Rewriting Techniques for syntax Correctness of Program - - PowerPoint PPT Presentation

rewriting techniques for
SMART_READER_LITE
LIVE PREVIEW

Rewriting Techniques for syntax Correctness of Program - - PowerPoint PPT Presentation

Aug 25, 2023 205 likes •370 views

LR Nondeterminism Overview The calculus LR with true call-by-need evaluation Rewriting Techniques for syntax Correctness of Program Transformations normal order reduction contextual semantics David Sabel and Manfred Schmidt-Schau

slide-1
SLIDE 1

LR Nondeterminism

Overview

The calculus LR with true call-by-need evaluation syntax normal order reduction contextual semantics correctness of program transformations context lemma diagram based technique Nondeterminism: the calculus LRchoice may-, should- and must-convergence contextual equivalence under nondeterminism

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

2/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

A call-by-need lambda calculus with letrec

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

3/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

The Calculus LR

true call-by-need evaluation with sharing letrec-expressions no supercombinators (can be expressed by letrecs) very close to real implementations

  • f lazy functional programming languages like Haskell
  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

4/57

1

Rewriting Techniques for Correctness of Program Transformations

David Sabel and Manfred Schmidt-Schauß

ISR 2015

August 2015

Last update: 14. August 2015

slide-2
SLIDE 2

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Letrec-Expressions

A letrec-expression is of the form

letrec x1 = e1, . . . , xn = en in e

x1, . . . , xn pairwise distinct variables xi = ei is a letrec-binding x1 = e1, . . . , xn = en is a letrec-environment the bindings are recursive, i.e. the scope of xi is e, e1, . . . , en e is the in-expression Abbreviations: environment: {xi = ei}n

i=1

meta symbol for environments Env variable-chains: xj = xj−1, xj+1 = xj, . . . , xm = xm−1 are abbreviated with {xi = xi−1}m

i=j.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

5/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Example

letrec map = λf, xs.caseList xs of {Nil → Nil; (Cons y ys) → Cons (f y) (map f ys)} in map

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

6/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

The Calculus LR: Syntax

e, ei ∈ ELR ::= x (variable) | λx.e (abstraction) | (e1 e2) (application) | (cT,i e1 . . . ear(cT,i)) (constructor application) | caseT e of {patT,1 → e1; . . . ; patT,|T| → e|T|} (case-expression) | seq e1 e2 (seq-expression) | letrec x1 = e1, . . . , xn = en in e (letrec-expression) patT,i ::= (cT,i xi,1 . . . xi,ar(cT,i)) (pattern)

Free- and bound variables (new cases): FV (letrec x1 = e1, . . . , xn = en in e) =

  • FV (e) ∪

n

  • i=1

FV (ei)

  • \ {x1, . . . , xn}

BV (letrec x1 = e1, . . . , xn = en in e) =

  • BV (e) ∪

n

  • i=1

BV (ei)

  • ∪ {x1, . . . , xn}
  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

7/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Contexts & Values

Contexts: C ∈ CLR: expression with a hole [·] Surface contexts S: the hole is not in an abstraction: S ∈ SLR ::= [·] | (S e) | (e S) | (cT,i e1 . . . ei−1 S ei+1 . . . ear(cT,i)) | (seq S e) | (seq e S) | (caseT S of alts) | (caseT e of {. . . ; (cT,i x1 . . . xar(cT,i)) → S; . . .}) | (letrec x1 = e1, . . . , xn = en in S) | (letrec x1 = e1, xi = S, . . . , xn = en in e) LR-value: abstraction λx.e or a constructor application (c e1 . . . ear(c))

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

8/57

slide-3
SLIDE 3

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Reduction Rules

Instead of (β)-reduction, there are (lbeta) and (cp):

(lbeta) C[((λx.e1) e2)] → C[(letrec x = e2 in e1)] (cp-in) letrec x1 = (λx.e), {xi = xi−1}m

i=2, Env in C[xm]

→ letrec x1 = (λx.e), {xi = xi−1}m

i=2, Env in C[(λx.e)]

(cp-e) letrec x1 = (λx.e1), {xi = xi−1}m

i=2, Env, y = C[xm] in e2

→ letrec x1 = (λx.e1), {xi = xi−1}m

i=2, Env, y = C[(λx.e1)] in e2

(lbeta) shares the argument by a letrec no substitution of arbitrary expressions (cp) only copies abstractions variable-chains are followed (not removed etc.)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

9/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Reduction Rules (2)

Instead of (case)-reduction, there are several sharing variants: For arity n = ar(cT,i) ≥ 1: (yi are fresh variables)

(case-c) C[caseT (cT,i − → e ) of {. . . ; (cT,i − → z ) → e′; . . .}] → C[(letrec {zi = ei}n

i=1 in e′)]

(case-in) letrec x1 = (cT,i − → e ), {xi = xi−1}m

i=2, Env

in C[caseT xm of{. . . ; (cT,i − → z ) → e′; . . .}] → letrec x1 = (cT,i − → y ), {yi = ei}n

i=1, {xi = xi−1}m i=2, Env

in C[(letrec {zi = yi}n

i=1 in e′)]

(case-e) letrec x1 = (cT,i − → e ), {xi = xi−1}m

i=2,

u = C[caseT xmof{. . . ; (cT,i − → z ) → e′; . . . }], Env in e′′ → letrec x1 = (cT,i − → y ), {yi = ei}n

i=1, {xi = xi−1}m i=2,

u = C[letrec {zi = yi}n

i=1 in e′], Env in e′′

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

10/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Reduction Rules (3)

Instead of (case)-reduction, there are several sharing variants: For arity ar(cT,i) = 0:

(case-c) C[caseT cT,iof{. . . ; cT,i → e; . . .}] → C[e] (case-in) letrec x1 = cT,i, {xi = xi−1}m

i=2, Env

in C[caseT xm of{. . . ; (ci → e); . . .}] → letrec x1 = cT,i, {xi = xi−1}m

i=2, Env in C[e]

(case-e) letrec x1 = cT,i, {xi = xi−1}m

i=2,

u = C[caseT xm of {. . . ; (cT,i → e′); . . .}], Env in e′′ → letrec x1 = cT,i, {xi = xi−1}m

i=2, . . . , u = C[e′], Env in e′′

Notation: (case) is the union of (case-c), (case-in), (case-e)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

11/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Reduction Rules (4)

Instead of (seq)-reduction, three rules:

(seq-c) C[(seq v e)] → C[e] if v is a value (seq-in) (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env in C[(seq xm e′)])

→ (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env in C[e′])

(seq-e) (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env, y = C[(seq xm e′)] in e′′)

→ (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env, y = C[e′] in e′′)

Notation: (seq) is the union of (seq-c), (seq-in), (seq-e)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

12/57

slide-4
SLIDE 4

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Reduction Rules (5)

Adjusting letrec-expressions

(lapp) C[((letrec Env in e1) e2)] → C[(letrec Env in (e1 e2))] (lcase) C[(caseT (letrec Env in e) of alts)] → C[(letrec Env in (caseT e of alts))] (lseq) C[(seq (letrec Env in e1) e2)] → C[(letrec Env in (seq e1 e2))] (llet-in) (letrec Env1 in (letrec Env2 in e)) → (letrec Env1, Env2 in e) (llet-e) (letrec Env1, x = (letrec Env2 in ex) in e) → (letrec Env1, Env2, x = ex in e)

Notation:(llet) is the union of (llet-in), (llet-e) (lll) is the union (lapp),(lcase),(lseq),(lll)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

13/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

All Reduction Rules

(lbeta) C[((λx.e1) e2)] → C[(letrec x = e2 in e1)] (cp-in) (letrec x1 = (λx.e), {xi = xi−1}m

i=2, Env in C[xm])

→ (letrec x1 = (λx.e), {xi = xi−1}m

i=2, Env in C[(λx.e)])

(cp-e) (letrec x1 = (λx.e1), {xi = xi−1}m

i=2, Env, y = C[xm] in e2)

→ (letrec x1 = (λx.e1), {xi = xi−1}m

i=2, Env, y = C[(λx.e1)] in e2)

(llet-in) (letrec Env1 in (letrec Env2 in e)) → (letrec Env1, Env2 in e) (llet-e) (letrec Env1, x = (letrec Env2 in ex) in e) → (letrec Env1, Env2, x = ex in e) (lapp) C[((letrec Env in e1) e2)] → C[(letrec Env in (e1 e2))] (lcase) C[(caseT (letrec Env in e) of alts)] → C[(letrec Env in (caseT e of alts))] (lseq) C[(seq (letrec Env in e1) e2)] → C[(letrec Env in (seq e1 e2))] (seq-c) C[(seq v e)] → C[e] if v is a value (seq-in) (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env in C[(seq xm e′)])

→ (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env in C[e′])

(seq-e) (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env, y = C[(seq xm e′)] in e′′)

→ (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env, y = C[e′] in e′′)

(case-c) C[caseT (cT,i − → e ) of {. . . ; (cT,i − → y ) → e′; . . .}] → C[(letrec {yi = ei}n

i=1 in e′)]

if n = ar(cT,i) ≥ 1 (case-c) C[caseT cT,iof{. . . ; cT,i → e; . . .}] → C[e] if ar(cT,i) = 0 (case-in) letrec x1 = (cT,i − → e ), {xi = xi−1}m

i=2, Env in C[caseT xm of{. . . ; (cT,i −

→ z ) → e′; . . .}] → letrec x1 = (cT,i − → y ), {yi = ei}n

i=1, {xi = xi−1}m i=2, Env in C[(letrec {zi = yi}n i=1 in e′)]

where n = ar(cT,i) ≥ 1 and yi are fresh variables (case-in) letrec x1 = cT,i, {xi = xi−1}m

i=2, Env in C[caseT xm of{. . . ; (ci → e); . . .}]

→ letrec x1 = cT,i, {xi = xi−1}m

i=2, Env in C[e], if ar(cT,i) = 0

(case-e) letrec x1 = (cT,i − → e ), {xi = xi−1}m

i=2, u = C[caseT xmof{. . . ; (cT,i −

→ z ) → e′; . . . }], Env in e′′ → letrec x1 = (cT,i − → y ), {yi = ei}n

i=1, {xi = xi−1}m i=2, u = C[(letrec {zi = yi}n i=1 in e′)], Env in e′′

where n = ar(cT,i) ≥ 1 and yi are fresh variables (case-e) letrec x1 = cT,i, {xi = xi−1}m

i=2, u = C[caseT xm of {. . . ; (cT,i → e′); . . .}], Env in e′′

→ letrec x1 = cT,i, {xi = xi−1}m

i=2, . . . , u = C[e′], Env in e′′

if ar(cT,i) = 0

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

14/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Normal Order Reduction: Labeling Algorithm

For expression e: start with etop and exhaustively apply the labeling rules:

(e1 e2)sub∨top → (esub

1

e2)vis (seq e1 e2)sub∨top → (seq esub

1

e2)vis (caseT e of alts)sub∨top → (case esub of alts)vis (letrec Env in e)top → (letrec Env in esub)vis letrec x = e, Env in C[xsub] → letrec x = esub, Env in C[xvis] letrec x = e, y = C[xsub], Env in e′ → letrec x = esub, y = C[xvis], Env in e′, if C = [·] letrec x = e, y = xsub, Env in e′ → letrec x = esub, y = xnontarg, Env in e′ letrec x = evis∨nontarg, y = C[xsub], Env in e′ → Fail letrec x = enontarg, y = C[xsub], Env in e′ → Fail letrec x = C[xsub], Env in e → Fail

top means reduction of the top term sub means reduction of a subexpression vis marks already visited subexpressions nontarg marks already visited variables that are not target of a (cp)-reduction.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

15/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Remarks

labeling does not visit nested letrec-expressions visited positions remain labeled (no label shifting as in LNAME) labeling rules are not applied in contexts (in difference to labeling in LNAME)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

16/57

slide-5
SLIDE 5

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Example

(letrec w = λx.x, y = w, z = (y y) in z)top → (letrec w = λx.x, y = w, z = (y y) in zsub)vis → (letrec w = λx.x, y = w, z = (y y)sub in zvis)vis → (letrec w = λx.x, y = w, z = (ysub y)vis in zvis)vis → (letrec w = λx.x, y = wsub, z = (yvis y)vis in zvis)vis → (letrec w = (λx.x)sub, y = wnontarg, z = (yvis y)vis in zvis)vis

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

17/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Another Example

(letrec x = (y y), y = (x x) in y)top → (letrec x = (y y), y = (x x) in ysub)vis → (letrec x = (y y), y = (x x)sub in yvis)vis → (letrec x = (y y), y = (xsub x)vis in yvis)vis → (letrec x = (y y)sub, y = (xvis x)vis in yvis)vis → (letrec x = (ysub y)vis, y = (xvis x)vis in yvis)vis → Fail

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

18/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Reduction Contexts

Definition A reduction context R is any context, such that its hole will be labeled with sub or top by the labeling algorithm. Examples (seq ([·] True) False) is a reduction context:

(seq ([·] True) False)top → (seq ([·] True)sub False)vis → (seq ([·]sub True)vis False)vis

(seq ((λx.x) [·]) False) is not a reduction context:

(seq ((λx.x) [·]) False)top → (seq ((λx.x) [·])sub False)vis → (seq ((λx.x)sub [·])vis False)vis

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

19/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Normal Order Reduction

Normal Order Reduction A normal order reduction step e no − → e′ is: apply the labeling algorithm to etop apply the matching rule of the labeled reduction rules (next slide) the result is e′ where all labels are removed Note: If the labeling fails or there is no matching reduction rule, then no normal order reduction is possible.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

20/57

slide-6
SLIDE 6

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Labeled Reduction Rules

(lbeta) C[((λx.e1)sub e2)] → C[(letrec x = e2 in e1)] (cp-in) (letrec x1 = (λx.e)sub, {xi = xi−1}m

i=2, Env in C[xvis m ])

→ (letrec x1 = (λx.e), {xi = xi−1}m

i=2, Env in C[(λx.e)])

(cp-e) (letrec x1 = (λx.e1)sub, {xi = xi−1}m

i=2, Env, y = C[xvis m ] in e2)

→ (letrec x1 = (λx.e1), {xi = xi−1}m

i=2, Env, y = C[(λx.e1)] in e2)

(llet-in) (letrec Env1 in (letrec Env2 in e)sub) → (letrec Env1, Env2 in e) (llet-e) (letrec Env1, x = (letrec Env2 in ex)sub in e) → (letrec Env1, Env2, x = ex in e) (lapp) C[((letrec Env in e1)sub e2)] → C[(letrec Env in (e1 e2))] (lcase) C[(caseT (letrec Env in e)sub of alts)] → C[(letrec Env in (caseT e of alts))] (lseq) C[(seq (letrec Env in e1)sub e2)] → C[(letrec Env in (seq e1 e2))] (seq-c) C[(seq vsub e)] → C[e] if v is a value (seq-in) (letrec x1 = (c − → e )sub, {xi = xi−1}m

i=2, Env in C[(seq xvis m e′)])

→ (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env in C[e′])

(seq-e) (letrec x1 = (c − → e )sub, {xi = xi−1}m

i=2, Env, y = C[(seq xvis m e′)] in e′′)

→ (letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env, y = C[e′] in e′′)

(case-c) C[caseT (cT,i − → e )sub of {. . . ; (cT,i − → y ) → e′; . . .}] → C[(letrec {yi = ei}n

i=1 in e′)]

if n = ar(cT,i) ≥ 1 (case-c) C[caseT csub

T,iof{. . . ; cT,i → e; . . .}] → C[e]

if ar(cT,i) = 0 (case-in) letrec x1 = (cT,i − → e )sub, {xi = xi−1}m

i=2, Env in C[caseT xvis m of{. . . ; (cT,i −

→ z ) → e′; . . .}] → letrec x1 = (cT,i − → y ), {yi = ei}n

i=1, {xi = xi−1}m i=2, Env in C[(letrec {zi = yi}n i=1 in e′)]

where n = ar(cT,i) ≥ 1 and yi are fresh variables (case-in) letrec x1 = csub

T,i, {xi = xi−1}m i=2, Env in C[caseT xvis m of{. . . ; (ci → e); . . .}]

→ letrec x1 = cT,i, {xi = xi−1}m

i=2, Env in C[e], if ar(cT,i) = 0

(case-e) letrec x1 = (cT,i − → e )sub, {xi = xi−1}m

i=2, u = C[caseT xvis m of{. . . ; (cT,i −

→ z ) → e′; . . . }], Env in e′′ → letrec x1 = (cT,i − → y ), {yi = ei}n

i=1, {xi = xi−1}m i=2, u = C[(letrec {zi = yi}n i=1 in e′)], Env in e′′

where n = ar(cT,i) ≥ 1 and yi are fresh variables (case-e) letrec x1 = csub

T,i, {xi = xi−1}m i=2, u = C[caseT xvis m of {. . . ; (cT,i → e′); . . .}], Env in e′′

→ letrec x1 = cT,i, {xi = xi−1}m

i=2, . . . , u = C[e′], Env in e′′

if ar(cT,i) = 0

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

21/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Example

Labeling of (letrec w = λx.x, y = w, z = (y y) in z) yields (letrec w = (λx.x)sub, y = wnontarg, z = (yvis y)vis in zvis)vis The matching reduction rule is

(cp-e) (letrec x1 = (λx.e1)sub, {xi = xi−1}m

i=2, Env, y = C[xvis m ] in e2)

→ (letrec x1 = (λx.e1), {xi = xi−1}m

i=2, Env, y = C[(λx.e1)] in e2)

thus the normal order reduction is: (letrec w = λx.x, y = w, z = (y y) in z)

no

− → (letrec w = λx.x, y = w, z = ((λx′.x′) y) in z)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

22/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Another Example

(letrec x = (Cons True Nil), y = ((λw.w) x) in (caseList y of {Nil → Nil; (Cons z zs → z)})) (letrec x = (Cons True Nil), y = ((λw.w) x) in (caseList y of {Nil → Nil; (Cons z zs → z)}))top (letrec x = (Cons True Nil), y = ((λw.w) x) in (caseList y of {Nil → Nil; (Cons z zs → z)}

no,lbeta

− − − − − → (letrec x = (Cons True Nil), y = (letrec w = x in w) in (caseList y of {Nil → Nil; (Cons z zs → z)})) (letrec x = (Cons True Nil), y = (letrec w = x in w) in (caseList y of {Nil → Nil; (Cons z zs → z)}))top (letrec x = (Cons True Nil), y = (letrec w in (caseList y of {Nil → Nil; (Cons z zs →

no,llet−e

− − − − − → (letrec x = (Cons True Nil), y = w, w = x in (caseList y of {Nil → Nil; (Cons z zs → z)})) (letrec x = (Cons True Nil), y = w, w = x in (caseList y of {Nil → Nil; (Cons z zs → z)}))top (letrec x = (Cons True Nil), y = w, w = x in (caseList ysub of {Nil → Nil; (Cons z zs →

no,case−in

− − − − − − − → (letrec x = (Cons u us), u = True, us = Nil, y = w, w = x in (letrec z = u, zs = us in z)) (letrec x = (Cons u us), u = True, us = Nil, y = w, w = x in (letrec z = u, zs = us in z))top (letrec x = (Cons u us), u = True, us in (letrec z = u, zs = us in z)sub)vis

no,llet−in

− − − − − − → (letrec x = (Cons u us), u = True, us = Nil, y = w, w = x, z = u, zs = us in z)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

23/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Weak Head Normal Forms and Convergence

Weak head normal form (WHNF) a value v,

  • r an expression (letrec Env in v), where v is a value,
  • r an expression

(letrec x1 = (c − → e ), {xi = xi−1}m

i=2, Env in xm).

Convergence: e⇓ ⇐ ⇒ ∃ WHNF e′ : e

no,∗

− − → e′ Divergence: e⇑ ⇐ ⇒ ¬(e⇓)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

24/57

slide-7
SLIDE 7

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Contextual Equivalence

Contextual equivalence ∼c: e1 ∼c e2 iff for all contexts C ∈ CLR: C[e1]⇓ ⇐ ⇒ C[e2]⇓ Contextual preorder ≤c: e1 ≤c e2 iff for all contexts C ∈ CLR: C[e1]⇓ = ⇒ C[e2]⇓

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

25/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Context Lemma

Context Lemma If for all reduction contexts R: R[e1]⇓ = ⇒ R[e2]⇓, then e1 ≤c e2 We prove a more general claim using multicontexts: Multicontext Lemma For all n ≥ 0 and for all multicontexts C with n holes and for all expressions e1, ..., en and e′

1, ..., e′ n it holds:

If for all i = 1, . . . , n: ∀ reduction contexts R : (R[ei]⇓ = ⇒ R[e′

i]⇓),

then C[e1, . . . , en]⇓ = ⇒ C[e′

1, . . . , e′ n]⇓.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

26/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Proof of the Multicontext Lemma

Claim:

  • ∀i, R : (R[ei]⇓ ⇒ R[e′

i]⇓)

  • =

  • C[e1, . . . , en]⇓ ⇒ C[e′

1, . . . , e′ n]⇓

  • Assume that

∀i : ∀ reduction contexts R : (R[ei]⇓ = ⇒ R[e′

i]⇓).

(C[e1, . . . , en])

no,l

− − → e where e is a WHNF. Induction on the measure (l, n) ordered lexicographically: l is the length of the reduction sequence C[e1, . . . , en]

no,l

− − → e where e is a WHNF. n is the number of holes in C. Base case n = 0: C has no holes: the claim holds.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

27/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Proof of the Multicontext Lemma

Claim:

  • ∀i, R : (R[ei]⇓ ⇒ R[e′

i]⇓)

  • =

  • C[e1, . . . , en]⇓ ⇒ C[e′

1, . . . , e′ n]⇓

  • Induction step: (l, n) > (0, 0) and the claim holds for all (l′, n′) < (l, n)

Case 1: C[e1, . . . , ej−1, ·j, ej+1, . . . , en] is a reduction context there exists i s.t. R1 and R2 are reduction contexts, where R1 = C[e1, . . . , ei−1, ·i , ei+1, . . . , en] and R2 = C[e′

1, . . . , e′ i−1, ·i , e′ i+1, . . . , e′ n]

let C1 = C[·1, . . . , ·i−1, ei, ·i+1, . . . , ·n] since C[e1, . . . , en] = C1[e1, . . . , ei−1, ei+1, . . . , en] we have C1[e1, . . . , ei−1, ei+1, . . . , en]⇓ since C1 has n − 1 holes, the induction hypothesis shows C1[e′

1, . . . , e′ i−1, e′ i+1, . . . , e′ n]⇓ = C[e′ 1, . . . , e′ i−1,ei, e′ i+1, . . . , e′ n]⇓

thus R2[ei]⇓ and applying the precondition shows R2[e′

i]⇓

thus C[e′

1, . . . , e′ n]⇓.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

28/57

slide-8
SLIDE 8

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Proof of the Multicontext Lemma

Claim:

  • ∀i, R : (R[ei]⇓ ⇒ R[e′

i]⇓)

  • =

  • C[e1, . . . , en]⇓ ⇒ C[e′

1, . . . , e′ n]⇓

  • Induction step: (l, n) > (0, 0) and the claim holds for all (l′, n′) < (l, n)

Case 2: No j s.t. C[e1, . . . ej−1, ·j, ej+1, . . . en] is a reduction context If l = 0, then C[e1, . . . , en] is a WHNF. Since no hole is in a reduction context also C[e′

1, . . . , e′ n] is a WHNF

If l > 0, then C[e1, . . . , en] no − → C′[r1, . . . , rm]

no,l−1

− − − − → e s.t. C[e′

1, . . . , e′ n] no

− → C′[r′

1, . . . , r′ m]

(ri, r′

i) = (ρ(ej), ρ(e′ j)) and a variable permutation ρ

can be verified by going through the cases of the no − →-reduction the precondition holds for ri, r′

i, i.e. ∀i, R : (R[ρ(ei)]⇓ ⇒ R[ρ(e′ i)]⇓)

this mainly holds, since letrec can do variable renamings apply the induction hypothesis to C′[r1, . . . , rm] and C′[r′

1, . . . , r′ m]

(l is strictly decreased), thus C′[r′

1, . . . , r′ m]⇓ and thus C[e′ 1, . . . , e′ n]⇓

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

29/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of Program Transformations

Definition A program transformation P is correct, if it preserves contextual equivalence, i.e. P ⊆ ∼c. Notation: Non-normal order reduction steps for the language LR are called internal and denoted by a label i. internal reduction in a reduction context: iR internal reduction in a surface context by iS.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

30/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness: Easy Cases

Proposition The transformations (case-c), (seq-c), (lbeta), (lapp), (lcase), (lseq) are correct. I.e., e1

a

− → e2 with a ∈ {(case-c), (seq-c), (lbeta), (lapp), (lcase), (lseq)} implies e1 ∼c e2. Proof. Every

R,a

− − →-reduction in where a ∈ {(case-c), (seq-c), (lbeta), (lapp), (lcase), (lseq)} is a normal order reduction. Since normal order reduction is unique, it follows R[e1]⇓ iff R[e2]⇓. Now we apply the context lemma.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

31/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of the Other Reductions

The reductions (llet), (cp), (case-e), (case-in), (seq-e), (seq-in) may be non-normal order in a reduction context

  • ther techniques are require

We again use the diagram-based proof technique.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

32/57

slide-9
SLIDE 9

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of (llet)

A complete set of forking diagrams for (iS,llet) is:

·

no,a

  • iS,llet ·

no,a

  • · iS,llet

·

·

no,a

  • iS,llet ·

no,a

  • ·

·

no,lll,+

  • iS,llet ·

no,lll,+

  • ·

·

no,lll,+

  • iS,llet ·

no,lll,+

  • · iS,llet

·

·

no,a

  • iS,llet ·

no,a

  • ·

no,llet

·

A complete set of commuting diagrams for (iS,llet) is:

·

no,a

  • iS,llet ·

no,a

  • · iS,llet

·

·

no,a

  • iS,llet ·

no,a

·

·

no,lll,+

  • iS,llet ·

no,lll,+

·

·

no,lll,+

  • iS,llet ·

no,lll,+

  • · iS,llet

·

·

no,a

  • iS,llet ·

no,a

  • ·

no,llet

·

Answer-Case: If e1

iS,llet

− − − − → e2, then e1 is a WHNF iff e2 is a WHNF.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

33/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of (llet)

Proposition If e1

llet

− − → e2, then e1 ∼c e2. Show S[e1]⇓ = ⇒ S[e2]⇓ S[e2]⇓ = ⇒ S[e1]⇓ Then apply the context lemma. If S[e1] llet − − → S[e2] is normal order, then the claim holds, since normal order reduction is unique For internal reductions: Use the TRS-encoding of the diagrams and automatically prove termination Specific version of AProVE and CeTA for free variables on right hand sides

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

34/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Forking-Diagrams for (llet) as TRS

(STRATEGY INNERMOST) (VAR x k) (RULES iS_llet(no_lll(x)) -> no_lll(iS_llet(x)) iS_llet(no_llet(x)) -> no_llet(iS_llet(x)) iS_llet(no_a(x)) -> no_a(iS_llet(x)) iS_llet(no_lll(x)) -> no_lll(x) iS_llet(no_llet(x)) -> no_llet(x) iS_llet(no_a(x)) -> no_a(x) iS_llet(no_lll(x)) -> iS_llet(rem(x)) iS_llet(rem(no_lll(x))) -> iS_llet(rem(x)) iS_llet(rem(x)) -> exp(k,x) exp(s(k),x) -> no_lll(exp(k,x)) exp(s(z),x) -> no_lll(x) iS_llet(no_lll(x)) -> iS_llet(rem2(x)) iS_llet(rem2(no_lll(x))) -> iS_llet(rem2(x)) iS_llet(rem2(x)) -> exp2(k,x) exp2(s(k),x) -> no_lll(exp2(k,x)) exp2(s(z),x) -> no_lll(iS_llet(x)) iS_llet(no_lll(no_llet(x))) -> no_lll(x) iS_llet(no_llet(no_llet(x))) -> no_llet(x) iS_llet(no_a(no_llet(x))) -> no_a(x) iS_llet(Answer) -> Answer)

·

no,a iS,llet · no,a

  • · iS,llet

·

·

no,a iS,llet · no,a

  • ·

·

no,lll,+ iS,llet · no,lll,+

  • ·

·

no,lll,+ iS,llet · no,lll,+

  • · iS,llet

·

·

no,a iS,llet · no,a

  • ·

no,llet ·

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

35/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Commuting-Diagrams for (llet) as TRS

(STRATEGY INNERMOST) (VAR x k) (RULES iS_llet(no_lll(x)) -> no_lll(iS_llet(x)) iS_llet(no_llet(x)) -> no_llet(iS_llet(x)) iS_llet(no_a(x)) -> no_a(iS_llet(x)) iS_llet(no_lll(x)) -> no_lll(x) iS_llet(no_llet(x)) -> no_llet(x) iS_llet(no_a(x)) -> no_a(x) iS_llet(no_lll(x)) -> iS_llet(rem(x)) iS_llet(rem(no_lll(x))) -> iS_llet(rem(x)) iS_llet(rem(x)) -> exp(k,x) exp(s(k),x) -> no_lll(exp(k,x)) exp(s(z),x) -> no_lll(x) iS_llet(no_lll(x)) -> iS_llet(rem2(x)) iS_llet(rem2(no_lll(x))) -> iS_llet(rem2(x)) iS_llet(rem2(x)) -> exp2(k,x) exp2(s(k),x) -> no_lll(exp2(k,x)) exp2(s(z),x) -> no_lll(iS_llet(x)) iS_llet(no_lll(x)) -> no_lll(no_llet(x)) iS_llet(no_llet(x)) -> no_llet(no_llet(x)) iS_llet(no_a(x)) -> no_a(no_llet(x)) iS_llet(Answer) -> Answer)

·

no,a iS,llet · no,a

  • · iS,llet

·

·

no,a

  • iS,llet ·

no,a

·

·

no,lll,+

  • iS,llet ·

no,lll,+

·

·

no,lll,+ iS,llet · no,lll,+

  • · iS,llet

·

·

no,a iS,llet · no,a

  • ·

no,llet ·

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

36/57

slide-10
SLIDE 10

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of (cp)

We distinguish two cases: (cps) := (cp) where the position of the replaced variable is in a surface context. (cpd) := (cp) where the position of the replaced variable is not in a surface context. Examples letrec x = λw.w in λy.x

cpd

− − → letrec x = λw.w in λy.(λw.w) letrec x = λw.w in Cons x Nil

cps

− − → letrec x = λw.w in Cons (λw.w) Nil

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

37/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Diagrams for (cp)

Complete sets of forking diagrams for

iS,cps

− − − → and for

iS,cpd

− − − − → are:

·

iS,cps no,a

  • ·

no,a

  • · iS,cps

·

·

iS,cps no,a

  • ·

no,a

  • ·

no,cp

·

·

iS,cps no,a

  • ·

no,a

  • ·

·

iS,cpd no,a

  • ·

no,a

  • · iS,cpd

·

·

iS,cpd

  • no,cp
  • ·

no,cp

  • · iS,cpd

· iS,cpd ·

·

iS,cpd no,a

  • ·

no,a

  • ·

·

iS,cpd no,lbeta

  • ·

no,lbeta

  • · iS,cps

·

Complete sets of commuting diagrams for

iS,cps

− − − → and for

iS,cpd

− − − − → are:

·

iS,cps no,a

  • ·

no,a

  • · iS,cps

·

·

iS,cps no,a

  • ·

no,a

  • ·

no,cp

·

·

iS,cps no,a

  • ·

no,a

·

·

iS,cpd no,a

  • ·

no,a

  • · iS,cpd

·

·

iS,cpd

  • no,cp
  • ·

no,cp

  • · iS,cpd

· iS,cpd ·

·

iS,cpd no,a

  • ·

no,a

·

·

iS,cpd no,lbeta

  • ·

no,lbeta

  • · iS,cps

·

Answer case: If e1

iS,cp

− − − → e2, then e1 is a WHNF iff e2 is a WHNF.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

38/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of (cp)

Proposition If e1

cp

− → e2, then e1 ∼c e2. show S[e1]⇓ ⇐ ⇒ S[e2]⇓ then apply the context lemma if S[e1]

no,cp

− − − → S[e2] then the claim holds if S[e1]

iS,cp

− − − → S[e2] use the diagrams and the base case: Can be proved automatically by the TRS encoding.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

39/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

TRS-Encodings for (cp)

(STRATEGY INNERMOST) (VAR x) (RULES iS_cps(no_a(x)) -> no_a(iS_cps(x)) iS_cps(no_cp(x)) -> no_cp(iS_cps(x)) iS_cps(no_lbeta(x)) -> no_lbeta(iS_cps(x)) iS_cps(no_a(no_cp(x))) -> no_a(x) iS_cps(no_cp(no_cp(x))) -> no_cp(x) iS_cps(no_lbeta(no_cp(x))) -> no_lbeta(x) iS_cps(no_a(x)) -> no_a(x) iS_cps(no_cp(x)) -> no_cp(x) iS_cps(no_lbeta(x)) -> no_lbeta(x) iS_cpd(no_a(x)) -> no_a(iS_cpd(x)) iS_cpd(no_cp(x)) -> no_cp(iS_cpd(x)) iS_cpd(no_lbeta(x)) -> no_lbeta(iS_cpd(x)) iS_cpd(no_cp(x)) -> no_cp(iS_cpd(iS_cpd(x))) iS_cpd(no_a(x)) -> no_a(x) iS_cpd(no_cp(x)) -> no_cp(x) iS_cpd(no_lbeta(x)) -> no_lbeta(x) iS_cpd(no_lbeta(x)) -> no_lbeta(iS_cps(x)) iS_cps(Answer) -> Answer iS_cpd(Answer) -> Answer)

Forking Diagrams

(STRATEGY INNERMOST) (VAR x) (RULES iS_cps(no_a(x)) -> no_a(iS_cps(x)) iS_cps(no_cp(x)) -> no_cp(iS_cps(x)) iS_cps(no_lbeta(x)) -> no_lbeta(iS_cps(x)) iS_cps(no_a(x)) -> no_a(no_cp(x)) iS_cps(no_cp(x)) -> no_cp(no_cp(x)) iS_cps(no_lbeta(x)) -> no_lbeta(no_cp(x)) iS_cps(no_a(x)) -> no_a(x) iS_cps(no_cp(x)) -> no_cp(x) iS_cps(no_lbeta(x)) -> no_lbeta(x) iS_cpd(no_a(x)) -> no_a(iS_cpd(x)) iS_cpd(no_cp(x)) -> no_cp(iS_cpd(x)) iS_cpd(no_lbeta(x)) -> no_lbeta(iS_cpd(x)) iS_cpd(no_cp(x)) -> no_cp(iS_cpd(iS_cpd(x))) iS_cpd(no_a(x)) -> no_a(x) iS_cpd(no_cp(x)) -> no_cp(x) iS_cpd(no_lbeta(x)) -> no_lbeta(x) iS_cpd(no_lbeta(x)) -> no_lbeta(iS_cps(x)) iS_cps(Answer) -> Answer iS_cpd(Answer) -> Answer)

Commuting Diagrams

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

40/57

slide-11
SLIDE 11

LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Remark

Without distinguishing (cpd) and (cps):

(STRATEGY INNERMOST) (VAR x) (RULES iS_cp(no_a(x)) -> no_a(iS_cp(x)) iS_cp(no_cp(x)) -> no_cp(iS_cp(x)) iS_cp(no_lbeta(x)) -> no_lbeta(iS_cp(x)) iS_cp(no_a(x)) -> no_a(no_cp(x)) iS_cp(no_cp(x)) -> no_cp(no_cp(x)) iS_cp(no_lbeta(x)) -> no_lbeta(no_cp(x)) iS_cp(no_a(x)) -> no_a(x) iS_cp(no_cp(x)) -> no_cp(x) iS_cp(no_lbeta(x)) -> no_lbeta(x) iS_cp(no_cp(x)) -> no_cp(iS_cp(iS_cp(x))) iS_cp(Answer) -> Answer)

the TRS is nonterminating an infinite rewrite sequence begins as follows:

iS_cp(no_cp(no_cp(Answer))) → no_cp(iS_cp(iS_cp(no_cp(Answer)))) → no_cp(iS_cp(no_cp(no_cp(Answer)))) → . . .

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

41/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Some Program Transformations

Garbage Collection: (gc) = (gc1) ∪ (gc2) (gc1) letrec x1 = e1, . . . , xn = en, Env in e → letrec Env in e if for all i : xi does not occur in Env nor in e (gc2) letrec x1 = e1, . . . , xn = en in e → e, if for all i : xi does not occur in e Copying Variables: (cpx) = (cpx-in) ∪ (cpx-e) (cpx-in) letrec x = y, Env in C[x] → letrec x = y, Env in C[y] where y is a variable and x = y (cpx-e) letrec x = y, z = C[x], Env in e → letrec x = y, z = C[y], Env in e where y is a variable and x = y Copying Constructors: (cpcx) = (cpcx-in) ∪ (cpcx-e) (cpcx-in) letrec x = c − → e , Env in C[x] → letrec x = c − → y , {yi = ei}ar(c)

i=1 , Env in C[c −

→ y ] (cpcx-e) letrec x = c − → e , z = C[x], Env in e′ → letrec x = c − → y , {yi = ei}ar(c)

i=1 , z = C[c −

→ y ], Env in e′ Sharing Arguments: (abs) (abs) letrec x = c − → e , Env in e′ → letrec x = c − → y , {yi = ei}ar(c)

i=1 , Env in e′

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

42/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of Extra Transformations

Proposition [SSSS08] The transformations (gc), (abs), (cpx), and (cpcx) are correct. can be shown by computing forking, commuting, and answer diagrams applying the context lemma

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

43/57 LR Nondeterminism Syntax NO-Reduction Contextual Equivalence Diagrams

Correctness of (seq) and (case)

Proposition The reduction (case) and (seq) are correct program transformations. For (case): correctness of (case-c) already proved (case-in) and (case-e) can be simulated by a sequence

cpcx

− − → · case−c − − − − → ·

cpx,∗

− − − → ·

cpx,∗

← − − − ·

cpcx

← − − (cpx), (cpcx), and (case-c) are correct For (seq): correctness of (seq-c) already proved (seq-in) and (seq-e) can be simulated by a sequence

cpcx

− − → ·

seq−c

− − − → ·

abs

← − − (seq-c), (cpcx), and (abs) are correct

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

44/57

slide-12
SLIDE 12

LR Nondeterminism LRchoice may/should/must

Reasoning on program transformations in nondeterministic calculi

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

45/57 LR Nondeterminism LRchoice may/should/must

Nondeterminism and Concurrency

Nondeterministic and concurrent programming languages require extended core languages and adapted contextual semantics We discuss this topic very briefly We only consider a minimal extension of LR by nondeterminism.

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

46/57 LR Nondeterminism LRchoice may/should/must

The Calculus LRchoice

Syntactic extensions of LR: choice-expressions: e, ei ∈ ExpLRchoice ::= . . . | choice e1 e2 New reduction rules: (with labels for normal order reduction) (choice-l) C[(choice e1 e2)sub] → C[e1] (choice-r) C[(choice e1 e2)sub] → C[e2] normal order reduction does not descend into arguments of choice it freely chooses between the left and the right argument

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

47/57 LR Nondeterminism LRchoice may/should/must

LRchoice: Normal Order Reduction

e no − → e′ iff apply the labeling algorithm to etop (no new rules for labeling) apply a matching reduction rule for (choice-l) and (choice-r) both rules match or none of both Normal order reduction in LRchoice is not unique, e.g. letrec x = (choice True False) in x letrec x = True in x letrec x = False in x no, choice-l no, choice-r But the to-be-replaced subexpression is uniquely determined (by the labeling algorithm).

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

48/57

slide-13
SLIDE 13

LR Nondeterminism LRchoice may/should/must

Forms of Nondeterminism

Erratic Nondeterminism: e1 ⊗ e2 = e1 or e2 Demonic Nondeterminism: e1 ⊗ e2 = ⊥, if e1 = ⊥ or e2 = ⊥ e1 or e2,

  • therwise

Angelic Nondeterminism e1 ⊗ e2 =    e1, if e2 = ⊥ e2, if e1 = ⊥ e1 or e2,

  • therwise

choice implements erratic nondeterminism

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

49/57 LR Nondeterminism LRchoice may/should/must

Convergence

WHNFs in LRchoice are defined as before: a value, or letrec Env in v, where v is a value, or letrec x1 = c − → e , x2 = x1, . . . , xm = xm−1, Env in xm. Due to the nondeterminism there are different forms of convergence: may-convergence: e↓ iff ∃ WHNF e′: e

no,∗

− − → e′ should-convergence: e⇓ iff ∀e′ : e

no,∗

− − → e′ = ⇒ e′↓ must-convergence: e iff e⇓ and ¬(e

no,ω

− − − →) where e

no,ω

− − − →= there is an infinite normal order reduction starting with e in deterministic calculi like LR: ↓ = ⇓ = in LRchoice: all three predicates are different

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

50/57 LR Nondeterminism LRchoice may/should/must

Contextual Equivalence in LRchoice

Definition For LRchoice-expressions e1, e2: contextual may-preorder: e1 ≤c,↓ e2 iff ∀C : C[e1]↓ = ⇒ C[e2]↓ contextual should-preorder: e1 ≤c,⇓ e2 iff ∀C : C[e1]⇓ = ⇒ C[e2]⇓ contextual must-preorder: e1 ≤c, e2iff ∀C : C[e1] = ⇒ C[e2] contextual preorder: e1 ≤c e2 iff e1 ≤c,↓ e2 ∧ e1 ≤c,⇓ e2. contextual equivalence: e1 ∼c e2 iff e1 ≤c e2 ∧ e2 ≤c e1. Remarks we also use ∼c,↓, ∼c,⇓, ∼c, for equivalences

  • ther papers use ≤c:=≤c,↓ ∩ ≤c,
  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

51/57 LR Nondeterminism LRchoice may/should/must

Observing May-Convergence in Insufficient

Consider the expressions choice True ⊥ and True: choice True ⊥ ∼c,↓ True choice True ⊥ ∼c,⇓ True choice True ⊥ ∼c, True The empty context [·] distinguishes the expressions w.r.t. should- and must-convergence. ⇒ should- or must-convergence should also be observed!

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

52/57

slide-14
SLIDE 14

LR Nondeterminism LRchoice may/should/must

Observing Should-/Must-Convergence is Insufficient

Consider the expressions choice True ⊥ and ⊥: choice ⊥ True ∼c,⇓ ⊥ choice ⊥ True ∼c, ⊥ choice ⊥ True ∼c,↓ ⊥ Note that there are nondeterministic calculi where observing should-/must-convergence is sufficient (since ∼c,⇓⊆∼c,↓)

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

53/57 LR Nondeterminism LRchoice may/should/must

Differences between Should- and Must-Convergence

Consider e := letrec x = λy.(choice True (x True)) in (x True) Then e⇓, but ¬(e), moreover: e ∼c,↓ True e ∼c,⇓ True e ∼c, True e ∼c,↓ choice ⊥ True e ∼c,⇓ choice ⊥ True e ∼c, choice ⊥ True

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

54/57 LR Nondeterminism LRchoice may/should/must

Advantages of the may- / should-combination

should-convergence identifies busy-wait with success, while must-convergence identifies busy-wait with failure for the predicate construction P0(e) := ∃e′ : e

no,∗

− − → e′ ∧ WHNF(e′) P 0(e) := ∀e′ : e

no,∗

− − → e′ = ⇒ P0(e′) Pi(e) := ∃e′ : e

no,∗

− − → e′ ∧ P i−1(e′) P i(e) := ∀e′ : e

no,∗

− − → e′ = ⇒ Pi(e′) it holds:

  • ∼c,Pi ∪
  • ∼c,P i=∼c,P0 ∪ ∼c,P 0=≤c,↓ ∩ ≤c,⇓

This closedness does not hold for must-convergence: infinitely many different ∼-relations not necessary to explicitly consider fairness of reduction, since ∼c,⇓=∼c,⇓,fair

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

55/57 LR Nondeterminism LRchoice may/should/must

Reasoning on Should-Convergence

may-divergence: negation of should-convergence: e↑ ⇐ ⇒ ¬(e⇓) must-divergence: negation of may-convergence: e⇑ ⇐ ⇒ ¬(e↓) Characterization of May-Divergence For all LRchoice-expressions e: e↑ iff ∃e′ : e

no,∗

− − → e′ ∧ e′⇑. Advantages: inductive proofs along the normal order reduction sequence work, e.g. S[e]↑ = ⇒ S[e′]↑ base case S[e]⇑ = ⇒ S[e′]⇑ for free, since: it is equivalent to S[e′]↓ = ⇒ S[e]↓ context lemma and diagram technique can also be used for may-divergence proofs

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

56/57

slide-15
SLIDE 15

LR Nondeterminism LRchoice may/should/must

Results for LRchoice

all reduction rules are correct program transformations except for (choice-l) and (choice-r) also the extra transformations are correct (choice-l) and (choice-r) are “runtime” rules

  • D. Sabel & M. Schmidt-Schauß · ISR 2015 · Rewriting Techniques for Correctness of Program Transformations

57/57