correctness of copy in calculi with letrec fileknown proof methods are insuﬃcient or fail m....

Correctness of Copyin Calculi with Letrec

Manfred Schmidt-Schauss

Dept. Computer Science and MathematicsJ. W. Goethe-University

Frankfurt, Germany

RTA 2007

Introduction The Calculus LRλ Call-By-Need Call-By-Name Conclusion

Contents

1 Introduction and Motivation

2 The Calculus LRλ

3 Call-By-Need

4 Call-By-Name

5 Conclusion

M. Schmidt-Schauss 2 Correctness of Copy in Calculi with Letrec


Motivation

Goal

Semantics of (Functional) Programming Languages

Transformations, Optimization, Evaluation, Correctness, ...

Model: extended lambda-calculi:

Higher-Order

Sharing

Lazy

Data Types

Polymorphic Types

Non-determinism



Proving Correctness of Transformations

Known Proof Methods

confluence and variants

context lemma

diagrams and computing overlappings

simulation (bisimulation)

approximation and co-induction

denotational semantics

abstract machines



The Problem

Transformation (copy; instantiation; sharing; desharing, inlining)

let-copy

let x = s in C[x] → let x = s in C[s]

letrec-copy

letrec x = s, y = r, . . . in C[x] → letrec x = s, y = r in C[s]letrec x = s, y = C[x], . . . in r → letrec x = s, y = C[s] in rletrec x = C[x], . . . in r → letrec x = C[C[x]], . . . in r

Issue: Correctness of let-copy and letrec-copy.

Known proof methods are insufficient or fail



Method and Results

A successful proof method: Use infinite λ-expressions

Obtained Results for deterministic calculiw.r.t. contextual equivalence

The unrestricted copy rule is correct

Call-by-name and call-by-need are equivalent

The proof method is successful for several calculi



Related Work

Plotkin 1975: investigating call-by-name, call-by-value, ...

Kennaway, Klop, Sleep, de Vries 1997: infinitary lambdacalculus

Ariola, Blom 1997: investigating letrec

Ariola, Felleisen, Maraist, Odersky, Wadler 1995:call-by-need (let).

Ariola, Klop 1997: letrec: non-confluence

Jeffrey 1994: denotational proof for correctness of copy in atiny calculus, proof is based on confluence properties

Machkasova, Turbak 2000: restricted letrec and meaningpreservation

Moran, Sands, Carlsson 1999: a non-deterministicletrec-calculus with contextual equivalence

. . .M. Schmidt-Schauss 7 Correctness of Copy in Calculi with Letrec


Plan

Calculus LRλ,convergence,contextual equality,transformations

((PPPPPPPPPPPP

infinite λ-expressions,convergence

qy kkkkkkkkkkkkk

kkkkkkkkkkkkk

Calculus LRλ,correctness of transformations



Syntax of LRλ

A tiny calculus to demonstrate the method via infinite trees.

Syntax of Expressions E

E ::= V | (E1 E2) | (λ V.E)

| (letrec V1 = E1, . . . , Vn = En in E)



Observational Semantics

Contextual Equivalence

s ≤c t iff ∀C[] : (C[s]⇓ =⇒ C[t]⇓)

s ∼c t iff s ≤c t ∧ t ≤c s

A transformation s → t is correct, iff s ∼c t

∼c is the coarsest congruence w.r.t. the test ∀C.C[·]⇓



Determining the Next Redex

Start with tT : (T = top; S = sub; V = visited)

(letrec Env in t)T → (letrec Env in tS)V

(s t)S∨T → (sS t)V

(letrec x = s,Env in C[xS ])→ (letrec x = sS ,Env in C[xV ])

(letrec x = s, y = C[xS ],Env in t)→ (letrec x = sS , y = C[xV ],Env in t)

if s was not labeled and if C[x] 6= x



Rewriting Semantics: Normal-Order Reduction Rules

(lbeta) C[((λx.s)S r)] no−→ C[(letrec x = r in s)](cp-in) (letrec x = sS ,Env in C[xV ])

no−→ (letrec x = s,Env in C[s])where s is an abstraction or a variable

(cp-e) (letrec x = sS ,Env , y = C[xV ] in r)no−→ (letrec x = s,Env , y = C[s] in r)

where s is an abstraction or a variable

(llet-in) (letrec Env1 in (letrec Env2 in r)S)no−→ (letrec Env1,Env2 in r)

(llet-e) (letrec Env1, x = (letrec Env2 in sx)S in r)no−→ (letrec Env1,Env2, x = sx in r)

(lapp) ((letrec Env in t)S s) no−→ (letrec Env in (t s))



Convergence

A weak head normal form (WHNF) is

an abstraction λx.s, oran expression (letrec Env in λx.s).

s⇓: A term s converges, iff sno,∗−−→ v for some WHNF v

This is may-convergence



Observational Semantics

Contextual Equivalence

s ≤c t iff ∀C[] : (C[s]⇓ =⇒ C[t]⇓)

s ∼c t iff s ≤c t ∧ t ≤c s



Correspondence: Calculus on Infinite Trees

Expression ↔ Infinite Trees

t IT (t)

no−→ ∞−→betaTr−−−−→

convergence convergence of inf. trees



Infinite Trees

t = letrec x = x, y = (λz.z) x y in y

IT (t) =

@~~||

|((QQQQQQQQ= y

@~~||

| B

BB@

}}|||

''PPPPPPPP= y

λz��

⊥ @}}||

|!!B

BB@

�� ''OOOOOOO= y

z λz��

⊥ @~~||

|��?

??. . .

z λz��

⊥

z



Calculus on Infinite Trees

(betaTr) ((λx.s) r) → s[r/x]

(betaTr)−−−−−→ reduces a single redex

∞−→ reduces an infinite set of redexesin one step (top-down)similar to Barendregt’s 1-reduction , also toinfinite developments (a variant)

∀,∞−−→ reduces all redexes



Example

letrec x = (λy.x) (λu.u) in x

@{{wwww

""DDDD= x

λy��

λu

��@

||zzz##H

HHH= x u

λy��

λu

��@

||xxxx

$$IIII

= x u

. . . . . .



Example for ∞-Reduction

letrec x = (λy.x) (λu.u) in xlbeta,llet−−−−−→ letrec x = x, y = λu.u in x

@{{ww

ww ""DDDD= x

λy��

λu

��@

}}zzz

##GGG

G= x u

λy��

λu

��@

||yyyy

$$IIII

= x u

. . . . . .

∞ // ⊥



Example for ∞-Reduction


@{{wwww

""DDDD= x

λy��

λu

��@

}}zzz

##GGG

G= x u

λy��

λu

��@

||yyyy

$$IIII

= x u

. . . . . .

M1,∞ //

@�� >

>>

λy��

λu

��⊥ u



Example for Single and ∞-Reduction


@{{wwww

""DDDD= x

λy��

λu

��@

}}zzz

##GGG

G= x u

λy��

λu

��@

||xxxx

$$IIII

= x u

. . . . . .

M2,∞ //

@~~~~~ A

AA

λy��

λu

��@

~~~~~ @@@

u

λy

��

λu��

. . . u



Normal-Order Reduction and Convergence for Infinite Trees

(betaTr) ((λx.s) r) → s[r/x]

Normal-order (betaTr) leftmost, outermost; (i.e. in R-contexts)tree reduction: does not reduce in abstractions

value tree V λx.s, i.e. (infinite) abstractions

T⇓ :⇔ T(betaTr),R,∗−−−−−−−−→ V

T⇓(∞) :⇔ T∞,∗−−→ V



Standardization for Tree-Reduction

Theorem For all trees S: S⇓(∞) ⇐⇒ S⇓

proof idea: infinitely many reductions that are “too deep”can be shifted to the right (in a reduction sequence)after reaching an abstraction.



Call-By-Need and Convergence

Theorem For all expressions t: t⇓ ⇐⇒ IT(t)⇓(∞)

proof structure:

t⇓ transfer +3 IT(t)⇓(∞) standardization +3 IT(t)⇓

diagrams and induction

dl



CB-Need, Convergence and Diagrams on ∞-Trees

The overlap diagrams:

T∞ //

R��

S2

R�� T

∞ //

R��

S2

S1∞ //___ T ′ S1

∞

>>}}

}}

imply the Lemma:

T∞ //

R,n

��

S2

R,≤n

��

S1∞ //_____ T ′



CB-Need, Convergence and Diagrams on ∞-Trees

tIT (·) //

no,(cp)∨(lll),∗�� IT (t)

R,betaTr,n

��∞

tt

US

QM

G <�

�wq

mk

i

t′

IT (·)88ppppppp

no,lbeta

�� T ′

∞��

R,n−1

��>>>

>>>>

>>>>

>>>>

>>>>

>>

t′′IT (·) //______

�� IT (t′′)

R,betaTr,n−1

��

. . . . . . . . .



CB-Need, Result

The diagram using induction on n implies:

Theorem t⇓ ⇔ IT (t)⇓



CB-Need, Correctness of Copy

(gcp) C1[letrec x = r . . . C2[x] . . .]→ C1[letrec x = r . . . C2[r] . . .]

Lemma: tgcp−−→ t′ =⇒ IT (t) = IT (t′)

Correctness of (gcp), i.e., letrec-copy:

Theorem tgcp−−→ t′ =⇒ t ∼c t′



Call-By-Name

call-by-name reduction on expressions:

(no,beta) C[((λx.s)S r)] −−−→ C[s[r/x]]

name−−−→ :=no,beta−−−−→ ∪ no,cp−−−→ ∪ no,lapp−−−−→ ∪ no,llet−−−−→



Call-By-Name vs. Call-By-Need

call-by-need and call-by-name on expressionsmay result in different infinite trees:

sname−−−→ s1 and s

need−−−→ s2

s1 = (letrec z = λy.(z z) in z z)s2 = (letrec z = λy.x, x = (λy′.x) z in x)

Infinite tree of s1, s2

@xxqqqqqq

&&NNNNNN

λy��

λy��

@~~}}

} A

AA@

~~}}}

AAA

· · · ·

s1name,∗−−−−→ s′1

name,∗−−−−→ s′1with IT (s1) = IT (s′1)

s2need ,∗−−−−→ (letrec . . . , x = x in x)

= ⊥



CB-Name: Result

The same methods as for cb-need show:

Proposition t⇓(name) ⇔ IT (t)⇓

This and t⇓ ⇔ IT (t)⇓ imply:

Theoremt⇓(name) ⇔ t⇓ ⇔ IT (t)

Corollary Call-by-name and call-by-needinduce the same equivalence



Extensions

The proof method is applicable to LRλ extended with

case and constructors

seq ( a sequential operator)

por (parallel or)

combinations thereof

(see technical reports onwww.ki.informatik.uni-frankfurt.de/papers/frank/)



Extensions and Conclusion

Results:

• infinite tree calculus proves correctness of copy• also equivalence of different reduction strategies

in tiny calculi as well as extended (deterministic) calculi

• LRλ is equivalent to Abramsky’s Lazy Lambda Calculus(w.r.t. contextual equivalence)



Non-Determinism

Open: correctness of copy in non-deterministic calculi,e.g. with amb

Complications: • may- and must-convergence• letrec not removable in infinite trees

Known: (general) copy is not correctcopying “choice-free” expressions is correctin a let-calculus w.r.t may/must-convergence(A.Kutzner,2000)


correctness of copy in calculi with letrec fileknown proof methods are insuﬃcient or fail m....

Documents