[Faculty of Science Information and Computing Sciences] Lecture 11. Laws and induction Functional Programming 0
[Faculty of Science Information and Computing Sciences] What does it mean for programs to be equal/equivalent? 1
[Faculty of Science Information and Computing Sciences] Goals ▶ Equational reasoning: proving program equalities ▶ Reasoning principles at various types: ▶ inductive proofs at algebraic data types; ▶ extensional equality at function types. Chapter 16 (up to 16.6) from Hutton’s book 2
[Faculty of Science Information and Computing Sciences] Laws 3
[Faculty of Science Information and Computing Sciences] Mathematical laws ▶ Mathematical functions do not depend on hidden, changeable values ▶ 2 + 3 = 5 , both in 4 × (2 + 3) and in (2 + 3) 2 ▶ This allows us to more easily prove properties that operators and functions might have ▶ These properties are called laws 4
[Faculty of Science Sciences] Information and Computing Examples of laws for integers + commutes x + y = y + x × commutes x × y = y × x + is associative x + ( y + z ) = ( x + y ) + z × distributes over + x × ( y + z ) = x × y + x × z 0 is the unit of + x + 0 = x = 0 + x 1 is the unit of × x × 1 = x = 1 × x 5
Mathematical laws can help improve performance That two expressions always have the same value does not mean that computing their value takes the same amount of time or memory Replace a more expensive version with one that is cheaper to compute We can also prove properties to show that they correctly implement what we intended In short, performance and correctness [Faculty of Science Information and Computing Sciences] Putting laws to good use Why care about program equivalences? 6
We can also prove properties to show that they correctly implement what we intended In short, performance and correctness [Faculty of Science Information and Computing Sciences] Putting laws to good use Why care about program equivalences? ▶ Mathematical laws can help improve performance ▶ That two expressions always have the same value does not mean that computing their value takes the same amount of time or memory ▶ Replace a more expensive version with one that is cheaper to compute 6
In short, performance and correctness [Faculty of Science Information and Computing Sciences] Putting laws to good use Why care about program equivalences? ▶ Mathematical laws can help improve performance ▶ That two expressions always have the same value does not mean that computing their value takes the same amount of time or memory ▶ Replace a more expensive version with one that is cheaper to compute ▶ We can also prove properties to show that they correctly implement what we intended 6
[Faculty of Science Information and Computing Sciences] Putting laws to good use Why care about program equivalences? ▶ Mathematical laws can help improve performance ▶ That two expressions always have the same value does not mean that computing their value takes the same amount of time or memory ▶ Replace a more expensive version with one that is cheaper to compute ▶ We can also prove properties to show that they correctly implement what we intended In short, performance and correctness 6
[Faculty of Science (a × (a + b)) + (b × (a + b)) = -- definition of square and (2 ×) a × a + (a × b + a × b) + b × b = -- commutativity of × a × a + (a × b + b × a) + b × b = -- associativity of + = (a × a + a × b) + (b × a + b × b) = -- distributivity, twice = -- commutativity of × Information and Computing ((a + b) × a) + ((a + b) × b) = -- distributivity (a + b) × (a + b) = -- definition of square (a + b)² Sciences] a² + 2 × a × b + b² Equational reasoning by example 7
[Faculty of Science Information and Computing Sciences] Each theory has its laws ▶ We have seen laws that deal with arithmetic operators ▶ During courses in logic you have seen similar laws for logic operators commutativity of ∧ x ∧ y = y ∧ x associativity of ∧ x ∧ ( y ∧ z ) = ( x ∧ y ) ∧ z distributitivy of ∧ over x ∧ ( y ∨ z ) = ( x ∧ y ) ∨ ( x ∧ z ) ∨ De Morgan’s law ¬ ( x ∧ y ) = ¬ x ∨ ¬ y Howard’s law ( x ∧ y ) → z = x → ( y → z ) 8
[Faculty of Science = -- De Morgan's law ¬a → (¬b → (¬c → ¬d)) = -- Howard's law (¬a /\ ¬b) → (¬c → ¬d) = -- Howard's law Information and Computing ((¬a /\ ¬b) /\ ¬c) → ¬d (¬(a \/ b) /\ ¬c) → ¬d = -- De Morgan's law ¬((a \/ b) \/ c) → ¬d Sciences] A small proof in logic ▶ Proofs feel mechanical ▶ You apply the “rules” implicit in the laws ▶ Possibly even without understanding what ∧ and ∨ do ▶ Always provide a hint why each equivalence holds! 9
This allows us to prove equivalences as above And use these to improve performance Any = defjnition can be viewed in two ways double x = x + x 1. The defjnition of a function 2. A property that can be used when reasoning Replace double x by x + x and viceversa, for any x NB: by contrast, <- “assignments” in do -blocks are not referentially transparent! Sciences] Information and Computing [Faculty of Science Back to Haskell ▶ Haskell is referentially transparent ▶ Calling a function twice with the same parameter is guaranteed to give the same result 10
Any = defjnition can be viewed in two ways double x = x + x 1. The defjnition of a function 2. A property that can be used when reasoning Replace double x by x + x and viceversa, for any x NB: by contrast, <- “assignments” in do -blocks are not referentially transparent! [Faculty of Science Information and Computing Sciences] Back to Haskell ▶ Haskell is referentially transparent ▶ Calling a function twice with the same parameter is guaranteed to give the same result ▶ This allows us to prove equivalences as above ▶ And use these to improve performance 10
NB: by contrast, <- “assignments” in do -blocks are not referentially transparent! Information and Computing [Faculty of Science Sciences] Back to Haskell ▶ Haskell is referentially transparent ▶ Calling a function twice with the same parameter is guaranteed to give the same result ▶ This allows us to prove equivalences as above ▶ And use these to improve performance ▶ Any = defjnition can be viewed in two ways double x = x + x 1. The defjnition of a function 2. A property that can be used when reasoning ▶ Replace double x by x + x and viceversa, for any x 10
[Faculty of Science Sciences] Information and Computing Back to Haskell ▶ Haskell is referentially transparent ▶ Calling a function twice with the same parameter is guaranteed to give the same result ▶ This allows us to prove equivalences as above ▶ And use these to improve performance ▶ Any = defjnition can be viewed in two ways double x = x + x 1. The defjnition of a function 2. A property that can be used when reasoning ▶ Replace double x by x + x and viceversa, for any x ▶ NB: by contrast, <- “assignments” in do -blocks are not referentially transparent! 10
The right-hand side is more performant that the left-hand side, in general Two traversals are combined into one [Faculty of Science Information and Computing Sciences] (map f . map g) xs = map (f . g) xs A fjrst example For all compatible functions f and g , and lists xs This is not a defjnition, but a property/law ▶ The law can be shown to hold for the usual defjnitions of map and (.) 11
[Faculty of Science Information and Computing Sciences] (map f . map g) xs = map (f . g) xs A fjrst example For all compatible functions f and g , and lists xs This is not a defjnition, but a property/law ▶ The law can be shown to hold for the usual defjnitions of map and (.) The right-hand side is more performant that the left-hand side, in general ▶ Two traversals are combined into one 11
But due to side-efgects in these languages, you have to be really careful when to apply them What could prevent us from merging the loops? [Faculty of Science Information and Computing Sciences] foreach (var elt in list) { stats1 } foreach (var elt in list) { stats2 } = foreach (var elt in list) { stats1 ; stats2 } Relation to imperative languages The law map (f . g) = map f . map g is similar to the merging of subsequent loops 12
[Faculty of Science Information and Computing Sciences] foreach (var elt in list) { stats1 } foreach (var elt in list) { stats2 } = foreach (var elt in list) { stats1 ; stats2 } Relation to imperative languages The law map (f . g) = map f . map g is similar to the merging of subsequent loops But due to side-efgects in these languages, you have to be really careful when to apply them ▶ What could prevent us from merging the loops? 12
2. map f distributes over (++) Validates executing a large map on difgerent cores There is a generalization to lists of lists 3. map distributes over composition [Faculty of Science Information and Computing Sciences] map f (xs ++ ys) = map f xs ++ map f ys map f . concat = concat . map (map f) map (f . g) = map f . map g A few important laws 1. Function composition is associative f . (g . h) = (f . g) . h 13
Recommend
More recommend
