%%% This is the scribe notes template for CS611 %%% There are several comments preceded by CS611: and boxed in %%%%'s %%% which indicate where macros should be altered to set up the header %%% for the paper. Your Notes should go at the comment SCRIBE NOTES GO HERE!. %%% In the various .sty files that accompany this .tex file you will %%% find LaTeX macros that make it easier to typeset inference rules %%% and programming language constructs. You must make sure that the %%% file proof.sty is in a path searched by LaTeX when you try to %%% use this file. Take a look to see what macros are available--it %%% will save you time and make the notes look better. Feel free to %%% extend the set of macros--post them to the newsgroup and contact %%% the course staff if you come up with some good ones so they can be %%% added to the template. %%% This template includes examples of how to use some of the macros %%% to give you an idea of how they work. (Delete the examples when %%% you do your scribing.) \documentclass{article} \usepackage{611-lecture} \usepackage{amsthm, amsmath, amssymb, amsfonts} \theoremstyle{definition} \newtheorem*{defn}{Definition} \newcommand{\nondet}{\left[\!\kern1pt\right]} \renewcommand\phi\varphi \renewcommand\wp[2]{\mathsf{wp}~{#1}~{#2}} \newcommand\wlp[2]{\mathsf{wlp}~{#1}~{#2}} \renewcommand\({\begin{eqnarray*}} \renewcommand\){\end{eqnarray*}} \newcommand\LOOKUP[2]{\mathrm{LOOKUP}~{#1}~{#2}} \newcommand\UPDATE[3]{\mathrm{UPDATE}~{#1}~{#2}~{#3}} \newcommand\MALLOC[2]{\mathrm{MALLOC}~{#1}~{#2}} \newcommand\EMPTY{\mathrm{EMPTY\mbox{-}STORE}} \renewcommand\dom[1]{\mathrm{dom}\,{#1}} \newcommand\p[2]{\langle{#1},\,{#2}\rangle} \newcommand\bigcdot{\mathrel{\raisebox{1pt}{$\scriptscriptstyle\bullet$}}} \newcommand\holed[1]{[\,#1\,]} \newcommand\hole{\holed\bigcdot} \newcommand\context[1]{E\kern1pt\holed{#1}} \newcommand\contextHole{\context\bigcdot} \newcommand\goesto[2]{\underset{#2}{\overset{#1}\longrightarrow}} \newcommand\ifthenelse[3]{\mathsf{if\ }#1\mathsf{\ then\ }#2\mathsf{\ else\ }#3} \newcommand\whiledo[2]{\mathsf{while\ }#1\mathsf{\ do\ }#2} \newcommand\letin[3]{\mathsf{let\ }#1 = #2\mathsf{\ in\ }#3} \newcommand\letrec[5]{\mathsf{letrec\ }#1 = #2\mathsf{\ and\ \ldots\ and\ }#3 = #4\mathsf{\ in\ }#5} \newcommand\letrecone[3]{\mathsf{letrec\ }#1 = #2\mathsf{\ in\ }#3} \newcommand\true{\ensuremath{\mathsf{true}}} \newcommand\false{\ensuremath{\mathsf{false}}} \newcommand\error{\ensuremath{\mathsf{error}}} \newcommand\pca[3]{\{#1\}\kern1pt{#2}\kern1pt\{#3\}} \newcommand\states{\Set{St}} \newcommand\rtc{^{\textstyle *}} \newcommand\sat\vDash \newcommand\force\vdash \newcommand\hyphen{\mbox{-}} \newcommand\lookup[2]{\nm{LOOKUP}~#1~\mquote{#2}} \newcommand\update[3]{\nm{UPDATE}~#1~\mquote{#2}~#3} \newcommand\SBk[1]{\SB{#1}k} \newcommand{\LET}{\impfnt{let}} \newcommand{\IN}{\impfnt{in}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%% CS611: Please fill in these macros as appropriate: \lecture{19} %% Lecture number \title{Denotational Semantics of IMP} %% Title of lecture %\author{James Worthington, Mia Minnes} %% name of scribe \date{13 October 2006} %% Date of lecture, e.g., 1 January 2001 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % See 611.sty for a variety of macros that will be helpful in % typesetting the lecture. Here are a few of particular interest: % % "x" x in keyword font (e.g., "if", "#t") % _x_ x in italics % \nm{n} n in slanted font (used for abbreviations) % (if x is more than a single character, use \Tr{x}{y}) \begin{document} \maketitle \section{Denotational Semantics} \subsection{Introduction} So far we have been looking at translations from one language to another, where the target language is simpler or better understood. These are called emph{definitional translations}. Another approach to semantics, \emph{denotational semantics}, involves translations to mathematical objects. The objects in question will be functions with well-defined extensional meaning in terms of sets. The main challenge will be getting a precise understanding of what sets these function operate over. For example, consider the identity function $\lambda x.x$. This clearly represents some kind of function that takes any input object $x$ to itself. But what is its domain? An even more interesting example is the function $\lam x{xx}$. Let's say that the domain of this function is $D$. Then $x$ represents some element of $D$, since $x$ is an input to the function. But in the body, $x$ is applied to $x$, so $x$ must also represent some function $D\to E$. For this to make sense, it must be possible to interpret every element of $D$ as an element of $D\to E$. Thus there must be a function $D\to(D\to E)$. It is conceivable that $D$ could actually be isomorphic to the function space $D \to E$. However, this is impossible if $E$ contains more than one element. This follows by a diagonalization argument. Let $e_0,e_1\in E$, $e_0\neq e_1$. For any function $f:D\to(D\to E)$, we can define $d:D\to E$ by $d = \lam x{\ifthenelse{f~x~x=e_0}{e_1}{e_0}}$. Then for all $x$, $d~x\neq f~x~x$, so $d\neq f~x$ for any $x$, thus $f$ cannot be onto. This type of argument is called \emph{diagonalization} because for countable sets $D$, the function $d$ is constructed by arranging the values $f~x~y$ for $x,y\in D$ in a countable matrix and going down the diagonal, creating a function that is different from every $f~x$ on at least one input (namely $x$). \[ \begin{array}{r|cccc} & 0 & 1 & 2 & \\ \hline f_{0} & f_{0}~0 & f_{0}~1 & f_{0}~2 & \ldots\\ f_{1} & f_{1}~0 & f_{1}~1 & f_{1}~2 & \ldots\\ f_{2} & f_{2}~0 & f_{2}~1 & f_{2}~2 & \ldots\\ \vdots & \vdots \end{array} \] The solution to this conundrum is that the set of _computable_ functions is smaller than the set of all functions---almost all functions are not computable. \subsection{Denotational Semantics for IMP} When defining denotational semantics, we will use the notation $\lambda x \in D. e$ to indicate that the domain of the function is the set $D$. This will make sure we are precise in identifying the extension of functions. Note that this is not really a type declaration. Later, we will introduce types and write them as $\lam {x:\tau}e$. The distinction is that types are pieces of language syntax, whereas sets are semantic objects. The syntax of IMP was \begin{eqnarray*} a &::=& n \bnf x \bnf a_0\oplus a_1\\ b &::=& "true" \bnf "false" \bnf \neg b \bnf b_0\wedge b_1 \bnf a_0=a_1 \bnf \cdots \\ c &::=& "skip" \bnf x:=a \bnf c_0;c_1 \bnf \ifthenelse b{c_1}{c_2} \bnf \whiledo bc \end{eqnarray*} The syntactic categories $a,b,c$ are arithmetic expressions, Boolean expressions, and commands, respectively. To define the denotational semantics, we will refer to _states_, which are functions $\Sigma = \Set{Var} \to \mathbb{Z}$. \renewcommand\true{\mathit{TRUE}} \renewcommand\false{\mathit{FALSE}} \begin{eqnarray*} \Tr{A}{a} &\in& \Sigma \to \mathbb{Z}\\ \Tr{B}{b} &\in& \Sigma \to \mathbf{2} \qquad \text{where $\mathbf{2} = \{\true,\false\}$} \\ \Tr{C}{c} &\in& \Sigma \to \ ? \end{eqnarray*} Intuitively, we would like the meaning of commands to be functions from states to states. Given an initial state, the function produces the final state reached by applying the command. However, there will be no such final state if the program does not terminate (e.g., $\whiledo{"true"}{"skip"}$). Thus the function would have to be partial. However, we can make it a total function by including a special element $\bot$ (called _bottom_) denoting nontermination. For any set $S$, let $S_{\bot} \definedas S \cup \{\bot\}$. Then $\Tr Cc \in \Sigma \to \Sigma_{\bot}$, where $\Tr Cc(\sigma)=\tau$ if $c$ terminates in state $\tau$ on input state $\sigma$, and $\Tr Cc(\sigma)=\bot$ if $c$ does not terminate on input state $\sigma$. Now we can define the denotational semantics of expressions by structural induction. This induction is a little more complicated since we are defining all three functions at once. However, it is still well-founded because we only use the function value on subexpressions in the definitions. For numbers, \begin{eqnarray*} \Tr{A}{n} &\definedas& \lambda \sigma \in \Sigma . n\ \ =\ \ \{(\sigma,n)\mid\sigma\in\Sigma\}. \end{eqnarray*} For the remaining definitions, we use the shorthand of defining the value of the function given some $\sigma \in \Sigma$. \begin{eqnarray*} \Tr{A}{x}\sigma &\definedas& \sigma(x) \\ \Tr{A}{a_{1}\oplus a_{2}} \sigma &\definedas& \Tr{A}{a_1} \sigma \oplus \Tr{A}{a_2} \sigma\\ \Tr{B}{"true"} \sigma &\definedas& \true \\ \Tr{B}{"false"} \sigma &\definedas& \false \\ \Tr{B}{\neg b} \sigma &\definedas& \begin{cases} \true, & \text{if $\Tr{B}{b} \sigma = \false$,}\\ \false, & \text{if $\Tr{B}{b} \sigma = \true$.} \end{cases} \end{eqnarray*} We can express negation more compactly with a conditional expression: \( \Tr{B}{\neg b} \sigma &\definedas& \ifthenelse{\Tr{B}{b}\sigma}{\false}{\true}. \) Alternatively, we can write down the function extensionally: \( \{ (\sigma, \true) \mid \sigma \in \Sigma \wedge \neg \Tr{B}{b} \sigma \} &\cup& \{ (\sigma, \false) \mid \sigma \in \Sigma \wedge \Tr{B}{b} \sigma \}. \) For the commands, we can define \begin{eqnarray*} \Tr{C}{"skip"}\sigma &\definedas& \sigma\\ \Tr{C}{x:=a} \sigma &\definedas& \sigma[\Tr{A}{a}\sigma/x]\\ \Tr{C}{\ifthenelse b{c_1}{c_2}} \sigma &\definedas& \begin{cases} \Tr{C}{c_{1}} \sigma, & \text{if $\Tr{B}{b} \sigma = \true$,}\\ \Tr{C}{c_{2}} \sigma, & \text{if $\Tr{B}{b} \sigma = \false$.} \end{cases} \end{eqnarray*} For sequential composition, \( \Tr{C}{c_{1};c_{2}} \sigma &\definedas& \begin{cases} \Tr{C}{c_{2}}\left( \Tr{C}{c_{1}} \sigma \right), & \text{if $\Tr{C}{c_{1}} \sigma \neq \bot$,}\\ \bot, & \text{if $\Tr{C}{c_{1}} \sigma = \bot$.} \end{cases} \) Another way of achieving this effect is by defining a _lift_ operator on functions: \( (\,\cdot\,)^{*} &:& (D \to E_{\bot}) \to (D_{\bot} \to E_{\bot})\\ (f)^{*} &\definedas& \fn x.\ifthenelse{x = \bot}{\bot}{f(x)}. \) With this notation, we have \( \Tr{C}{c_{1};c_{2}} \sigma &\definedas& (\Tr{C}{c_{2}})^{*}\left( \Tr{C}{c_{1}} \sigma \right). \) We have one command left: $\whiledo bc$. This is equivalent to $\ifthenelse b{c; \whiledo bc}{"skip"}$, so a first guess at a denotation might be: \( \Tr{C}{\whiledo bc}\sigma &\definedas& \ifthenelse{\Tr{B}{b}\sigma}{\Tr{C}{c;\while bc}\sigma}\sigma\\ &=& \ifthenelse{\Tr{B}{b}\sigma}{(\Tr{C}{\while bc})^*(\Tr Cc\sigma)}\sigma, \) but this appears to be a circular definition. However, we can fix this by taking a least fixpoint in some domain. Define \( \mathcal{W} &\definedas& \Tr{C}{\whiledo bc}. \) Then \( \mathcal{W} &=& \lam{\sigma\in\Sigma}{\ifthenelse{\Tr{B}{b}\sigma}{(\mathcal W)^*(\Tr Cc\sigma)}\sigma}. \) Define $\mathcal{F}$ as \( \mathcal{F} &\definedas& \lam{w\in\Sigma\rightarrow\Sigma_\bot}{\lam{\sigma\in\Sigma}{\ifthenelse{\Tr{B}{b}\sigma}{(w)^*(\Tr Cc\sigma)}\sigma}}. \) Then $\mathcal{W} = \mathcal{FW}$; that is, we are looking for a fixpoint of $\mathcal{F}$. But how do we take fixed points without using the dreaded Y combinator? Eventually we will have a function "fix" with $\mathcal{W} = "fix"~\mathcal{F}$, where $\mathcal{F} \in (\Sigma \rightarrow \Sigma_\bot) \rightarrow (\Sigma \rightarrow \Sigma_\bot)$. The solution will be to think of a "while" statement as the limit of a sequence of approximations. Intuitively, by running through the loop more and more times, we will get better and better approximations. The first and least accurate approximation is the totally undefined function \( \mathcal W_0 &\definedas& \lam{\sigma\in\Sigma}\bot. \) This simulates 0 iterations of the loop. The next approximation is \( \mathcal W_1 &\definedas& \mathcal F(\mathcal W_0)\\ &=& \lam{\sigma\in\Sigma}{\ifthenelse{\Tr{B}{b}\sigma}{(\mathcal W_0)^*(\Tr Cc\sigma)}\sigma}\\ &=& \lam{\sigma\in\Sigma}{\ifthenelse{\Tr{B}{b}\sigma}{\bot}\sigma}. \) This simulates 1 iteration of the loop. We could then simulate 2 iterations by: \( \mathcal W_2 &\definedas& \mathcal F(\mathcal W_1)\ \ =\ \ \lam{\sigma\in\Sigma}{\ifthenelse{\Tr{B}{b}\sigma}{(\mathcal W_1)^*(\Tr Cc\sigma)}\sigma}. \) In general, \( \mathcal W_{n+1} &\definedas& \mathcal F(\mathcal W_n)\ \ =\ \ \lam{\sigma\in\Sigma}{\ifthenelse{\Tr{B}{b}\sigma}{(\mathcal W_n)^*(\Tr Cc\sigma)}\sigma}. \) Then denotation of the "while" statement should be the limit of this sequence. But how do we take limits in spaces of functions? To do this, we need some structure on the space of functions. We will define an ordering $\sqsubseteq$ on these functions such that $\mathcal W_0 \sqsubseteq \mathcal W_1 \sqsubseteq \mathcal W_2 \sqsubseteq \cdots$, then find the least upper bound of this sequence. \subsection{Partial Orders on Function Spaces} Recall that a _partial order_ consists of a set $S$ and a relation $\sqsubseteq$ on $S$ that is \begin{itemize} \item _reflexive_: for all $d \in S$, $d \sqsubseteq d$; \item _transitive_: for all $d,e,f \in S$, if $d \sqsubseteq e$ and $e \sqsubseteq f$, then $d \sqsubseteq f$; and \item _antisymmetric_: for all $d,e \in S$, if $d \sqsubseteq e$ and $e \sqsubseteq d$, then $d = e$. \end{itemize} Examples include $(\mathbb{Z}, \leq)$, $(\mathbb{Z},=)$, $(\mathbb{Z}, \geq)$, $(\{\mbox{"true, false"}\}, \rightarrow)$, and $(2^{S},\subseteq)$. If $(S, \sqsubseteq)$ is a partial order then so is $(S, \sqsupseteq)$. We can represent a finite partial order visually by drawing a _Hasse diagram_. Draw each element as a point, with the point $d_2$ drawn above the point $d_1$ iff $d_1 \sqsubseteq d_2$. Finally, draw a line connecting any two elements if the relation between them is not implied by reflexivity or transitivity. Given any partial order $(S, \sqsubseteq)$, we can define a new partial order $(S_\bot, \sqsubseteq_\bot)$ such that $d_1\sqsubseteq_\bot d_2$ if $d_1,d_2\in S$ and $d_1 \sqsubseteq d_2$, and $\bot \sqsubseteq_\bot d$ for all $d \in S_\bot$. Thus if $S$ is any set, then $S_\bot$ is that set with a new least element $\bot$ added. In our semantic domains, we can think of $\sqsubseteq$ as ``less information than''. Thus nontermination $\bot$ contains less information than any element of $S$. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \end{document}