0 views

Uploaded by 252966576

© All Rights Reserved

- Java Fundamentals
- Notes on Excel Macros 0301
- C++
- DS With C C++ Lab Manual VTU
- GEMET1
- apn030
- c++ syllabus Object Oriented Programming.pdf
- Pg91 Restore Errors
- 174l1
- Pointers
- Hhw Class11 New
- ATV303_Modbus_parameter.xls
- ICT Practical Exam Tips
- KPR_Profibus Doku V4 12 Engl (2)
- Programming Chapter 1 Week 2
- Function
- R Tutorial
- Computer Fundamentals Notes by Nida Afaq Warsi
- MS-Acces
- Ism practical file

You are on page 1of 47

Stephen Brookes

announcements

Midterm exams: pick up in lab A 87.5

B

80.0

Average score on exam: 72.0

C 69.5

D 60.0

Median score: 73.0

Midterm grade based on HW + MIDTERM

Labs will count toward final grade

last time

!

Modular programming

Signatures and structures

Information hiding

The ML module system facilitates

operations for building values

correctly and efficiently, assuming some

suitable representation invariant

our example

The signature for ARITH specifies an

abstract data type

A type integer

Equipped with basic operations

initialize

rep

:

int

->

integer

combine

display : integer -> string

examine

fun rep 0 = [ ] !

| rep n = (n mod 10) :: rep(n div 10)!

REQUIRES n 0

ENSURES (rep n) = a list L (of decimal digits)

representing n

eval L = n

fun eval [ ] = 0 !

| eval (d::ds) = d + 10 * eval ds!

(abbreviation)

fun rep 0 = [ ] !

| rep n = (n mod 10) :: rep(n div 10)!

REQUIRES n 0

ENSURES (rep n) represents n

| carry(c, [ ]) = [c]!

| carry (c, p::ps) = !

((p+c) mod 10) :: carry ((p+c) div 10, ps)

carry : int * int list -> int list

REQUIRES 0 c 9, L represents n

ENSURES carry(c, L) represents c+n

| add (ps, [ ]) = ps!

| add (p::ps, q::qs) =!

((p+q) mod 10) :: carry ((p+q) div 10, add(ps, qs))

add : int list * int list -> int list

REQUIRES L represents x, R represents y

ENSURES add(L, R) represents x+y

| times (p, [ ]) = [ ] !

| times (p, q::qs) =!

((p * q) mod 10) :: carry ((p * q) div 10, times(p, qs))

times : int * int list -> int list

REQUIRES 0 c 9, L represents n

ENSURES times(c, L) represents c*n

fun mult ([ ], _) = [ ]

| mult(_, [ ]) = [ ]

| mult (p::ps, qs) = add (times(p, qs), 0 :: mult (ps, qs))

!

REQUIRES L represents x, R represents y

ENSURES mult(L, R) represents x*y

correctness

Dec implements non-negative integers

add implements +

mult implements *

How can we establish this?

invariant

To prove correctness we introduce a

representation invariant

inv(L) :: L is a list of decimal digits

This is a property guaranteed to hold,

for all values of type integer constructible from

rep(n) with n0, using add, mult

abstraction function

And we (re-)introduce an abstraction function

eval : integer -> int

to explain how

integer values represent int values

eval L = the int represented by L

(only needs to make sense on values that satisfy inv)

inv

(* inv : int list -> bool *)!

fun inv [ ] = true!

| inv (d::L) = (0 <= d andalso d <= 9) andalso inv L

eval

(* eval : int list -> int *)!

fun eval [ ] = 0!

| eval (d::L) = d + 10 * eval(L)

termination

For all L:int list,

For all L:int list,

For all n0,

inv(L) terminates

eval(L) terminates

rep(n) terminates

add(ps, qs) terminates

& mult(ps, qs) terminates

invariance

Proofs?

rep(n) with n0, add, and mult

satisfies inv

For all ps, qs : int list,

if ps and qs satisfy inv

so do add(ps, qs) and mult(ps, qs)

invariance

!

so does add(ps, qs)

LEMMA

then carry(c, ps) satisfies inv

correctness

For all ps, qs : int list,

then

eval(mult(ps, qs)) = (eval ps) * (eval qs)

correctness

If ps and qs satisfy inv

then

eval(add(ps, qs)) = (eval ps) + (eval qs)

LEMMA

If ps satisfies inv

and 0 c 9,

eval L = c + eval ps

| carry(c, [ ]) = [c]!

| carry (c, p::ps) = !

((p+c) mod 10) :: carry ((p+c) div 10, ps)

LEMMA

If ps satisfies inv

and 0 c 9,

eval L = c + eval ps

PROOF

By induction on ps

an alternative

structure Dec2 : ARITH =!

struct!

type digit = int !

type integer = digit list!

What changes?

Anything significant?

| rep n = (n mod 10) :: rep(n div 10)!

!

end

The values used to represent 0 are different

Dec.rep 0 = [ ]

Dec2.rep 0 = [0]

But users ascribing opaquely to ARITH

cannot distinguish between Dec and Dec2

Dec.display (Dec.rep 0) = "0"

Dec2.display (Dec2.rep 0) = "0"

are indistinguishable

(representational invariance)

questions

Why decimal?

Could have used binary

binary digits

structure Bin : ARITH =!

struct!

type digit = int !

type integer = digit list!

just replace 10 by 2

in the code for Dec

fun rep 0 = [ ] !

| rep n = (n mod 2) :: rep(n div 2)!

!

...

end

correctness

Bin implements non-negative integers

add implements +

mult implements *

add(rep 1, rep 1) = [0,1]

invariant

To prove correctness we introduce a

representation invariant

inv2 : int list -> bool

inv2(L) = true

iff

every item in L is a binary digit

01

abstraction

And we define an abstraction function

eval2 : integer -> int

For all L : int list such that inv2(L) = true,

eval2 L = the int value represented

in binary by L

correctness

and eval2(rep n) = n

so does add(L, R), and

eval2(add(L, R))

= (eval2 L) + (eval2 R)

(similarly for mult)

meta-proof

A correctness proof for Dec,

with 10 replaced by 2,

yields a correctness proof for Bin

This all looks very similar

To get ternary representation, replace 10 by 3

What we need is a parameterized

structure definition...

functors

An ML functor is a

Its argument and result have signatures

rather than types

struct

end

BASE

signature BASE =!

sig!

val base : int!

end

Digits

functor Digits(B : BASE) : ARITH =!

struct!

val b = B.base!

type digit = int (* use 0 through b-1 *)!

type integer = digit list!

!

fun rep 0 = [ ]!

| rep n = (n mod b) :: rep(n div b)!

!

!

end

struct

val b = B.base

type digit = int (* uses 0 through b-1*)

type integer = digit list

fun rep 0 = [ ] | rep n = (n mod b) :: rep (n div b)

fun carry (0, ps) = ps

| carry (c, [ ]) = [c]

| carry (c, p::ps) = ((p+c) mod b) :: carry ((p+c) div b, ps)

fun add ([ ], qs) = qs

| add (ps, [ ]) = ps

| add (p::ps, q::qs) =

((p+q) mod b) :: carry ((p+q) div b, add(ps,qs))

(* times : digit -> integer -> integer *)

fun times 0 qs = [ ]

| times k [ ] = [ ]

| times k (q::qs) =

((k * q) mod b) :: carry ((k * q) div b, times k qs)

fun mult ([ ], _) = [ ]

| mult (_, [ ]) = [ ]

| mult (p::ps, qs) = add (times p qs, 0 :: mult (ps,qs))

fun display L = foldl (fn (d, s) => Int.toString d ^ s) "" L

end

using Digits

functor applied to argument

!

an

anonymous

structure

Bin.rep 42 = [0,1,0,1,0,1] : Bin.integer

fun decfact(n:int) : Dec.integer =!

if n=0 then Dec.rep 1 else Dec.mult(Dec.rep n, decfact(n-1));!

!

if n=0 then Bin.rep 1 else Bin.mult(Bin.rep n, binfact(n-1));

whats visible?

functor Digits(B : BASE) : ARITH =!

struct!

val b = B.base;!

type digit = int (* use 0 through b-1 *)!

type integer = digit list!

...

signature ARITH =!

sig!

type integer!

...!

end;

The type Bin.integer is int list

- Bin.rep 42;!

val it = [0,1,0,1,0,1] : Bin.integer!

!

- it : int list!

val it = [0,1,0,1,0,1] : int list

oops!

- Bin.add(Dec.rep 42, Dec.rep 42);!

!

solution (1)

In the functor body, make integer a

functor Digits(B : BASE) : ARITH =!

struct!

val b = B.base;!

type digit = int (* use 0 through b-1 *)!

datatype digits = D of digit list!

type integer = digits!

!

fun rep 0 = D [ ] !

| rep n = let val (D L) = rep(n div b) in D((n mod b)::L) end!

...

struct

val b = B.base

type digit = int (* uses 0 through b-1 *)

datatype digits = D of digit list

type integer = digits

solution (1)

!

!

fun rep 0 = D [ ]

| rep n = let val (D L) = rep(n div b) in D ((n mod b) :: L) end

(* carry : digit * digit list -> digit list *)

fun carry (0, ps) = ps

| carry (c, [ ]) = [c]

| carry (c, p::ps) = ((p+c) mod b) :: carry ((p+c) div b, ps)

!

!

fun adder ([ ], qs) = qs

| adder (ps, [ ]) = ps

| adder (p::ps, q::qs) =

((p+q) mod b) :: carry ((p+q) div b, adder(ps,qs))

(* add : integer * integer -> integer *)

fun add (D L, D R) = D (adder(L, R))

(* times : digit -> digit list -> digit list *)

fun times 0 qs = [ ]

| times k [ ] = [ ]

| times k (q::qs) =

((k * q) mod b) :: carry ((k * q) div b, times k qs)

(* multer : digit list * digit list -> digit list *)

fun multer ([ ], _) = [ ]

| multer (_, [ ]) = [ ]

| multer (p::ps, qs) = adder (times p qs, 0 :: multer (ps,qs))

(* mult : integer * integer -> integer *)

fun mult(D L, D R) = D(multer(L,R))

end

!

structure Bin = Digits(struct val base = 2 end);

- Dec.rep 42;

val it = D [2,4] : Dec.integer

!

- Bin.rep 42;

val it = D [0,1,0,1,0,1] : Bin.integer

!

- D [1+1] = D [2];

Error: unbound variable or constructor: D

Error:operator and operand don't agree

[tycon mismatch]

solution (2)

Leave the functor body as is,

functor Digits(B : BASE) :> ARITH =!

struct!

val b = B.base;!

type digit = int (* use 0 through b-1 *)!

type integer = digit list!

!

fun rep 0 = [ ] !

| rep n = (n mod b) :: rep (n div b)!

...

problem solved

With either of these solutions,

the code fragment

is not well-typed,

so cannot be evaluated.

transparency

- Bin.rep 42;!

val it = [0,1,0,1,0,1] : Bin.integer!

!

- Dec.rep 42;!

val it = [2,4] : Dec.integer

opacity

- Bin.rep 42;!

val it = - : Bin.integer!

!

- Dec.rep 42;!

val it = - : Dec.integer

Bin.integer = int list

testing

With opaque ascription

- Dec.rep 42;!

val it = - : Dec.integer

- it = [2,4];!

type error

- Dec.display(Dec.rep 42);!

val it = "42" : string

correctness

what happens if

B.base = 1?

For all n0, S.rep(n) satisfies invb

If v1, v2 : S.integer satisfy invb so does S.add(v1, v2)

and evalb(S.add(v1, v2)) = (evalb v1) + (evalb v2)

unary

structure Unary : ARITH = Digits(struct val b = 1 end);

open Unary;

display(add(rep 3, rep 2));

Didnt we prove correctness?

fun rep 0 = [ ] !

| rep n = (n mod 1) :: rep(n div 1)!

eval1(rep n) n

Figure out where the

correctness proof breaks!

The ML module systems facilitates program

design based on abstract data types

operations for building values

correctly and efficiently, assuming some

suitable representation invariant

- Java FundamentalsUploaded byKishore Kopalle
- Notes on Excel Macros 0301Uploaded byquaderbtech06
- C++Uploaded byShaikh Mohsin
- DS With C C++ Lab Manual VTUUploaded byManohar NV
- GEMET1Uploaded byratulray2006
- apn030Uploaded bypdsybase
- c++ syllabus Object Oriented Programming.pdfUploaded bygopivrajan
- Pg91 Restore ErrorsUploaded byshreeseva
- 174l1Uploaded byrkthbd5845
- PointersUploaded byAnushyendan Selvanayagam
- Hhw Class11 NewUploaded byBindiya Agarwal
- ATV303_Modbus_parameter.xlsUploaded byAnonymous uI16i3G
- ICT Practical Exam TipsUploaded byshilpishah411
- KPR_Profibus Doku V4 12 Engl (2)Uploaded bygonza
- Programming Chapter 1 Week 2Uploaded byShaun Stanley
- FunctionUploaded byabhishek3629
- R TutorialUploaded byDenis Shpeka
- Computer Fundamentals Notes by Nida Afaq WarsiUploaded byMarcus Howard
- MS-AccesUploaded byHiren Joshi
- Ism practical fileUploaded byRahul Garg
- bpj lesson 7Uploaded byapi-307093783
- bpj lesson 7Uploaded byapi-307093760
- Web Programming DATABASE CONECTIVITYUploaded byMohammad Asnawi
- csc113-lab-2Uploaded byEbtisam Hamed
- kanksha peddi 2Uploaded byapi-247721887
- Chapter 1Uploaded byKarthiRatna
- Prelude.pdfUploaded byNahuel Alvarez
- Types of Programming LanguagesUploaded byDhanashriPitre
- ardutempUploaded byfarcasiun
- VHDL PrimerUploaded byShivam Sarin

- slides22-ab.pdfUploaded by252966576
- slides24-lazy2.pdfUploaded by252966576
- slides23-lazy1.pdfUploaded by252966576
- slides21-games2.pdfUploaded by252966576
- slides8-polymorphism.pdfUploaded by252966576
- slides20-games.pdfUploaded by252966576
- slides19-gravitation.pdfUploaded by252966576
- slides18-parallelism.pdfUploaded by252966576
- slides17-modular.pdfUploaded by252966576
- slides15-signatures.pdfUploaded by252966576
- slides14-Exceptions.pdfUploaded by252966576
- slides13-Regex.pdfUploaded by252966576
- slides12-continuations.pdfUploaded by252966576
- slides11-continuations.pdfUploaded by252966576
- slides10-HOF.pdfUploaded by252966576
- slides9-HOF.pdfUploaded by252966576
- slides7-sort.pdfUploaded by252966576
- slides6-analysis.pdfUploaded by252966576
- slides5-analysis.pdfUploaded by252966576
- slides4-induction.pdfUploaded by252966576
- slides3-specifications.pdfUploaded by252966576
- slides2-expressions.pdfUploaded by252966576
- slides1-introduction.pdfUploaded by252966576

- New vbUploaded bysyedwaliullah
- Tchekhovskoy Springer 2015Uploaded byPancholey
- CAS E Catalogue - Aarjay International IndiaUploaded byVikram Naga
- assignment 1Uploaded byapi-409520319
- Contrastive Grammar 11Uploaded bythangdaotao
- title page for internUploaded byRocky Roy
- Sun WorshipUploaded bymayank_shastri
- A novel object tracking algorithm by fusing color and depth information based on single valued neutrosophic cross-entropyUploaded byMia Amalia
- Pnrc27.pdfUploaded bykyle
- Audit EvidenceUploaded byFaten Nur Artikah
- 5608-19888-1-PBUploaded byDaniel Abaquar
- Study of Nutritional Status of Elderly in DifferentUploaded byNisha Radhakrishnan
- s5 Btech Nov 2012Uploaded byArathi Krishna
- Source of FinanceUploaded byAlejandro Chiriboga
- Rust Stain Remover 10062008Uploaded bydisney2096
- Assessing and Improving Innovation Capability in OrganisationsUploaded byLuccas Costa
- 111Uploaded byYedukondalu Badeti
- Study on CrmUploaded bydeviyaswanth
- Gavva Amarender ReddyUploaded byravali
- PVA Grades and SpecificationsUploaded bypasalacqua85
- 725628_FULLTEXT01Uploaded bysergipuyol
- Japan Und Heidegger- Gedenkschrift Der Stadt Mebkirch Zum 100. Geburtstag Martin Heideggers by Harmut Buchner, Review by- Gregor PaulUploaded byJan C
- Pmp Sample QuestionsUploaded byadjei
- sample-analytic-rubricUploaded byapi-287380814
- Sonali BankUploaded byHosna Mobarak Farhan
- Math_TG_Q4Uploaded byAnna Pierce
- Horizontal Flow Wrapper Machine Case Study EnUploaded byastojadin1873
- kassandra l mccray resume may 2018Uploaded byapi-419864544
- Art After Identity PoliticsUploaded byMilenaCostadeSouza
- Pak Acad Sci-48(1)Uploaded byzakirdahri