recall for free
play

Recall for free: preorder - respecting state monads in Danel Ahman - PowerPoint PPT Presentation

May 21, 2023 •243 likes •1.47k views

Recall for free: preorder - respecting state monads in Danel Ahman LFCS, University of Edinburgh (joint work with Aseem Rastogi and Nikhil Swamy) EUTypes WG Meeting in Lisbon 5 October 2016 An effectful dependently-typed functional

  1. get and put val get : #rel:preorder state → PST rel state ( fun _ → True) ( fun s 0 s s 1 → s 0 = s ∧ s = s 1 )

  2. get and put pre and post are exactly as for STATE and ST val get : #rel:preorder state → PST rel state ( fun _ → True) ( fun s 0 s s 1 → s 0 = s ∧ s = s 1 )

  3. get and put pre and post are exactly as for STATE and ST val get : #rel:preorder state → PST rel state ( fun _ → True) ( fun s 0 s s 1 → s 0 = s ∧ s = s 1 ) val put : #rel:preorder state → x:state → PST rel unit ( fun s 0 → rel s 0 x) ( fun _ _ s 1 → s 1 = x)

  4. get and put pre and post are exactly as for STATE and ST val get : #rel:preorder state → PST rel state ( fun _ → True) ( fun s 0 s s 1 → s 0 = s ∧ s = s 1 ) the change wrt. STATE and ST val put : #rel:preorder state val put : #rel:preorder state → x:state → x:state → PST rel unit ( fun s 0 → rel s 0 x) → PST rel unit ( fun s 0 → rel s 0 x) ( fun _ _ s 1 → s 1 = x) ( fun _ _ s 1 → s 1 = x)

  5. ■ - modality in

  6. ■ - modality in We introduce an uninterpreted function symbol val ■ : #rel:preorder state → p:stable_p rel → Type 0

  7. ■ - modality in We introduce an uninterpreted function symbol val ■ : #rel:preorder state → p:stable_p rel → Type 0 We assume logical axioms, e.g., functoriality: forall p p' . ( forall s . p s ⇒ p' s) ⇒ ( ■ p ⇒ ■ p')

  8. ■ - modality in We introduce an uninterpreted function symbol val ■ : #rel:preorder state → p:stable_p rel → Type 0 We assume logical axioms, e.g., functoriality: forall p p' . ( forall s . p s ⇒ p' s) ⇒ ( ■ p ⇒ ■ p') Two readings of ■ p 
 p held at some past state of an PSTATE computation p holds at all states reachable from the current with PSTATE

  9. witness and recall

  10. witness and recall val witness : #rel:preorder state → p:stable_p rel → PST rel unit ( fun s 0 → p s 0 ) ■ p) ( fun s 0 _ s 1 → s 0 = s 1 ∧

  11. witness and recall val witness : #rel:preorder state → p:stable_p rel → PST rel unit ( fun s 0 → p s 0 ) ■ p) ( fun s 0 _ s 1 → s 0 = s 1 ∧ val recall : #rel:preorder state → p:stable_p rel → PST rel unit ( fun _ → ■ p ) p s 1 ) ( fun s 0 _ s 1 → s 0 = s 1 ∧

  12. Examples

  13. Examples

  14. Examples • Recalling that allocated references remain allocated • using FStar.Heap.heap (need a source of freshness for alloc ) � using our own heap type (source of freshness built into the heap)

  15. Examples • Recalling that allocated references remain allocated • using FStar.Heap.heap (need a source of freshness for alloc ) � using our own heap type (source of freshness built into the heap) • Immutable references and other preorders

  16. Examples • Recalling that allocated references remain allocated • using FStar.Heap.heap (need a source of freshness for alloc ) � using our own heap type (source of freshness built into the heap) • Immutable references and other preorders • Monotonic references

  17. Examples • Recalling that allocated references remain allocated • using FStar.Heap.heap (need a source of freshness for alloc ) � using our own heap type (source of freshness built into the heap) • Immutable references and other preorders • Monotonic references � Temporarily ignoring the constraint on put via snapshots

  18. Our heap and ref types

  19. Our heap and ref types The heap and ref types let heap = h:(nat * (nat → option (a:Type 0 & a))) { ... } let ref a = nat

  20. Our heap and ref types freshness counter The heap and ref types The heap and ref types let heap = h:(nat * (nat → option (a:Type 0 & a))) let heap = h:(nat * (nat → option (a:Type 0 & a))) { ... } { ... } let ref a = nat let ref a = nat

  21. Our heap and ref types freshness counter The heap and ref types The heap and ref types let heap = h:(nat * (nat → option (a:Type 0 & a))) let heap = h:(nat * (nat → option (a:Type 0 & a))) { ... } { ... } let ref a = nat let ref a = nat We can define sel and upd and gen_fresh operations

  22. Our heap and ref types freshness counter The heap and ref types The heap and ref types let heap = h:(nat * (nat → option (a:Type 0 & a))) let heap = h:(nat * (nat → option (a:Type 0 & a))) { ... } { ... } both ops. have (r ∈ h) let ref a = nat let ref a = nat refinements on references We can define sel and upd and gen_fresh operations

  23. Our heap and ref types freshness counter The heap and ref types The heap and ref types let heap = h:(nat * (nat → option (a:Type 0 & a))) let heap = h:(nat * (nat → option (a:Type 0 & a))) { ... } { ... } both ops. have (r ∈ h) let ref a = nat let ref a = nat refinements on references We can define sel and upd and gen_fresh operations and prove expected properties, e.g.: r <> r' ⇒ sel (upd h r x) r' = sel h r'

  24. Our heap and ref types freshness counter The heap and ref types The heap and ref types let heap = h:(nat * (nat → option (a:Type 0 & a))) let heap = h:(nat * (nat → option (a:Type 0 & a))) { ... } { ... } both ops. have (r ∈ h) let ref a = nat let ref a = nat refinements on references Goal: use this heap as drop-in replacement for F * 's heap We can define sel and upd and gen_fresh operations (but in F*'s heap , sel and upd don't have (r ∈ h) refinements) and prove expected properties, e.g.: • change the type of refs. to ( let ref a = nat * a) r <> r' ⇒ sel (upd h r x) r' = sel h r' • make use of the presence LEM in WPs for checking (r ∈ h)

  25. Allocated references example

  26. Allocated references example The type of refs. and preorder for recalling allocation let ref a = r:(Heap.ref a){ ■ ( fun h → r ∈ h) } let rel h 0 h 1 = forall a r . r ∈ h 0 ⇒ r ∈ h 1 AllocST a pre post = PST rel a pre post

  27. Allocated references example The type of refs. and preorder for recalling allocation let ref a = r:(Heap.ref a){ ■ ( fun h → r ∈ h) } let rel h 0 h 1 = forall a r . r ∈ h 0 ⇒ r ∈ h 1 AllocST a pre post = PST rel a pre post AllocST operations crucially use witness and recall , e.g., let read #a (r:ref a) = let h = get () in recall ( fun h → r ∈ h) ; sel h r

  28. Snapshots

  29. Snapshots We first define snaphsot-capable state as let s_state state = state * option state

  30. Snapshots We first define snaphsot-capable state as let s_state state = state * option state The snaphsot-capable preorder is indexed by rel on state let s_rel (rel:preorder state) s 0 s 1 = match (snd s 0 ) (snd s 1 ) with | None None ⇒ rel (fst s 0 ) (fst s 1 ) | None (Some s) ⇒ rel (fst s 0 ) s | (Some s) None ⇒ rel s (fst s 1 ) | (Some s 0 ') (Some s 1 ') ⇒ rel s 0 ' s 1 '

  31. Snapshots We first define snaphsot-capable state as let s_state state = state * option state The snaphsot-capable preorder is indexed by rel on state let s_rel (rel:preorder state) s 0 s 1 = match (snd s 0 ) (snd s 1 ) with | None None ⇒ rel (fst s 0 ) (fst s 1 ) | None (Some s) ⇒ rel (fst s 0 ) s | (Some s) None ⇒ rel s (fst s 1 ) | (Some s 0 ') (Some s 1 ') ⇒ rel s 0 ' s 1 '

  32. Snapshots We first define snaphsot-capable state as let s_state state = state * option state The snaphsot-capable preorder is indexed by rel on state let s_rel (rel:preorder state) s 0 s 1 = match (snd s 0 ) (snd s 1 ) with | None None ⇒ rel (fst s 0 ) (fst s 1 ) | None (Some s) ⇒ rel (fst s 0 ) s | (Some s) None ⇒ rel s (fst s 1 ) | (Some s 0 ') (Some s 1 ') ⇒ rel s 0 ' s 1 '

  33. Snapshots We first define snaphsot-capable state as let s_state state = state * option state The snaphsot-capable preorder is indexed by rel on state let s_rel (rel:preorder state) s 0 s 1 = match (snd s 0 ) (snd s 1 ) with | None None ⇒ rel (fst s 0 ) (fst s 1 ) | None (Some s) ⇒ rel (fst s 0 ) s | (Some s) None ⇒ rel s (fst s 1 ) | (Some s 0 ') (Some s 1 ') ⇒ rel s 0 ' s 1 '

  34. Snapshots We first define snaphsot-capable state as let s_state state = state * option state The snaphsot-capable preorder is indexed by rel on state let s_rel (rel:preorder state) s 0 s 1 = match (snd s 0 ) (snd s 1 ) with | None None ⇒ rel (fst s 0 ) (fst s 1 ) | None (Some s) ⇒ rel (fst s 0 ) s | (Some s) None ⇒ rel s (fst s 1 ) | (Some s 0 ') (Some s 1 ') ⇒ rel s 0 ' s 1 '

  35. read and write

  36. read and write val read : #rel:preorder state → SST rel state ( fun s 0 → True) ∧ fst s 1 ∧ ( fun s 0 s s 1 → fst s 0 = s s = snd s 0 = snd s 1 ) let write #rel x = ...

  37. read and write val read : #rel:preorder state → SST rel state ( fun s 0 → True) ∧ fst s 1 ∧ ( fun s 0 s s 1 → fst s 0 = s s = snd s 0 = snd s 1 ) let write #rel x = ... val write : #rel:preorder state → x:state → SST rel unit ( fun s 0 → s_rel rel s 0 (x,snd s 0 )) ( fun s 0 _ s 1 → s 1 = (x,snd s 0 )) let write #rel x = ...

  38. witness and recall

  39. witness and recall val witness : #rel:preorder state → p:stable_p rel → SST rel unit ( fun s 0 → p (fst s 0 ) ∧ snd s 0 = None) ■ p) ( fun s 0 _ s 1 → s 0 = s 1 ∧ let witness #rel p = ...

  40. witness and recall val witness : #rel:preorder state → p:stable_p rel → SST rel unit ( fun s 0 → p (fst s 0 ) ∧ snd s 0 = None) ■ p) ( fun s 0 _ s 1 → s 0 = s 1 ∧ let witness #rel p = ... val recall : #rel:preorder state → p:stable_p rel → SST rel unit ( fun s 0 → ■ p ∧ snd s 0 = None) ( fun s 0 _ s 1 → s 0 = s 1 ∧ p (fst s 1 )) let recall #rel p = ...

  41. snap and ok

  42. snap and ok val snap : #rel:preorder state → SST rel unit ( fun s 0 → snd s 0 = None) ( fun s 0 _ s 1 → fst s 0 = fst s 1 ∧ snd s 1 = Some (fst s 0 )) let snap #rel = ...

  43. snap and ok val snap : #rel:preorder state → SST rel unit ( fun s 0 → snd s 0 = None) ( fun s 0 _ s 1 → fst s 0 = fst s 1 ∧ snd s 1 = Some (fst s 0 )) let snap #rel = ... val ok : #rel:preorder state → SST rel unit ( fun s 0 → exists s . snd s 0 = Some s ∧ rel s (fst s 0 )) ( fun s 0 _ s 1 → fst s 0 = fst s 1 ∧ snd s 1 = None) let ok #rel = ...

  44. Example use of SST

  45. Example use of SST y 1 y 0 x 0 x 1 • Implementing a 2D point using two locations • E.g., want to enforce that can only move along some line

  46. A glimpse of the formal metatheory

  47. PSTATE formally

  48. PSTATE formally We work with a small calculus based on EMF * from DM4F t, wp, ::= state | rel | x:t1 → Tot t2 | x:t1 → PSTATE t2 wp | ... e, φ | x | fun x:t → e | e1 e2 | (e1,e2) | fst e | ... | return e | bind e1 x:t.e2 | get e | put e | witness e | recall e

  49. PSTATE formally We work with a small calculus based on EMF * from DM4F t, wp, ::= state | rel | x:t1 → Tot t2 | x:t1 → PSTATE t2 wp | ... e, φ | x | fun x:t → e | e1 e2 | (e1,e2) | fst e | ... | return e | bind e1 x:t.e2 | get e | put e | witness e | recall e Typing judgements have the form G ⊢ e : Tot t G ⊢ e : PSTATE t wp

  50. PSTATE formally We work with a small calculus based on EMF * from DM4F t, wp, ::= state | rel | x:t1 → Tot t2 | x:t1 → PSTATE t2 wp | ... e, φ | x | fun x:t → e | e1 e2 | (e1,e2) | fst e | ... | return e | bind e1 x:t.e2 | get e | put e | witness e | recall e Typing judgements have the form G ⊢ e : Tot t G ⊢ e : PSTATE t wp There is also a judgement for logical reasoning in WPs G | Φ ⊨ φ

  51. PSTATE formally We work with a small calculus based on EMF * from DM4F t, wp, ::= state | rel | x:t1 → Tot t2 | x:t1 → PSTATE t2 wp | ... e, φ | x | fun x:t → e | e1 e2 | (e1,e2) | fst e | ... | return e | bind e1 x:t.e2 | get e | put e | witness e | recall e Typing judgements have the form G ⊢ e : Tot t G ⊢ e : PSTATE t wp There is also a judgement for logical reasoning in WPs G | Φ ⊨ φ nat. deduction for classical predicate logic

  52. Operational semantics

Recommend

Free recall and recognition in a network model of the hippocampus: simulating effects of

Free recall and recognition in a network model of the hippocampus: simulating effects of

Free recall and recognition in a network model of the hippocampus: simulating effects of scopolamine on human memory function Michael E. Hasselmo * and Bradley P. Wyble Acetylcholine again! - thought to be involved in learning and memory -

1.41k views • 89 slides
GPU tuning, part 1 (updated) CSE 6230: HPC Tools &amp; Apps Fall 2014 September 30 &amp;

GPU tuning, part 1 (updated) CSE 6230: HPC Tools &amp; Apps Fall 2014 September 30 &amp;

vuduc.org/cse6230 GPU tuning, part 1 (updated) CSE 6230: HPC Tools &amp; Apps Fall 2014 September 30 &amp; October 2 Recall: 2 Recall: 6 GB/s 2 Recall: 3 Recall: 4 Recall: 5 Recall: 6 Recall: 7 Recall: 8 Recall: 9

1.19k views • 99 slides
Compilers and computer architecture From strings to ASTs (2): context free grammars Martin Berger

Compilers and computer architecture From strings to ASTs (2): context free grammars Martin Berger

Compilers and computer architecture From strings to ASTs (2): context free grammars Martin Berger 1 October 2019 1 Email: M.F.Berger@sussex.ac.uk , Office hours: Wed 12-13 in Chi-2R312 1 / 1 Recall the function of compilers 2 / 1 Recall we

686 views • 53 slides
Equivalence with context-free grammars I Language context free recognized by pushdown automata

Equivalence with context-free grammars I Language context free recognized by pushdown automata

Equivalence with context-free grammars I Language context free recognized by pushdown automata For the left-hand side, recall that by definition a language is context-free if it is constructed by some CFG For the proof, one direction is

329 views • 7 slides
Before We Start Any questions? Context Free Languages PDAs and CFLs Languages Context Free

Before We Start Any questions? Context Free Languages PDAs and CFLs Languages Context Free

Before We Start Any questions? Context Free Languages PDAs and CFLs Languages Context Free Languages Recall. Context Free Languages(CFL) is the next class of languages outside of Regular What is a language? Languages:

492 views • 10 slides
1 Bin(10, 0.3), Bin(100, 0.03) vs. Poi(3) Tender (Central) Moments with Poisson Recall: Y ~

1 Bin(10, 0.3), Bin(100, 0.03) vs. Poi(3) Tender (Central) Moments with Poisson Recall: Y ~

Whither the Binomial Binomial in the Limit Recall example of sending bit string over network Recall the Binomial distribution n ! n = 4 bits sent over network where each bit had i n i ( ) ( 1 ) P X i

191 views • 4 slides
3rd Annual Automotive Industry Warranty &amp; Recall Symposium Global Financial Advisory Services

3rd Annual Automotive Industry Warranty &amp; Recall Symposium Global Financial Advisory Services

3rd Annual Automotive Industry Warranty &amp; Recall Symposium Global Financial Advisory Services Agenda News and Recall Data 2015 Recap NHTSA Recall Data Completion Rate Trends and Observations International Recall Data

1.32k views • 114 slides
Big picture All languages Decidable Turing machines NP P Context-free

Big picture All languages Decidable Turing machines NP P Context-free

Big picture All languages Decidable Turing machines NP P Context-free Context-free grammars, push-down automata Regular Automata, non-deterministic automata, regular expressions Recall: Theorem: L := {0 n 1 n : n 0}

1.23k views • 108 slides
1 Those of you who came to our original Seminar will recall that I there tried to provide an

1 Those of you who came to our original Seminar will recall that I there tried to provide an

1 Those of you who came to our original Seminar will recall that I there tried to provide an overview of the process of developing policy and then turning it into legislation. You may also recall that the key messages of that presentation were:

141 views • 13 slides
CSCI341 Lecture 36, Pipelining &amp; Hazards RECALL... RECALL... HAZARDS Data Hazards

CSCI341 Lecture 36, Pipelining &amp; Hazards RECALL... RECALL... HAZARDS Data Hazards

CSCI341 Lecture 36, Pipelining &amp; Hazards RECALL... RECALL... HAZARDS Data Hazards Control Hazards Dukes of Hazzard DATA HAZARD Hardware solution: Include forwarding paths in the machines datapath. Even though results have not

436 views • 27 slides
RECALL READINESS Presentation Prepared for the Colorado Fruit and Vegetable Growers Association

RECALL READINESS Presentation Prepared for the Colorado Fruit and Vegetable Growers Association

RECALL READINESS Presentation Prepared for the Colorado Fruit and Vegetable Growers Association Recall Readiness and Crisis Management Workshop November 14, 2017 J. Lee Gray Partner IS A RECALL PLAN REQUIRED? Register as Food Facility?

390 views • 34 slides
Lecture 14: Energy Bands for Electrons in Crystals (Kittel Ch. 7) Energy Energy Gap k

Lecture 14: Energy Bands for Electrons in Crystals (Kittel Ch. 7) Energy Energy Gap k

Lecture 14: Energy Bands for Electrons in Crystals (Kittel Ch. 7) Energy Energy Gap k /a /a 0 Physics 460 F 2006 Lect 14 1 Outline Recall the solution for the free electron gas (Jellium) Simplest model for a metal Free

459 views • 20 slides
Proving Invariances CS256/Spring 2008 Lecture #6 Zohar Manna Definitions Recall: the

Proving Invariances CS256/Spring 2008 Lecture #6 Zohar Manna Definitions Recall: the

Proving Invariances CS256/Spring 2008 Lecture #6 Zohar Manna Definitions Recall: the variables of assertion: free (flexible) system variables V = Y { } Chapter 1 where Y are the program variables and is the control

292 views • 10 slides
YACC Background ! Review : Recall grammars for YACC are a CSCI: 4500/6500 Programming variant of

YACC Background ! Review : Recall grammars for YACC are a CSCI: 4500/6500 Programming variant of

YACC Background ! Review : Recall grammars for YACC are a CSCI: 4500/6500 Programming variant of BNF Languages Can be used to express context free languages X -&gt; p X is non terminal, p is a string of non-terminals and/ Conclusion of

326 views • 7 slides
Hopes and Fears for Evergreen Oh were free! Free! Forever were free Come join the song

Hopes and Fears for Evergreen Oh were free! Free! Forever were free Come join the song

My My Hopes and Fears for Evergreen Oh were free! Free! Forever were free Come join the song of all the redeemed Yes were free! Free! Forever amen Thats when death was arrested and my life began We worship you! Hallelujah,

713 views • 23 slides
Should You Be Gluten Free? Should You Be Gluten Free? Should You Be Gluten Free? Should You Be

Should You Be Gluten Free? Should You Be Gluten Free? Should You Be Gluten Free? Should You Be

Should You Be Gluten Free? Should You Be Gluten Free? Should You Be Gluten Free? Should You Be Gluten Free? New Research Shows 1 in 8 Americans N R h Sh 1 i 8 A i are Gluten Intolerant Are You? What is gluten? Testing Latest

518 views • 41 slides
MASTER CLASS ON TRACEABILITY, RECALL &amp; WITHDRAWAL Ms Vinod Kotwal Director (Codex), FSSAI 3

MASTER CLASS ON TRACEABILITY, RECALL &amp; WITHDRAWAL Ms Vinod Kotwal Director (Codex), FSSAI 3

MASTER CLASS ON TRACEABILITY, RECALL &amp; WITHDRAWAL Ms Vinod Kotwal Director (Codex), FSSAI 3 rd December 2014 INTRODUCTION Food Recall :- According to FAO, food recall is the action to remove food from the market at any stage of the food

447 views • 17 slides
Recall of Therapeutic Goods - Overview 2018 GMP Forum Craig Davies Australian Recall Coordinator

Recall of Therapeutic Goods - Overview 2018 GMP Forum Craig Davies Australian Recall Coordinator

Recall of Therapeutic Goods - Overview 2018 GMP Forum Craig Davies Australian Recall Coordinator and Director - Recalls Section Manufacturing Quality Branch 26 June 2018 Recalls sections functions For all therapeutic goods:

476 views • 19 slides
for Xt C At A At t 2A 0 o Winkler Theorem S ca and Then there st positive constants fix

for Xt C At A At t 2A 0 o Winkler Theorem S ca and Then there st positive constants fix

Oliveira Peres S Recall Thm t finite reversible lazy Mc's a ez Ca and s t t 7 O ca twixt thx ca trial ca Recall Ex Ta tHCxl Max A Cats Removing the reversibility assumption tula twixt NZ ku ta q 72 ngag Ex Ty 3 kn In A Att o

406 views • 4 slides
Bio-inspired computation: Clock-free, grid-free, scale-free, and symbol-free (FA2386-12-1-4050)

Bio-inspired computation: Clock-free, grid-free, scale-free, and symbol-free (FA2386-12-1-4050)

Bio-inspired computation: Clock-free, grid-free, scale-free, and symbol-free (FA2386-12-1-4050) PI: Janet Wiles (University of Queensland) AFOSR Program Review: Mathematical and Computational Cognition Program Computational and Machine

307 views • 29 slides
1 Just how close to 100 % must the recall of a tool for a hairy task be? First, recognize that

1 Just how close to 100 % must the recall of a tool for a hairy task be? First, recognize that

1 Just how close to 100 % must the recall of a tool for a hairy task be? First, recognize that achieving 100 % recall is probably impossible, even for a human, as is finding all bugs in a program, particularly because the task is hairy, and

313 views • 15 slides
Free presentation tool for mac Free presentation tool for mac.zip Which Prezi plan is right for

Free presentation tool for mac Free presentation tool for mac.zip Which Prezi plan is right for

Free presentation tool for mac Free presentation tool for mac.zip Which Prezi plan is right for you? Try FREE; Unlimited presentations: along with powerful analytics and collaboration tools.as iWork, and it's free to anyone who owns a post-2013

580 views • 4 slides
Sampling and Respondent Recall: What difference does 6 months make? 25 Same CG-CAHPS Survey with

Sampling and Respondent Recall: What difference does 6 months make? 25 Same CG-CAHPS Survey with

Sampling and Respondent Recall: What difference does 6 months make? 25 Same CG-CAHPS Survey with Different Time Reference Periods Currently, users field CG-CAHPS surveys with either a 6- or 12-month recall period, as well as using a 6- or

276 views • 13 slides
2017 ROBIN SLEEMAN, MSPH, RS COMPLIANCE COORDINATOR Initial Complaint The recall activity in

2017 ROBIN SLEEMAN, MSPH, RS COMPLIANCE COORDINATOR Initial Complaint The recall activity in

PRINCE GEORGES COUNTY HEALTH DEPARTMENT ORIENTAL PACKING CO. CURRY RECALL: ONE LOCAL HEALTH DEPARTMENTS RESPONSE FOOD PROTECTION AND POLICY PROGRAM 2017 ROBIN SLEEMAN, MSPH, RS COMPLIANCE COORDINATOR Initial Complaint The recall

690 views • 22 slides

More recommend