reasoning on programs using step indexed realizability
play

Reasoning on programs using Step-indexed Realizability Guilhem Jaber - PowerPoint PPT Presentation

Nov 06, 2022 •211 likes •702 views

Reasoning on programs using Step-indexed Realizability Guilhem Jaber PPS, IRIF, Universite Paris Diderot Realizability in Uruguay 2016 July 19th 2016 1 / 23 How to reason formally on programs ? Program logics (Hoare, Separation, . . . ) Type

  1. Reasoning on programs using Step-indexed Realizability Guilhem Jaber PPS, IRIF, Universite Paris Diderot Realizability in Uruguay 2016 July 19th 2016 1 / 23

  2. How to reason formally on programs ? Program logics (Hoare, Separation, . . . ) Type systems (Dependent, Refinement, . . . ) Denotational models (Domains, Games, . . . ) Syntactic models (Realizability, Logical Relations, . . . ) 2 / 23

  3. Outline of the Talk What we will do: Semantics proof of soundness for a simple call-by-value language with fixed points; Realizability model for a language with refinment types. To show that: Semantic proofs of type soundness give a lot more information than syntactic one (Wright and Felleisen’s“progress and preservations” ); Step-indexing is a great technique to make these proofs feasible; We can abstract over step-indexes using Godel-Lob Logic; Gidel-Lob logic can be embedded into Dependent Type theory. 3 / 23

  4. Contents Semantic proof of type soundness 1 Refinement types 2 Abstracting over step-indexing: Godel-Lob Logic 3 Going further into abstraction: Guarded recursive types 4 4 / 23

  5. A CBV λ -calculus with fixed points def v = x | fix f ( x ) . M | n | true | false ( n ∈ N , x ∈ Var ) def M , N = v | MN | if M then N 1 else N 2 | . . . def • | vK | KM | if K then M else M ′ | . . . K = def τ, σ = Nat | Bool | τ → σ ( fix f ( x ) . M ) v �→ M { v / x }{ fix f ( x ) . M / f } if true then N 1 else N 2 �→ N 1 if false then N 1 else N 2 �→ N 2 M �→ M ′ K [ M ] �→ K [ M ′ ] Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ 5 / 23

  6. Realizability model Types interpreted as set of terms. def V � Nat � = N def V � Bool � = { true , false } def V � τ → σ � = { fix f ( x ) . M | ∀ v ∈ V � τ � . ( fix f ( x ) . M ) v ∈ E � σ � } def { M | ∀ v . ( M �→ ∗ v ) ⇒ v ∈ V � τ � } E � τ � = def G � Γ � = { γ | ∀ ( x , τ ) ∈ Γ , γ ( x ) ∈ V � τ � } M ∈ E � τ � means that M realizes τ . Theorem (Soundness) If Γ ⊢ M : τ then for all γ ∈ G � Γ � , M { γ } ∈ E � τ � . 6 / 23

  7. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ 7 / 23

  8. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) 7 / 23

  9. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) i.e. fix f ( x ) . M { γ } ∈ V � τ → σ � (?) 7 / 23

  10. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) i.e. fix f ( x ) . M { γ } ∈ V � τ → σ � (?) i.e. for all v ∈ V � τ � , ( fix f ( x ) . M { γ } ) v ∈ E � σ � (?) 7 / 23

  11. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) i.e. fix f ( x ) . M { γ } ∈ V � τ → σ � (?) i.e. for all v ∈ V � τ � , ( fix f ( x ) . M { γ } ) v ∈ E � σ � (?) i.e. M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E � σ � (?) 7 / 23

  12. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) i.e. fix f ( x ) . M { γ } ∈ V � τ → σ � (?) i.e. for all v ∈ V � τ � , ( fix f ( x ) . M { γ } ) v ∈ E � σ � (?) i.e. M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E � σ � (?) IH: for all γ ′ ∈ G � Γ , x : τ, f : τ → σ � , M { γ ′ } ∈ E � τ → σ � 7 / 23

  13. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) i.e. fix f ( x ) . M { γ } ∈ V � τ → σ � (?) i.e. for all v ∈ V � τ � , ( fix f ( x ) . M { γ } ) v ∈ E � σ � (?) i.e. M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E � σ � (?) IH: for all γ ′ ∈ G � Γ , x : τ, f : τ → σ � , M { γ ′ } ∈ E � τ → σ � Does γ · [ x �→ v ] · [ f �→ fix f ( x ) . M { γ } ] ∈ G � Γ , x : τ, f : τ → σ � ? 7 / 23

  14. Proof of Soundness By induction on the derivation tree of Γ ⊢ M : τ . Interesting case: typing rule for fixed points. Γ , x : τ, f : τ → σ ⊢ M : σ Γ ⊢ fix f ( x ) . M : τ → σ Let γ ∈ G � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E � τ → σ � (?) i.e. fix f ( x ) . M { γ } ∈ V � τ → σ � (?) i.e. for all v ∈ V � τ � , ( fix f ( x ) . M { γ } ) v ∈ E � σ � (?) i.e. M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E � σ � (?) IH: for all γ ′ ∈ G � Γ , x : τ, f : τ → σ � , M { γ ′ } ∈ E � τ → σ � Does γ · [ x �→ v ] · [ f �→ fix f ( x ) . M { γ } ] ∈ G � Γ , x : τ, f : τ → σ � ? Only if fix f ( x ) . M { γ } ∈ V � τ → σ � ... That’s problematic ! 7 / 23

  15. Step-Indexing to the rescue ! Idea: Stratify the model using natural numbers as indices ! (Appel & McAllester, Ahmed, . . . ) def V k � Nat � = N def V k � Bool � = { true , false } def V k � τ → σ � = { fix f ( x ) . M | ∀ j ≤ k . ∀ v . v ∈ V j � τ � ⇒ ( fix f ( x ) . M ) v ) ∈ E j � σ � } def { M | ∀ j < k . ∀ v . ( M �→ j v ) ⇒ v ∈ V k − j � τ � } E k � τ � = def G k � Γ � = { ρ | ∀ ( x , τ ) ∈ Γ , ρ ( x ) ∈ V k � τ � } If M reduces in more than k steps to a value (or diverges), then M ∈ E � τ � k !! Theorem (Monotonicity) If M ∈ E k � τ � then for all j ≤ k, M ∈ E j � τ � . 8 / 23

  16. Soundness of the Step-indexed model Theorem (Soundness) If Γ ⊢ M : τ then for all γ ∈ G k � Γ � , M { γ } ∈ E k � τ � . By induction on the derivation tree of Γ ⊢ M : τ and on the step-index k . 9 / 23

  17. Compatibility lemma for the fixed point Let γ ∈ G k � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E k � τ → σ � (?) 10 / 23

  18. Compatibility lemma for the fixed point Let γ ∈ G k � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E k � τ → σ � (?) i.e. does fix f ( x ) . ( M { γ } ) ∈ V k � τ → σ � (?) 10 / 23

  19. Compatibility lemma for the fixed point Let γ ∈ G k � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E k � τ → σ � (?) i.e. does fix f ( x ) . ( M { γ } ) ∈ V k � τ → σ � (?) i.e. for all j ≤ k and v ∈ V j � τ � , does ( fix f ( x ) . M { γ } ) v ∈ E j � σ � (?) 10 / 23

  20. Compatibility lemma for the fixed point Let γ ∈ G k � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E k � τ → σ � (?) i.e. does fix f ( x ) . ( M { γ } ) ∈ V k � τ → σ � (?) i.e. for all j ≤ k and v ∈ V j � τ � , does ( fix f ( x ) . M { γ } ) v ∈ E j � σ � (?) i.e.does M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E j − 1 � σ � (?) 10 / 23

  21. Compatibility lemma for the fixed point Let γ ∈ G k � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E k � τ → σ � (?) i.e. does fix f ( x ) . ( M { γ } ) ∈ V k � τ → σ � (?) i.e. for all j ≤ k and v ∈ V j � τ � , does ( fix f ( x ) . M { γ } ) v ∈ E j � σ � (?) i.e.does M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E j − 1 � σ � (?) IH 1 : for all γ ′ ∈ G i � Γ , x : τ, f : τ → σ � , M { γ ′ } ∈ E i � σ � IH 2 : for all i < k , fix f ( x ) . M ) { γ } ∈ E i � τ → σ � 10 / 23

  22. Compatibility lemma for the fixed point Let γ ∈ G k � Γ � , we must prove that ( fix f ( x ) . M ) { γ } ∈ E k � τ → σ � (?) i.e. does fix f ( x ) . ( M { γ } ) ∈ V k � τ → σ � (?) i.e. for all j ≤ k and v ∈ V j � τ � , does ( fix f ( x ) . M { γ } ) v ∈ E j � σ � (?) i.e.does M { γ }{ v / x }{ ( fix f ( x ) . M { γ } ) / f } ∈ E j − 1 � σ � (?) IH 1 : for all γ ′ ∈ G i � Γ , x : τ, f : τ → σ � , M { γ ′ } ∈ E i � σ � IH 2 : for all i < k , fix f ( x ) . M ) { γ } ∈ E i � τ → σ � Does ( γ · [ x �→ v ] · [ f �→ fix f ( x ) . M { γ } ]) ∈ G j − 1 � Γ , x : τ, f : τ → σ � ? 10 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Step-indexed Semantics of Imperative Objects C t lin Hri cu and Jan Schwinghammer

A Step-indexed Semantics of Imperative Objects C t lin Hri cu and Jan Schwinghammer

R E S V I T I N A U S S S I A S R N A E V I A Step-indexed Semantics of Imperative Objects C t lin Hri cu and Jan Schwinghammer Saarland University, Saarbrcken, Germany Workshop on Foundations of

615 views • 34 slides
Indexed Files : Outline ! Introduction ! Indexed Files ! Full Index Organization ! Indexed

Indexed Files : Outline ! Introduction ! Indexed Files ! Full Index Organization ! Indexed

Indexed Files : Outline ! Introduction ! Indexed Files ! Full Index Organization ! Indexed Sequential Files ! Multilevel Indexes ! Overflow Management ! Performance Analysis rasitjutrakul Indexed Files Ordered Random access sequential

536 views • 22 slides
Indexed Categories and Bottom-Up Semantics of Logic Programs Gianluca Amato Universit` a di

Indexed Categories and Bottom-Up Semantics of Logic Programs Gianluca Amato Universit` a di

Indexed Categories and Bottom-Up Semantics of Logic Programs Gianluca Amato Universit` a di Udine James Lipton Wesleyan University 1 The World of Logic Programming Several extensions of logic programs CLP abstract data types

240 views • 23 slides
Indexed Copatterns Reasoning about Infinite Structures by Observations David Thibodeau Brigitte

Indexed Copatterns Reasoning about Infinite Structures by Observations David Thibodeau Brigitte

Indexed Copatterns Reasoning about Infinite Structures by Observations David Thibodeau Brigitte Pientka McGill University September 24, 2013 David Thibodeau (McGill University) Indexed Copatterns September 24, 2013 1 / 18 Representing

423 views • 25 slides
Krivines Classical Realizability from a Categorical Prespective Thomas Streicher (TU

Krivines Classical Realizability from a Categorical Prespective Thomas Streicher (TU

Krivines Classical Realizability from a Categorical Prespective Thomas Streicher (TU Darmstadt) July 2010 The Scenario In Krivines work on Classical Realizability he emphasizes that his notion of realizability is a generalization of

380 views • 26 slides
Logical Step-Indexed Logical Relations Derek Dreyer Max Planck Institute for Software Systems

Logical Step-Indexed Logical Relations Derek Dreyer Max Planck Institute for Software Systems

Logical Step-Indexed Logical Relations Derek Dreyer Max Planck Institute for Software Systems Saarbrcken, Germany LICS 2009 UCLA August 12, 2009 Joint work with Amal Ahmed and Lars Birkedal Logical Relations V nat = { ( n , n )

551 views • 40 slides
Reasoning about Programs (and bugs) A brief interlude on specifications, assertions, and

Reasoning about Programs (and bugs) A brief interlude on specifications, assertions, and

Reasoning about Programs (and bugs) A brief interlude on specifications, assertions, and debugging Largely based on material from University of Washington CSE 331 Good programs, broken programs? Goal: program works (does not fail) Need:

540 views • 32 slides
An introduction to Krivine realizability Alexandre Miquel D E . . O L - P O G I U I

An introduction to Krivine realizability Alexandre Miquel D E . . O L - P O G I U I

Introduction 2nd-order arithmetic (PA2) The c -calculus Realizability Adequacy Witness extraction An introduction to Krivine realizability Alexandre Miquel D E . . O L - P O G I U I Q C E A U R D A E L July 20th,

989 views • 61 slides
An introduction to Kleene realizability Alexandre Miquel D E . . O L - P O G I U I Q

An introduction to Kleene realizability Alexandre Miquel D E . . O L - P O G I U I Q

Introduction Intuitionism &amp; constructivity Heyting Arithmetic Kleene realizability PCAs Concl. An introduction to Kleene realizability Alexandre Miquel D E . . O L - P O G I U I Q C E A U R D A E L July 19th, 2016

901 views • 71 slides
From standard reasoning problems to non-standard reasoning problems and one step further Uli

From standard reasoning problems to non-standard reasoning problems and one step further Uli

From standard reasoning problems to non-standard reasoning problems and one step further Uli Sattler University of Manchester, University of Oslo uli.sattler@manchester.ac.uk Some Advertisement Lutz, Sattler Baader, Horrocks,

1.38k views • 125 slides
Reasoning about Programs Need: definition of works/correct : a specification (and bugs) But

Reasoning about Programs Need: definition of works/correct : a specification (and bugs) But

Good programs, broken programs? Goal: program works (does not fail) Reasoning about Programs Need: definition of works/correct : a specification (and bugs) But programs fail all the time. Why? A brief interlude on 1. Misuse of your code:

86 views • 8 slides
Software and Programming I Lab 2: Step-by-step execution of programs using a Debugger

Software and Programming I Lab 2: Step-by-step execution of programs using a Debugger

Software and Programming I Lab 2: Step-by-step execution of programs using a Debugger SP1-Lab2-20.pdf 1 23 January 2020 Tobi Brodie (tobi@dcs.bbk.ac.uk) Lab Session 2: Objectives This session we are concentrating on BlueJs built-in

658 views • 32 slides
Reasoning about reasoning by nested conditioning: Modeling theory of mind with probabilistic

Reasoning about reasoning by nested conditioning: Modeling theory of mind with probabilistic

Reasoning about reasoning by nested conditioning: Modeling theory of mind with probabilistic programs November 8, 2019 Zikun Chen, Alex Chang Main Idea model the flexibility and inherent uncertainty of reasoning about agents with

417 views • 29 slides
Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content

Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content

Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content Equational reasoning Reasoning with monads Goal of the paper Our contribution (a + b) * (a - b) [distr: forall x y z. x * (y + z) =

493 views • 25 slides
Krivines Classical Realizability from a Categorical Perspective Thomas Streicher (TU

Krivines Classical Realizability from a Categorical Perspective Thomas Streicher (TU

Krivines Classical Realizability from a Categorical Perspective Thomas Streicher (TU Darmstadt) July 2011 The Scenario Krivines Classical Realizability will turn out as a generalization of forcing as known from set theory. Following Hyland

525 views • 33 slides
Realizability games for the specification problem Mauricio Guillermo 2 , Etienne Miquey 1,2 1

Realizability games for the specification problem Mauricio Guillermo 2 , Etienne Miquey 1,2 1

G 1 : a first game G 2 : general case Introduction Classical realizability Specification Conclusion Realizability games for the specification problem Mauricio Guillermo 2 , Etienne Miquey 1,2 1 Team r 2 (INRIA), PPS, Universit e

1.26k views • 110 slides
Overload of frontier lpad by MC Overlay Elizabeth Gallas (Oxford) ADC Weekly Meeting April 15,

Overload of frontier lpad by MC Overlay Elizabeth Gallas (Oxford) ADC Weekly Meeting April 15,

Overload of frontier lpad by MC Overlay Elizabeth Gallas (Oxford) ADC Weekly Meeting April 15, 2014 Caveat these are bits pieces Overview which I am aware of and which seem relevant to the discussion Limited time to collect

437 views • 11 slides
Impact of Macroprudential Policy Measures on Economic Dynamics: Simulation Using a Financial

Impact of Macroprudential Policy Measures on Economic Dynamics: Simulation Using a Financial

Impact of Macroprudential Policy Measures on Economic Dynamics: Simulation Using a Financial Macro-econometric Model Koji Nakamura E-mail: kouji.nakamura@boj.or.jp Bank of Japan The Interaction of Monetary and Macroprudential Policy

763 views • 33 slides
Review and Preliminary Mortgage Analysis S CALABLE DATA P ROCES S IN G IN R Michael Kane

Review and Preliminary Mortgage Analysis S CALABLE DATA P ROCES S IN G IN R Michael Kane

Review and Preliminary Mortgage Analysis S CALABLE DATA P ROCES S IN G IN R Michael Kane Assistant Professor, Yale University Overview of the chapter Compare proportions of people receiving mortgages Missingness in the data Changes in

804 views • 33 slides
Design and Analysis of Algorithms Michael Gelfond Texas Tech University September, 2017 Michael

Design and Analysis of Algorithms Michael Gelfond Texas Tech University September, 2017 Michael

Design and Analysis of Algorithms Michael Gelfond Texas Tech University September, 2017 Michael Gelfond TTU Introduction Two ideas are gleaming on the jewelers velvet. First is the calculus , the second, the algorithm . The calculus made

1.51k views • 110 slides
Database Migration: Challenges of Migration from Oracle to Open Source European Bioinformatics

Database Migration: Challenges of Migration from Oracle to Open Source European Bioinformatics

Database Migration: Challenges of Migration from Oracle to Open Source European Bioinformatics Institute Maurizio De Giorgi, Database T eam www.ebi.ac.uk 1 Agenda Introduction The project Use cases: technical challenges and

544 views • 37 slides
Handout on List Class The template library 'list' is a sequence container that contains elements

Handout on List Class The template library 'list' is a sequence container that contains elements

Handout on List Class The template library 'list' is a sequence container that contains elements of different types. It is implemented like a double linked list, where different elements are stored at different locations, but they are linked with

147 views • 10 slides
Lecture 16: PCFG Parsing (updated) Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center

Lecture 16: PCFG Parsing (updated) Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center

CS447: Natural Language Processing http://courses.engr.illinois.edu/cs447 Lecture 16: PCFG Parsing (updated) Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Overview CS447 Natural Language Processing (J. Hockenmaier)

1.18k views • 70 slides
CSE 143 Java Using this to run other constructors Overloading, constructors and

CSE 143 Java Using this to run other constructors Overloading, constructors and

Topics for Today Protected members of classes Super in constructors and other methods CSE 143 Java Using this to run other constructors Overloading, constructors and this Overriding some common methods declared in

262 views • 4 slides

More recommend