type safety kangwon national university 임현승 programming languages

34
Type Safety Kangwon National University 임임임 Programming Languages

Upload: abraham-randall

Post on 03-Jan-2016

217 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Type Safety Kangwon National University 임현승 Programming Languages

Type Safety

Kangwon National University

임현승

Programming Languages

Page 2: Type Safety Kangwon National University 임현승 Programming Languages

2

Abstract Syntax

Page 3: Type Safety Kangwon National University 임현승 Programming Languages

3

Operational Semantics

Page 4: Type Safety Kangwon National University 임현승 Programming Languages

4

Reduction Rules for Booleans

Page 5: Type Safety Kangwon National University 임현승 Programming Languages

5

Typing Rules

Page 6: Type Safety Kangwon National University 임현승 Programming Languages

6

Typing Rules for Booleans

Page 7: Type Safety Kangwon National University 임현승 Programming Languages

7

Type Safety• Slogan

"well-typed expressions never go wrong"

• Two theorems– Type preservation:

"A well-typed expression reduces to another expression of the same type."

– Progress:"A well-typed expression does not get stuck: either it is a value or

reduces to another expression."

Page 8: Type Safety Kangwon National University 임현승 Programming Languages

8

Type Preservation + Progress• A well-typed expression e:

– If it is a value, we are finished.– If it is not,

• it reduces to another e' [Progress]• e' has the same type as e. [Type

preservation]

Page 9: Type Safety Kangwon National University 임현승 Programming Languages

Inductive Proof Recap

9

Page 10: Type Safety Kangwon National University 임현승 Programming Languages

Inductive Definition• A technique of defining a set by specifying an

element of the set using another element.• Needs a base case.• Starting from the base elements, builds more

elements.– E.g.,

• Recursively defined data structures such as lists and trees can be seen also inductively defined.– E.g., type ‘a list = Nil | Cons of ‘a * ‘a list

10

Page 11: Type Safety Kangwon National University 임현승 Programming Languages

Inductive Proof• A method of proving properties of recursive functions

defined on inductively (or recursively) defined data structures.

• Apply natural (or structural) induction on the argument of the function

# let rec fact n = if n = 0 then 1

else n * fact (n – 1)

# let rec pow2 n = if n = 0 then 1

else 2 * pow2 (n – 1)

• Prove fact n >= pow2 n when n >= 4!

11

Page 12: Type Safety Kangwon National University 임현승 Programming Languages

Proof of fact n >= pow2 n• By mathematical induction on n• Base case: n = 4

fact 4 >= pow2 4 by simple calculation

• Inductive case: n = (k + 1)

fact (k + 1)

= (k + 1) * fact k by definition of fact

>= (k + 1) * pow2 k by induction hypothesis

> 2 * pow2 k by simple calculation

= pow2 (k + 1) by definition of pow2

12

Page 13: Type Safety Kangwon National University 임현승 Programming Languages

Proof by Structural Inductionlet rec concat xs ys = match xs with | [] -> ys | z :: zs -> z :: (concat zs ys)

•We obtain the following equations:Nil ++ ys = ys

(x :: xs) ++ ys = x :: (xs ++ ys)

•Prove the identity of Nil and associativity of ++:xs ++ Nil = xsNil ++ xs = xs

(xs ++ ys) ++ zs = xs ++ (ys ++ zs)

•Can be proved by structural induction on xs 13

Page 14: Type Safety Kangwon National University 임현승 Programming Languages

Proof of xs ++ Nil = xs• By structural induction on xs• Base case: xs = Nil

Nil ++ Nil = Nil by definition of ++

• Inductive case: xs = z :: zs

(z :: zs) ++ Nil

= z :: (zs ++ Nil) by definition of ++

= z :: zs by induction hypothesis

14

Page 15: Type Safety Kangwon National University 임현승 Programming Languages

(xs ++ ys) ++ zs = xs ++ (ys ++ zs)

• By structural induction on xs• Base case: xs = Nil

LHS:

(Nil ++ ys) ++ zs

= (ys) ++ zs by definition of ++

RHS:

Nil ++ (ys ++ zs)

= (ys ++ zs) by definition of ++

15

Page 16: Type Safety Kangwon National University 임현승 Programming Languages

Inductive Case: xs = v :: vs• We can use induction hypothesis on vs• LHS:

((v :: vs) ++ ys) ++ zs

= (v :: (vs ++ ys)) ++ zs by definition of ++

= v :: ((vs ++ ys) ++ zs) by definition of ++

= v :: (vs ++ (ys ++ zs)) by IH

= (v :: vs) ++ (ys ++ zs) by definition of ++

: RHS• This inductive reasoning can also be applied to

judgments and inference rules as they also define a set in an inductive manner.

16

Page 17: Type Safety Kangwon National University 임현승 Programming Languages

Back to the Type Safety

17

Page 18: Type Safety Kangwon National University 임현승 Programming Languages

18

Type Safety• Type preservation

• Progress

Page 19: Type Safety Kangwon National University 임현승 Programming Languages

19

Page 20: Type Safety Kangwon National University 임현승 Programming Languages

20

Page 21: Type Safety Kangwon National University 임현승 Programming Languages

21

Page 22: Type Safety Kangwon National University 임현승 Programming Languages

22

Page 23: Type Safety Kangwon National University 임현승 Programming Languages

23

Page 24: Type Safety Kangwon National University 임현승 Programming Languages

24

Page 25: Type Safety Kangwon National University 임현승 Programming Languages

25

Canonical Forms Lemma• Required by the proof of the progress theorem

Page 26: Type Safety Kangwon National University 임현승 Programming Languages

"How" is boring.But "what" is not boring.

Page 27: Type Safety Kangwon National University 임현승 Programming Languages

27

Type Preservation

• Apply rule induction to:

Page 28: Type Safety Kangwon National University 임현승 Programming Languages

28

Which case first?

Page 29: Type Safety Kangwon National University 임현승 Programming Languages

29

Some theorem to prove• Case the easiest • ...• Case easy• ...• Case difficult• ...• Case the most difficult

Which case first?

Page 30: Type Safety Kangwon National University 임현승 Programming Languages

30

Some theorem to refute• Case the easiest• ...• Case easy• ...• Case difficult• ...• Case the most difficult

Which case first?

Page 31: Type Safety Kangwon National University 임현승 Programming Languages

31

So the most difficult case App first!

Page 32: Type Safety Kangwon National University 임현승 Programming Languages

32

Page 33: Type Safety Kangwon National University 임현승 Programming Languages

33

Substitution Lemma

• Apply rule induction to

Page 34: Type Safety Kangwon National University 임현승 Programming Languages

Why ? •

– analyzes the structure of , not .– searches for every occurrence of variable in

only to replace it by .– thus, does not need to know the structure of .

• Proof of substitution lemma – By rule induction on – Proof can be found in Section 4.4.2 of POSTECH

PL Course Notes.34