen Brookes CMU

CS 4110 Programming Languages and Logics Lecture #2: Introduction to Semantics. 1 Arithmetic Expressions

Max Registers, Counters and Monotone Circuits

From Concurrent Programs to Simulating Sequential Programs: Correctness of a Transformation

Structural Induction

Operational Semantics

CS 4110 Programming Languages & Logics. Lecture 2 Introduction to Semantics

Grainless Semantics without Critical Regions

Operational Semantics

Equational reasoning. Equational reasoning. Equational reasoning. EDAN40: Functional Programming On Program Verification

Lecture Notes on Type Checking

The Traveling Salesman Problem. Time Complexity under Nondeterminism. A Nondeterministic Algorithm for tsp (d)

A Formally Verified Interpreter for a Shell-like Programming Language

5 Deduction in First-Order Logic

CSE 21 Winter 2016 Homework 6 Due: Wednesday, May 11, 2016 at 11:59pm. Instructions

Maximum Contiguous Subsequences

CIS 500 Software Foundations Fall October. CIS 500, 6 October 1

IEOR E4004: Introduction to OR: Deterministic Models

Decidability and Recursive Languages

Abstract stack machines for LL and LR parsing

Sublinear Time Algorithms Oct 19, Lecture 1

Lecture 2: The Simple Story of 2-SAT

Calculational Design of Information Flow Monitors

Discrete Mathematics for CS Spring 2008 David Wagner Final Exam

Yao s Minimax Principle

Formal Techniques for Software Engineering: More on Denotational Semantics

MAS115: R programming Lecture 3: Some more pseudo-code and Monte Carlo estimation Lab Class: for and if statements, input

Recitation 1. Solving Recurrences. 1.1 Announcements. Welcome to 15210!

2 Deduction in Sentential Logic

Computational Independence

Conditional Rewriting

15-451/651: Design & Analysis of Algorithms November 9 & 11, 2015 Lecture #19 & #20 last changed: November 10, 2015

7-4. Compound Interest. Vocabulary. Interest Compounded Annually. Lesson. Mental Math

Comparing Goal-Oriented and Procedural Service Orchestration

A CATEGORICAL FOUNDATION FOR STRUCTURED REVERSIBLE FLOWCHART LANGUAGES: SOUNDNESS AND ADEQUACY

Online Algorithms SS 2013

Semantic Array Dataflow Analysis

Developmental Math An Open Program Unit 12 Factoring First Edition

Tableau Theorem Prover for Intuitionistic Propositional Logic

CTL Model Checking. Goal Method for proving M sat σ, where M is a Kripke structure and σ is a CTL formula. Approach Model checking!

Tableau Theorem Prover for Intuitionistic Propositional Logic

Expected Value and Variance

MSU CSE Spring 2011 Exam 2-ANSWERS

Algebra homework 8 Homomorphisms, isomorphisms

Multistage Stochastic Programming

A Semantic Framework for Program Debugging

CH 39 CREATING THE EQUATION OF A LINE

MATH3075/3975 FINANCIAL MATHEMATICS TUTORIAL PROBLEMS

Towards Smart Proof Search for Isabelle PSL and all that

CS 188: Artificial Intelligence. Outline

15-451/651: Design & Analysis of Algorithms October 23, 2018 Lecture #16: Online Algorithms last changed: October 22, 2018

Lecture 5: Tuesday, January 27, Peterson s Algorithm satisfies the No Starvation property (Theorem 1)

Math 101, Basic Algebra Author: Debra Griffin

3 Arbitrage pricing theory in discrete time.

A Translation of Intersection and Union Types

COMPUTER SCIENCE 20, SPRING 2014 Homework Problems Recursive Definitions, Structural Induction, States and Invariants

Semantics of an Intermediate Language for Program Transformation

LECTURE 2: MULTIPERIOD MODELS AND TREES

CS 6110 S11 Lecture 8 Inductive Definitions and Least Fixpoints 11 February 2011

Retractable and Speculative Contracts

Lecture 17: More on Markov Decision Processes. Reinforcement learning

CS599: Algorithm Design in Strategic Settings Fall 2012 Lecture 6: Prior-Free Single-Parameter Mechanism Design (Continued)

From PSL to NBA: a Modular Symbolic Encoding

SAT and DPLL. Introduction. Preliminaries. Normal forms DPLL. Complexity. Espen H. Lian. DPLL Implementation. Bibliography.

Instruction Selection: Preliminaries. Comp 412

Dynamic Programming (DP) Massimo Paolucci University of Genova

Interpolation. 1 What is interpolation? 2 Why are we interested in this?

MS-E2114 Investment Science Lecture 10: Options pricing in binomial lattices

91.420/543: Artificial Intelligence UMass Lowell CS Fall 2010

Math 167: Mathematical Game Theory Instructor: Alpár R. Mészáros

On the Optimality of a Family of Binary Trees Techical Report TR

SAT and DPLL. Espen H. Lian. May 4, Ifi, UiO. Espen H. Lian (Ifi, UiO) SAT and DPLL May 4, / 59

About this lecture. Three Methods for the Same Purpose (1) Aggregate Method (2) Accounting Method (3) Potential Method.

X ln( +1 ) +1 [0 ] Γ( )

Homework #4. CMSC351 - Spring 2013 PRINT Name : Due: Thu Apr 16 th at the start of class

Practice Second Midterm Exam II

Partial Fractions. A rational function is a fraction in which both the numerator and denominator are polynomials. For example, f ( x) = 4, g( x) =

ACCUPLACER Elementary Algebra Assessment Preparation Guide

The two meanings of Factor

CSE 417 Algorithms. Huffman Codes: An Optimal Data Compression Method

Lecture 37 Sections 11.1, 11.2, Mon, Mar 31, Hampden-Sydney College. Independent Samples: Comparing Means. Robb T. Koether.

arxiv: v1 [math.lo] 24 Feb 2014

A Consistent Semantics of Self-Adjusting Computation

AVL Trees. The height of the left subtree can differ from the height of the right subtree by at most 1.

Matching of Meta-Expressions with Recursive Bindings

Section 5.3 Factor By Grouping

MAC Learning Objectives. Learning Objectives (Cont.)

Binary Decision Diagrams

1 Graham Hutton, Programming in Haskell, 2nd ed., Cambridge. 2 Bryan O Sullivan, Don Stewart, and John Goerzen, Real World

Transcription:

CSE 230: Winter 2007 Principles of Programming Languages Lecture 4: Induction, Small-Step Semantics HW 1 Reminder Due next Tue Instructions about turning in code to follow Send me mail if you have issues Ranjit Jhala UC San Diego Induction Most important technique for formal semantics, type systems in PL Several flavors mathematical induction (simplest) well-founded induction (most general) structural induction (most widely used in PL) On structure of expressions On structure of derivations (proofs) Lets try another proof Prove that IMP is deterministic (unique evaluations) 1. e Aexp. σ Σ. n, n N. <e, σ> n < e, σ > n n = n 2. b Bexp. σ Σ. t, t B. < b, σ > t < b, σ > t t = t 3. c Comm. σ, σ,σ Σ. < c, σ > σ < c, σ > σ σ = σ Q: Can we directly use induction? On what? For commands, cannot use induction on structure of cmd while eval does not depend only on eval of strict subexp <b, σ> true <c;while b do c, σ> σ <while b do c, σ > σ Induction on structure of Derivations Key idea: The (ind) hypothesis gives not only a c Comm but also the existence of a derivation of < c, σ > σ Derivation trees also defined inductively, like expression trees. A derivation is built of subderivations: <x, σ i+1 > 5 - i 5 i 5 < x+1, σ i+1 > 6 - i < x:=x+1, σ i+1 > σ i <W, σ i > σ 0 < x 5, σ i+1 > true < x:=x+1;w, σ i+1 > σ 0 <while x 5 do x:=x+1, σ i+1 > σ 0 We adapt structural induction principle to structure of derivations Induction on Derivations To prove that for all derivations D of a judgment, property P(D) holds: H 1 H n For each derivation rule of the form C Assume property P holds for derivation of H i (i =1,,n) : Prove property P holds for derivation obtained from derivations of H i using given rule 1

Example: Induction on Derivations (I) Prove evaluation of commands is deterministic: <c,σ > σ and <c, σ > σ σ = σ Pick arbitrary c, σ, σ and D :: <c, σ> σ To prove: <c, σ > σ σ = σ Proof by induction on the structure of the derivation D Case: the last rule used in D was the one for skip : D :: So, c = skip, and σ =σ <skip, σ > σ Thus, <c,σ> σ uses rule for skip, so σ =σ This is a Base case in the induction Example: Induction on Derivations (II) Case: last rule used in D was for sequencing D :: D 1 :: <c 1,σ > σ 1 D 2 :: <c 2, σ 1 > σ < c 1 ;c 2,σ > σ Pick arbitrary σ σ st s.t. D :: <c 1 ;c 2,σ σ > σ σ By inversion, D uses rule for sequencing w/ subderiv D 1 ::<c 1,σ> σ 1 and D 2 ::<c 2,σ 1 > σ By ind hyp on D 1 (with D 1 ): σ 1 = σ 1 Now D 2 :: <c 2, σ 1 > σ By induction hypothesis on D 2 (with D 2 ): σ = σ This is a simple inductive case Example: Induction on Derivations (III) Case: last rule used in D was for while true D 1 ::<b,σ> true D 2 ::<c; while b do c, σ> σ D :: <while b do c, σ> σ Pick arbitrary σ s.t. D ::<while b do c, σ> σ By inversion, determinism of bool expressions, D also uses the rule while-true with sub-derivations: D 1 ::<b,σ> true D 2 ::< c;while b do c, σ > σ By ind hypothesis on sub-derivation D 2 (with D 2 ): σ = σ Induction on Derivation: Notes To prove x A. P(x) with A inductively-defined, P(x) rule-defined Pick arbitrary x A and D :: P(x) can do induction on both facts x A induction on structure of x D :: P(x) induction on structure of derivation D Induction on derivation often more powerful Induction Haiku(?) Applying Big-Step Semantics: Equivalence Many choices for induction, Find right one by trial-and-error, and Practice helps. 2

Equivalence Two expressions are equivalent if they yield the same value from all states e 1 e 1 iff σ Σ. n Z. <e 1,σ> n iff <e 2,σ> n Equivalence Two commands are equivalent if they yield the same state from all states c 1 c 2 iff σ, σ Σ. <c 1,σ> σ iff<c 2,σ> σ Notes on Equivalence Equivalence is like validity Must hold in all states. 2 1+1 is a valid statement ( 2=1+1 is valid) 2 1+x? NO!Depends on state s value of x, Not true in all states Equivalence (for IMP) is undecidable Otherwise, could solve the halting problem How? Notes on Equivalence Equivalence justifies code transformations: compiler optimizations code instrumentation Semantics is basis for proving equivalence Find sufficient conditions for equivalence Translation Validation (for gcc!) skip;c c x:= e 1 ; x:=e 2 x:=e 2 Q: Does this hold for Java program? 3

while b do c if b then (c; while b do c) else skip If e 1 e 2 then x:=e 1 x:=e 2 Conditional Equivalence while true do skip while true do x:=x+1 If c is while (x=y) do if x y then x:=x-y else y:=y-x then (x:=221;y:=527;c) (x:=17;y:=17) Proving an Equivalence Prove: skip;c c for all c Assume that D :: < skip;c, σ> σ By inversion (twice) we have that: <skip, σ> σ D 1 :: <c, σ> σ D :: <skip;c, σ> σ Thus, we have D 1 :: <c, σ> σ The other direction is similar. Proving an Inequivalence Prove that x:=y x:=z Suffices to show a witness store σ in which the two commands yield different results Let σ(y)=0 and σ(z)=1. Then < x:=y, σ > σ[x a 0] and < x:=z, σ > σ[x a 1] 4

Big-Step Operational Semantics Big-Step Operational Semantics: <e,σ> n Means e evaluates to n in state σ In one, big step, all the way to a result Cannot describe non-terminating commands There is no σ such that < c, σ> σ Have no explanation of how c runs or fails! Cannot describe intermediate states E.g. interleaved execution (on parallel machine) E.g. low-level execution Operational Semantics: Big vs. Small Small-Step Operational Semantics: e e describe a single step in the evaluation many stepsmay be needed for result Relation defined by rules n is the sum of n 1 and n 2 n is the product of n 1 and n 2 n 1 +n 2 n n 1 *n 2 n e 1 e 1 e 1 +e 2 e 1 +e 2 e 2 e 2 n 1 +e 2 n 1 +e 2 Fixed evaluation order: E.g. (3+4)+5 7+5 12 e 1 e 1 e 1 *e 2 e 1 *e 2 e 2 e 2 n 1 *e 2 n 1 *e 2 Contextual Semantics Small-step semantics, specified in two parts What evaluation rules to apply? What is an atomic reduction step? Wherecan we apply them? Where to apply next atomic reduction step? Small-Step Op. Semantics for IMP Execution step is a rewrite of the program We define a relation: <c, σ> <c, σ > c obtained from c through an atomic rewrite step e.g.: <x:=2+8, σ > <x:=10, σ> <skip, σ[xa10]> Termination: command rewritten to a terminal command from which we cannot make further progress For IMP the terminal command is skip For every other command we can make progress Some commands never reduce to skip i.e. do not terminate! while true do skip What is an Atomic Reduction? Need to define: What is an atomic reduction step? Granularity is choice of semantics designer e.g., choice between an addition of arbitrary integers, or an addition of 32-bit integers How to select the next reduction step? when several are possible? determines order of evaluation issue 5

Redexes Expressions, commands reducible in atomic step For brevity, we combine expr and command redexes Defined by a grammar: r ::= x n 1 + n 2 x := n skip; c if true then c 1 else c 2 if false then c 1 else c 2 while b do c Note: (1+3)+2 is not a redex, but 1+3 is Local Reduction Rules for IMP One per redex: <r, σ> <e, σ > Redex r in state σ can be replaced, in one step, with expression e, in state σ <x, σ> <σ(x), σ> <n 1 +n 2, σ> <n, σ> if n =n 1 + n 2 <n 1 =n 2, σ> <true, σ > if n 1 = n 2 <x:=n, σ> <skip, σ[x a n]> <skip;c, σ> <c, σ> <if true then c 1 else c 2, σ> <c 1, σ> <if false then c 1 else c 2, σ> <c 2, σ> <while b do c, σ> <if b then (c;while b do c) else skip, σ> Quick recap A redex can be reduced in one step E.g. 2+8 Local reduction rules reduce redexes E.g. < 2+8,σ> <10,σ> Next: global reduction rules Consider: <while false do x:=1+(2+8), σ> Should we reduce (2+8) in this case? Contexts Context = expr or command with one marker Sometimes called a hole Given a context H, H[e] obtained by replacing marker with e H is x := 1 + H[2+8] is x:=1+(2+8) H[10] is x:=1+10 H is while false do x := 1 + H[2+8] is while false do x :=1+(2+8) Evaluation Contexts Context in which hole indicates next place for evaluation. identifies next redex, (like program counter) H ::= H + e n + H x := H if H then c 1 else c 2 H; c Eval contexts determine redex Consider e 1 +e 2 and its decomposition as H[r] If e 1 is n 1 and e 2 is n 2 then H = and r = n 1 +n 2 If e 1 is n 1 and e 2 is not n 2 then H = n 1 + H 2 where e 2 = H 2 [r] i.e. recursively find hole in e 2 If e 1 is not n 1 and e 2 is not n 2 then H = H 1 + e 2 where e 1 = H 1 [r] i.e. recursively find hole in e 1 In each case the decomposition is unique 6

Global Reduction Rule Key idea of contextual semantics: Decompose current expression/command into: r : next redex H : evaluation context (i.e. the remaining program) Reduce redex r to expression e Plug e back into original context, yielding H[e] Formalized as a small step rule: If <r, σ> <e,σ > then <H[r],σ> <H[e],σ > Global Reduction Rule: Example Consider command x := 1+(2+8) Split into an evaluation context H and a redex r Get H = x := 1+ r = 2+8 H[r] = x := 1+(2+8) (original command) Have <2+8, σ> <10, σ> (local reduction rule) Define global reduction <H[2+8], σ > <H[10], σ > or, equivalently < x := 1+(2+8), σ > < x := 1+10, σ> Contextual Semantics: Example Consider the small-step evaluation of x := 1; x := x + 1 in the initial state [x a 0] State Context Redex <x:=1;x:=x+1, [xa 0]> ;x:=x+1 x := 1 <skip;x:=x+1, [xa 1]> skip;x:= x+1 <x := x + 1, [xa 1]> x:= +1 x <x := 1 + 1, [xa 1]> x:= 1 + 1 <x := 2, [xa 1]> x := 2 <skip, [xa 2]> Unique Decomposition Theorem If c is not skip then there exist unique H and r such that c = H[r] Determinism and Progress For example: c = c 1 ;c 2 either c 1 = skip and then c = H[skip;c 2 ] with H = or c 1 skip and then c 1 = H 1 [r] so c = c 1 ;c 2 = H 1 [r];c 2 = H[r] where H = H 1 ;c 2 For example: c = if b then c 1 else c 2 either b = true or b = false and then c = H[r] with H = or b is not a value and b = H [r]; so c = if b then c 1 else c 2 = if H [r] then c 1 else c 2 = H[r] where H = if H then c 1 else c 2 Normal vs Short-Circuit Boolean Operators Normalevaluation of Define the contexts, redexes, and local rules: H ::=... H Æ b 2 p 1 Æ H r ::=... p 1 Æ p 2 < p 1 Æp 2, σ> <p,σ> where p 1 = p 1 Æ p 2 Short-circuit evaluation of Define the contexts, redexes, and local rules: H ::=... H Æ b 2 r ::=... p 1 Æ p 2 <true Æ b 2, σ> <b 2,σ> <false Æ b 2, σ> <false,σ> Contextual Semantics: Notes Think of as representing the program counter Advancement rules for are tricky At each step, entire command is decomposed So contextual semantics inefficient to implement Allows mix of local, global reduction rules IMP has only local reduction rules: redex is reduced 7

Some Further Topics Treating errors in operational semantics with an explicit error result, as in (3/0) error, with an error expression, as in (3 + error), with stuck computations, there is no r such that (3/0) r Treatment of overflow (see homework) Summary of Operational Semantics Precise specification of program behavior: order of evaluation (or that it doesn t matter) error conditions (sometimes implicitly, by rule applicability) Simple and abstract no low-level details e.g. stack, memory management, data layout Often not compositional (as for while) Basis for proofs about languages (deterministic) reasoning about particular programs (equivalence) Point of reference for other semantics 8

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback