## Inferring the Equivalence of Functional Programs that Mutate Data (1992)

Venue: | Theoretical Computer Science |

Citations: | 26 - 7 self |

### BibTeX

@ARTICLE{Mason92inferringthe,

author = {Ian Mason and Carolyn Talcott},

title = {Inferring the Equivalence of Functional Programs that Mutate Data},

journal = {Theoretical Computer Science},

year = {1992},

volume = {105},

pages = {186--197}

}

### Years of Citing Articles

### OpenURL

### Abstract

this paper we study the constrained equivalence of programs with effects. In particular, we present a formal system for deriving such equivalences. Constrained equivalence is defined via a model theoretic characterization of operational, or observational, equivalence called strong isomorphism. Operational equivalence, as introduced by Morris [23] and Plotkin [27], treats programs as black boxes. Two expressions are operationally equivalent if they are indistinguishable in all program contexts. This equivalence is the basis for soundness results for program calculi and program transformation theories. Strong isomorphism, as introduced by Mason [14], also treats programs as black boxes. Two expressions are strongly isomorphic if in all memory states they return the same value, and have the same effect on memory (modulo the production of garbage). Strong isomorphism implies operational equivalence. The converse is true for first-order languages; it is false for full higher-order languages. However, even in the higher-order case, it remains an useful tool for establishing equivalence. Since strong isomorphism is defined by quantifying over memory states, rather than program contexts, it is a simple matter to restrict this equivalence to those memory states which satisfy a set of constraints. It is for this reason that strong isomorphism is a useful relation, even in the higher-order case. The formal system we present defines a single-conclusion consequence relation \Sigma ` \Phi where \Sigma is a finite set of constraints and \Phi is an assertion. The semantics of the formal system is given by a semantic consequence relation, \Sigma j= \Phi, defined in terms of a class of memory models for assertions and constraints. The assertions we consider are of the following two forms...

### Citations

716 | A framework for defining logics
- Harper, Honsell, et al.
- 1993
(Show Context)
Citation Context ...nted in a simple schematic form. In the cases where E is finitely presented, or presented as a schemata, the induction rule (LI) can easily be encoded in, for example, the Edinburgh logical framework =-=[10, 2]-=-, or reformulated in the style of Boyer and Moore [4]. We give three examples of the usage of the List induction principle. They serve to illustrate the variety of theorems provable. The proofs also p... |

548 |
A Computational Logic
- Boyer, Moore
- 1979
(Show Context)
Citation Context ...finitely presented, or presented as a schemata, the induction rule (LI) can easily be encoded in, for example, the Edinburgh logical framework [10, 2], or reformulated in the style of Boyer and Moore =-=[4]-=-. We give three examples of the usage of the List induction principle. They serve to illustrate the variety of theorems provable. The proofs also provide examples of rather different families of equat... |

498 |
Model Theory
- Chang, Keisler
- 1973
(Show Context)
Citation Context ...ing of the symbol j=. We do not distinguish between an element of A and the constant that denotes it. In particular we let A = !A ; cell ; a? a2A , and define the diagram of A as in Chang and Keisler =-=[5]-=-. Definition (Diag(A)): The diagram of the set of atoms, Diag(A), is defined by Diag(A) = f:cell(a); :(a = a 0 ) a; a 0 2 A ; a 6= a 0 g Definition (\Sigma m ): The memory structure theory, \Sigma m ,... |

457 | Computational lambda-calculus and monads
- Moggi
- 1989
(Show Context)
Citation Context ...g isomorphism) such that equivalence in all models is the same as operational equivalence. The existence of such a model-theoretic equivalence in the higher-order case remains an open question. Moggi =-=[22]-=- shows that, in principle, purely equational reasoning in arbitrary computational monads can be lifted to higher-order intuitionistic logic. It is not clear just how the lifting construction distorts ... |

269 | The revised report on the syntactic theories of sequential control and state
- Felleisen, Hieb
- 1989
(Show Context)
Citation Context ...d and used as the basis for studying program equivalence. Many examples of proving program equivalence can be found in Mason and Talcott [16, 14, 15, 18, 21, 20]. Felleisen [7] and Felleisen and Hieb =-=[9]-=- develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott [17, 19] develop the theory of operational 3 equivalence for programs wi... |

251 | Polymorphic effect systems
- Lucassen, Gifford
- 1988
(Show Context)
Citation Context ... of the form letfx := eg" where (under constraint \Sigma) e has no write effect 21 (evaluation of e will not execute any setcars or setcdrs) and x is not free in \Sigma. Work of Lucassen and Giff=-=ord, [11, 12]-=-, makes progress in this direction, but needs to be modified if it is to apply in an untyped language. In what follows we shall adopt the most trivial version of context introduction as a rule. Contex... |

193 | Fast Decision Procedures Based on Congruence Closure
- Nelson, Oppen
- 1980
(Show Context)
Citation Context ...ion of Diag(A) to the set of constants that appear in either \Sigma or '. This has the consequence that \Sigma [ Diag(A) j= ' can be decided in time quadratic in the size of \Sigma, (Nelson and Oppen =-=[25]-=-). 14 3.1. The Rules Definition (\Sigma ` \Phi): The consequence relation, `, is the smallest relation on P! (L) \Theta L that is closed under the rules given below. Officially we should make ffi a pa... |

158 |
Solvable Cases of the Decision Problem
- Ackermann
- 1954
(Show Context)
Citation Context ...or not \Sigma [ Diag(A) j= '. Proof : This result follows from the fact that the quantifier-free theory of equality and uninterpreted function symbols is decidable, a result first proved by Ackermann =-=[1]-=-. Note that (\Sigma [Diag(A) j= ') , (\Sigma [D j= '), where D is the restriction of Diag(A) to the set of constants that appear in either \Sigma or '. This has the consequence that \Sigma [ Diag(A) j... |

136 |
Lambda-calculus Models of Programming Languages
- Morris
- 1968
(Show Context)
Citation Context ...es. Constrained equivalence is defined via a model theoretic characterization of operational, or observational, equivalence called strong isomorphism. Operational equivalence, as introduced by Morris =-=[23]-=- and Plotkin [27], treats programs as black boxes. Two expressions are operationally equivalent if they are indistinguishable in all program contexts. This equivalence is the basis for soundness resul... |

112 | Equivalence in functional languages with effects
- Mason, Talcott
- 1991
(Show Context)
Citation Context ...lcott [16, 14, 15, 18, 21, 20]. Felleisen [7] and Felleisen and Hieb [9] develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott =-=[17, 19]-=- develop the theory of operational 3 equivalence for programs with memory and function abstractions. More complete surveys of reasoning about programs with memory can be found in Mason [14, 13, 15] an... |

58 |
Types and effects, towards an integration of functional and imperative programming
- Lucassen
- 1987
(Show Context)
Citation Context ... of the form letfx := eg" where (under constraint \Sigma) e has no write effect 21 (evaluation of e will not execute any setcars or setcdrs) and x is not free in \Sigma. Work of Lucassen and Giff=-=ord, [11, 12]-=-, makes progress in this direction, but needs to be modified if it is to apply in an untyped language. In what follows we shall adopt the most trivial version of context introduction as a rule. Contex... |

47 |
Reasoning about Recursively Defined Data Structures
- Oppen
- 1980
(Show Context)
Citation Context ...rial explosion. An interesting open problem is to find strategies that are reasonably efficient for a useful class of queries and to incorporate this into a system for reasoning about programs. Oppen =-=[26]-=- gives a decision procedure for the first-order theory of pure Lisp, i.e. the theory of cell, car , cdr , cons over acyclic list structures. Nelsen and Oppen [25] treats the quantifier-free case over ... |

35 |
The Calculi of Lambda-v-cs Conversion: A Syntactic Theory of Control and State in Imperative Higher-Order Programming Languages
- Felleisen
- 1987
(Show Context)
Citation Context ...omorphism (') was introduced and used as the basis for studying program equivalence. Many examples of proving program equivalence can be found in Mason and Talcott [16, 14, 15, 18, 21, 20]. Felleisen =-=[7]-=- and Felleisen and Hieb [9] develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott [17, 19] develop the theory of operational 3 ... |

28 | Programming, transforming, and proving with function abstractions and memories
- Mason, Talcott
- 1989
(Show Context)
Citation Context ...lcott [16, 14, 15, 18, 21, 20]. Felleisen [7] and Felleisen and Hieb [9] develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott =-=[17, 19]-=- develop the theory of operational 3 equivalence for programs with memory and function abstractions. More complete surveys of reasoning about programs with memory can be found in Mason [14, 13, 15] an... |

27 |
A basic abstract semantic algebra
- Mosses
- 1984
(Show Context)
Citation Context ...oss of the beta rule poses a serious problem for reasoning about programs. This approach also violates the principle of separating the mechanism for binding from that of memory allocation (cf. Mosses =-=[24]-=-). Lisp and Scheme adopt both the imperative and the functional mechanisms for introducing memory. ML adopts only the functional mechanism. Following the Scheme tradition, Felleisen [7, 9] takes the i... |

23 |
Side effects and aliasing can have simple axiomatic descriptions
- Boehm
- 1985
(Show Context)
Citation Context ...ce makes the rules very complex. No formal semantics for the proof system is given, and there are no formal results on the equational theory or its relationship to the original lambda calculus. Boehm =-=[3]-=- defines a first-order theory for reasoning about programs in the language Russell. Program constructs are defined by two classes of axioms. The first group concerns the nature of the value returned. ... |

23 |
The Semantics of Destructive Lisp
- Mason
- 1986
(Show Context)
Citation Context ... are indistinguishable in all program contexts. This equivalence is the basis for soundness results for program calculi and program transformation theories. Strong isomorphism, as introduced by Mason =-=[14]-=-, also treats programs as black boxes. Two expressions are strongly isomorphic if in all memory states they return the same value, and have the same effect on memory (modulo the production of garbage)... |

13 |
v-CS: An extended *-calculus for Scheme
- Felleisen
- 1988
(Show Context)
Citation Context ... theory of operational 3 equivalence for programs with memory and function abstractions. More complete surveys of reasoning about programs with memory can be found in Mason [14, 13, 15] and Felleisen =-=[7, 8]-=- The remainder of this paper is organized as follows. In x2. we define our firstorder language, its operational semantics, the class of memory models, and the corresponding semantic consequence relati... |

12 |
Verification of programs that destructively manipulate data
- Mason
- 1988
(Show Context)
Citation Context ...odel-theoretic equivalence strong isomorphism (') was introduced and used as the basis for studying program equivalence. Many examples of proving program equivalence can be found in Mason and Talcott =-=[16, 14, 15, 18, 21, 20]-=-. Felleisen [7] and Felleisen and Hieb [9] develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott [17, 19] develop the theory of... |

11 | An overview of the Edinburgh Logical Framework
- Avron, Honsell, et al.
- 1989
(Show Context)
Citation Context ...nted in a simple schematic form. In the cases where E is finitely presented, or presented as a schemata, the induction rule (LI) can easily be encoded in, for example, the Edinburgh logical framework =-=[10, 2]-=-, or reformulated in the style of Boyer and Moore [4]. We give three examples of the usage of the List induction principle. They serve to illustrate the variety of theorems provable. The proofs also p... |

11 | Reasoning about programs with effects
- Mason, Talcott
- 1990
(Show Context)
Citation Context ...odel-theoretic equivalence strong isomorphism (') was introduced and used as the basis for studying program equivalence. Many examples of proving program equivalence can be found in Mason and Talcott =-=[16, 14, 15, 18, 21, 20]-=-. Felleisen [7] and Felleisen and Hieb [9] develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott [17, 19] develop the theory of... |

9 |
Making variables abstract: An equational theory for Russell
- Demers, Donahue
- 1983
(Show Context)
Citation Context ...0 �� =fo e 1 , e 0 �� =zo e 1 m m e 0 ' fo e 1 , e 0 ' zo e 1 An early effort in the direction of equational theories for proving correctness of higher-order imperative programs is Demers and =-=Donahue [6]-=-. They present an equational proof system for deriving assertions about programs in the language Russell, an extension of the higher-order typed lambda calculus with cells and destructive cell operati... |

6 | Program transformations for configuring components - Mason, Talcott - 1991 |

6 |
Call-by-name, call-by-value and the lambda-v-calculus
- Plotkin
- 1975
(Show Context)
Citation Context ...quivalence is defined via a model theoretic characterization of operational, or observational, equivalence called strong isomorphism. Operational equivalence, as introduced by Morris [23] and Plotkin =-=[27]-=-, treats programs as black boxes. Two expressions are operationally equivalent if they are indistinguishable in all program contexts. This equivalence is the basis for soundness results for program ca... |

3 |
Equivalence of first order Lisp programs: Proving properties of destructive programs via transformation
- Mason
- 1986
(Show Context)
Citation Context ...results are given, but no decidable fragments are considered. The underlying model theory is complex and rather cumbersome. The semantics of a full first-order Lisp-like language was studied in Mason =-=[14, 13]-=-. Here the model-theoretic equivalence strong isomorphism (') was introduced and used as the basis for studying program equivalence. Many examples of proving program equivalence can be found in Mason ... |

2 |
Memories of S-expressions: Proving properties of Lisp-like programs that destructively alter memory
- Mason, Talcott
- 1985
(Show Context)
Citation Context ...odel-theoretic equivalence strong isomorphism (') was introduced and used as the basis for studying program equivalence. Many examples of proving program equivalence can be found in Mason and Talcott =-=[16, 14, 15, 18, 21, 20]-=-. Felleisen [7] and Felleisen and Hieb [9] develop a calculus for reasoning about programs with memory, function abstractions and control abstractions. Mason and Talcott [17, 19] develop the theory of... |

2 |
Program transformation via constraint propagation
- Mason, Talcott
- 1991
(Show Context)
Citation Context |