Towards a General Theory of Local Actions Hongseok Yang Seoul National University Peter O’Hearn Queen Mary, University of London

Programming Language Semantics “Semantics is a strange kind of applied mathematics; it seeks profound definitions rather than difficult theorems. The mathematical concepts which are relevant are immediately relevant. Without any long chains of reasoning, the application of such concepts directly reveals regularity in linguistic behavior, and strengthens and objectifies our intuitions of simplicity and uniformity.” John C. Reynolds (1980)

Modeling Locality Two extreme views on commands: 1. Comm = States ! p States 2. Comm = language-definable fns on States Both definitions are bad; they do not reveal any regularity of programs. In this talk, we define a semantics of Comm that models how commands use memory resources. 1. The execution of a command depends on what it accesses. 2. For each execution of a command, we can identify which locations are accessed. The goal of this talk is to experience what it is like to do a research on semantics.

Overview 1. Partial Commutative Monoid 2. Safety Monotonicity 3. Frame Property 4. Miminum Resource Property 5. Finite Resource Property 6. Conclusion

Partial Commutative Monoid (PCM) (M, *, e) is a PCM iff * is a partial binary operator on M such that 1. * is commutative: m*n = n*m; 2. * is associative: m*(n*p) = (m*n)*p; 3. e is the unit of *: m*e = e*m = m. Intuition: Each m in M denotes a resource. * combines two compatible resources. e means the empty resource. States = (Nat ! p Nat, ],{}) is a PCM.

Deterministic Action A deterministic action t on (M,*,e) is a partial function from M to M. The undefinedness of t indicates the “resource-shortage” error. t(m) is not defined iff t(m) needs an unavailable resource during the execution. (m,t) is called safe iff t(m) is defined. Examples: 1. set10at2 = m. if (2 2 dom(m)) (m[2 ! 10]) undef 2. only2 = m. if ({2}=dom(m)) m undef 3. have2or3 = m. if (2 2 dom(m) or 3 2 dom(m)) m undef 4. reset = m. l. if (l 2 dom(m)) 0 undef Nat 5. haveAllOdd = m. if (OddNum µ dom(m)) m undef

Feasibility Question Which of the following cannot be implemented? Why not? 1. set10at2 = m. if (2 2 dom(m)) (m[2 ! 10]) undef 2. only2 = m. if ({2}=dom(m)) m undef 3. check2or3 = m. if (2 2 dom(m) or 3 2 dom(m)) m undef 4. reset = m. l. if (l 2 dom(m)) 0 undef Nat 5. haveAllOdd = m. if (oddNum µ dom(m)) m undef

Safety Monotonicity Safety monotonicity: if (m,t) is safe and m#n, then (m*n,t) is also safe. Intuition: If m has already all the resources that t accesses, the so does m*n. Quiz: Which of the following violates this condition? (1) set10at2 (2) only2 (3) have2or3 (4) reset (5) haveAllOdd

Frame Property Frame property: if (m,t) is safe and m#n, then t(m)*n = t(m*n). Intuition: The behavior of t is determined by what t accesses. Quiz: Which of the following does not satisfy frame property? (1) set10at2 (2)check2or3 (3)reset (4)haveAllOdd

Minimum Resource Property Resource order: m v n iff there is some m’ such that m*m’ = n. Minimum resource property: if (m,t) is safe, then there exists m 0 such that 1. (m 0,t) is safe, and m 0 v m; and 2. if (m 1,t) is safe, and m 1 v m, then m 0 v m 1. Quiz: What does MRP mean? Quiz: Which of the following violates the minimum resource property? (1) set2at10 (2) check2or3 (3) haveAllOdd

Finite Element A resource m is finite iff for all chains {m i } i in M with resource order, if t {m i } i exists and t {m i } i w m, then there exists some m i such that m i w m. Quiz: Which elements in States are finite?

Finite Resource Property Finite resource property: if (m,t) is safe, then there exists m 0 such that 1. m 0 is finite; 2. (m 0,t) is safe; and 3. m 0 v m. Quiz: What violates the finite resource property? (1) set2at10 (2) haveAllOdd

Semantics of Comm Comm = {t:States ! p States | t satisfies safety monotonicity, frame property, minimum resource property, finite resource property } THEOREM: All the language-definable commands satisfy all four locality conditions, so that they are in Comm.

Frame Rule THEOREM: A deterministic action t satisfies the frame rule iff it satisfies the frame property and the safety monotonicity. The frame rule is not sound for reset and only2. {1  1}reset{1  0} {(1  1)*(2  1)}reset{(1  0)*(2  1)} {2  -}only2{true} {(2  -)*(3  -)}only2{true*(3  -)}

Conclusion We defined locality conditions that describe how language-definable functions use resources. This new resource-oriented view on functions is crucial to have the frame rule, and its higher- order extensions. Current research issues: 1. How to handle higher-order functions? 2. Can we explain locality conditions with existing notions in the domain theory? 3. Can we solve recursive “domain” equations that involve the “local” function space?