CS 641 Lecture -*- Outline -*- * variables (5.2) variables model attributes of a state, which are pairs of (get,set) ops. Essential trick in semantics: model changing state with immutable math models, by passing around the latest "version" of the model (threading). ** model ------------------------------------------ STATE ATTRIBUTES (5.2) Def: An attribute of type T over state space \Sigma is a pair (gt,st) of functions, where gt: \Sigma -> T (access) st: T -> \Sigma -> \Sigma (update). Define: val.(gt,st) == gt, set.(gt,st) == st Example: ------------------------------------------ ... consider the state space {x:Int}. A state in this state space is modeled as a pair of functions like (\s.3, \mu X . \v.\s.(\s.v,X)) Informally, a record: {x=3} Q: How to describe a sequence of updates? by forward composition ** axioms ------------------------------------------ AXIOMS FOR ATTRIBUTES (p. 87) Let x, y be attributes of type T over \Sigma, s be a state of type \Sigma, a, b be values of type T. Basics: val.x.(set.x.a.s) == a (a) Attributes are independent (no aliasing): val.y.(set.x.a.s) == val.y.s (b) * if x != y One value per attribute: set.x.a; set.x.b == set.x.b (c) Order doesn't matter if independent set.x.a;set.y.b == set.y.b;set.x.a (d) * if x != y Only the value matters set.x.(val.x.s).s == s (e) Def: distinct attributes are called program variables if they satisfy (a) - (e). ------------------------------------------ Q: Can you give examples of these? Q: Can we think of x and a as lists? yes, by property (d) Q: What is val.x2.((set.x1.3; set.x2.5; set.x1.0).s)? Q: Why do we need to show there's a model for these? so it's consistent ** expressions Expressions are pointwise extension of accessors *** pointwise extension ------------------------------------------ EXPRESSIONS Def: an *expression of type T* is a term of HOL of type \Sigma -> T built as follows. . . e ::= gt | y | f.e1. ... .en where gt: \Sigma -> T is an access function y is a name f is a function constant Semantics [[gt]].s == gt.s . [[y]].s == y . [[f.e1. ... .en]].s == f.([[e1]].s). ... .([[en]].s) ------------------------------------------ . For example, [[1]].s == 1 [[val.x]].s == val.x.s . . . . . [[plus.1.3]].s == plus.([[1]].s).([[3]].s) == plus.1.3 == 4 . . . [[plus.val.y]].s == plus.([[val]].s).([[y]].s) == plus.(val.s).y Q: Can these expressions have side-effects? *** overloaded notation ------------------------------------------ OVERLOADED NOTATION FOR EXPRESSIONS . Use the same notation for both f and f since these have different types. So we define: expression value applied in that to state state ================================= 0.s == 0 1.s == 1 plus.f1.f2.s == plus.(f1.s).(f2.s) ------------------------------------------ Q: What are f1 and f2? access functions Q: What are the types of 0 and 1 here? ------------------------------------------ Assume access functions are the attributes x1,...,xn, so can write plus.(val.x1).(val.x2) Overload that attribute names for names of the corresponding access functions: name access function =========================== x = val.x (f) ------------------------------------------ Q: What's the type of each x in this table? Q: Can we now write expressions as we want to? yes plus.x1.x2, which means (\ s . plus.(val.x1.s).(val.x2.s)) Can use these ideas to reason about equalities x - x == { eta conversion } (\ s . (x - x).s) == { pointwise extension } (\ s . (x.s - x.s)) == { arithmetic } (\ s . 0) == { pointwise extension } 0 *** assignment Q: how would you generalize the update operation (set) on states to take expressions (not just values)? ^ (x := e).s = set.x.(e.s).s example: (x := x + y - 3).s == { definition of assignment } set.x.((x + y - 3).s).s == { pointwise extension } set.x.(x.s + y.s - 3.s).s == { overloaded notation for access functions } set.x.(val.x.s + val.y.s - 3.s).s We can restate the independence property (e) as (x := x) == id Q: can you prove that (x := a); (x := x) == (x := a) ? Q: How would you generalize the meaning of assignment to multiple assignment, x1,...,xn := e1,...,en, where x1, ..., xn are distinct? Since they are distinct, can use (x1,...,xn := e1,...,en).s = (set.x1.(e1.s); ...; set.xn.(en.s)).s i.e., (x1,...,xn := e1,...,en).s == let v1 = e1.s in ... in let vn = en.s in (set.x1.v1; ...; set.xn.vn).s Q: Does the order matter in a multiple assignment? no, since all variables are distinct Congruence rule: Phi |- e == e' ___________________________ (assignment congruence) Phi |- (x := e) == (x := e')