Docstoc

from parity games to game semantics

Document Sample
from parity games to game semantics Powered By Docstoc
					                                                     1/38




Modeling induction and co-induction:
from parity games to game semantics

              Pierre Clairambault
                                  e
            PPS — CNRS & Universit´ Paris 7


Dagstuhl seminar on game semantics and verification
                                 2/38




I. µ-calculus and parity games
                                                                          3/38

µ-calculus




                s, t ::= x | s ∧ t | s ∨ t | µx.t | νx.t | ⊥ |


       “The µ-calculus is basically an algebra of monotonic functions
       over a complete lattice, whose basic constructors are functional
       composition and least and greatest fixed point operators.”
                                         n
   Rudiments of µ-calculus, Arnold & Niwi´ski
                                                                4/38

Curry-Howard for the µ-calculus

   Verification: µ-terms are logical propositions.
       Considered with modalities     φ and ♦φ
       Does M |= φ ?
       Model checking decidable for several classes of models

   Semantics: µ-terms are data types.
         :
       (m, n) : a ∧ b if m : a and n : b
       (i, m) : a ∨ b if i = 1 and m : a or i = 2 and m : b
       m : µx.t if there is n such that m : t n (⊥)
       m : νx.t if m : t ω (⊥)

   And parity games provide a game semantics for µ-terms!
                                                                                   5/38

Parity games

   Two players : Adam ( ) and Eve (♦).

   Definition
   A parity game is a tuple (MA , λA , →A , iA , rA ) where:
        MA is a set of positions
        λA : MA → { , ♦} is a polarity function
        →A ⊆ MA × MA is the set of moves
        iA ∈ MA is the initial position
        rA : MA → N is a priority function

   A finite play m0 , . . . , mn is won by Eve iff λA (mn ) =    . An infinite play
   m0 , m1 , m2 , . . . is won by Eve iff

                                limsupi→+∞ rA (mi )

   is even.
          6/38

Example
                               7/38

From µ-terms to parity games
                                          8/38

From µ-terms to parity games




   where n is the highest even priority




   where n is the highest odd priority
                                                                              9/38

Parity games are already a complete game semantics




                         inftree = νx.µy . ∨ (x ∧ y )

       Every winning strategy encodes data of the corresponding type
       Every parity game comes from a µ-term
       Could we also handle function space? Composition?

   Let us first investigate the proof theory of µ-calculus with implication.
                                                   10/38




II. Game semantics of induction and co-induction

        II.1 A logic with fixpoints : µLJ
                                                                     11/38

µLJ = LJ + µ-calculus
      Formulas are built by the following grammar:

        S, T ::= S ⇒ T | S + T | S × T | µX .T | νX .T | X | 1 | 0

      Bound type variables have to occur positively

   Examples
                     bool   =   1+1
                      nat   =   µX .1 + X
                  list(A)   =   µX .1 + A × X
                     tree   =   µX .(µY .1 + X × Y )


                  fin aut   =   Q ⇒ (bool × (Σ ⇒ Q))
                     lang   =   νX .bool × (Σ ⇒ X )


                        ?   =   µX .((X ⇒ bool) ⇒ bool)
                                                                        12/38

Weak µLJ

  Deduction rules are the rules of LJ, plus :
          Fixpoints
                   Γ     T [µX .T /X ]            T [A/X ]   A
                                         µr                      µl
                        Γ   µX .T                  µX .T     A

                  Γ, T [νX .T /X ]      B          A    T [A/X ]
                                            νl                     νr
                       Γ, νX .T     B               A    νX .T

          Functors
                        A   B                      B    A
                                     [T ]                        [N]
                   T (A)    T (B)                N(A)   N(B)
                                                                                                                                        13/38

Cut reduction


                                                                                        π2


             π1                         π2                                         T [A/X ]   A
                                                                                                   µl
   Γ       T [µX .T /X ]            T [A/X ]   A               π1                   µX .T     A
                           µr                      µl                                                       [T ]
       Γ      µX .T                 µX .T      A         Γ   T [µX .T /X ]   T [µX .T /X ]    T [A/X ]                 π2
                                                   Cut                                                      Cut
                      Γ         A                                        Γ   T [A/X ]                              T [A/X ]   A
                                                                                                                                  Cut
                                                                                               Γ        A



             Termination, but no cut elimination!
             Cut elimination in µLJ ω
                                                                             14/38

Models of µLJ

   Any cartesian closed category (with weak coproducts) supports a partial
   interpretation of open µLJ formulas as functors.

   Definition
   The partial interpretation − is defined by induction on formulas as
   follows.
        S ×T = S × T
        S +T = S + T
        S ⇒T = S ⇒ T
        µX .T is (if defined) the parametrized initial algebra of T
        νX .T is (if defined) the parametrized terminal coalgebra of T
   A category C is weak µ-closed iff − is total in [C, C].

   Any weak µ-closed category is a sound model for µLJ.
                   15/38




II.2 Arena games
                                                                              16/38

Winning HO games


  Two players : Adam ( ) Opponent (O) and Eve (♦) Player (P)

  Definition
  A parity game arena is a tuple (MA , λA ,   A , IA )   where:
      MA is a set of positions moves
      λA : MA → {O, P} is a polarity function
      →A ⊆ MA × MA is the set of moves enabling relation (alternating)
      IA ∈ MA is the initial position set of initial moves (Opponent moves)
      rA : MA → N is a priority function
      (we will introduce winning later)
                                      17/38

HO/N setting: players can backtrack
                                      17/38

HO/N setting: players can backtrack
                                      17/38

HO/N setting: players can backtrack
                                      17/38

HO/N setting: players can backtrack
                                      17/38

HO/N setting: players can backtrack
                                      17/38

HO/N setting: players can backtrack
                                              18/38

Arena constructions
   Games are now negative, and alternating.
                                                                      19/38

A category of games and strategies

   This leads to a category of games where:
       Objets are arenas;
       Morphisms are strategies, i.e. sets of plays with backtrack;
       Composition is by communication plus hiding (CCS)




   Strategies are innocent.
                                                                               20/38

Open functors, loops


   Three main constructions:
       Open Arenas: arenas with distinguished moves called holes,
       representing second order free variables.
       Open Functors: Each open arena A[X1 , . . . , Xn ] with n holes gives
       rise to a functor

                          A[X1 , . . . , Xn ] : (I op × I)n → I


            Image of arenas: arena substitution;
            Image of a strategy σ: vertical composition of idA and σ.
       Loops: If A[X ] is an open arena where X is positive and not initial,
       we define the loop arena µX .A[X ].
                                                     21/38

Loop construction




   We recover minimal invariants of open functors.
                                 22/38




II.3 Winning in game semantics
                                                                                      23/38

Proofs and total strategies


             Proof systems           Total programming languages

                                     (strongly) normalizing languages

              Normal forms           Total strategies


   Definition
   A strategy σ : A is total if for all s ∈ σ, if sa is legal, there is b such that
   sab ∈ σ.


    → Interpret proofs as total strategies
    → Total strategies not stable under composition
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                          •     •
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                          •     •
                 •
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                          •     •
                 •
                 •
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                          •     •
                 •
                 •
                          •     •
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                          •     •
                 •
                 •
                          •     •
                          •     •
                                               24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                    τ   +3 C
                                         •
                          •     •
                 •
                 •
                          •     •
                          •     •
                          •     •
                                                 24/38

Composition may not preserve totality

                 A
                     σ   +3 B   B
                                      τ   +3 C
                                           •
                          •     •
                 •
                 •
                          •     •
                          •     •
                          •     •
                          •     •
                          •     •
                          •     •
                          •      •
                         ...    ...
                                               24/38

Composition may not preserve totality

                 A
                           σ;τ
                                        +3 C
                                         •


                 •
                 •
                                                         25/38

Winning HO games



  Two players : Opponent (O) and Player (P)

  Definition
  A game is a tuple (MA , λA , →A , IA , GA ) where:
       (MA , λA , →A , IA ) is an arena
       GA : Lω → {W , L} is a winning function
             A

  A (possibly) infinite play s ∈ Lω is won by Player if
                                 A

                                    GA (s) = W
                                                                      26/38

Game constructions

   Winning is adapted to arena constructions.




          GA×B (s) = W     ⇔    GA (s A ) = W   ∧     GB (s B ) = W
                                                (&)
          GA+B (s) = W     ⇔    GA (s A ) = W   ∧     GB (s B ) = W
                                                (⊕)
                                                 27/38

Game constructions




                         GA⇒B (s) = W

                                ⇔

                GA (s A ) = W   ⇒ G (s B ) = W
                                                                        28/38

Consequences of winning




   A strategy σ : A is winning if ∀s ∈ω σ, GA (s) = W .
       Infinite interactions are impossible between winning strategies
       Total winning strategies are stable under composition
       Open functors are easily generalized in the winning setting.
                    29/38




II.4 Fixed points
                                                                                30/38

Least fixed point.




                          GµX .A[X ] (s) = W if and only if both these condi-
                          tions are satisfied:
                               There is n ∈ N such that no path of s crosses
                               the external more than N times, and
                               GA[X ] (s A ) = W



   (µX .A[X ], idµX .A[X ] ) defines an initial algebra for A[X ].
                                                                                          31/38

Least fixed point


                                            T(σ † )
                                T(µX .T)               / T(A)

                                      i       =             σ
                                                          
                                      µT                 /A
                                             σ†



                            T3 (σ)          T2 (σ)
            σ†    =   ...        / T3 (A)             / T2 (A)   T(σ)
                                                                        / T(A)   σ   /A

          σ (1)   =   σ
          (n+1)
      σ           =   Tn (σ); σ (n)
            σ†    = {s ∈ LµX .T⇒A | ∃n ∈ N∗ , s ∈ σ (n) }
                                                                                 32/38

Greatest fixed point.



                         GνX .A[X ] (s) = W if and only if one of these condi-
                         tions are satisfied:
                              For any bound N ∈ N, there is a path of s
                              crossing the external loop more than N
                              times, or
                              GA[X ] (s A ) = W



   (νX .A[X ], idνX .A[X ] ) defines a terminal coalgebra for A[X ].
                                                                                33/38

We get a model of µLJ, but. . .

   Strong µLJ is needed for the interpretation of a programming language.
           Fixpoints
                  Γ     T [µX .T /X ]                 Γ, T [A/X ]     A
                                            µr                            µl
                       Γ      µX .T                    Γ, µX .T       A

                 Γ, T [νX .T /X ]          B           Γ, A     T [A/X ]
                                                 νl                        νr
                      Γ, νX .T        B                 Γ, A     νX .T

           Functors
                       Γ, A    B                         Γ, B     A
                                          [T ]                            [N]
                 Γ, T (A)      T (B)                  Γ, N(A)     N(B)

   Requires a machinery of strong covariant and contravariant functors.
                                          34/38




III. Further properties and future work
                                                                        35/38

Completeness




      No completeness: there is a winning σ : nat ⇒ bool solving the
      halting problem.
      Infinite definability in µLJ ω
      Finite definability if µ is only positive/ ν only negative.
  ⇒ is there some characterisation of definable proofs (some recursion
  scheme) ?
                                                         36/38

Faithfulness


   Consider the following programs:
   let rec iter f n b =
      if n = 0 then b
      else iter f (n-1) (f b)

   let rec iter’ f n b =
      if n = 0 then b
      else not (iter’ f (n-1) (f (not b)))

        not (iter f n (not b))    G   = iter f n b   G
       But they cannot be convertible to each other.
   No rule for uniqueness of iteration!
                                                                          37/38

Faithfulness




   Conjecture
    π1   G   = π2   G   iff for all C µ-closed, π1   C   = π2 C .

   Corollary
   Given π1 and π2 , it is undecidable wether π1           G   = π2   G
                                                                                38/38

Future investigations



   Question
   Is it decidable wether a term generated by general recursion gives rise to
   a winning strategy?

   No. But in some restricted language?

   Question
   Is there a “regular” class of terms stable under composition, where
   equality of corresponding strategies and of winning are decidable?

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:4
posted:3/27/2013
language:Unknown
pages:51