A Step-Indexed Model of Substructural State
Size: px
Start display at page:

Download "A Step-Indexed Model of Substructural State"

Transcription

1 A Step-Indexed Mode of Substructura State Ama Ahmed Harvard University Matthew Fuet Corne University Greg Morrisett Harvard University Abstract The concept of a unique object arises in many emerging programming anguages such as Cean, CQua, Cycone, TAL, and Vaut. In each of these systems, unique objects make it possibe to perform operations that woud otherwise be prohibited (e.g., deaocating an object) or to ensure that some obigation wi be met (e.g., an opened fie wi be cosed). However, different anguages provide different interpretations of uniqueness and have different rues regarding how unique objects interact with the rest of the anguage. Our goa is to estabish a common mode that supports each of these anguages, by aowing us to encode and study the interactions of the different forms of uniqueness. The mode we provide is based on a substructura variant of the poymorphic λ-cacuus, augmented with four kinds of mutabe references: unrestricted, reevant, affine, and inear. The anguage has a natura operationa semantics that supports deaocation of references, strong (typevarying) updates, and storage of unique objects in shared references. We estabish the strong soundness of the type system by constructing a nove, semantic interpretation of the types. Categories and Subject Descriptors D.3.1 [Programming Languages]: Forma Definitions and Theory Semantics; D.3.3 [Programming Language]: Language Constructs and Features Genera Terms Languages Keywords substructura type system, mutabe references, stepindexed mode 1. Introduction Consider the foowing imperative code fragment, itten with SML syntax: 1. fun f(r1:int ref, r2:int ref):int = 2. (r1 := true ; 3.!r2 + 42) At ine 1, we assume ref ces r1 and r2 whose contents are integers. At ine 2, we update the first ce with a booean. Then, This materia is based upon work supported by the Air Force Office of Scientific Research under Award No. F and Award No. F and by the Office of Nava Research under Award No. N Any opinions, findings, and concusions or recommendations expressed in this pubication are those of the author and do not necessariy refect the views of these organizations or the U.S. Government. Permission to make digita or hard copies of a or part of this work for persona or cassroom use is granted without fee provided that copies are not made or distributed for profit or commercia advantage and that copies bear this notice and the fu citation on the first page. To copy otherwise, to repubish, to post on servers or to redistribute to ists, requires prior specific permission and/or a fee. ICFP 05 September 26 28, 2005, Tainn, Estonia. Copyright c 2005 ACM /05/ $5.00. at ine 3, we read the second ce, using the contents in a context expecting an integer. If the function is caed with actua arguments that are different ref ces, then there is nothing in the function that wi cause a run-time type error. 1 Yet, if the same ref ce is passed for each forma argument, then the update on ine 2 wi change the contents of both r1 and r2, causing a run-time type error to occur at ine 3. SML (and most imperative anguages) reject the above program, because references are unrestricted, that is, they may be freey aiased. In genera, reasoning about unrestricted references is hard because we need additiona information to understand what other vaues are affected by an update. In the absence of this information, we must be conservative. For instance, in SML, we must assume that an update to an int ref coud affect any other int ref. To ensure type soundness, we must therefore require the type of the ref s contents be preserved by the update. In other words, most type systems can ony track invariants on refs, instead of program-pointspecific properties. As a resut, we are forced to weaken the type of the ref to cover a possibe program points. In the exampe above, we must weaken r1 s type to (int + boo) ref and pay the costs of tagging vaues, and checking those tags when the pointer is dereferenced. Unfortunatey, in many settings, this weakened invariant is insufficient. Hence, researchers have turned to more powerfu systems that do provide a means of ensuring excusive access to state. In particuar, many projects have introduced some form of inearity to tame state. Linear ogic [15] and other substructura ogics give rise to more expressive type systems, because they are designed to precisey account for resources. For instance, the Cean programming anguage [26] reies upon a form of uniqueness to ensure equationa reasoning in the presence of mutabe data structures. The Cycone programming anguage [17] uses unique pointers to aow fine-grained memory management. For exampe, a unique pointer may be updated from uninitiaized to initiaized, and its contents may aso be deaocated: 1. x = maoc(4); // x: --- * U 2. *x = 3; // x: int * U 3. free(x); // x: unined In both of these anguages, a unique object may be impicity discarded, yieding a weak form of uniqueness caed affinity. The Vaut programming anguage [13] uses tracked keys to enforce resource management protocos. For exampe, the foowing interface specifies that opening a fie returns a new tracked key, which must be present when reading the fie, and which is consumed when cosing the fie: 1. interface IO { 2. type FILE; 3. tracked($f) FILE open(string) [ +$F ]; 4. char read (tracked($f) FILE) [ $F ]; 5. void cose (tracked($f) FILE) [ -$F ]; } 1 We assume that vaues are represented uniformy so that, for instance, unit, booeans, and integers a take up one word of storage.

2 Because tracked keys may be neither dupicated nor discarded, Vaut supports a strong form of uniqueness technicay termed inearity, which ensures that an opened fie must be cosed exacty once. Other projects [32, 12] have aso incorporated inearity to ensure that memory is recaimed. Both forms of uniqueness (inearity and affinity) support strong updates, whereby the type of a statefu object is changed in response to statefu operations. For exampe, the Cycone code fragment above demonstrates the type of the unique pointer changing from uninitiaized to initiaized (with an integer) in response to the assignment. The intuitive understanding is that a unique object cannot be dupicated, and thus there are no aiases to the object; hence, no other portion of the program may observe the change in the object s type, so it is safe to perform a strong update. Yet, programming in a anguage with ony unique (i.e., inear or affine) objects is much too painfu. In such a setting, one can ony construct tree-ike data structures. Hence, it is not surprising that both Cycone and Vaut aow a programmer to put unique objects in shared objects, with a variety of restrictions to ensure that these mixed objects behave in a safe manner. In fact, understanding the various mechanisms by which unique objects (with strong updates) may safey coexist and mix with shared objects is currenty an active area of research [5], though much of it has focused on high-eve programming features, often without a compete forma account. Therefore, it is natura to study a core anguage with mutabe references of a sorts mentioned above: inear, affine, and unrestricted. The study of substructura ogics immediatey suggests one more sort reevant, which describes data that may be dupicated but not impicity discarded. Having made these distinctions, a number of design questions arise: What does it mean to dupicate or to discard a reference What operations may be safey performed with the different sorts of references What combinations of sorts for a reference and its contents are safe A major contribution of this paper is to aner these questions, giving an integrated design of references for a of these substructura sorts (Section 3). Our design aows unique (inear and affine) vaues to be stored in shared (unrestricted and reevant) references, whie preserving the desirabe feature that resources are tracked accuratey. Our anguage extends a core λ-cacuus with a straightforward type system that provides data of each of the substructura sorts mentioned above (Section 2). The key idea, present in other substructura type systems, is to break out the substructura sorts as type quaifiers. Rather than prove soundness via a syntactic subject-reduction proof, we adopt an approach compatibe with that used in Foundationa Proof Carrying Code [6, 7]. We construct a step-indexed mode (Section 4) where types are interpreted as sets of store description / vaue pairs, which are further refined using an index representing the number of steps avaiabe for future evauation. We beieve this mode improves on previous modes of mutabe state, contributing a compositiona notion of aiasing and ownership that directy addresses the subteties of aowing unique vaues to be stored in shared references. Furthermore, we achieve a simpe mode, in comparison to denotationa and domain-theoretic approaches, that easiy extends to impredicative poymorphism and first-cass references. Constructing a (we-founded) set-theoretic mode means that our soundness and safety proofs are amenabe to formaization in the higher-order ogic of Foundationa PCC. Hence, our work provides a usefu foundation for future extensions of Foundationa PCC, which currenty ony supports unrestricted references, but is an attractive target for source anguages wishing to carry high-eve security guarantees, enforced by type states and inear resources, through to machine code. 2. λ URAL : A Substructura λ-cacuus Advanced type systems for state rey upon imiting the ordering and number of uses of data and operations to ensure that state is handed in a safe manner. For exampe, (safey) deaocating a data structure requires that the data structure is never used in the future. In order to estabish this property, a type system may ensure that the data structure is used at most once; after one use, the data structure may be safey deaocated, since there can be no further uses. A substructura type system provides the core mechanisms necessary to restrict the number and order of uses of data and operations. A conventiona type system, such as that empoyed by the simpy-typed λ-cacuus, with a typing judgement ike Γ e : τ, satisfies three structura properties: Exchange If Γ 1, x:τ x, y:τ y, Γ 2 e : τ, then Γ 1, y:τ y, x:τ x, Γ 2 e : τ. Contraction If Γ 1, x:τ z, y:τ z, Γ 2 e : τ, then Γ 1, z:τ z, Γ 2 e[z/x][z/y] : τ. Weakening If Γ e : τ, then Γ, x:τ x e : τ. In contrast, a substructura type system is designed so that one or more of these structura properties do not hod in genera. Among the most widey studied substructura type systems are the inear type systems [29, 24], derived from Girard s inear ogic [15], in which a variabes satisfy Exchange, but ineary typed variabes satisfy neither Contraction nor Weakening. In this section, we present a substructura poymorphic λ- cacuus, simiar in spirit to Waker s inear ambda cacuus [30]. In our cacuus, types and variabes are quaified as unrestricted (U), reevant (R), affine (A), or inear (L). A variabes wi satisfy Exchange, whie ony unrestricted variabes wi satisfy both Contraction and Weakening, aowing such variabes to be used an arbitrary number of times. We wi require inear variabes to satisfy neither Contraction nor Weakening, ensuring that such variabes are used exacty once, affine variabes to satisfy Weakening (but not Contraction), ensuring that such variabes are used at most once, and reevant variabes to satisfy Contraction (but not Weakening), ensuring that such variabes are used at east once. 2 The diagram beow demonstrates the reationship between these quaifiers, inducing a attice ordering. 2.1 Syntax inear (L) affine (A) reevant (R) unrestricted (U) Figure 1 presents the syntax for our core cacuus, dubbed the λ URAL -cacuus. Most of the types, expressions, and vaues are based on a traditiona poymorphic λ-cacuus. Kind and Type Leves We structure our types τ as a quaifier ξ appied to a pre-type τ, yieding the four sorts of types noted above. The quaifier of a type dictates the structura operations that may be appied to vaues of the type, whie the pre-type dictates the introduction and eimination forms. The pre-types 1, τ 1 τ 2, and τ 1 τ 2 correspond to the unit, pair, and function types of the poymorphic λ-cacuus. 2 In the ogic community, it is perhaps more accurate to use the quaifier strict for such variabes. However, strict is aready an overoaded term in the functiona programming community; so, ike Waker [30], we use reevant.

3 Kind Leve: Kinds κ ::= QUAL Type Leve: Constant Quaifiers q Quas = {U, R, A, L} Quaifiers ξ ::= α q PreTypes τ ::= α 1 τ 1 τ 2 τ 1 τ 2 α:κ. τ Types τ ::= α ξ τ Type-eve Terms ι ::= ξ τ τ Expression Leve: Vaues v ::= x v 1, v 2 λx. e Λ. e Expressions e ::= v et = e 1 in e 2 et x 1, x 2 = e 1 in e 2 e 1 e 2 e [] Figure 1. λ URAL Syntax Poymorphism over quaifiers, pre-types, and types is provided by a singe pre-type α:κ. τ; we introduce a kind eve to distinguish among the type-eve terms that may be used to instantiate a poymorphic pre-type (with kinds QUAL,, and for quaifiers, pre-types, and types, respectivey). In an accompanying technica report [3], we show that it is aso easy to extend our resuts to incude sum (τ 1 τ 2), existentia ( α:κ. τ), and recursive (µα:. τ) pre-types and recursive functions in the cacuus, though we eide such constructs in this presentation. This structuring of types as a quaifier appied to a pre-type foows that of Waker [30], but differs from other presentations of inear ambda cacui that use exacty one modaity (!τ) to distinguish unrestricted from inear types. It seems possibe to introduce aternative modaities (e.g, τ for affine and +τ for reevant), but then we woud have to consider their interaction (e.g., what does!+τ denote). Aso, with four distinct quaifiers, it is natura to introduce quafier poymorphism, which is best formuated by separating quaifiers from pre-types. Expression Leve Each pre-type has an associated vaue introduction form. The pattern matching expression forms et = e 1 in e 2 and et x 1, x 2 = e 1 in e 2 are used to eiminate units (1 ) and pairs (), respectivey. As usua, a function with pre-type τ 1 τ 2 is eiminated via appication e 1 e 2, whie a type-eve abstraction α:κ. τ is eiminated via instantiation e []. Note that expressions are not decorated with type-eve terms. This simpifies the semantic mode presented in Section 4, where soundness is with respect to typing derivations, and is appropriate for an expressive interna anguage. We eave as an open probem the formuation of appropriate inference and eaboration agorithms yieding derivations in the type system of the next section, which woud ikey require some type-eve annotations on expressions in a surface anguage. 2.2 Static Semantics The goa of the type system for λ URAL is to approximate the requirements of anguages ike Vaut and Cycone, which ensure that inear vaues are used exacty once, affine vaues are used at most once, and reevant vaues are used at east once. Duay, the type system shoud ensure that ony unrestricted and reevant vaues are dupicated and ony unrestricted and affine vaues are discarded. To prevent vaues from being impicity copied or dropped when their containing vaue is dupicated or discarded, the type system must aso ensure that a (functiona) vaue with a quaifier ower in the attice may not contain vaues with quaifiers higher in the attice. For exampe, an affine (A) pair may not contain inear (L) components, since we coud end up dropping the inear components by dropping the pair, so the type sytem must rue out expressions of type A ( L τ 1 L τ 2). ξ 1 ξ 2 α : QUAL U α τ ξ Γ ξ ξ : QUAL ξ ξ α : α L ξ : QUAL ξ q 1 q 2 q 1 q 2 α : QUAL α L ξ 1 ξ ξ ξ 2 τ : ξ 1 ξ 2 ξ τ ξ Γ ξ Γ, x:τ ξ ξ τ ξ Figure 4. λ URAL Statics (Sub-Qua Rues) Despite these requirements, the type system is reativey simpe. λ URAL typing judgements have the form ; Γ e : τ where the contexts and Γ are ined as foows: Type-eve Term Context ::=, α:κ Vaue Context Γ ::= Γ, x:τ Thus, is used to track the set of type-eve variabes in scope (aong with their kinds), whereas Γ, as usua, is used to track the set of (expression-eve) variabes in scope (aong with their types). There may be at most one occurrence of a type-eve variabe α in and, simiary, at most one occurrence of a variabe x in Γ. Figure 2 presents the λ URAL kinding rues and Figure 3 presents the λ URAL typing rues. In order to ensure the correct reationship between a data structure and its components, we extend the attice ordering on constant quaifiers to types and contexts (see Figure 4). In the presence of quaifier and type poymorphism, we incude the rues U α and α L, a conservative extension, since U and L are the bottom and top of the attice. A more genera approach woud incorporate bounded quaifier constraints, which we beieve is straightforward, but doing so does not add to the discussion at hand. As is usua in a substructura setting, our type system reies upon a judgement that spits the assumptions in Γ between the contexts Γ 1 and Γ 2 (see Figure 5). Spitting the context is necessary to ensure that variabes are used appropriatey by sub-expressions. Note that ensures that an A or L assumption appears in exacty one sub-context. On the other hand, U and R assumptions may appear in both sub-contexts, corresponding to impicit dupication of the variabes.

4 ι : κ (VarKn) α:κ α : κ (Qua) q : QUAL (Type) ξ : QUAL τ : ξ τ : (MUnitPTy) 1 : (MPairPTy) τ 1 : τ 2 : τ 1 τ 2 : (FnPTy) τ 1 : τ 2 : τ 1 τ 2 :, α:κ τ : (APTy) α:κ. τ : Figure 2. λ URAL Statics (Kinding Rues) ; Γ e : τ τ : (Var) ;, x:τ x : τ ξ : QUAL ; Γ 1 v 1 : τ 1 τ 1 ξ (MUnit) ξ : QUAL ; Γ 2 v 2 : τ 2 τ 2 ξ ; : ξ (MPair) 1 ; Γ v 1, v 2 : ξ (τ 1 τ 2 ) (Fn) ξ : QUAL Γ ξ ; Γ, x:τ 1 e : τ 2 ; Γ λx. e : ξ (τ 1 τ 2 ) ; Γ 1 e 1 : ξ 1 ; Γ 2 e 2 : τ (Let-MUnit) ; Γ et = e 1 in e 2 : τ ξ : QUAL Γ ξ, α:κ; Γ e : τ (A) ; Γ Λ. e : ξ α:κ. τ ; Γ 1 e 1 : ξ (τ 1 τ 2 ) ; Γ 2, x 1 :τ 1, x 2 :τ 2 e 2 : τ (Let-MPair) ; Γ et x 1, x 2 = e 1 in e 2 : τ (App) ; Γ 1 e 1 : ξ (τ 1 τ 2 ) ; Γ 2 e 2 : τ 1 (Inst) ; Γ e : ξ α:κ. τ ι : κ ; Γ e 1 e 2 : τ 2 ; Γ e [] : τ[ι/α] (Weak) ; Γ 1 e : τ Γ 2 A ; Γ e : τ Figure 3. λ URAL Static Semantics (Typing Rues) τ : Γ, x:τ Γ 1, x:τ Γ 2 τ : Γ, x:τ Γ 1 Γ 2, x:τ τ R Γ, x:τ Γ 1, x:τ Γ 2, x:τ Figure 5. λ URAL Statics (Context Spit Rues) The rue (MPair) is representative: the context is spit by to type each of the pair components, and the types of each component are bounded by the quaifier assigned to the pair. Intuitivey, the L and A assumptions in the context are excusivey owned by exacty one of the two components. Likewise, in the rue (Fn), the free variabes of Γ, which constitute the cosure of the function, must be bounded by the quaifier assigned to the function. Note that the quaifier assigned to a function type is unreated to the types of the argument and resut; rather, it is reated to the abstracted components that are used when the function is executed. The rue (Weak) spits the context into a sub-context used to type the expression e and a discardabe sub-context, consisting of U and A variabes, that are not required to type the expression. Note that the rue (Weak) acts as a strengthened Weakening property, aowing an arbitrary number of U and A variabes to be dropped at once. The corresponding strengthened Contraction property is incorporated into the judgement, which aows an arbitrary number of U and R variabes to be copied at once. 3. λ refural : A Substructura λ-cacuus with References Languages ike Vaut and Cycone incude objects that change state (e.g., fie descriptors), so it is natura to incude some statefu vaues. We consider the difficut case of references, which can serve as mutabe containers for both functiona vaues and statefu vaues. Hence, we extend the λ URAL -cacuus with mutabe references, to yied the λ refural -cacuus. The reference pre-type ref τ may be combined with a quaifier ξ to yied the four sorts (U, R, A, L) of references discussed earier. We aso introduce operations to aocate (new q) and deaocate (free) references, as we as to read (rd), ite (), and ap () their contents. Not a of these operations can be safey performed with a sorts of references, as we discuss in Section 3.2. The syntactic extensions to support references are as foows: Type Leve: PreTypes τ ::=... ref τ Expression Leve: Locations Locs Vaues v ::=... Expressions e ::=... new q e free e rd e e 1 e 2 e 1 e Operationa Semantics Figure 6 gives the sma-step operationa semantics for λ refural as a reation between configurations of the form (s, e), where

5 Store s ::= { 1 (q 1, v 1 ),..., n (q n, v n)} (et-munit) (s, et = in e) (s, e) (et-mpair) (s, et x 1, x 2 = v 1, v 2 in e) (s, e[v 1 /x 1 ][v 2 /x 2 ]) (app) (s, (λx. e) v) (s, e[v/x]) (inst) (s, (Λ. e) []) (s, e) (new) (s, new q v) (s { (q, v)}, ) (free) (s { (q, v)}, free ) (s, v) (read) (ite) (ap) (ctxt) (s { (q, v)}, rd ) (s { (q, v)},, v ) (s { (q, v 1 )}, v 2 ) (s { (q, v 2 )}, ) (s { (q, v 1 )}, v 2 ) (s { (q, v 2 )},, v 1 ) (s, e) (s, e ) (s, E[e]) (s, E[e ]) Figure 6. λ refural Operationa Semantics s is a goba store mapping ocations to quaifiers and vaues. 3 The notation s 1 s 2 denotes the disjoint union of the stores s 1 and s 2; the operation is unined if the domains of s 1 and s 2 are not disjoint. We use evauation contexts E (omitted in this presentation) to ift the primitive reiting rues to a standard, eftto-right, innermost-to-outermost, ca-by-vaue interpretation of the anguage. Most of the rues are standard, so we highight ony those invoving references. The expressions new q e and free e perform the compementary actions of aocating and deaocating mutabe references in the goba store. Specificay, the expression new q e evauates e to a vaue v, aocates a fresh (unaocated) ocation to store the quaifier q and vaue v, and returns. The expression free e performs the reverse: it evauates e to a ocation, deaocates, and returns the vaue previousy stored at. The expressions for reading and iting a mutabe reference impicity dupicate and discard (respectivey) the contents of the reference. The expression rd e evauates e to a ocation, dupicates the vaue v stored at, and returns, v, eaving the vaue stored at unchanged. Meanwhie, e 1 e 2 evauates e 1 to a ocation and e 2 to vaue v 2, stores v 2 at ocation, discards the vaue previousy stored at, and returns. In anguages with ony unrestricted (ML-stye) references, it is customary for rd to return ony the contents of and for to return. However, we do not wish to consider reading or iting a inear (resp. affine) reference as the exacty-one-use (resp. at-eastone-use) of the vaue. Therefore, the rd and (and ) operations return the ocation that was read or itten, which remains avaiabe for future use. The behavior of ML-stye references may be recovered by impicity discarding the returned ocation. The expression e 1 e 2 combines the operations of dereferencing and updating a mutabe reference, but has the attractive property that it neither dupicates nor discards a vaue. Notice that performing a ite or ap operation on a ocation may change the type of the ocation s contents. The static semantics wi permit weak (type-invariant) updates on a references (with some additiona caveats), but wi restrict strong (type-varying) updates to unique references. 3 We ite s qua () and s va () for the respective projections of s(). shared unique 8 >< >: 8 >< >: Ref Ops Contents and Ops U R A L U R A L new U (weak updates) new R (weak updates) new A free (strong updates) new L free (strong updates) rd rd rd rd rd rd Figure 7. Operations for Substructura State The reader may we wonder why each reference is stamped with a quaifier at its aocation when the remainder of the operationa rues are entirey agnostic with respect to a reference s quaifier. Essentiay, the quaifier is a form of instrumentation, which, when combined with the semantic mode presented in Section 4, aows us to guarantee that inear and reevant references cannot be impicity discarded. Such a property is difficut to capture excusivey in the operationa semantics (i.e., by ensuring that the abstract machine gets stuck when a inear or reevant reference is impicity dropped). On the other hand, the abstract machine does get stuck when attempting to access a reference after it has been deaocated. 3.2 Static Semantics As with the type system for λ URAL, we woud ike the type system for λ refural to ensure the property that no inear or affine vaue is impicity dupicated and no inear or reevant vaue is impicity discarded. With that in mind and noting that ony unrestricted and reevant references may be impicity copied (by the Γ Γ 1 Γ 2 judgement), whie ony unrestricted and affine references may be impicity dropped (by the (Weak) rue) we now aner the questions we aid out in Section 1: What operations may be safey performed with the different sorts of references What combinations of sorts for a reference and its contents are safe These aners are summarized in Figure 7. First, consider what it means to dupicate a reference. Operationay, a reference is a ocation in the goba store. Therefore, dupicating an unrestricted or reevant reference, simpy yieds two copies of whie the vaue stored at is not dupicated. Since dupicating a shared reference does not ater the uniqueness of its contents, it is not ony reasonabe but aso extremey usefu to aow shared references to store unique vaues. In particuar, it permits the sharing of (arge) unique data structures without expensive copying. On the other hand, dropping an unrestricted or affine reference effectivey drops its contents, since this reference may (must, in the case of affine) have been the ony copy of. If the contents were a inear or reevant vaue, then the exacty-one-use and at-east-oneuse invariants (respectivey) woud be vioated. Hence, we cannot aow inear and reevant vaues (which cannot be discarded) to be stored in unrestricted or affine references (which can be discarded). Considering yet another axis, we note that inear and affine references must be unique. Hence, we can free unique references, and aso perform strong updates on them. Shared references, on the other hand, can never be deaocated and can ony support weak updates. As we noted above, the rd operator induces an impicit copy whie the operator induces an impicit drop. Therefore, whether

6 ι : κ τ : (RefPTy) ref τ : ; Γ e : τ (New(U,A)) q A ; Γ e : τ τ A ; Γ new q e : q ref τ (Free) ; Γ e : ξ ref τ A ξ ; Γ free e : τ (New(R,L)) R q ; Γ e : τ ; Γ new q e : q ref τ (Read) ; Γ e : ξ ref τ τ R ; Γ rd e : L ( ξ ref τ τ) (Write(Strong)) ; Γ 1 e 1 : ξ ref τ 1 τ 1 A A ξ ; Γ 2 e 2 : τ 2 τ 2 ξ ; Γ e 1 e 2 : ξ ref τ 2 (Write(Weak)) ; Γ 1 e 1 : ξ ref τ τ A ; Γ 2 e 2 : τ ; Γ e 1 e 2 : ξ ref τ ; Γ 1 e 1 : ξ ref τ 1 A ξ ; Γ 2 e 2 : τ 2 τ 2 ξ (Swap(Strong)) ; Γ e 1 e 2 : L ( ξ ref τ 2 τ 1 ) ; Γ 1 e 1 : ξ ref τ ; Γ 2 e 2 : τ (Swap(Weak)) ; Γ e 1 e 2 : L ( ξ ref τ τ) Figure 8. λ refural Static Semantics (Kinding and Typing Rues) we can read from or ite to a reference depends entirey on the quaifier of its contents: rd is permitted if the contents are unrestricted or reevant (i.e., dupicabe), is permitted if the contents are unrestricted or affine (i.e., discardabe). The operation is permitted on any sort of reference, regardess of the quaifier of its contents. As noted above, strong ites and strong aps, which change the type of the contents of the ocation, are ony permitted on unique references. Figure 8 gives the additiona typing rues for λ refural. We note that the typing rues for core λ URAL terms remain unchanged. There is no rue for ocations, as ocations are not aowed in the externa anguage. Aso note that the (New) and (Free) rues act as the introduction and eimination rues for ξ ref τ types, whie the (Read), (Write), and (Swap) rues maintain an exacty-one-use invariant on references by consuming a vaue of type ξ ref τ 1 and by producing a vaue of type ξ ref τ 2 (possiby with τ 1 = τ 2). Finay, we note that may be encoded using an expicit and an impicit drop: 4 ; Γ 1 e 1 : ξ ref τ τ A ; Γ 2 e 2 : τ (Write(Weak)) ; Γ e 1 e 2 : ξ ref τ = et r, x = e 1 e 2 in // using (Swap(Weak)) // drop x, noting τ A r However, rd may not be encoded using an expicit and an impicit copy, as a suitabe (discardabe) dummy vaue cannot in genera be synthesized. (Read) ; Γ e : ξ ref τ τ R ; Γ rd e : L ( ξ ref τ τ) = et r, x = e in // where ; Γ : τ // copy x, noting τ R et r, y = r x in // using (Swap(Weak)) // drop y, but not necessariy τ A r, x 4 The encoding of a typed by the (Write(Strong)) rue makes use of the same term, but an aternate typing derivation. 4. A Step-Indexed Mode We prove the type soundness of λ refural in a manner simiar to that empoyed by Appe s Foundationa PCC project [6]. The technique uses syntactic ogica reations (that is, reations based on the operationa semantics) where reations are further refined by an index that, intuitivey, records the number of steps avaiabe for future evauation. This stratification is essentia for modeing the recursive functions (avaiabe via backpatching unrestricted references) and impredicative poymorphism present in the anguage. 4.1 Background: A Mode of Unrestricted References Our mode is based on the indexed mode of ML-stye references by Ahmed, Appe, and Virga [1, 4], henceforth AAV. In their mode, the semantic interpretation T τ of a (cosed) type τ is a set of tripes of the form (k, Ψ, v), where, k is a natura number (caed the approximation index or step index), Ψ is a (goba) store typing that maps ocations to (the interpretation of) their designated types, and v is a (cosed) vaue. Intuitivey, (k, Ψ, v) T τ says that in any computation running for no more than k steps, v cannot be distinguished from vaues of type τ. Furthermore, since dereferencing a ocation consumes an execution step, in order to determine whether v has type τ for k steps it suffices to know the type of each store ocation for k 1 steps; hence, Ψ need ony specify each ocation s type to approximation k 1. We use a simiar indexing approach which is key to ensuring that our mode is we-founded (as we sha demonstrate in Section 4.3). 4.2 Towards a Mode of λ refural Aiasing and Ownership Though our mode is simiar to AAV, the presence of shared and unique references paces very different demands on the mode, which we iustrate by considering the interpretation of product types in various settings. In a anguage with ony unrestricted references (e.g. AAV), one woud say (k, Ψ, v 1, v 2 ) T τ 1 τ 2 if and ony if (k, Ψ, v 1) T τ 1 and (k, Ψ, v 2) T τ 2, where the store typing Ψ describes every ocation aocated by the program thus far. In this setting, every ocation (in Ψ) may be aiased; hence, the mode aows v 1 and v 2 to point to data structures that overap in the heap.

7 1 2 A x L U A A (a) (k, Ψ, Ω 1, x) T τ y 6 U A A L (b) (k, Ψ, Ω 2, y) T τ 2 x, y 1 L 6 L 2 A U A A (c) Probem: Ω 1 Ω 2 = unined Figure 9. Unique References in Shared References: Aiased or Owned In a anguage with ony inear references [23, 2], however, one must ensure that the set of (inear) ocations reachabe from v 1 is disjoint from the set of ocations reachabe from v 2. This mirrors the fact that we can ony construct tree-ike data structures in this setting. Furthermore, it guarantees the safety of strong updates by providing a notion of excusive ownership. Hence, to mode a anguage with ony inear references, it is usefu to repace the goba store description Ψ with a description of ony the accessibe (reachabe) ocations in the store, say Ω. Intuitivey, when we ite (k, Ω, v) T τ, we intend for Ω to describe ony the subset of store ocations that are accessibe from, and hence, owned by v. Thus, one woud say (k, Ω, v 1, v 2 ) T τ 1 τ 2 if and ony if (k, Ω 1, v 1) T τ 1 and (k, Ω 2, v 2) T τ 2, where the Ω is the disjoint union of Ω 1 and Ω 2. For the λ refural -cacuus, we tried to buid a mode that supports both aiasing and ownership as foows. We ined the semantic interpretation of a type T τ as the set of tupes of the form (k, Ψ, Ω, v) where Ψ describes every U and R ocation aocated by the program and Ω describes ony those A and L ocations that are reachabe from (and owned by) v. The interpretation of τ 1 τ 2 then naturay yieds: (k, Ψ, Ω, v 1, v 2 ) T τ 1 τ 2 if and ony if (k, Ψ, Ω 1, v 1) T τ 1 and (k, Ψ, Ω 2, v 2) T τ 2, where the Ω is the disjoint union of Ω 1 and Ω 2. Unfortunatey, the above mode did not suffice for λ refural, since it assumes that every unique ocation reachabe from v is excusivey owned by v, which is not the case when unique references may be stored in shared references. Unique References in Shared References: Aiased or Owned Consider the situation depicted in Figure 9(a) where x maps to 1 and ocations 1 through 5 are reachabe from x. Locations owned by x are shaded. Notice that 1 and 2 are unique ocations owned by x, whie 4 and 5 are unique ocations that x must consider aiased, since they can be reached (from other program subexpressions) via the unrestricted ocation 3. Figure 9(b) depicts such a subexpression, y. Note that y maps to 6 whose contents aias 3, making 4 and 5 reachabe from y. In λ refural we may safey construct the pair x, y (shown in Figure 9(c)), but the interpretation of τ 1 τ 2 that we proposed above prohibits such a pair since ocations 4 and 5 occur in both Ω 1 and Ω 2, vioating the requirement that their domains be disjoint. To mode the λ refural -cacuus, we tried to further refine our mode so that the interpretation of a type T τ is a set of tupes of the form (k, Ψ, Ω, Θ, v) where Ψ is as before, but now Ω describes unique owned ocations, (i.e., those reachabe from v without indirecting through a shared reference), whie Θ describes unique aiased ocations, (i.e., those that cannot be reached without indirecting through a shared ce). The intuition is that the interpretation of τ 1 τ 2 spits Ω into disjoint pieces for each component of the pair, but aows each component to use Ψ and Θ unchanged. This proposa, however, is fraught with compications. In particuar, whether a unique ocation beongs in Ω or Θ depends on the configuration of the entire program, rather than just the type of the ocation. This imits the compositionaity of the mode. For instance, consider 5 in Figure 9(c). Ceary 5 must appear in Θ as it is reachabe from an unrestricted ocation. However, if ocations 1, 2, 3, and 6 did not exist, then 5 coud appear in Ω. In the next section, we propose a far simper soution that we consider one of the main technica contributions of our work. 4.3 A Mode with Loca Store Descriptions In our mode of the λ refural -cacuus, the semantic interpretation of a type T τ is a set of tupes of the form (k, q, ψ, v), where the oca store description ψ describes ony a part of the goba store. Intuitivey, ψ is the set of beiefs about the ocations that appear as sub-expressions of the vaue v. Such ocations are said to be directy accessibe from the vaue v. Conversey, ocations that are indirecty accessibe from the vaue v are those ocations that are reachabe from v ony by indirecting through one (or more) references. The oca store description ψ says nothing about these indirecty-accessibe ocations. This enhances the compositionaity of our mode, making it straightforward to combine oca store descriptions with one another Definitions We use the meta-variabe χ to denote sets of tupes of the form (k, q, ψ, v) and the meta-variabe ψ to denote partia maps from ocations to tupes of the form (q, χ). 5 When χ corresponds to the semantic interpretation of a type and (k, q, ψ, v) χ, we intend that q is the quaifier of v, ψ is the oca store description of v, and v is a cosed vaue. When ψ corresponds to a oca store description and ψ() = (q, χ), we intend that q is the quaifier of the reference and χ is the semantic interpretation of the type of its contents. 5 We ite ψ qua () and ψ type () for the respective projections of ψ().

8 (a) PreType/Type Interpretation (Notation) χ ::= {(k, q, ψ, v),...} Loca Store Description (Notation) ψ ::= { (q, χ),...} (b) CandAtom k = {(j, q, ψ, v) N Quas j<k CandLocaStoreDesc j CVaues j < k ψ CandLocaStoreDesc j } CandUberType k = 2 CandAtom k CandLocaStoreDesc k = Locs Quas CandUberType k CandAtom ω CandUberType ω CandLocaStoreDesc ω S = k 0 CandAtom k S = 2 CandAtomω k 0 CandUberType k S = Locs Quas CandUberType ω k 0 CandLocaStoreDesc k (c) χ k = {(j, q, ψ, v) j < k (j, q, ψ, v) χ} CandUberType ω CandUberType k ψ k P(q, ψ) R(ψ) = { (q, χ k ) dom(ψ) ψ() = (q, χ)} CandLocaStoreDesc ω CandLocaStoreDesc k = dom(ψ). ψ qua () q Quas CandLocaStoreDesc ω P = dom(ψ). (ψ qua () A (, q,, ) ψ type (). q A) CandLocaStoreDesc ω P (d) Atom k = {(j, q, ψ, v) CandAtom k ψ LocaStoreDesc j P(q, ψ)} CandAtom k PreType k = {χ 2 Atom k (j, q, ψ, v) χ. i j. (i, q, ψ i, v) χ} CandUberType k Type k = {χ PreType k q Quas. (, q,, ) χ. q = q } CandUberType k LocaStoreDesc k = {ψ Locs Quas Type k R(ψ)} CandLocaStoreDesc k PreType Type S = {χ CandUberType ω k 0. χ k PreType k } k 0 PreType k S = {χ CandUberType ω k 0. χ k Type k } k 0 Type k Figure 10. λ refural Mode (Definitions) We-Founded & We-Behaved Interpretations If we attempt to naïvey construct a set-theoretic mode based on these intentions, we are ed to specify: Type = 2 N Quas LocaStoreDesc CVaues LocaStoreDesc = Locs Quas Type However, there is a probem with this specification: a simpe diagonaization argument wi show that the set Type of type interpretations has an inconsistent cardinaity (i.e., it s an i-founded recursive inition). We can eiminate the inconsistency by stratifying our initions, making essentia use of the approximation index. To simpify the deveopment, we first construct candidate sets, which are wefounded sets of our intended form. Next, we ine some usefu functions and predicates on these candidate sets. Finay, we construct our semantic interpretations by fitering the candidate sets, making use of the functions and predicates ined in the previous step. Our semantic interpretations impose a number of constraints (e.g., reating the quaifier of a reference to the quaifier of its contents) that are ignored in the construction of the candidate sets. Figure 10(b) ines our candidate sets by (strong) induction on k. Note that eements of CandAtom k are tupes with approximation index j stricty ess than k. Hence, our initions are weined at k = 0: CandAtom 0 = CandUberType 0 = { } CandLocaStoreDesc 0 = Locs Quas { } Whie our candidate sets estabish the existence of sets of our intended form, our semantic interpretations wi need to be webehaved in other ways. There are key constraints associated with atoms, pre-types, types, and oca store descriptions that wi be enforced in our fina initions. Functions and predicates supporting these constraints are given in Figure 10(c). For any set χ, we ine the k-approximation of the set (itten χ k ) as the subset of its eements whose indices are ess than k; we extend the notion pointwise to oca store descriptions ψ (itten ψ k ). Note that χ k and ψ k necessariy yied eements of CandUberType k and CandLocaStoreDesc k. Figure 10(c) ines our semantic interpretations, again by (strong) induction on k. Note that our semantic interpretations can be seen as fitering their corresponding candidate sets. Next, we examine each of these fitering constraints. Reca that we intend for Atom k to ine tupes of the form (j, q, ψ, v) where q is the quaifier of v and ψ is the oca store

9 K QUAL = Quas K = PreType K = Type T α : κ δ = δ(α) T q : QUAL δ = q T 1 : δ = {(k, q, {}, )} T τ 1 τ 2 : δ = {(k, q, ψ, v 1, v 2 ) ψ = (ψ 1 k ψ 2 ) (k, q 1, ψ 1, v 1 ) T τ 1 : δ q 1 q (k, q 2, ψ 2, v 2 ) T τ 2 : δ q 2 q} T τ 1 τ 2 : δ = {(k, q c, ψ c, λx. e) ψ c LocaStoreDesc k P(q c, ψ c) j < k, q a, ψ a, v a. (j, q a, ψ a, v a) T τ 1 : δ (ψ c j ψ a) ined Comp(j, (ψ c j ψ a), e[v a/x], T τ 2 : δ)} T α:κ. τ : δ = {(k, q, ψ, Λ. e) ψ LocaStoreDesc k P(q, ψ) j < k, I K κ. Comp(j, ψ j, e, T, α:κ τ : δ[α I])} T ref τ : δ = {(k, q, { (q, χ)}, ) χ = T τ : δ k (q A (, q,, ) χ. q A)} T ξ τ : δ = {(k, q, ψ, v) q = T ξ : QUAL δ (k, q, ψ, v) T τ : δ} Comp(k, ψ s, e s, χ) = j < k, s s, ψ r, s f, e f. s s : k (ψ s k ψ r) (s s, e s) j (s f, e f ) irred(s f, e f ) q f, ψ f. s f : k j (ψ f k j ψ r) (k j, q f, ψ f, e f ) χ Figure 11. λ refural Mode (Interpretations) description of v. Fitering CandAtom k by the predicate P(q, ψ) enforces the requirement that if v is a vaue with quaifier q, then each ocation directy accessibe from v must have a quaifier q such that q q. We further require the oca store description ψ to be a member of LocaStoreDesc j. We ine PreType k as those χ 2 Atom k CandUberType k that are cosed with respect to a decreasing step-index. We ine Type k by further requiring that a vaues in χ share the same quaifier. Looking ahead, we wi need to extend our semantic interpretations to a predicate Comp(k, ψ, e, T τ), where e is a (cosed) expression. Intuitivey, an expression e that is indistinguishabe from a vaue of type τ for k steps must aso be indistinguishabe for j < k steps. Since we wi ine the predicate Comp(,,, ) on eements of Type, we incorporate this cosure property into the inition of PreType k. Finay, we ine LocaStoreDesc k using the predicate R(ψ), which requires that every unrestricted or affine ocation in ψ is mapped to a type with ony unrestricted and affine vaues. The predicate R(ψ) disaows reevant or inear vaues as the contents of unrestricted or affine ocations (reca Figure 7) Semantic Interpretations Figure 11 gives our semantic interpretation of kinds K κ, quaifiers T q, pre-types T τ, and types T τ. 6 The interpretation of the kinds and are the semantic interpretations PreType and 6 Since our anguage supports poymorphic types, we must give the interpretations of type-eve terms with free variabes. Whie, technicay, we shoud ite T ι : κ δ, where the substitution δ is in the interpretation of the term context (see D in Figure 17), we wi use the more concise notation T ι in the text. Type respectivey, whie the interpretation of the kind QUAL is the set of (constant) quaifiers Quas. Units: No Location Beiefs Consider the interpretation of the pre-type 1. Ceary, no ocations appear as sub-expressions of the vaue ; hence, the interpretation of 1 demands an empty oca store description {}. Furthermore, the vaue may be ascribed any quaifier q. References: Singe Location Beiefs Next, consider the interpretation of the pre-type ref τ. From the vaue, the ony directyaccessibe ocation is itsef. Hence, the oca store description ψ for the ocation in the interpretation of ref τ must take the form { (q, χ)}. Furthermore, χ, the semantic interpretation of the type of s contents, must match T τ. Figure 12 graphicay depicts the oca store description ψ = { (q, T τ)} (sighty abusing notation in the interest of brevity). Our intention is to express the idea that ψ beieves that is aocated with quaifier q and contents of type τ, but ψ beieves nothing about any other ocation in the store, represented by. (k, q, ψ = { (q, T τ)}, ) T ref τ ψ (q, T τ) Figure 12. A Loca Store Description in T ref τ Note that the inition of T ref τ requires that if is an unrestricted or affine ocation, then χ shoud never contain oca

10 ψ 1 k ψ 2 = 8 >< >: { ψ 1 k () dom(ψ 1 ) dom(ψ 2 )} { ψ 1 k () dom(ψ 1 ) \ dom(ψ 2 )} { ψ 2 k () dom(ψ 2 ) \ dom(ψ 1 )} unined if dom(ψ 1 ) dom(ψ 2 ). ψ 1 k () = ψ 2 k () and dom(ψ 1 ). A ψ qua 1 () / dom(ψ 2 ) and dom(ψ 2 ). A ψ qua 2 () / dom(ψ 1 ) otherwise Figure 13. λ refural Mode (Join Partia Function) (a) (b) ψ 1 1 (q 1, T τ 1 ) (k, q 1, ψ 1 = { 1 (q 1, T τ 1 )}, 1 ) T q 1ref τ 1 (k, q 2, ψ 2 = { 2 (q 2, T τ 2 )}, 2 ) T q 2ref τ 2 J ψ 2 2 (q 2, T τ 2 ) (k, U, ψ 1 = { (U, T τ)}, ) T U ref τ (k, U, ψ 2 = { (R, T τ )}, ) T R ref τ = ψ 1 ψ 2 1 (q 1, T τ 1 ) 2 (q 2, T τ 2 ) ψ 1 (U, T τ) J ψ 1 (U, T τ) = ψ 1 ψ 1 (U, T τ) (c) ψ 1 (U, T τ) J ψ 2 (R, T τ ) = unined (k, L, ψ a = { 1 (U, T τ 1 ), 2 (L, T τ 2 ), v a = 1, 2 ) T L ( U ref τ 1 L ref τ 2 ) (k, L, ψ b = { 1 (U, T τ 1 ), 3 (L, T τ 3 ), v b = 1, 3 ) T L ( U ref τ 1 L ref τ 3 ) (k, L, ψ c = { 3 (L, T τ 3 ), v c = 3, ) T L ( L ref τ 3 U 1 ) ψ a 1 (U, T τ 1 ) 2 (L, T τ 2 ) ψ b 1 (U, T τ 1 ) 3 (L, T τ 3 ) J J ψ b 1 (U, T τ 1 ) 3 (L, T τ 3 ) ψc 3 (L, T τ 3 ) Figure 14. ψ 1 ψ 2 Exampes = ψ a ψ b 1 (U, T τ 1 ) 2 (L, T τ 2 ) 3 (L, T τ 3 ) = unined store descriptions that incude reevant or inear ocations; i.e., the inition of T ref τ incorporates the predicate R( ) speciaized to { (q, χ)}. Pairs: Compatibe Location Beiefs A pair v 1, v 2 (such that (k, q 1, ψ 1, v 1) T τ 1 and (k, q 2, ψ 2, v 2) T τ 2) is in the interpretation of τ 1 τ 2 if and ony if the pair is ascribed a quaifier greater than that of its components and the two sets of beiefs about the store, ψ 1 and ψ 2, can be combined into a singe set of beiefs sufficient for safey executing k steps (itten ψ 1 k ψ 2, see Figure 13). Informay, oca store descriptions can be combined ony if they are compatibe; that is, if the beiefs in one oca store description do not contradict the beiefs in the other store description. Ceary, if ψ 1 and ψ 2 have disjoint sets of beiefs about the store, then ψ 1 k ψ 2 is ined and equa to the union of their beiefs (see Figure 14(a)). In the more genera case, where the same ocation may be found in the domain of both ψ 1 and ψ 2, there are two requirements enforced by the inition of ψ 1 k ψ 2. First, we require that for any ocation that is described by both ψ 1 and ψ 2, it must be the case that ψ 1 and ψ 2 have identica beiefs about to approximation k. Note that ψ 1 and ψ 2 must agree on both the quaifier of the ocation as we as the type of the ocation s contents (see Figure 14(b)). The second requirement is more subte, having to do with the notion of directy-accessibe ocations. Suppose that 3 is a inear or affine ocation mapped by ψ b. Therefore, a vaue v b with oca store description ψ b must contain 3 as a sub-expression. Since 3 is inear or affine, this occurrence of 3 in the vaue v b must be the one (and ony) occurrence of 3 in the entire program state. Now, suppose that 3 is aso in the domain of a oca store description ψ c. As before, a vaue v c with oca store description ψ c must contain 3 as a sub-expression. If we were to attempt to form the vaue v b, v c, then we woud have a vaue with two distinct occurrences of 3, vioating the uniqueness of the ocation 3. Hence, we consider ψ b and ψ c to represent incompatibe (contradictory) beiefs about the current store (see Figure 14(c)).

11 Functions & Abstractions: Cosure Location Beiefs Since functions and abstractions are suspended computations, their interpretations are given in terms of the interpretation of types as computations (see beow). A function λx. e with quaifier q c and oca store description ψ c (where ψ c describes the ocations directy accessibe from the function s cosure and, hence, must satisfy P(q c, ψ c)) is in the interpretation of τ 1 τ 2 for k steps if, at some point in the future, when there are j < k steps eft to execute, and there is an argument v a such that (j,, ψ a, v a) T τ 1 and the beiefs ψ c and ψ a are compatibe, then e[v a/x] ooks ike a computation of type τ 2 for j steps. The interpretation of α:κ. τ is anaogous, except that we quantify over (type-eve term) interpretations I K κ. Store Satisfaction: Tracing Location Beiefs The interpretation of types as computations (Comp) makes use of an auxiiary reation s : k ψ (given in Figure 15), which says that the store s satisfies oca store description ψ (to approximation k). We motivate the inition of s : k ψ by drawing an anaogy with the specification of a tracing garbage coector (see Figure 16). As described above, ψ corresponds to (beiefs about) the portion of the store directy accessibe from a vaue (or mutipe vaues, when ψ corresponds to k -ed store descriptions). Hence, we can consider dom(ψ) as a set of root ocations. In the inition of s : k ψ, S corresponds to the set of reachabe (root and non-root) ocations in the store that woud be discovered by the garbage coector. The function F ψ maps each ocation in S to a oca store description, whie the function F q maps each ocation to a quaifier. It is our intention that, for each ocation, F q() is an appropriate quaifier and F ψ () is an appropriate oca store description for the vaue s va (). Hence, we can consider dom(f ψ ()) as the set of chid ocations traced from the contents of. Having chosen the set S and the functions F ψ and F q, we require that they satisfy three criteria. The congruity criteria ensures that our choices are both internay consistent and consistent with the store s. The goba store description ψ combines the oca store descriptions of the roots with the oca store descriptions of the contents of every reachabe ocation; the impicit requirement that ψ is ined ensures that the oca beiefs of the roots and individua store contents are a compatibe. The cause dom(ψ ) = S requires that S and F ψ are chosen such that S incudes a the reachabe ocations (and not just some of the reachabe ocations), whie the cause dom(s) S requires that a of the reachabe ocations are actuay in the store. Finay, (j, F q, F ψ () j, s va ()) ψ type () k ensures that the contents of, with the quaifier assigned by F q and oca store description assigned by F ψ, is in the type assigned by the goba store description ψ (for j < k steps). The minimaity criteria ensures that our choice for the set S does not contain any ocations not reachabe from the roots. For exampe, in Figure 16, incuding 11 in S woud not vioate congruity, but woud vioate minimaity. Finay, the reachabiity criteria ensures that every inear and reevant ocation is reachabe from the roots (and, hence, has not been impicity discarded). Computations: Reating Current to Future Beiefs Informay, the interpretation of types as computations Comp(k, ψ s, e s, χ) (see Figure 11) says that if the expression e s (with beiefs ψ s, again, corresponding to the ocations appearing as sub-expressions of e s) reaches an irreducibe state in ess than k steps, then it must have reduced to a vaue v f (with beiefs ψ f ) that beongs to the type interpretation χ. More precisey, we pick a starting store s s such that s s : k (ψ s k ψ r), where ψ r is the set of beiefs about the store hed by the rest of the computation (aternativey, the set of beiefs hed by e s s continuation). If (s s, e s) steps to an irreducibe configuration (s f, e f ) in j < k steps, then the foowing conditions D = { } D, α:κ = {δ[α I] δ D I K κ} G δ = {(k, q, {}, )} G Γ, x:τ δ = {(k, q, ψ, γ[x v]) ψ = (ψ Γ k ψ x) (k, q Γ, ψ Γ, γ) G Γ δ q Γ q (k, q x, ψ x, v) T τ : δ q x q} ; Γ e : τ = k 0. δ, q Γ, ψ Γ, γ. δ D (k, q Γ, ψ Γ, γ) G Γ δ Comp(k, ψ Γ, γ(e), T τ : δ) Figure 17. λ refural Mode (Additiona Interpretations) hod. First, e f must be a vaue with a quaifier q f and a set of beiefs ψ f such that (k j, q f, ψ f, e f ) χ. Second, the foowing two sets of beiefs must be compatibe: ψ f (what e f beieves) and ψ r (what the rest of the computation beieves note that these beiefs remain unchanged). Third, the fina store s f must satisfy the combined set of these beiefs. Note that since ψ r is an arbitrary set of beiefs compatibe with ψ s, one instantiation of ψ r is the oca store description that incudes a of the shared ocations of ψ s. By requiring that ψ f and s f are compatibe with ψ r, we ensure that the types and quaifiers and aocation status of shared ocations are preserved. Judgements: Type Soundness Finay, the semantic interpretation of a typing judgement ; Γ e : τ (see Figure 17) asserts that for a k 0, if δ is a mapping from type-eve variabes to an eement of the appropriate kind interpretation, and γ is a mapping from variabes to cosed vaues, and ψ Γ is a oca store description for the vaues in the range of γ, then (k, ψ Γ, γ(e)) is in the interpretation of τ as a computation (Comp(k, ψ Γ, γ(e), T τ)). Our extended technica report [3] gives the proof of the foowing theorem which shows the soundness of the λ refural typing rues with respect to the mode. THEOREM 1. (λ refural Soundness) If ; Γ e : τ, then ; Γ e : τ. An immediate coroary is type-safety of λ refural. Another interesting coroary is that if we evauate a cosed, we-typed term of base type (e.g., q 1 ) to a vaue, then the resuting store wi have no inear or reevant references. COROLLARY 2. (λ refural Safety) If ; e 1 : τ and ({}, e 1) (s 2, e 2), then either v 2. e 2 v 2 or s 3, e 3. (s 2, e 2) (s 3, e 3). COROLLARY 3. (λ refural Coection) If ; e 1 : q 1 and ({}, e 1) (s 2, v 2), then dom(s 2). s qua 2 () A. Proof (λ refural Safety) Suppose ; e 1 : τ and ({}, e 1) (s 2, e 2). If irred(s 2, e 2), then s 3, e 3. (s 2, e 2) (s 3, e 3). If irred(s 2, e 2), then i. ({}, e 1) i (s 2, e 2). Theorem 1 appied to ; e 1 : τ yieds ; e 1 : τ. ; e 1 : τ instantiated with i + 1 0, D, and (i + 1, U, {}, ) G yieds Comp(i + 1, {}, e 1, T τ : ). Comp(i+1, {}, e 1, T τ : ) instantiated with i < i+1, s 1 : i+1 ({} i+1 {}), ({}, e 1) i (s 2, e 2),

Similar documents

Secure Information Flow Based on Data Flow Analysis

Secure Information Flow Based on Data Flow Analysis SSN 746-7659, Engand, UK Journa of nformation and Computing Science Vo., No. 4, 007, pp. 5-60 Secure nformation Fow Based on Data Fow Anaysis Jianbo Yao Center of nformation and computer, Zunyi Norma Coege,

More information

A Brief Introduction to Markov Chains and Hidden Markov Models

A Brief Introduction to Markov Chains and Hidden Markov Models A Brief Introduction to Markov Chains and Hidden Markov Modes Aen B MacKenzie Notes for December 1, 3, &8, 2015 Discrete-Time Markov Chains You may reca that when we first introduced random processes,

More information

Resource Usage Analysis

Resource Usage Analysis Resource Usage Anaysis ATSUSHI IGARASHI Kyoto University and NAOKI KOBAYASHI Tohoku University It is an important criterion of program correctness that a program accesses resources in a vaid manner. For

More information

MARKOV CHAINS AND MARKOV DECISION THEORY. Contents

MARKOV CHAINS AND MARKOV DECISION THEORY. Contents MARKOV CHAINS AND MARKOV DECISION THEORY ARINDRIMA DATTA Abstract. In this paper, we begin with a forma introduction to probabiity and expain the concept of random variabes and stochastic processes. After

More information

CS229 Lecture notes. Andrew Ng

CS229 Lecture notes. Andrew Ng CS229 Lecture notes Andrew Ng Part IX The EM agorithm In the previous set of notes, we taked about the EM agorithm as appied to fitting a mixture of Gaussians. In this set of notes, we give a broader view

More information

C. Fourier Sine Series Overview

C. Fourier Sine Series Overview 12 PHILIP D. LOEWEN C. Fourier Sine Series Overview Let some constant > be given. The symboic form of the FSS Eigenvaue probem combines an ordinary differentia equation (ODE) on the interva (, ) with a

More information

Problem set 6 The Perron Frobenius theorem.

Problem set 6 The Perron Frobenius theorem. Probem set 6 The Perron Frobenius theorem. Math 22a4 Oct 2 204, Due Oct.28 In a future probem set I want to discuss some criteria which aow us to concude that that the ground state of a sef-adjoint operator

More information

Separation of Variables and a Spherical Shell with Surface Charge

Separation of Variables and a Spherical Shell with Surface Charge Separation of Variabes and a Spherica She with Surface Charge In cass we worked out the eectrostatic potentia due to a spherica she of radius R with a surface charge density σθ = σ cos θ. This cacuation

More information

THE REACHABILITY CONES OF ESSENTIALLY NONNEGATIVE MATRICES

THE REACHABILITY CONES OF ESSENTIALLY NONNEGATIVE MATRICES THE REACHABILITY CONES OF ESSENTIALLY NONNEGATIVE MATRICES by Michae Neumann Department of Mathematics, University of Connecticut, Storrs, CT 06269 3009 and Ronad J. Stern Department of Mathematics, Concordia

More information

An Operational Semantics for Weak PSL

An Operational Semantics for Weak PSL An Operationa Semantics for Weak PSL Koen Caessen 1,2 and Johan Mårtensson 1,3 {koen,johan}@safeogic.se 1 Safeogic AB 2 Chamers University of Technoogy 3 Gothenburg University Abstract. Extending inear

More information

MATH 172: MOTIVATION FOR FOURIER SERIES: SEPARATION OF VARIABLES

MATH 172: MOTIVATION FOR FOURIER SERIES: SEPARATION OF VARIABLES MATH 172: MOTIVATION FOR FOURIER SERIES: SEPARATION OF VARIABLES Separation of variabes is a method to sove certain PDEs which have a warped product structure. First, on R n, a inear PDE of order m is

More information

The Group Structure on a Smooth Tropical Cubic

The Group Structure on a Smooth Tropical Cubic The Group Structure on a Smooth Tropica Cubic Ethan Lake Apri 20, 2015 Abstract Just as in in cassica agebraic geometry, it is possibe to define a group aw on a smooth tropica cubic curve. In this note,

More information

Mat 1501 lecture notes, penultimate installment

Mat 1501 lecture notes, penultimate installment Mat 1501 ecture notes, penutimate instament 1. bounded variation: functions of a singe variabe optiona) I beieve that we wi not actuay use the materia in this section the point is mainy to motivate the

More information

K a,k minors in graphs of bounded tree-width *

K a,k minors in graphs of bounded tree-width * K a,k minors in graphs of bounded tree-width * Thomas Böhme Institut für Mathematik Technische Universität Imenau Imenau, Germany E-mai: tboehme@theoinf.tu-imenau.de and John Maharry Department of Mathematics

More information

XSAT of linear CNF formulas

XSAT of linear CNF formulas XSAT of inear CN formuas Bernd R. Schuh Dr. Bernd Schuh, D-50968 Kön, Germany; bernd.schuh@netcoogne.de eywords: compexity, XSAT, exact inear formua, -reguarity, -uniformity, NPcompeteness Abstract. Open

More information

4 1-D Boundary Value Problems Heat Equation

4 1-D Boundary Value Problems Heat Equation 4 -D Boundary Vaue Probems Heat Equation The main purpose of this chapter is to study boundary vaue probems for the heat equation on a finite rod a x b. u t (x, t = ku xx (x, t, a < x < b, t > u(x, = ϕ(x

More information

CS 331: Artificial Intelligence Propositional Logic 2. Review of Last Time

CS 331: Artificial Intelligence Propositional Logic 2. Review of Last Time CS 33 Artificia Inteigence Propositiona Logic 2 Review of Last Time = means ogicay foows - i means can be derived from If your inference agorithm derives ony things that foow ogicay from the KB, the inference

More information

A Core Calculus for Provenance Inspection

A Core Calculus for Provenance Inspection A Core Cacuus for Provenance Inspection Wimer Ricciotti Laboratory for Foundations of Computer Science University of Edinburgh research@wimer-ricciotti.net August 17, 2017 Abstract Recent research has

More information

Asymptotic Properties of a Generalized Cross Entropy Optimization Algorithm

Asymptotic Properties of a Generalized Cross Entropy Optimization Algorithm 1 Asymptotic Properties of a Generaized Cross Entropy Optimization Agorithm Zijun Wu, Michae Koonko, Institute for Appied Stochastics and Operations Research, Caustha Technica University Abstract The discrete

More information

Discrete Techniques. Chapter Introduction

Discrete Techniques. Chapter Introduction Chapter 3 Discrete Techniques 3. Introduction In the previous two chapters we introduced Fourier transforms of continuous functions of the periodic and non-periodic (finite energy) type, as we as various

More information

Online Load Balancing on Related Machines

Online Load Balancing on Related Machines Onine Load Baancing on Reated Machines ABSTRACT Sungjin Im University of Caifornia at Merced Merced, CA, USA sim3@ucmerced.edu Debmaya Panigrahi Duke University Durham, NC, USA debmaya@cs.duke.edu We give

More information

Reichenbachian Common Cause Systems

Reichenbachian Common Cause Systems Reichenbachian Common Cause Systems G. Hofer-Szabó Department of Phiosophy Technica University of Budapest e-mai: gszabo@hps.ete.hu Mikós Rédei Department of History and Phiosophy of Science Eötvös University,

More information

Componentwise Determination of the Interval Hull Solution for Linear Interval Parameter Systems

Componentwise Determination of the Interval Hull Solution for Linear Interval Parameter Systems Componentwise Determination of the Interva Hu Soution for Linear Interva Parameter Systems L. V. Koev Dept. of Theoretica Eectrotechnics, Facuty of Automatics, Technica University of Sofia, 1000 Sofia,

More information

Discrete Techniques. Chapter Introduction

Discrete Techniques. Chapter Introduction Chapter 3 Discrete Techniques 3. Introduction In the previous two chapters we introduced Fourier transforms of continuous functions of the periodic and non-periodic (finite energy) type, we as various

More information

VI.G Exact free energy of the Square Lattice Ising model

VI.G Exact free energy of the Square Lattice Ising model VI.G Exact free energy of the Square Lattice Ising mode As indicated in eq.(vi.35), the Ising partition function is reated to a sum S, over coections of paths on the attice. The aowed graphs for a square

More information

FRIEZE GROUPS IN R 2

FRIEZE GROUPS IN R 2 FRIEZE GROUPS IN R 2 MAXWELL STOLARSKI Abstract. Focusing on the Eucidean pane under the Pythagorean Metric, our goa is to cassify the frieze groups, discrete subgroups of the set of isometries of the

More information

$, (2.1) n="# #. (2.2)

$, (2.1) n=# #. (2.2) Chapter. Eectrostatic II Notes: Most of the materia presented in this chapter is taken from Jackson, Chap.,, and 4, and Di Bartoo, Chap... Mathematica Considerations.. The Fourier series and the Fourier

More information

PHYS 110B - HW #1 Fall 2005, Solutions by David Pace Equations referenced as Eq. # are from Griffiths Problem statements are paraphrased

PHYS 110B - HW #1 Fall 2005, Solutions by David Pace Equations referenced as Eq. # are from Griffiths Problem statements are paraphrased PHYS 110B - HW #1 Fa 2005, Soutions by David Pace Equations referenced as Eq. # are from Griffiths Probem statements are paraphrased [1.] Probem 6.8 from Griffiths A ong cyinder has radius R and a magnetization

More information

8 Digifl'.11 Cth:uits and devices

8 Digifl'.11 Cth:uits and devices 8 Digif'. Cth:uits and devices 8. Introduction In anaog eectronics, votage is a continuous variabe. This is usefu because most physica quantities we encounter are continuous: sound eves, ight intensity,

More information

are left and right inverses of b, respectively, then: (b b 1 and b 1 = b 1 b 1 id T = b 1 b) b 1 so they are the same! r ) = (b 1 r = id S b 1 r = b 1

are left and right inverses of b, respectively, then: (b b 1 and b 1 = b 1 b 1 id T = b 1 b) b 1 so they are the same! r ) = (b 1 r = id S b 1 r = b 1 Lecture 1. The Category of Sets PCMI Summer 2015 Undergraduate Lectures on Fag Varieties Lecture 1. Some basic set theory, a moment of categorica zen, and some facts about the permutation groups on n etters.

More information

Some Measures for Asymmetry of Distributions

Some Measures for Asymmetry of Distributions Some Measures for Asymmetry of Distributions Georgi N. Boshnakov First version: 31 January 2006 Research Report No. 5, 2006, Probabiity and Statistics Group Schoo of Mathematics, The University of Manchester

More information

Asynchronous Control for Coupled Markov Decision Systems

Asynchronous Control for Coupled Markov Decision Systems INFORMATION THEORY WORKSHOP (ITW) 22 Asynchronous Contro for Couped Marov Decision Systems Michae J. Neey University of Southern Caifornia Abstract This paper considers optima contro for a coection of

More information

Uniprocessor Feasibility of Sporadic Tasks with Constrained Deadlines is Strongly conp-complete

Uniprocessor Feasibility of Sporadic Tasks with Constrained Deadlines is Strongly conp-complete Uniprocessor Feasibiity of Sporadic Tasks with Constrained Deadines is Strongy conp-compete Pontus Ekberg and Wang Yi Uppsaa University, Sweden Emai: {pontus.ekberg yi}@it.uu.se Abstract Deciding the feasibiity

More information

Bayesian Learning. You hear a which which could equally be Thanks or Tanks, which would you go with?

Bayesian Learning. You hear a which which could equally be Thanks or Tanks, which would you go with? Bayesian Learning A powerfu and growing approach in machine earning We use it in our own decision making a the time You hear a which which coud equay be Thanks or Tanks, which woud you go with? Combine

More information

BASIC NOTIONS AND RESULTS IN TOPOLOGY. 1. Metric spaces. Sets with finite diameter are called bounded sets. For x X and r > 0 the set

BASIC NOTIONS AND RESULTS IN TOPOLOGY. 1. Metric spaces. Sets with finite diameter are called bounded sets. For x X and r > 0 the set BASIC NOTIONS AND RESULTS IN TOPOLOGY 1. Metric spaces A metric on a set X is a map d : X X R + with the properties: d(x, y) 0 and d(x, y) = 0 x = y, d(x, y) = d(y, x), d(x, y) d(x, z) + d(z, y), for a

More information

Stochastic Complement Analysis of Multi-Server Threshold Queues. with Hysteresis. Abstract

Stochastic Complement Analysis of Multi-Server Threshold Queues. with Hysteresis. Abstract Stochastic Compement Anaysis of Muti-Server Threshod Queues with Hysteresis John C.S. Lui The Dept. of Computer Science & Engineering The Chinese University of Hong Kong Leana Goubchik Dept. of Computer

More information

u(x) s.t. px w x 0 Denote the solution to this problem by ˆx(p, x). In order to obtain ˆx we may simply solve the standard problem max x 0

u(x) s.t. px w x 0 Denote the solution to this problem by ˆx(p, x). In order to obtain ˆx we may simply solve the standard problem max x 0 Bocconi University PhD in Economics - Microeconomics I Prof M Messner Probem Set 4 - Soution Probem : If an individua has an endowment instead of a monetary income his weath depends on price eves In particuar,

More information

Torsion and shear stresses due to shear centre eccentricity in SCIA Engineer Delft University of Technology. Marijn Drillenburg

Torsion and shear stresses due to shear centre eccentricity in SCIA Engineer Delft University of Technology. Marijn Drillenburg Torsion and shear stresses due to shear centre eccentricity in SCIA Engineer Deft University of Technoogy Marijn Drienburg October 2017 Contents 1 Introduction 2 1.1 Hand Cacuation....................................

More information

Timed CTL Model Checking in Real-Time Maude

Timed CTL Model Checking in Real-Time Maude Timed CTL Mode Checing in Rea-Time Maude (Extended Version) Daniea Lepri 1, Eria Ábrahám2, and Peter Csaba Öveczy1,3 1 University of Oso, Norway 2 RWTH Aachen University, Germany 3 University of Iinois

More information

Lecture 6: Moderately Large Deflection Theory of Beams

Lecture 6: Moderately Large Deflection Theory of Beams Structura Mechanics 2.8 Lecture 6 Semester Yr Lecture 6: Moderatey Large Defection Theory of Beams 6.1 Genera Formuation Compare to the cassica theory of beams with infinitesima deformation, the moderatey

More information

A Novel Learning Method for Elman Neural Network Using Local Search

A Novel Learning Method for Elman Neural Network Using Local Search Neura Information Processing Letters and Reviews Vo. 11, No. 8, August 2007 LETTER A Nove Learning Method for Eman Neura Networ Using Loca Search Facuty of Engineering, Toyama University, Gofuu 3190 Toyama

More information

Selmer groups and Euler systems

Selmer groups and Euler systems Semer groups and Euer systems S. M.-C. 21 February 2018 1 Introduction Semer groups are a construction in Gaois cohomoogy that are cosey reated to many objects of arithmetic importance, such as cass groups

More information

Partial permutation decoding for MacDonald codes

Partial permutation decoding for MacDonald codes Partia permutation decoding for MacDonad codes J.D. Key Department of Mathematics and Appied Mathematics University of the Western Cape 7535 Bevie, South Africa P. Seneviratne Department of Mathematics

More information

Section 6: Magnetostatics

Section 6: Magnetostatics agnetic fieds in matter Section 6: agnetostatics In the previous sections we assumed that the current density J is a known function of coordinates. In the presence of matter this is not aways true. The

More information

c 2007 Society for Industrial and Applied Mathematics

c 2007 Society for Industrial and Applied Mathematics SIAM REVIEW Vo. 49,No. 1,pp. 111 1 c 7 Society for Industria and Appied Mathematics Domino Waves C. J. Efthimiou M. D. Johnson Abstract. Motivated by a proposa of Daykin [Probem 71-19*, SIAM Rev., 13 (1971),

More information

SydU STAT3014 (2015) Second semester Dr. J. Chan 18

SydU STAT3014 (2015) Second semester Dr. J. Chan 18 STAT3014/3914 Appied Stat.-Samping C-Stratified rand. sampe Stratified Random Samping.1 Introduction Description The popuation of size N is divided into mutuay excusive and exhaustive subpopuations caed

More information

( ) is just a function of x, with

( ) is just a function of x, with II. MULTIVARIATE CALCULUS The first ecture covered functions where a singe input goes in, and a singe output comes out. Most economic appications aren t so simpe. In most cases, a number of variabes infuence

More information

On the Goal Value of a Boolean Function

On the Goal Value of a Boolean Function On the Goa Vaue of a Booean Function Eric Bach Dept. of CS University of Wisconsin 1210 W. Dayton St. Madison, WI 53706 Lisa Heerstein Dept of CSE NYU Schoo of Engineering 2 Metrotech Center, 10th Foor

More information

Explicit overall risk minimization transductive bound

Explicit overall risk minimization transductive bound 1 Expicit overa risk minimization transductive bound Sergio Decherchi, Paoo Gastado, Sandro Ridea, Rodofo Zunino Dept. of Biophysica and Eectronic Engineering (DIBE), Genoa University Via Opera Pia 11a,

More information

Consistent linguistic fuzzy preference relation with multi-granular uncertain linguistic information for solving decision making problems

Consistent linguistic fuzzy preference relation with multi-granular uncertain linguistic information for solving decision making problems Consistent inguistic fuzzy preference reation with muti-granuar uncertain inguistic information for soving decision making probems Siti mnah Binti Mohd Ridzuan, and Daud Mohamad Citation: IP Conference

More information

LECTURE NOTES 9 TRACELESS SYMMETRIC TENSOR APPROACH TO LEGENDRE POLYNOMIALS AND SPHERICAL HARMONICS

LECTURE NOTES 9 TRACELESS SYMMETRIC TENSOR APPROACH TO LEGENDRE POLYNOMIALS AND SPHERICAL HARMONICS MASSACHUSETTS INSTITUTE OF TECHNOLOGY Physics Department Physics 8.07: Eectromagnetism II October 7, 202 Prof. Aan Guth LECTURE NOTES 9 TRACELESS SYMMETRIC TENSOR APPROACH TO LEGENDRE POLYNOMIALS AND SPHERICAL

More information

Chemical Kinetics Part 2

Chemical Kinetics Part 2 Integrated Rate Laws Chemica Kinetics Part 2 The rate aw we have discussed thus far is the differentia rate aw. Let us consider the very simpe reaction: a A à products The differentia rate reates the rate

More information

A Statistical Framework for Real-time Event Detection in Power Systems

A Statistical Framework for Real-time Event Detection in Power Systems 1 A Statistica Framework for Rea-time Event Detection in Power Systems Noan Uhrich, Tim Christman, Phiip Swisher, and Xichen Jiang Abstract A quickest change detection (QCD) agorithm is appied to the probem

More information

Rapporto di Ricerca CS P. Baldan, A. Corradini, H. Ehrig, R. Heckel, B. König

Rapporto di Ricerca CS P. Baldan, A. Corradini, H. Ehrig, R. Heckel, B. König UNIVERSITÀ CA FOSCARI DI VENEZIA Dipartimento di Informatica Technica Report Series in Computer Science Rapporto di Ricerca CS-2006-9 Novembre 2006 P. Badan, A. Corradini, H. Ehrig, R. Hecke, B. König

More information

ASummaryofGaussianProcesses Coryn A.L. Bailer-Jones

ASummaryofGaussianProcesses Coryn A.L. Bailer-Jones ASummaryofGaussianProcesses Coryn A.L. Baier-Jones Cavendish Laboratory University of Cambridge caj@mrao.cam.ac.uk Introduction A genera prediction probem can be posed as foows. We consider that the variabe

More information

History-Dependent Automata: An Introduction

History-Dependent Automata: An Introduction History-Dependent Automata: An Introduction Ugo Montanari 1 and Marco Pistore 2 1 University of Trento, Itay marco.pistore@unitn.it 2 University of Pisa, Itay ugo@di.unipi.it Abstract. In this paper we

More information

NIKOS FRANTZIKINAKIS. N n N where (Φ N) N N is any Følner sequence

NIKOS FRANTZIKINAKIS. N n N where (Φ N) N N is any Følner sequence SOME OPE PROBLEMS O MULTIPLE ERGODIC AVERAGES IKOS FRATZIKIAKIS. Probems reated to poynomia sequences In this section we give a ist of probems reated to the study of mutipe ergodic averages invoving iterates

More information

arxiv:math/ v2 [math.pr] 6 Mar 2005

arxiv:math/ v2 [math.pr] 6 Mar 2005 ASYMPTOTIC BEHAVIOR OF RANDOM HEAPS arxiv:math/0407286v2 [math.pr] 6 Mar 2005 J. BEN HOUGH Abstract. We consider a random wa W n on the ocay free group or equivaenty a signed random heap) with m generators

More information

arxiv: v1 [math.co] 17 Dec 2018

arxiv: v1 [math.co] 17 Dec 2018 On the Extrema Maximum Agreement Subtree Probem arxiv:1812.06951v1 [math.o] 17 Dec 2018 Aexey Markin Department of omputer Science, Iowa State University, USA amarkin@iastate.edu Abstract Given two phyogenetic

More information

6 Wave Equation on an Interval: Separation of Variables

6 Wave Equation on an Interval: Separation of Variables 6 Wave Equation on an Interva: Separation of Variabes 6.1 Dirichet Boundary Conditions Ref: Strauss, Chapter 4 We now use the separation of variabes technique to study the wave equation on a finite interva.

More information

arxiv: v1 [math.ca] 6 Mar 2017

arxiv: v1 [math.ca] 6 Mar 2017 Indefinite Integras of Spherica Besse Functions MIT-CTP/487 arxiv:703.0648v [math.ca] 6 Mar 07 Joyon K. Boomfied,, Stephen H. P. Face,, and Zander Moss, Center for Theoretica Physics, Laboratory for Nucear

More information

A. Distribution of the test statistic

A. Distribution of the test statistic A. Distribution of the test statistic In the sequentia test, we first compute the test statistic from a mini-batch of size m. If a decision cannot be made with this statistic, we keep increasing the mini-batch

More information

Higher dimensional PDEs and multidimensional eigenvalue problems

Higher dimensional PDEs and multidimensional eigenvalue problems Higher dimensiona PEs and mutidimensiona eigenvaue probems 1 Probems with three independent variabes Consider the prototypica equations u t = u (iffusion) u tt = u (W ave) u zz = u (Lapace) where u = u

More information

Pattern Frequency Sequences and Internal Zeros

Pattern Frequency Sequences and Internal Zeros Advances in Appied Mathematics 28, 395 420 (2002 doi:10.1006/aama.2001.0789, avaiabe onine at http://www.ideaibrary.com on Pattern Frequency Sequences and Interna Zeros Mikós Bóna Department of Mathematics,

More information

Stochastic Automata Networks (SAN) - Modelling. and Evaluation. Paulo Fernandes 1. Brigitte Plateau 2. May 29, 1997

Stochastic Automata Networks (SAN) - Modelling. and Evaluation. Paulo Fernandes 1. Brigitte Plateau 2. May 29, 1997 Stochastic utomata etworks (S) - Modeing and Evauation Pauo Fernandes rigitte Pateau 2 May 29, 997 Institut ationa Poytechnique de Grenobe { IPG Ecoe ationae Superieure d'informatique et de Mathematiques

More information

12.2. Maxima and Minima. Introduction. Prerequisites. Learning Outcomes

12.2. Maxima and Minima. Introduction. Prerequisites. Learning Outcomes Maima and Minima 1. Introduction In this Section we anayse curves in the oca neighbourhood of a stationary point and, from this anaysis, deduce necessary conditions satisfied by oca maima and oca minima.

More information

are left and right inverses of b, respectively, then: (b b 1 and b 1 = b 1 b 1 id T = b 1 b) b 1 so they are the same! r ) = (b 1 r = id S b 1 r = b 1

are left and right inverses of b, respectively, then: (b b 1 and b 1 = b 1 b 1 id T = b 1 b) b 1 so they are the same! r ) = (b 1 r = id S b 1 r = b 1 Lecture 1. The Category of Sets PCMI Summer 2015 Undergraduate Lectures on Fag Varieties Lecture 1. Some basic set theory, a moment of categorica zen, and some facts about the permutation groups on n etters.

More information

LECTURE NOTES 8 THE TRACELESS SYMMETRIC TENSOR EXPANSION AND STANDARD SPHERICAL HARMONICS

LECTURE NOTES 8 THE TRACELESS SYMMETRIC TENSOR EXPANSION AND STANDARD SPHERICAL HARMONICS MASSACHUSETTS INSTITUTE OF TECHNOLOGY Physics Department Physics 8.07: Eectromagnetism II October, 202 Prof. Aan Guth LECTURE NOTES 8 THE TRACELESS SYMMETRIC TENSOR EXPANSION AND STANDARD SPHERICAL HARMONICS

More information

FOURIER SERIES ON ANY INTERVAL

FOURIER SERIES ON ANY INTERVAL FOURIER SERIES ON ANY INTERVAL Overview We have spent considerabe time earning how to compute Fourier series for functions that have a period of 2p on the interva (-p,p). We have aso seen how Fourier series

More information

SPATIAL pattern formation is central to the understanding

SPATIAL pattern formation is central to the understanding This artice has been accepted for pubication in a future issue of this journa, but has not been fuy edited. Content may change prior to fina pubication. Citation information: DOI 10.1109/TCNS.2016.2609138,

More information

Formulas for Angular-Momentum Barrier Factors Version II

Formulas for Angular-Momentum Barrier Factors Version II BNL PREPRINT BNL-QGS-06-101 brfactor1.tex Formuas for Anguar-Momentum Barrier Factors Version II S. U. Chung Physics Department, Brookhaven Nationa Laboratory, Upton, NY 11973 March 19, 2015 abstract A

More information

First-Order Corrections to Gutzwiller s Trace Formula for Systems with Discrete Symmetries

First-Order Corrections to Gutzwiller s Trace Formula for Systems with Discrete Symmetries c 26 Noninear Phenomena in Compex Systems First-Order Corrections to Gutzwier s Trace Formua for Systems with Discrete Symmetries Hoger Cartarius, Jörg Main, and Günter Wunner Institut für Theoretische

More information

A SIMPLIFIED DESIGN OF MULTIDIMENSIONAL TRANSFER FUNCTION MODELS

A SIMPLIFIED DESIGN OF MULTIDIMENSIONAL TRANSFER FUNCTION MODELS A SIPLIFIED DESIGN OF ULTIDIENSIONAL TRANSFER FUNCTION ODELS Stefan Petrausch, Rudof Rabenstein utimedia Communications and Signa Procesg, University of Erangen-Nuremberg, Cauerstr. 7, 958 Erangen, GERANY

More information

STABLE GRAPHS BENJAMIN OYE

STABLE GRAPHS BENJAMIN OYE STABLE GRAPHS BENJAMIN OYE Abstract. In Reguarity Lemmas for Stabe Graphs [1] Maiaris and Sheah appy toos from mode theory to obtain stronger forms of Ramsey's theorem and Szemeredi's reguarity emma for

More information

Cryptanalysis of PKP: A New Approach

Cryptanalysis of PKP: A New Approach Cryptanaysis of PKP: A New Approach Éiane Jaumes and Antoine Joux DCSSI 18, rue du Dr. Zamenhoff F-92131 Issy-es-Mx Cedex France eiane.jaumes@wanadoo.fr Antoine.Joux@ens.fr Abstract. Quite recenty, in

More information

More Scattering: the Partial Wave Expansion

More Scattering: the Partial Wave Expansion More Scattering: the Partia Wave Expansion Michae Fower /7/8 Pane Waves and Partia Waves We are considering the soution to Schrödinger s equation for scattering of an incoming pane wave in the z-direction

More information

MONOCHROMATIC LOOSE PATHS IN MULTICOLORED k-uniform CLIQUES

MONOCHROMATIC LOOSE PATHS IN MULTICOLORED k-uniform CLIQUES MONOCHROMATIC LOOSE PATHS IN MULTICOLORED k-uniform CLIQUES ANDRZEJ DUDEK AND ANDRZEJ RUCIŃSKI Abstract. For positive integers k and, a k-uniform hypergraph is caed a oose path of ength, and denoted by

More information

Haar Decomposition and Reconstruction Algorithms

Haar Decomposition and Reconstruction Algorithms Jim Lambers MAT 773 Fa Semester 018-19 Lecture 15 and 16 Notes These notes correspond to Sections 4.3 and 4.4 in the text. Haar Decomposition and Reconstruction Agorithms Decomposition Suppose we approximate

More information

(f) is called a nearly holomorphic modular form of weight k + 2r as in [5].

(f) is called a nearly holomorphic modular form of weight k + 2r as in [5]. PRODUCTS OF NEARLY HOLOMORPHIC EIGENFORMS JEFFREY BEYERL, KEVIN JAMES, CATHERINE TRENTACOSTE, AND HUI XUE Abstract. We prove that the product of two neary hoomorphic Hece eigenforms is again a Hece eigenform

More information

Interconnect effects on performance of Field Programmable Analog Array

Interconnect effects on performance of Field Programmable Analog Array nterconnect effects on performance of Fied Programmabe Anaog Array D. Anderson,. Bir, O. A. Pausinsi 3, M. Spitz, K. Reiss Motoroa, SPS, Phoenix, Arizona, USA, University of Karsruhe, Karsruhe, Germany,

More information

School of Electrical Engineering, University of Bath, Claverton Down, Bath BA2 7AY

School of Electrical Engineering, University of Bath, Claverton Down, Bath BA2 7AY The ogic of Booean matrices C. R. Edwards Schoo of Eectrica Engineering, Universit of Bath, Caverton Down, Bath BA2 7AY A Booean matrix agebra is described which enabes man ogica functions to be manipuated

More information

Unconditional security of differential phase shift quantum key distribution

Unconditional security of differential phase shift quantum key distribution Unconditiona security of differentia phase shift quantum key distribution Kai Wen, Yoshihisa Yamamoto Ginzton Lab and Dept of Eectrica Engineering Stanford University Basic idea of DPS-QKD Protoco. Aice

More information

Physics 127c: Statistical Mechanics. Fermi Liquid Theory: Collective Modes. Boltzmann Equation. The quasiparticle energy including interactions

Physics 127c: Statistical Mechanics. Fermi Liquid Theory: Collective Modes. Boltzmann Equation. The quasiparticle energy including interactions Physics 27c: Statistica Mechanics Fermi Liquid Theory: Coective Modes Botzmann Equation The quasipartice energy incuding interactions ε p,σ = ε p + f(p, p ; σ, σ )δn p,σ, () p,σ with ε p ε F + v F (p p

More information

School of Electrical Engineering, University of Bath, Claverton Down, Bath BA2 7AY

School of Electrical Engineering, University of Bath, Claverton Down, Bath BA2 7AY The ogic of Booean matrices C. R. Edwards Schoo of Eectrica Engineering, Universit of Bath, Caverton Down, Bath BA2 7AY A Booean matrix agebra is described which enabes man ogica functions to be manipuated

More information

Symbolic models for nonlinear control systems using approximate bisimulation

Symbolic models for nonlinear control systems using approximate bisimulation Symboic modes for noninear contro systems using approximate bisimuation Giordano Poa, Antoine Girard and Pauo Tabuada Abstract Contro systems are usuay modeed by differentia equations describing how physica

More information

Integrating Factor Methods as Exponential Integrators

Integrating Factor Methods as Exponential Integrators Integrating Factor Methods as Exponentia Integrators Borisav V. Minchev Department of Mathematica Science, NTNU, 7491 Trondheim, Norway Borko.Minchev@ii.uib.no Abstract. Recenty a ot of effort has been

More information

Math 124B January 17, 2012

Math 124B January 17, 2012 Math 124B January 17, 212 Viktor Grigoryan 3 Fu Fourier series We saw in previous ectures how the Dirichet and Neumann boundary conditions ead to respectivey sine and cosine Fourier series of the initia

More information

(Refer Slide Time: 2:34) L C V

(Refer Slide Time: 2:34) L C V Microwave Integrated Circuits Professor Jayanta Mukherjee Department of Eectrica Engineering Indian Intitute of Technoogy Bombay Modue 1 Lecture No 2 Refection Coefficient, SWR, Smith Chart. Heo wecome

More information

PhysicsAndMathsTutor.com

PhysicsAndMathsTutor.com . Two points A and B ie on a smooth horizonta tabe with AB = a. One end of a ight eastic spring, of natura ength a and moduus of easticity mg, is attached to A. The other end of the spring is attached

More information

Chemical Kinetics Part 2. Chapter 16

Chemical Kinetics Part 2. Chapter 16 Chemica Kinetics Part 2 Chapter 16 Integrated Rate Laws The rate aw we have discussed thus far is the differentia rate aw. Let us consider the very simpe reaction: a A à products The differentia rate reates

More information

IE 361 Exam 1. b) Give *&% confidence limits for the bias of this viscometer. (No need to simplify.)

IE 361 Exam 1. b) Give *&% confidence limits for the bias of this viscometer. (No need to simplify.) October 9, 00 IE 6 Exam Prof. Vardeman. The viscosity of paint is measured with a "viscometer" in units of "Krebs." First, a standard iquid of "known" viscosity *# Krebs is tested with a company viscometer

More information

SEMINAR 2. PENDULUMS. V = mgl cos θ. (2) L = T V = 1 2 ml2 θ2 + mgl cos θ, (3) d dt ml2 θ2 + mgl sin θ = 0, (4) θ + g l

SEMINAR 2. PENDULUMS. V = mgl cos θ. (2) L = T V = 1 2 ml2 θ2 + mgl cos θ, (3) d dt ml2 θ2 + mgl sin θ = 0, (4) θ + g l Probem 7. Simpe Penduum SEMINAR. PENDULUMS A simpe penduum means a mass m suspended by a string weightess rigid rod of ength so that it can swing in a pane. The y-axis is directed down, x-axis is directed

More information

Dynamic Savings Choices with Disagreements

Dynamic Savings Choices with Disagreements Dynamic Savings Choices with Disagreements Dan Cao Georgetown University Iván Werning MIT November 2017 We study a fexibe dynamic savings game in continuous time, where decision makers rotate in and out

More information

Lecture 17 - The Secrets we have Swept Under the Rug

Lecture 17 - The Secrets we have Swept Under the Rug Lecture 17 - The Secrets we have Swept Under the Rug Today s ectures examines some of the uirky features of eectrostatics that we have negected up unti this point A Puzze... Let s go back to the basics

More information

Recursive Constructions of Parallel FIFO and LIFO Queues with Switched Delay Lines

Recursive Constructions of Parallel FIFO and LIFO Queues with Switched Delay Lines Recursive Constructions of Parae FIFO and LIFO Queues with Switched Deay Lines Po-Kai Huang, Cheng-Shang Chang, Feow, IEEE, Jay Cheng, Member, IEEE, and Duan-Shin Lee, Senior Member, IEEE Abstract One

More information

Generalized multigranulation rough sets and optimal granularity selection

Generalized multigranulation rough sets and optimal granularity selection Granu. Comput. DOI 10.1007/s41066-017-0042-9 ORIGINAL PAPER Generaized mutigranuation rough sets and optima granuarity seection Weihua Xu 1 Wentao Li 2 Xiantao Zhang 1 Received: 27 September 2016 / Accepted:

More information

CONGRUENCES. 1. History

CONGRUENCES. 1. History CONGRUENCES HAO BILLY LEE Abstract. These are notes I created for a seminar tak, foowing the papers of On the -adic Representations and Congruences for Coefficients of Moduar Forms by Swinnerton-Dyer and

More information

Expectation-Maximization for Estimating Parameters for a Mixture of Poissons

Expectation-Maximization for Estimating Parameters for a Mixture of Poissons Expectation-Maximization for Estimating Parameters for a Mixture of Poissons Brandon Maone Department of Computer Science University of Hesini February 18, 2014 Abstract This document derives, in excrutiating

More information

Approximate Bandwidth Allocation for Fixed-Priority-Scheduled Periodic Resources (WSU-CS Technical Report Version)

Approximate Bandwidth Allocation for Fixed-Priority-Scheduled Periodic Resources (WSU-CS Technical Report Version) Approximate Bandwidth Aocation for Fixed-Priority-Schedued Periodic Resources WSU-CS Technica Report Version) Farhana Dewan Nathan Fisher Abstract Recent research in compositiona rea-time systems has focused

More information

Stochastic Variational Inference with Gradient Linearization

Stochastic Variational Inference with Gradient Linearization Stochastic Variationa Inference with Gradient Linearization Suppementa Materia Tobias Pötz * Anne S Wannenwetsch Stefan Roth Department of Computer Science, TU Darmstadt Preface In this suppementa materia,

More information
2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback