1. No category

Divergence-Least Semantics Of amb Is Hoare

Divergence-Least Semantics Of amb Is Hoare
Soren B. Lassen1 , Paul Blain Levy2 , Prakash Panangaden3
1
3
Google, Inc., Mountain View, CA, USA [email protected]
2
University of Birmingham, UK [email protected]
McGill University, Montreal, Canada [email protected]
Abstract This note strengthens the hoary observation that McCarthy’s amb is
not monotone with respect to the Smyth and Plotkin powerdomains. It shows
that there is no least fixpoint semantics for amb that is sensitive to divergence.
This paper is concerned with an erratic choice operator M |M 0 , and an ambiguous choice operator M amb M 0 . Recall that M |M 0 means: either evaluate M
or evaluate M 0 . And M amb M 0 means: evaluate both M and M 0 on an arbitrary
fair scheduler, and return whatever answer you get first. We defer the study of
ambiguous choice until Sect. 2.
1
Erratic Choice
Suppose we have a language L containing the following:
– a boolean type bool, equipped with constants t and f, and a conditional
operator if M then N else N 0 at every type
– a natural number type nat, equipped with a constant n for each n ∈ N, and
an equality operator N = N 0
– a term d (short for diverge) at every type
– an erratic choice operator | at every type
The types bool and nat are called ground types. To describe operational
semantics, suppose that we have a function behs[−]
– from the set of closed terms of type bool to P{true, false, ⊥}
– from the set of closed terms of type nat to P(N ∪ {⊥})
satisfying the following equations:
behs[t] = {true}
behs[f] = {false}
behs[n] = {n}
behs[d] = {⊥}
behs[M |N ] = behs[M ] ∪ behs[N ]
behs[if M then N else N 0 ] = {x ∈ behs[N ] | true ∈ behs[M ]}
∪{x ∈ behs[N 0 ] | false ∈ behs[M 0 ]}
∪{⊥ | ⊥ ∈ behs[M ]}
behs[M = N ] = {true | ∃n ∈ N.(n ∈ behs[M ] ∧ n ∈ behs[N ])}
∪{false | ∃m, n ∈ N.(m 6= n ∧ m ∈ behs[M ] ∧ n ∈ behs[N ])}
∪{⊥ | ⊥ ∈ behs[M ] ∨ ⊥ ∈ behs[N ]}
We write vals[N ] for behs[N ] \ {⊥}, and write M ⇑ when ⊥ ∈ behs[M ]. We write
= beh for the kernel of behs[−].
Some reasonable laws for L are shown in Fig. 1, and when we speak of a
“denotational semantics”, we mean one that validates all these laws. (It is not
known whether these laws are complete in any sense.)
Definition 1 If N, N 0 are of type bool, we define N = N 0 to be
½
then (if N 0 then t else f)
if N
else (if N 0 then f else t)
¤
We call the seven closed terms of type bool
{t, f, t|f, d, t|d, f|d, t|f|d}
the basic boolean terms.
Proposition 1 Let . be a precongruence on L whose symmetrization ' satisfies all the laws of Fig. 1. Let Γ ` M, M 0 : B be terms.
1. M |M 0 is . every upper bound of {M, M 0 }, and & every lower bound of
{M, M 0 }.
2. If M . M 0 then M . M |M 0 . M 0 .
3. If M |M 0 is an upper bound of {M, M 0 }, then it is a least upper bound.
4. Dually, if M |M 0 is a lower bound of {M, M 0 }, then it is a greatest lower
bound.
¤
Proof For (1), if P is an upper bound for {M, M 0 }, then M |M 0 . P |P ' P .
The rest follows.
¤
Definition 2 We say that a congruence ' on L is ground-extensional when
N = beh N 0 implies N ' N 0 for closed terms N, N 0 of the same ground type. ¤
Proposition 2 Let . be a precongruence on L whose symmetrization ' satisfies all the laws of Fig. 1.
1. On the basic boolean terms, it takes one of the 20 forms shown in Fig. 2–4.
op
op
2. In cases (1), (8), (8 ), (4), (11), (11 ) we have M |d ' d for all Γ ` M : B.
op
3. In cases (1), (5), (5 ), (3), we have M |d ' M for all Γ ` M : B.
Laws of Erratic Choice [Plo83]
M |M 0
(M |M 0 )|M 00
M |M
' M 0 |M
' M |(M 0 |M 00 )
' M
Laws of Conditionals [Lev04] (Fig. A.8, call-by-name equations)
if t then M else M 0
if f then M else M
if (if N

0
' M
' M0
if N then t else f ' N
ff

then (if N 0 then M else M 0 )
then N 0
0
)
then
M
else
M
'
if
N
00
else (if N 00 then M else M 0 )
else N
if d then M else M 0
if (N |N 0 ) then M else M 0
' d
' (if N then M else M 0 )
|(if N 0 then M else M 0 )
Laws of Equality Testing
c=c ' t
0
' f
d=N
' d
c=c
0
(N |N ) = N
0
00
(if N then N else N ) = N
00
000
(c constant)
(c, c0 distinct constants)
' (N = N 00 )|(N = N 00 )
' if N then (N 0 = N 000 ) else (N 00 = N 000 )
Laws of Commutativity

then (if N 0 then M else M 0 )
if N
else (if N 0 then M 00 else M 000 )
N = N0
' if N 0

then (if N then M else M 00 )
else (if N then M 0 else M 000 )
' N0 = N
Law of Three Boolean Behaviours
(if M then N else N 0 )|N |N 0 |d ' N |N 0 |d
Fig. 1. Laws
op
op
op
op
4. In cases (1), (5), (5 ), (3), (6), (7), (8 ), (9 ), (11 ), (12), we have M |d & M
for all Γ ` M : B.
op
op
op
op
5. Dually, in cases (1), (5), (5 ), (3), (6 ), (7 ), (8), (9), (11), (12 ), we have
M |d . M for all Γ ` M : B.
6. In cases (1),(5),(8), (9), (11), we have d . M for all Γ ` M : B.
op
op
op
op
7. Dually, in cases (1), (5 ), (8 ), (9 ), (11 ), we have d & M for all Γ ` M : B.
8. In case (1), we have M ' M 0 , for all Γ ` M, M 0 : B.
op
9. In cases (1), (5), (6), (8 ), the term M |M 0 is a least upper bound of M and
M 0 , for all Γ ` M, M 0 : B.
op
op
10. Dually, in cases (1), (5 ), (6 ), (8), the term M |M 0 is a greatest lower bound
of M and M 0 , for all Γ ` M, M 0 : B.
op
op
11. In cases (1), (5), (6), (8 ), (11 ), (12), the term M |M 0 |d is a least upper
bound of M and M 0 |d for all Γ ` M, M 0 : B.
op
op
op
12. Dually, in cases (1), (5 ), (6 ), (8), (11), (12 ), the term M |M 0 |d is a greatest lower bound of M and M 0 |d for all Γ ` M, M 0 : B.
op
op
13. In cases (1), (5), (6), (8), (8 ), (11 ), (12), (4), (9), (10), the term M |M 0 |d
is a least upper bound of M |d and M 0 |d for all Γ ` M, M 0 : B.
op
op
op
op
op
op
14. Dually, in cases (1), (5 ), (6 ), (8), (8 ), (11), (12 ), (4), (9 ), (10 ) the
term M |M 0 |d is a greatest lower bound of M |d and M 0 |d for all Γ ` M, M 0 :
B.
15. Suppose ' is ground-extensional. Let N and N 0 be closed terms of the same
ground type. Then N . N iff
(1)
(2)
(3)
(4)
(5)
op
(5 )
(6)
op
(6 )
(7)
op
(7 )
(8)
op
(8 )
(9)
op
(9 )
(10)
op
(10 )
(11)
op
(11 )
(12)
op
(12 )
N ⇑, N 0 ⇑
N ⇑, N 0 6⇑
N 6⇑, N 0 ⇑
N 6⇑, N 0 6⇑
true
true
true
true
vals[N ] = vals[N 0 ]
false
false
vals[N ] = vals[N 0 ]
vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ]
true
false
false
vals[N ] = vals[N 0 ]
0
0
0
vals[N ] ⊆ vals[N ] vals[N ] ⊆ vals[N ] vals[N ] ⊆ vals[N ] vals[N ] ⊆ vals[N 0 ]
vals[N ] ⊇ vals[N 0 ] vals[N ] ⊇ vals[N 0 ] vals[N ] ⊇ vals[N 0 ] vals[N ] ⊇ vals[N 0 ]
vals[N ] ⊆ vals[N 0 ]
false
vals[N ] ⊆ vals[N 0 ] vals[N ] ⊆ vals[N 0 ]
0
0
vals[N ] ⊇ vals[N ] vals[N ] ⊇ vals[N ]
false
vals[N ] ⊇ vals[N 0 ]
0
0
vals[N ] = vals[N ]
false
vals[N ] = vals[N ] vals[N ] = vals[N 0 ]
vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ]
false
vals[N ] = vals[N 0 ]
true
true
false
vals[N ] ⊇ vals[N 0 ]
true
false
true
vals[N ] ⊇ vals[N 0 ]
0
0
vals[N ] ⊆ vals[N ] vals[N ] ⊆ vals[N ]
false
vals[N ] = vals[N 0 ]
0
0
vals[N ] ⊇ vals[N ]
false
vals[N ] ⊇ vals[N ] vals[N ] = vals[N 0 ]
0
vals[N ] ⊆ vals[N ]
false
false
vals[N ] = vals[N 0 ]
0
vals[N ] ⊇ vals[N ]
false
false
vals[N ] = vals[N 0 ]
true
true
false
vals[N ] = vals[N 0 ]
true
false
true
vals[N ] = vals[N 0 ]
0
0
vals[N ] ⊆ vals[N ]
false
vals[N ] ⊆ vals[N ] vals[N ] = vals[N 0 ]
0
0
vals[N ] ⊇ vals[N ] vals[N ] ⊇ vals[N ]
false
vals[N ] = vals[N 0 ]
¤
Proof
(1) Exhaustive analysis shows that these are the only preorders on this set for
which | and if are both monotone.
(2)–(7) Apply if [·] then M else M to the special case where M is t.
(8)–(14) We prove these results, using Prop. 1(3)–(4), by applying the context
if [·] then M else M 0 to the special case where M is t and M 0 is f.
(15: ⇒) We reason as follows.
– Suppose t|f 6. t and N . N 0 and N 6⇑, N 0 6⇑. Then vals[N ] ⊆ vals[N 0 ],
because c ∈ vals[N ] \ vals[N 0 ] would imply
t|f = beh (if (N = c) then f else t)|t
. (if (N 0 = c) then f else t)|t = beh t
Dually, if t|f 6& t and N . N 0 and N 6⇑, N 0 6⇑, then vals[N ] ⊇ vals[N 0 ].
– Suppose t|d 6. t and N . N 0 and N 0 6⇑. Then N 6⇑, because N ⇑ would
imply
t|d = beh (if (N = N ) then t else t)|t
. (if (N 0 = N 0 ) then t else t)|t = beh t
Dually, if t|d 6& t and N . N 0 and N 6⇑, then N 0 6⇑.
– Suppose t|f|d 6. t|d, and N . N 0 . Then vals[N ] ⊆ vals[N 0 ], because
c ∈ vals[N ] \ vals[N 0 ] would imply
t|f|d = beh (if N = c then f|t)|t|d
. (if N 0 = c then f|t)|t|d = beh f|d
Dually, if t|f|d 6& t|d and N . N 0 , then vals[N ] ⊇ vals[N 0 ].
(15: ⇐) We reason as follows. Suppose N ⇑, N 0 ⇑.
– In the cases where Prop. 2(2) holds, we have
N = beh N |d ' d ' N 0 |d= beh N 0
– In the cases where Prop. 2(13) holds, vals[N ] ⊆ vals[N 0 ] implies
N = beh N |d . N |N 0 |d= beh N 0
Dually, if vals[N ] ⊇ vals[N 0 ], then, in the cases where Prop. 2(14) holds,
we have N . N 0 .
– If vals[N ] = vals[N 0 ], then N = beh N 0 so N . N 0 .
Suppose N ⇑, N 0 6⇑.
– In case (1), by Prop. 2(8), we have N . N 0 .
– In the cases where Prop. 2(13) and Prop. 2(5) both hold, vals[N ] ⊆
vals[N 0 ] implies
N = beh N |d . N |N 0 |d= beh N 0 |d . N 0
– In the cases where Prop. 2(12) holds, vals[N ] ⊇ vals[N 0 ] implies
N = beh N |N 0 |d . N 0
– In the cases where Prop. 2(5) holds, vals[N ] = vals[N 0 ] implies
N = beh N 0 |d . N 0
Dually, suppose N 6⇑, N 0 ⇑.
– In case (1), we have N . N 0 .
– In the cases where Prop. 2(14) and Prop. 2(4) both hold, vals[N ] ⊇
vals[N 0 ] implies N . N 0
– In the cases where Prop. 2(11) holds, vals[N ] ⊆ vals[N 0 ] implies N . N 0 .
– In the cases where Prop. 2(4) holds, vals[N ] = vals[N 0 ] implies N . N 0 .
Suppose N 6⇑, N 0 6⇑.
– In case (1), by Prop. 2(8), we have N . N 0 .
– In cases where Prop. 2(9) holds, vals[N ] ⊆ vals[N 0 ] implies
N . N |N 0 = beh N 0
– Dually, in cases where Prop. 2(10) holds, vals[N ] ⊇ vals[N 0 ] implies N .
N 0.
– If vals[N ] = vals[N 0 ] then N = beh N 0 so N . N 0 .
¤
In the cases where Prop. 2(6) applies, we say that . is divergence-least.
Since any congruence is a precongruence, we can specialize Prop. 2 as follows.
Proposition 3 Let ' be a congruence on L satisfying the laws of Fig. 1.
1.
2.
3.
4.
5.
On the basic boolean terms, it takes one of the forms (1), (2), (3), (4).
In cases (1), (4), we have M |d ' d for all Γ ` M : B.
In cases (1), (3), we have M |d ' M for all Γ ` M : B.
In case (1), we have M ' M 0 , for all Γ ` M, M 0 : B.
Suppose ' is ground-extensional, and let N and N 0 be closed terms of the
same ground type. Then N ' N 0 iff
(1)
(2)
(3)
(4)
N ⇑, N 0 ⇑
N ⇑, N 0 6⇑
N 6⇑, N 0 ⇑
N 6⇑, N 0 6⇑
true
true
true
true
vals[N ] = vals[N 0 ]
false
false
vals[N ] = vals[N 0 ]
vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ] vals[N ] = vals[N 0 ]
true
false
false
vals[N ] = vals[N 0 ]
¤
In the cases where Prop. 3(3) applies, we say that ' is divergence-insensitive.
(1)
(2)
t = f = d = t|f = t|d = f|d = t|f|d
t
f
t|f
d
(3)
d
t = t|d
(4)
d = f|d = t|d = t|f|d
f|d
f = f|d
(5)
f
t|f = t|f|d
LLL
LLL
LLL
L
f = f|d
q
qqq
q
q
qq
qqq
d
q d MM
op
MMM
MMM
MMM
q
qqq
q
q
q
qqq
t = t|d
LLL
LLL
LLL
L
f = f|d
r
rrr
r
r
r
rrr
t|f = t|f|d
(6)
t|f|d
DD
z
DD
zz
DD
z
z
DD
z
zz
f|d
t|d
t|f
EE
EE
EE yyy
EE yyy
yyEE
yyEE
yy EEE yyy EEE
y
y
y
t
tE
E
op
(6 )
f
f EE
y
d
d
EE yy
EE yyy
EEyy
EEyy
E
yy EE
yy EEE
y
y
y
y
t|f
t|d
f|d
DD
z
DD
z
DD
zz
DD
zz
zz
t|f|d
(7)
d
t|d
f|d
t|f|d
t
f
t|f
t
f
t|f
t|d
f|d
t|f|d
op
(7 )
d
t|f|d
t|f = t|f|d
t
rr
rrr
r
r
rrr
t = t|d
MMM
MMM
MMM
MM
(5 )
t|d
Fig. 2. The Twenty Precongruences
t|f
(8)
t OOO
OOO
OOO
OOO
OO
t|f
of
ooo
o
o
oo
ooo
o
o
o
d = t|d = f|d = t|f|d
op
(8 )
d = t|d = f|d = t|f|d
t
(9)
o t|f OOOO
OOO
ooo
o
o
OOO
oo
o
OOO
o
o
o
O
o
o
t|f
t
f
f
t|f|d
DD
z
DD
zz
DD
z
DD
zz
z
z
t|d
f|d
EE
EE
yy
y
EE
y
EE
yy
E yyy
d
y d EE
op
(9 )
EE
EE
EE
E
yy
yy
y
y
yy
t|d
DD
DD
DD
DD
f|d
zz
zz
z
z
zz
t|f|d
t
t|f
f
Fig. 3. The Twenty Precongruences (continued)
(10)
t|f|d
DD
z
DD
zz
DD
z
z
DD
z
zz
t|d
f|d
EE
y
EE
y
EE
yy
EE
yy
E yyy
t
f
t|f
t
f
t|f
d
y d EE
op
(10 )
t|d
y
yy
yy
y
yy
EE
EE
EE
E
DD
DD
DD
DD
zz
zz
z
z
zz
f|d
t|f|d
(11)
t|f
t NN
NNN
pp f
NNN
ppp
p
p
NNN
ppp
NN
ppp
d = t|d = f|d = t|f|d
op
(11 )
d = t|d = f|d = t|f|d
t
(12)
op
(12 )
pp
ppp
p
p
ppp
ppp
t|f
NNN
NNN
NNN
NNN
N
f
t|f|d
DD
z
DD
zz
DD
z
z
DD
z
zz
t|d
t|f
f|d
EE
y
EE
y
EE
yy
EE
yy
E yyy
t
t
d
y d EE
f
f
EE
y
EE
yy
EE
yy
y
E
y
y
t|d
t|f
f|d
DD
z
DD
z
DD
zz
DD
zz
zz
t|f|d
Fig. 4. The Twenty Precongruences (continued)
2
Ambiguous Choice
Suppose that L contains an ambiguous choice operator amb—not necessarily at
every type, but at least at type bool, and the function behs[−] has the property
behs[M amb N ] = ((behs[M ] ∪ behs[N ]) \ ⊥)
∪{⊥ | ⊥ ∈ behs[M ] ∧ ⊥ ∈ behs[N ]}
Laws pertaining to this operator are shown in Fig. 5. We can deduce from them
the equation
(M |d) amb (N |d) ' M |N |d
(1)
as follows. The RHS '
(M |N |d) amb (M |N |d)
(2)
We expand both (2) and the LHS of (1) by distributing amb over |, and in each
case we obtain
(M amb N )|M |N |d
All the laws of Fig. 1 and 5 are satisfied by the congruence in [LM99] if the
language treated there is extended with cost-free conditionals. All but the “laws
of commutativity” are satisfied by the congruence in [Las05].
N amb N 0
' N 0 amb N
0
' N amb (N 0 amb N 00 )
(N amb N ) amb N
00
N amb N
' N
c amb c0
' c|c0
d amb N
' N
(c, c0 constants)
(N |N 0 ) amb N 00
' (N amb N 00 )|(N 0 amb N 00 )
(N amb N 0 )|N 00
' (N |N 00 ) amb (N 0 |N 00 )
Fig. 5. Laws of Ambiguous Choice
Proposition 4 Let ' be a congruence on L satisfying all the laws of Fig. 1–5.
Then ' is divergence-insensitive iff
N |N 0 ' N amb N 0
for all Γ ` N, N 0 : B where B is an amb type.
(3)
¤
Proof If ' is divergence-insensitive, then
M amb N ' (M |d) amb (N |d)
' M |N |d
' M |N
Conversely, (3) implies t|d ' t amb d ' t.
¤
Proposition 5 Any divergence-insensitive denotational semantics of the ambfree fragment of L has a unique extension to a denotational semantics of L. It
is obtained by setting [[N amb N 0 ]] to be [[N |N 0 ]].
¤
Proof It is trivial to check the laws for ambiguous choice. Uniqueness follows
from Prop. 4.
¤
Proposition 6 1. Let . be a precongruence on L whose symmetrization .
satisfies all the laws of Fig. 1 and Fig. 5. On the basic boolean terms, it
op
op
op
takes one of the forms (1), (2), (3), (5), (5 ), (6), (6 ), (7), (7 ). Hence if
. is divergence-least, then it is divergence-insensitive.
2. Let ' be a congruence on L satisfying all the laws of Fig. 1 and 5. On the
basic boolean terms, it takes one of the forms (1), (2), (3).
¤
Proof These are the only cases for which amb is monotone.
¤
If L contains recursion, then, for any semantics that interprets recursion as a
least fixpoint, the induced precongruence will be divergence-least. In a call-byname language, for example, diverge can be expressed as µx.x, so it denotes
the least fixpoint of the identity function. Therefore, Prop. 6(1) shows that there
cannot be a least fixpoint semantics that is divergence-sensitive.
References
[Las05] S. B. Lassen. Normal form simulation for McCarthy’s amb. In Proceedings, 21st
Annual Conference on Mathematical Foundations of Programming Semantics,
2005. to appear in ENTCS.
[Lev04] P. B. Levy. Call-By-Push-Value. A Functional/Imperative Synthesis. Semantic
Structures in Computation. Springer, 2004.
[LM99] Soren B. Lassen and Andrew K. Moran. Unique fixed point induction for McCarthy’s amb. In Proceedings of the 24th International Symposium on Mathematical Foundations of Computer Science, volume 1672 of ”LNCS”, pages
198–208. Springer, 1999.
[Plo83] G. Plotkin. Domains. prepared by Y. Kashiwagi, H. Kondoh and T. Hagino.,
1983.

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz