The Theory of Interacting Deductions and its Application to Operational Semantics
Andrew Wilson
Doctor of Philosophy University of Edinburgh 1996
Ti In memory of my father who died after a courageous struggle with a long illness, and to my mother who struggled with him. You taught me faith, hope, love and perseverence, thank you. 11
Not a single truth has ever been discovered without people first talking utter rot a hundred times or perhaps a hundred thousand times. - Razumikhin, in Dostoyevsky's "Crime and Punishment". 111
Abstract
This thesis concerns the problem of complexity in operational semantics def- initions. The appeal of modern operational semantics is the simplicity of their metatheories, which can be regarded as theories of deduction about certain shapes of operational judgments. However, when applied to real programming languages they produce bulky definitions that are cumbersome to reason about. The the- ory of interacting deductions is a richer metatheory which simplifies operational judgments and admits new proof techniques.
An interacting deduction is a pair (F, I), where F is a forest of inference trees and I is a set of interaction links (a symmetric set of pairs of formula occurrences of F), which has been built from interacting inference rules (sequences of standard inference rules, or rule atoms). This setting allows one to decompose operational judgments. For instance, for a simple imperative language, one rule atom might concern a program transition, and another a store transition. Program judgments only interact with store judgments when necessary: so stores do not have to be propagated by every inference rule. A deduction in such a semantics would have two inference trees: one for programs and one for stores.
This introduces a natural notion of modularity in proofs about semantics The proof fragmentation theorem shows that one need only consider the rule atoms relevant to the property being proved. To illustrate, I give the semantics for a simple process calculus, compare it with standard semantics and prove three simple properties: nondivergence, store correctness and an equivalence between the two semantics.
Typically evaluation semantics provide simpler definitions and proofs than transition semantics. However, it turns out that evaluation semantics cannot be easily expressed using interacting deductions: they require a notion of sequential- ity. The sequential deductions contain this extra structure. I compare the utility lv of evaluation and transition semantics in the interacting case by proving a simple translation correctness example. This proof in turn depends on proof-theoretic concerns which can be abstracted using dangling interactions. This gives rise to the techniques of breaking and assembling interaction links. Again I get the proof fragmentation theorem, and also the proof assembly theorem, which allow respec- tively both the isolation and composition of modules in proofs about semantics. For illustration, I prove a simple type-checking result (in evaluation semantics) and another nondivergence result (in transition semantics).
I apply these results to a bigger language, CSP, to show how the results scale up. Introducing a special scoping side-condition permits a number of linguistic extensions including nested parallelism, mutual exclusion, dynamic process cre- ation and recursive procedures. Then, as an experiment I apply the theory of interacting deductions to present and prove sound a compositional proof system for the partial correctness of CSP programs.
Finally, I show that a deduction corresponds to CCS-like process evaluation, justifying philosophically my use of the theory to give operational semantics. A simple corollary is the undecidability of interacting-deducibility. Practically, the result also indicates how one can build prototype interpreters for definitions. V
Acknowledgments
First and foremost, a big thank you to my supervisor Kevin Mitchell for his painstaking help and advice. Thanks are also due to Gordon Plotkin, Bob Tennant, Robin Milner and Cohn Stirling who have variously belonged to my supervision committee, and given helpful suggestions.
Thanks are also due to my officemates Pietro Cenciarelli and Alex Simpson, and to my flatmate Julyan Elbro for their friendship and their comments on early drafts. Thanks also to Saif, Pietro and Alex for making my office days very pleasant, and similarly to Dave Aspinall and all my friends in the LFCS.
Thanks to the Science and Engineering Research Council (now EPSRC) for funding the first three years of my thesis. Thanks also to my mum and the Department of Computer Science which allowed me to scrape a living teaching after the three years had expired.
Finally, I could not have survived a project of this magnitude without the support and care of my family and my friends, of which I have too many to acknowledge by name individually. You know who you are. But especial thanks to my closest friends, Andrew, Douglas and David, and to my flatmates Dave, Julyan, Doug and Dan who put up with the bad times. Thanks also to the members of Mayfield- Salisbury church, and especially the three families who over the years all but adopted me: the Jamiesons, the Simpsons and the Vandersteens. Thanks also to Lt. Heather Chambers and the boys of the 3rd Edinburgh Company, The Boys' Brigade who boosted my flagging spirits during those long depressing months. Finally, thanks to my TEAM co-leader Helen Hopwood who made running TEAM much less stressful than it should have been. LI
Table of Contents
Definining Programming Languages 1
Interacting Deductions 18
2.1 Preliminaries ...... 20
2.2 Interacting deductions ...... 22
2.2.1 Examples ...... 24
2.2.2 I-deductions have no dependency loops ...... 25
2.2.3 DLF helps characterize the I-deductions ...... 27
2.3 An Example ...... 31
2.3.1 Comparative Semantics ...... 32
2.3.2 Extending the semantics ...... 35
2.3.3 Reasoning about semantics ...... 37
2.4 Fragments of deductions ...... 38
2.5 Examples ...... 41
2.5.1 Extending a nondivergence proof ...... 42
2.5.2 A modular proof about stores ...... 45
2.5.3 An equivalence theorem ...... 47
2.6 Chapter summary ...... 52
vii Table of Contents
Evaluation Semantics and Sequential Deductions 53
3.1 Sequential composition in evaluation semantics ...... 56
3.1.1 Cutting intermediate states ...... 56
3.1.2 Control stacks (or continuations) ...... 59
3.1.3 Coding ...... 63
3.1.4 Conventions ...... 63
3.1.5 Solution ...... 64
3.2 Sequential deductions ...... 66
3.2.1 Examples ...... 69
3.2.2 QI-deductions have no sequencing loops ...... 70
3.2.3 SLF helps characterize the QI-deductions ...... 72
3.2.4 Coding QI-deduction into I-deduction ...... 74
3.3 An evaluation QI-semantics for P(;) ...... 75
3.4 An example: translation correctness ...... 78
3.4.1 The translation ...... 79
3.4.2 The transition semantics proof of correctness ...... 80
3.4.3 Tree Pruning and partial deductions ...... 83
3.4.4 The evaluation semantics proof of correctness ...... 84
3.4.5 Appraisal (equivalence, nondeterminism, nontermination) . 89
3.5 Chapter Summary ...... 93