Download presentation

Presentation is loading. Please wait.

Published byShanon Bond Modified about 1 year ago

1
Adjunct Elimination in Context Logic for Trees Cristiano Calcagno Thomas Dinsdale-Young Philippa Gardner Imperial College, London

2
Context Logic Ambient Logic (Cardelli, Gordon) is a logic for reasoning about static properties of node- labelled, unranked trees (e.g. Firewalls, XML data) Separation Logic (O’Hearn, Reynolds, Yang) is a logic for local reasoning about dynamic heap update Context Logic evolved from these two as a logic for local reasoning about dynamic tree update –Talks both about trees and contexts into which they may be placed

3

4
u[P]u[P]

5

6
P 1 | P 2

7

8
K(P)K(P)

9

10
K P

11

12
P 1 P 2

13
Adjoints The adjoints allow us to reason hypothetically about an extended object They are essential for expressing weakest preconditions But for closed formulae, the adjoints add no expressive power to Separation Logic (Lozes) and Ambient Logic (Lozes, and later Dawar, Gardner, Ghelli)

14
Adjunct Elimination Intuition: –adjoints make us reason about trees that are bigger than the ones we are actually interested in –we would expect that any property expressed in terms of these hypothetical trees could be expressed without them In Context Logic for Trees, one of the adjoints ( ) can also be eliminated, but the other ( ) cannot (Dinsdale-Young)

15
Non-eliminability of Trees can be split arbitrarily into a context and subtree Using , we can fill the context hole and then split it as a tree We cannot split an arbitrary subtree (or subcontext) from a context

16
Counterexample The formula 0 True(u[0]) –Expresses “putting the empty tree into the context hole gives a tree that has a leaf u ” –Distinguishes c i from d i for all i There is no formula without adjoints that can express this property

17
Context Logic with Composition Adding context composition “fixes” the counterexample – we can now split contexts Not yet proved adjunct elimination Still can’t split contexts in the same way as trees

18

19

20

21

22

23
Multi-holed Context Logic for Trees

24
Ehrenfeucht-Fraïssé Games We prove adjunct elimination using ranked games –Played between Spoiler and Duplicator –On two tree contexts –Moves correspond with logical connectives –Rank determines which moves may be played and ensures termination Spoiler’s aim is to demonstrate a difference between the two trees. Duplicator’s aim is to prevent this. The games are sound and complete: Spoiler has a winning strategy if and only if the trees can be distinguished by a formula of the game rank (of which there are finitely many)

25
Games Spoiler starts each round by choosing a move to play (providing that the rank and rules allow it) and one of the context-environment pairs The rules for the move determine what happens

26
Game Moves

27
CMP move

28

29

30

31

32

33
Game Moves

34
RIG move

35

36

37

38

39

40

41

42
Adjunct Elimination We prove that whenever Spoiler has a winning strategy using adjunct moves he also has one without using adjunct moves By soundness and completeness of games, this implies adjunct elimination

43
Key Result We need to show: If Duplicator can win when Spoiler plays no adjunct moves then Duplicator can also win when Spoiler plays adjunct moves We show how Duplicator responds to one adjunct move (LEF or RIG) The result follows by induction

44

45

46

47

48

49

50
Key Result

51
Proof The proof is by induction on n We look at the cases for which move Spoiler plays on the composite game Some cases have sub-cases Example: CMP move

52

53
CMP move (case 1)

54
CMP move (case 2)

55
CMP move (case 3)

56
CMP move (case 4)

57
CMP move (case 1)

58

59

60

61

62

63

64
Related and Further Work Without adjuncts, Context Logic formulae can be expressed by regular forest grammars Heuter and Bojańczyk have studied similar classes of regular languages that correspond to definability in First- Order Logic Automata may give a decision procedure for multi-holed Context Logic with adjoints Multi-holed Context Logic may prove useful for concurrent tree update Calcagno, Gardner and Zarfaty have shown that adjunct elimination does not hold on open formulae (i.e. with propositional variables)

65
Conclusions Adjunct elimination does not hold for single-holed Context Logic for trees Multi-holed Context Logic is a natural extension of the single-holed logic Adjunct elimination does hold for this logic

66
As the poet said, ‘Only God can make a tree’ – probably because it’s so hard to figure out how to get the bark on. – Woody Allen

67
Satisfaction Relation

Similar presentations

© 2016 SlidePlayer.com Inc.

All rights reserved.

Ads by Google