Proof Techniques for Operational Semantics. Questions? Why Bother? Mathematical Induction Well-Founded Induction Structural Induction

Similar documents
Programming Languages

Proof Techniques for Operational Semantics

Proof Techniques for Operational Semantics

HW 1 Reminder. Principles of Programming Languages. Lets try another proof. Induction. Induction on Derivations. CSE 230: Winter 2007

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

In this lecture, we will use the semantics of our simple language of arithmetic expressions,

Semantics and Verification of Software

Semantics with Applications 2b. Structural Operational Semantics

CS 4110 Programming Languages & Logics. Lecture 2 Introduction to Semantics

5 Deduction in First-Order Logic

COMPUTER SCIENCE 20, SPRING 2014 Homework Problems Recursive Definitions, Structural Induction, States and Invariants

Notes on Natural Logic

Math 14 Lecture Notes Ch The Normal Approximation to the Binomial Distribution. P (X ) = nc X p X q n X =

Recitation 1. Solving Recurrences. 1.1 Announcements. Welcome to 15210!

CS 4110 Programming Languages and Logics Lecture #2: Introduction to Semantics. 1 Arithmetic Expressions

Introduction An example Cut elimination. Deduction Modulo. Olivier Hermant. Tuesday, December 12, Deduction Modulo

Expectations. Definition Let X be a discrete rv with set of possible values D and pmf p(x). The expected value or mean value of X, denoted by E(X ) or

CHAPTER 7 INTRODUCTION TO SAMPLING DISTRIBUTIONS

Isabelle/FOL First-Order Logic

Structural Induction

Lecture 5: Tuesday, January 27, Peterson s Algorithm satisfies the No Starvation property (Theorem 1)

TABLEAU-BASED DECISION PROCEDURES FOR HYBRID LOGIC

CH 39 CREATING THE EQUATION OF A LINE

Operational Semantics

x f(x) D.N.E

Every data set has an average and a standard deviation, given by the following formulas,

Comparing Goal-Oriented and Procedural Service Orchestration

Maximally Consistent Extensions

Discrete Mathematics for CS Spring 2008 David Wagner Final Exam

Lecture 2: The Simple Story of 2-SAT

MSA 640 Homework Assignment #1 Due Friday, August 27, 2010 (100 Points Total/20 Points per Question)

Class 12. Daniel B. Rowe, Ph.D. Department of Mathematics, Statistics, and Computer Science. Marquette University MATH 1700

2 Deduction in Sentential Logic

Lecture Notes on Bidirectional Type Checking

Probability Theory. Probability and Statistics for Data Science CSE594 - Spring 2016

Operational Semantics

arxiv: v1 [math.lo] 24 Feb 2014

Tableau Theorem Prover for Intuitionistic Propositional Logic

Tableau Theorem Prover for Intuitionistic Propositional Logic

Maximum Contiguous Subsequences

Stat511 Additional Materials

Outline Introduction Game Representations Reductions Solution Concepts. Game Theory. Enrico Franchi. May 19, 2010

An Adaptive Characterization of Signed Systems for Paraconsistent Reasoning

Strong normalisation and the typed lambda calculus

Threshold logic proof systems

Statistics 511 Additional Materials

Characterization of the Optimum

CIS 500 Software Foundations Fall October. CIS 500, 6 October 1

Mixed Strategies. Samuel Alizon and Daniel Cownden February 4, 2009

2. Modeling Uncertainty

Lecture Notes on Type Checking

MLLunsford 1. Activity: Central Limit Theorem Theory and Computations

Conditional Rewriting

CS 6110 S11 Lecture 8 Inductive Definitions and Least Fixpoints 11 February 2011

Algebra homework 8 Homomorphisms, isomorphisms

Interpolation. 1 What is interpolation? 2 Why are we interested in this?

The Assumption(s) of Normality

4 Martingales in Discrete-Time

Matching of Meta-Expressions with Recursive Bindings

Syllogistic Logics with Verbs

Characterisation of Strongly Normalising λµ-terms

Best Reply Behavior. Michael Peters. December 27, 2013

CTL Model Checking. Goal Method for proving M sat σ, where M is a Kripke structure and σ is a CTL formula. Approach Model checking!

THE UNIVERSITY OF TEXAS AT AUSTIN Department of Information, Risk, and Operations Management

Microeconomics III Final Exam SOLUTIONS 3/17/11. Muhamet Yildiz

École normale supérieure, MPRI, M2 Year 2007/2008. Course 2-6 Abstract interpretation: application to verification and static analysis P.

CHAPTER 6 Random Variables

Pricing Barrier Options under Local Volatility

A semantics for concurrent permission logic. Stephen Brookes CMU

Asymptotic Notation. Instructor: Laszlo Babai June 14, 2002

MATH 361: Financial Mathematics for Actuaries I

Chapter 5. Statistical inference for Parametric Models

A Consistent Semantics of Self-Adjusting Computation

Homework #4. CMSC351 - Spring 2013 PRINT Name : Due: Thu Apr 16 th at the start of class

Section 5.6 Factoring Strategies

Part 10: The Binomial Distribution

Expected Value and Variance

Algorithmic Game Theory and Applications. Lecture 11: Games of Perfect Information

MAS1403. Quantitative Methods for Business Management. Semester 1, Module leader: Dr. David Walshaw

Discrete Random Variables

Half baked talk: Invariant logic

Optimal Stopping. Nick Hay (presentation follows Thomas Ferguson s Optimal Stopping and Applications) November 6, 2008

ECO220Y Estimation: Confidence Interval Estimator for Sample Proportions Readings: Chapter 11 (skip 11.5)

7. For the table that follows, answer the following questions: x y 1-1/4 2-1/2 3-3/4 4

CS792 Notes Henkin Models, Soundness and Completeness

Unary PCF is Decidable

THE NUMBER OF UNARY CLONES CONTAINING THE PERMUTATIONS ON AN INFINITE SET

CSE 21 Winter 2016 Homework 6 Due: Wednesday, May 11, 2016 at 11:59pm. Instructions

A Translation of Intersection and Union Types

Microeconomic Theory III Final Exam March 18, 2010 (80 Minutes)

A class of coherent risk measures based on one-sided moments

The (λ, κ)-fn and the order theory of bases in boolean algebras

You can also read about the CAPM in any undergraduate (or graduate) finance text. ample, Bodie, Kane, and Marcus Investments.

Probability without Measure!

AVL Trees. The height of the left subtree can differ from the height of the right subtree by at most 1.

Calculational Design of Information Flow Monitors

3 Arbitrage pricing theory in discrete time.

Chapter 15: Jump Processes and Incomplete Markets. 1 Jumps as One Explanation of Incomplete Markets

Transcription:

Proof Techniques for Operational Semantics Announcements Homework 1 feedback/grades posted Homework 2 due tonight at 11:55pm Meeting 10, CSCI 5535, Spring 2010 2 Plan Questions? Why Bother? Mathematical Induction Well-Founded Induction Structural Induction By induction on the structure of the derivation D 4 Mathematical Induction Goal: prove n N. P(n) Base Case: prove P(0) Inductive Step: Prove For all n. if P(n), then P(n+1) Pick arbitrary n, assume P(n), prove P(n+1) Why does induction work? 5 Example (With IMP Eval. Semantics) Prove that if σ(x) 6 then <while x 5 do x := x + 1, σ> σ[x := 6] Reformulate the claim: Let W = while x 5 do x := x + 1 Let Claim: For all For all i N. <W, σ i > σ 0 Now looks provable by mathematical induction on i Most often, the hard part! 6 1

Evaluation Example (Base Case) Evaluation Example (Base Case) Base case: i = 0 or <W, σ 0 > σ 0 To prove an evaluation judgment, construct a derivation tree: Base case: i = 0 or <W, σ 0 > σ 0 To prove an evaluation judgment, construct a derivation tree: σ 0 (x) = 6 σ 0 (x) = 6 <x, σ 0 > 6 <6 5, σ 0 > false <x, σ 0 > 6 <6 5, σ 0 > false <x 5, σ 0 > false <x 5, σ 0 > false <while x 5 do x := x + 1, σ 0 > σ 0 <while x 5 do x := x + 1, σ 0 > σ 0 7 8 Evaluation Example (Inductive Case) Evaluation Example (Inductive Case) Must prove for all i N. if <W, σ i > σ 0, then <W, σ i+1 > σ 0 Pick an arbitrary i N Assume that <W, σ i > σ 0 Now prove that <W, σ i+1 > σ 0 Must construct a derivation tree: <x, σ i+1 > 5 - i 5 - i 5 <x + 1, σ i+1 > 6 - i Must prove i N. <W, σ i > σ 0 <W, σ i+1 > σ 0 Pick an arbitrary i N Assume that <W, σ i > σ 0 Now prove that <W, σ i+1 > σ 0 Must construct a derivation tree: <x, σ i+1 > 5 - i 5 - i 5 <x + 1, σ i+1 > 6 - i <x 5, σ i+1 > true <x:=x+1, σ i+1 > σ i <W, σ i > σ 0 <x 5, σ i+1 > true <x:=x+1, σ i+1 > σ i <W, σ i > σ 0 <while x 5 do x := x + 1, σ i+1 > σ 0 <while x 5 do x := x + 1, σ i+1 > σ 0 9 10 Well-Founded Induction Well-Founded Induction: Examples A relation A A is well-founded if there are no infinite descending chains in A Example: < 1 = { (x, x +1) x N} aka the predecessor relation Example: < = { (x, y) x, y N and x < y } Well-founded induction: To prove x A. P(x) it is enough to prove x A. ( y x P(y)) P(x) If is < 1 then we obtain mathematical induction as a special case 11 Consider p Z Zwith x p y iff (y < 0 Æ y = x - 1) Ç (y > 0 Æ y = x + 1). Induction principle: P(0) x 0. P(x) P(x - 1) x 0. P(x) P(x + 1) Consider p (N N) (N N) and (x 1, y 1 ) p (x 2, y 2 ) iff x 2 = x 1 + 1 (x 1 = x 2 y 2 = y 1 + 1). Says what? Induction principle: P(0,0) x,y,y. (P(x,y) P(x + 1, y ) P(x, y+ 1)) This has a common name. Anyone see? Says what? 12 2

Structural Induction (on Expressions) For e ::= n x e 1 + e 2 e 1 * e 2 Define p Aexp Aexp such that e 1 p e 1 + e 2 e 2 p e 1 + e 2 e 1 p e 1 * e 2 e 2 p e 1 * e 2 no other elements of Aexp Aexp are related by p To prove e Aexp. P(e) prove n Z. P(n) prove x L. P(x) prove e 1, e 2 Aexp. P(e 1 ) P(e 2 ) P(e 1 + e 2 ) prove e 1, e 2 Aexp. P(e 1 ) P(e 2 ) P(e 1 * e 2 ) 13 Notes on Structural Induction Called structural induction because the proof is guided by the structure of the expression One proof case per form of expression Atomic expressions (with no subexpressions) are all base cases Composite expressions are the inductive cases Structural induction is the most useful form of induction in the study of PL 14 Example Proof Using Induction on the Structure of Expressions Let L(e) be the # of literals and variable occurrences in e O(e) be the # of operators in e Prove that for all e Aexp. L(e) = O(e) + 1 Proof: By induction on the structure of e. Case e = n: Example Proof Using Induction on the Structure of Expressions Case e = e 1 + e 2 : Case e = x: Case e = e 1 * e 2 : 15 16 Example Proof Using Induction on the Structure of Expressions Let L(e) be the # of literals and variable occurrences in e O(e) be the # of operators in e Prove that e Aexp. L(e) = O(e) + 1 Proof: By induction on the structure of e. Case e = n: L(e) = 1 and O(e) = 0 Case e = x: L(e) = 1 and O(e) = 0 Case e = e 1 + e 2 : L(e) = L(e 1 ) + L(e 2 ) and O(e) = O(e 1 ) + O(e 2 ) + 1 By the induction hypothesis, L(e 1 ) = O(e 1 ) + 1 and L(e 2 ) = O(e 2 ) + 1 Thus, L(e) = O(e 1 ) + O(e 2 ) + 2 = O(e) + 1 Case e = e 1 * e 2 : Same as the case for + 17 Try it at home! Most proofs for the Aexp sublanguage of IMP can work by structural induction Small-step and big-step semantics obtain equivalent results: How do we state this formally? 18 3

Try it at home! Most proofs for the Aexp sublanguage of IMP can work by structural induction Small-step and big-step semantics obtain equivalent results: For all e Aexp. for all n Z. for all σ Σ. <e, σ> * <n, σ> iff <e, σ> n Structural induction on Aexp works here because all of the semantics are syntax-directed 19 Obvious, right? You are given a concrete state σ. You have <x + 1, σ> 5 You also have <x + 1, σ> 88 Is this possible? 20 Let s make sure Let s make sure For all e Aexp. for all σ Σ. for all n, n Z. if <e, σ> n and <e, σ> n then n = n For all b Bexp. for all σ Σ. for all t, t B. if <b, σ> t and <b, σ> t then t = t For all c Com. for all σ, σ,σ Σ. if <c, σ> σ and <c, σ> σ then σ = σ 21 For all e Aexp. for all σ Σ. for all n, n Z. if <e, σ> n and <e, σ> n then n = n For all b Bexp. for all σ Σ. for all t, t B. if <b, σ> t and <b, σ> t then t = t For all c Com. for all σ, σ,σ Σ. if <c, σ> σ and <c, σ> σ then σ = σ 22 How do we prove it? If <e, σ> n and <e, σ> n then n = n If <b, σ> t and <b, σ> t then t = t If <c, σ> σ and <c, σ> σ then σ = σ No immediate way to use mathematical induction For commands we cannot use induction on the structure of the command Can you imagine why? How do we prove it? If <e, σ> n and <e, σ> n then n = n If <b, σ> t and <b, σ> t then t = t If <c, σ> σ and <c, σ> σ then σ = σ No immediate way to use mathematical induction For commands we cannot use induction on the structure of the command Can you see why? <b, σ> true <c, σ> σ <while b do c, σ > σ <while b do c, σ> σ 23 24 4

How do we prove it? If <e, σ> n and <e, σ> n then n = n If <b, σ> t and <b, σ> t then t = t If <c, σ> σ and <c, σ> σ then σ = σ No immediate way to use mathematical induction For commands we cannot use induction on the structure of the command while s evaluation does not depend only on the evaluation of its strict subexpressions We need something new! Some more powerful form of induction With all the bells and whistles! <b, σ> true <c, σ> σ <while b do c, σ > σ <while b do c, σ> σ 25 26 Recall Proof Systems Operational semantics assigns meanings to programs by listing rules of inference that allow to prove judgments by constructing derivations. A derivation is a tree-structured object made up of valid instances of inference rules. Find the keyword in the above. Ideas? 27 Induction on the Structure of Derivations Key idea: The hypothesis does not just assume a c Com but the existence of a derivation of <c, σ> σ Derivation trees are also defined inductively, just like expression trees A derivation is built of subderivations: <x, σ i+1 > 5 - i 5 - i 5 <x + 1, σ i+1 > 6 - i <x 5, σ i+1 > true <x:=x+1; W, σ i+1 > σ 0 <while x 5 do x := x + 1, σ i+1 > σ 0 <x:=x+1, σ i+1 > σ i <W, σ i > σ 0 Adapt the structural induction principle to work on the structure of derivations 28 Induction on the Structure of Derivations To prove that for all derivations D of a judgment, property P holds For each derivation rule of the form H 1 H n Assume P holds for derivations of H i (i = 1..n) Prove the the property holds for the derivation obtained from the derivations of H i using the given rule C 29 Notation: Naming Derivations Write D :: Judgment to mean D is the derivation that proves Judgment Example: D :: <e 1 + e 2, σ> n 1 + n 2 30 5

Proving Com Evaluation is Deterministic If D::<c, σ> σ and D :: <c, σ> σ, then σ = σ. Note: recall that meta-variables are universally-quantified (i.e., the above is for all c Com, σ, σ,σ Σ, derivations D and D. Start by picking each to be arbitrary. Proof: By induction on the structure of derivation D. 31 6

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback