Refining Semantics for Multi-stageProgrammingbyRui GeB.Sc., Simon Fraser University, 2013B.Eng., Zhejiang University, 2013A THESIS SUBMITTED IN PARTIAL FULFILLMENT OFTHE REQUIREMENTS FOR THE DEGREE OFMASTER OF SCIENCEinThe Faculty of Graduate and Postdoctoral Studies(Computer Science)THE UNIVERSITY OF BRITISH COLUMBIA(Vancouver)October 2016cΒ© Rui Ge 2016AbstractMulti-stage programming is a programming paradigm that supports runtime code generation and execution.Though researchers have extended several mainstream programming languages to support it, multi-stageprogramming has not been widely recognised or used. The popularisation of multi-stage programming hasbeen impeded by the lack of development aids such as code refactoring and optimisation, for which theculprit is the lack of static analysis support.Van Horn and Might proposed a general-purpose approach to systematically developing static analysesfor a programming language by applying transformations to its formal semantics, an approach we believe isapplicable to multi-stage programming. The approach requires that the initial semantics be specified as anenvironmental abstract machine that records the change of control strings, environments and continuationsas a program evaluates. Developing an environmental abstract machine for a multi-stage language is notstraightforward and has not been done so far in the literature.In the thesis, we study multi-stage programming through a functional language, MetaML. The mainresearch problem of the thesis is:Can we refine the pre-existing substitutional natural semantics of MetaML to a correspond-ing environmental abstract machine and demonstrate their equivalence?We first develop a substitutional structural operational semantics for MetaML. Then we simplify the re-search problem along two dimensionsβeach dimension leads to a less complicated semantics refinementproblem. The first dimension is to refine semantics for a single-stage language rather than a multi-stagelanguage: we stepwise develop an environmental abstract machine, the CEK machine, for a single-stagelanguage, ISWIM, based on its substitutional structural operational semantics. The second dimension isto derive a substitutional abstract machine rather than an environmental abstract machine: we stepwise de-velop a substitutional abstract machine, the MK machine, for the multi-stage language MetaML, based on itssubstitutional structural operational semantics. Finally, utilising the experience of refining semantics alongtwo dimensions, we stepwise develop an environmental abstract machine, the MEK machine, for MetaML,based on its substitutional structural operational semantics. Furthermore, we introduce three proof tech-niques which are used throughout the thesis to prove the equivalence of semantics.iiPrefaceThis thesis is original, unpublished, independent work by the author, Rui Ge, under the supervision of Dr.Ronald Garcia (Assistant Professor at UBC).iiiTable of ContentsAbstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iiPreface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iiiTable of Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ivList of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiList of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiiAcknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ixDedication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.1 General-purpose and Special-purpose Programming . . . . . . . . . . . . . . . . . . . . . 11.2 Specialising a General-purpose Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.3 Multi-stage Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.4 Static Analysis of Multi-stage Programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.5 Refining Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Formal Semantics of MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102.1 Staging Annotations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102.2 Formal Semantics of MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132.3 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303 Refining Semantics for ISWIM: Developing the CEK Machine . . . . . . . . . . . . . . . . . 313.1 ISWIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313.2 Explicit ISWIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353.3 Suspended ISWIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403.4 Environmental ISWIM - Structural Operational Semantics . . . . . . . . . . . . . . . . . . 453.5 Environmental ISWIM - Reduction Semantics . . . . . . . . . . . . . . . . . . . . . . . . 493.6 Environmental ISWIM - CEK Abstract Machine . . . . . . . . . . . . . . . . . . . . . . . 533.7 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57ivTable of Contents4 Refining Semantics for MetaML: Developing the MK Machine . . . . . . . . . . . . . . . . . 584.1 MetaML - Substitutional Reduction Semantics . . . . . . . . . . . . . . . . . . . . . . . . 584.2 MetaML - MK Abstract Machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624.3 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665 Refining Semantics for MetaML: Developing the MEK Machine . . . . . . . . . . . . . . . . 675.1 MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 685.2 Explicit MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695.3 Suspended MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 765.4 Environmental MetaML - Structural Operational Semantics . . . . . . . . . . . . . . . . . 875.5 Environmental MetaML - Reduction Semantics . . . . . . . . . . . . . . . . . . . . . . . . 975.6 Environmental MetaML - Abstract Machine (MEK Machine) . . . . . . . . . . . . . . . . 1015.7 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1066 Proof Methodology and Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1076.1 Proof Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1076.2 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1087 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1107.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1107.2 Limitations and Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113AppendicesA Proofs of Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115A.1 Equivalence of Substitutional Natural Semantics and Substitutional Structural OperationalSemantics of MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115B Proofs of Chapter 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123B.1 Equivalence of ISWIM and Explicit ISWIM . . . . . . . . . . . . . . . . . . . . . . . . . . 123B.2 Equivalence of ISWIM and Suspended ISWIM . . . . . . . . . . . . . . . . . . . . . . . . 136B.3 Equivalence of ISWIM and Environmental ISWIM . . . . . . . . . . . . . . . . . . . . . . 150B.4 Equivalence of Structural Operational Semantics and Reduction Semantics of EnvironmentalISWIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155B.5 Equivalence of Reduction Semantics and Abstract Machine (CEK Machine) of Environ-mental ISWIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158vTable of ContentsC Proofs of Chapter 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166C.1 Equivalence of Substitutional Structural Operational Semantics and Substitutional Reduc-tion Semantics of MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166C.2 Equivalence of Substitutional Reduction Semantics and Substitutional Abstract Machine(MK Machine) of MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169D Proofs of Chapter 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182D.1 Equivalence of MetaML and Explicit MetaML . . . . . . . . . . . . . . . . . . . . . . . . 182D.2 Equivalence of MetaML and Suspended MetaML . . . . . . . . . . . . . . . . . . . . . . . 201D.3 Equivalence of MetaML and Environmental MetaML . . . . . . . . . . . . . . . . . . . . . 223D.4 Equivalence of Structural Operational Semantics and Reduction Semantics of EnvironmentalMetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242D.5 Equivalence of Reduction Semantics and Abstract Machine (MEK Machine) of Environ-mental MetaML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246viList of Tables1.1 Summary of semantics used to refine ISWIMβs substitutional structural operational semanticsto the CEK abstract machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91.2 Summary of semantics used to refine MetaMLβs substitutional structural operational se-mantics to the MK abstract machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91.3 Summary of semantics used to solve the main semantics refinement problem. . . . . . . . . 9viiList of Figures2.1 Evaluation of !γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5 in Substitutional Natural Semantics of MetaML.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232.2 Evaluation of !γΞ»a. βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5 in Substitutional Structural Operational Se-mantics of MetaML. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293.1 Evaluation of ((Ξ»x1.Ξ»x2.x1) 7) 4 in Reduction Semantics of Environmental ISWIM. . . . . 513.2 Evaluation of ((Ξ»x1.Ξ»x2.x1) 7) 4 in the CEK Machine. . . . . . . . . . . . . . . . . . . . . 564.1 Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in Substitutional Reduction Semantics of MetaML.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614.2 Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in the MK Machine. . . . . . . . . . . . . . . . 655.1 Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in Reduction Semantics of Environmental MetaML.1005.2 Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in the MEK Machine. . . . . . . . . . . . . . . 105viiiAcknowledgementsI am greatly indebted to my supervisor, Dr. Ronald Garcia (Assistant Professor), for his continued support,guidance and encouragement over the past two and a half years. In the spring of 2014, I was fortunatein talking his postgraduate-level programming language course in which I was led into the world of pro-gramming language theory (PLT) for the first time. Since then, he has been supervising me on the projectof refining semantics for multi-stage programming, which is presented by this thesis. I thank him for en-couraging me to attend academic conferences and to interact with the academia, especially for financiallysupporting my participation in POPL β15 in Mumbai, India. I thank him for answering every single questionof me thoroughly, for being forbearing when I contradicted him, for arousing my enthusiasm when I feltlazy, for comforting me when I had negative results, and for backing me up when I had hard times. I thankhim for agreeing to review my thesis during his busiest time of the year, for patiently reviewing each sectionof my thesis in three to five iterations, and for providing numerous feedback on both the technical detailsand my writing style. I thank him for sharing the following quotation with me, which inspires me each andevery day.Nobody tells this to people who are beginners. I wish someone had told me. All of us who docreative work, we get into it because we have good taste. But there is this gap. For the firstcouple years you make stuff, itβs just not that good. Itβs trying to be good, it has potential, butitβs not. But your taste, the thing that got you into the game, is still killer. And your taste is whyyour work disappoints you. A lot of people never get past this phase, they quit. Most people Iknow who do interesting, creative work went through years of this. We know our work doesnβthave this special thing that we want it to have. We all go through this. And if you are juststarting out or you are still in this phase, you gotta know its normal and the most importantthing you can do is do a lot of work. Put yourself on a deadline so that every week you finishone piece. Itβs only by going through a volume of work that you will close that gap, and yourwork will be as good as your ambitions. And I took longer to figure out how to do this thananyone Iβve ever met. Itβs gonna take awhile. Itβs normal to take awhile. You just gotta fightyour way through.β Ira GlassI am grateful to the second reader, Dr. Ivan Beschastnikh (Assistant Professor), for reviewing my thesis andproviding helpful feedback when he had a busy schedule out of town.I thank Dr. Mark Greenstreet (Professor) and his students Ms. Jijie Wei and Ms. Yan Peng for helpingme settle into the department. I also thank my tentative advisor, Dr. David Poole (Professor), for assistingme in academic decision making in the first eight months of the masterβs programme. Thanks to Dr. RonaldixAcknowledgementsGarcia (Assistant Professor), Dr. Alan Hu (Professor) and Dr. Steve Wolfman (Professor of Teaching) forrecommending me for admission to the PhD programme. Thanks to Ms. Joyce Poon and Ms. Hermie Lamfor their help in administrative affairs.I thank my colleagues in the programming language group, especially Dr. Ronald Garcia (Assist-ant Professor), Dr. Joshua Dunfield (Research Associate), Mr. Felipe Banados Schwerter, Mr. EvgenyRoubinchtein, Mr. Jonatan Milewski and Mr. Khurram Ali Jafery for the insightful discussions in ourweekly reading group meetings. I also thank my colleagues in the Software Practices Laboratory for motiv-ating me to work hard. Thanks to Mr. Felipe Banados Schwerter for being in charge of the coffee machineand Mr. C. Albert Thompson for organising activities in the laboratory.Employed as a teaching assistant for six terms, I thank the instructors and students for providing me theopportunities to strengthening my teaching skills.Thanks to Dr. Evgenia Ternovska (Associate Professor), Dr. Wo-Shun Luk (Professor), Dr. Greg Baker(Senior Lecturer), Dr. Zonghua Gu (Associate Professor), Ms. Lieping Peng, Dr. Gencai Chen (Professor),Dr. Shuhua Liu (Associate Professor) and Dr. Yangzheng Wang (Professor) for their various kinds ofsupport and encouragement when I studied at Simon Fraser University and Zhejiang University. Thanks tomy friend, Mr. Yuke Zhu, for setting a good example to me in academia, and for motivating and supportingme to pursue an academic career.Thanks to my friends and fellow students of the 2013 cohort at UBC, especially Mr. Zongxu Mu, Mr.Michael Ming-An Wu, Mr. Jonatan Milewski, Mr. Yifan Peng, Mr. Ben Zhu, Mr. Shuochen Su, Mr. YuzanYang, Ms. Yidan Liu, Ms. Kailun Zhang and Ms. Jianing Yu for the colourful times we have had.Thanks to Mr. Wei Wang, Mr. Shuhan Wang, Ms. Mengran Guo and Mr. Siyu Wang for our unfailingfriendship. Thanks to my dormitory roommates, including Mr. Yizhuo Hu, Mr. Zhenyu Xia, Mr. SifangLiu, Mr. Boyu Li and Mr. Zhu Li, for the unforgettable experience of collective life.Last but not least, I thank my family for their faith and love.xxiChapter 1IntroductionTo motivate the idea of multi-stage programming, we first demonstrate why general-purpose solutions toprogramming problems can be easier to implement and more reusable, but run more slowly than special-purpose solutions. We then discuss how a special-purpose program can be derived from a general-purposeprogram. Multi-stage programming exploits this possibility, allowing programmers to systematically trans-form a general-purpose program into a special-purpose program generator.1.1 General-purpose and Special-purpose ProgrammingConsider the problem of computing a positive integer raised to a non-negative integer. Here are two possiblesolutions.1Example 1. power n x returns the nth power of x.power n x| n == 0 = 1| otherwise = x * (power (n - 1) x)Example 2. power0 x returns the 0th power of x, power1 x returns the 1st power of x, power2 x returns2nd power of x, and so on.power0 x = 1power1 x = xpower2 x = x * xpower3 x = x * x * x......power2016 x = x β x β ...β xοΈΈ οΈ·οΈ· οΈΈ2016 x's......As illustrated above, one may abstract the problem into a general problem that computes a positiveinteger raised to any non-negative integer. We call the power function a general-purpose program (orsolution).In contrast, one may split the problem into multiple special problems each of which computes a posit-ive integer raised to a fixed non-negative integer. We call the functions power0, power1, power2, ...,power2016, ... special-purpose programs (or solutions).1The code is presented in a Haskell-like syntax style.11.2. Specialising a General-purpose ProgramFor example, to compute the 2016th power of natural numbers [1..100], we can utilise either thegeneral-purpose solution, the power function:map (power 2016) [1..100]or the special-purpose solution, the power2016 function:map power2016 [1..100]As expected, they both produce the same correct result.Now compare the performance of the general-purpose solution and the special purpose solution.β’ Provided that most programmers have knowledge of branching and recursion, the general-purposeprogram power is easier to be implemented than the special-purpose program power2016 becausethe former requires writing less code than the latter.β’ The general-purpose program power is more reusable than the special-purpose program power2016because the power function is much more adaptable to similar computational tasks than the power2016function.β’ The general-purpose program power runs more slowly than the special-purpose program power2016.For example, evaluating the power function with arguments 2016 and 100 involves 2016 recurs-ive calls of the power function before getting the multiplication 100β100β ...β100οΈΈ οΈ·οΈ· οΈΈ2016 100βsβ1. In contrast,executing the special-purpose program power2016 with argument 100 immediately computes themultiplication 100β100β ...β100οΈΈ οΈ·οΈ· οΈΈ2016 100βswithout having any recursive calls or branching on an argument.A special-purpose program does not always run faster than a corresponding general-purpose program.In an extreme case, if the special-purpose program has an extremely large amount of code, it consumesa significant amount of time and space to load the code, in which case code explosion may cause thespecial-purpose program to have a higher execution cost.The above presents a representative result of comparing a general-purpose program and a special-purposeprogram that solve the same problem. In most cases, a general-purpose program is easier to implement andmore reusable, but less efficient than its special-purpose counterpart.1.2 Specialising a General-purpose ProgramGiven a general-purpose program, we may predict the definite results of some of the ensuing computations.We can replace these computations with their anticipated values, which yields a special-purpose program.We call this process the specialisation of a general-purpose program. The program generated through spe-cialisation inherits the advantage of running fast from ordinary special-purpose programs and avoids codeexplosion whenever possible.21.3. Multi-stage ProgrammingSpecialisation is a well-known technique in high-performance programming. For example, populardomain-specific languages for graphics programming such as OpenGL allows writing a general-purposeprogram does not reply on a particular underlying GPU architecture. A compiler completes the job ofspecialising a general-purpose program to a special program that is tailored to a specific GPU.As an illustration, consider the problem of specialising the general-purpose power function, if there isa priori information that we will frequently compute the 2016th power of any given positive integer. We gothrough two steps:1. We define:power2016' = \x -> (power 2016 x)2. We unfold the body of the power2016' function so that the function \x -> (power 2016 x) be-comes\x -> xβxβ ...βxοΈΈ οΈ·οΈ· οΈΈ2016 xβsβ1which eliminates the relatively high runtime overhead associated with the power function that ismainly caused by repeated recursive calls.We make two assumptions in order to be able to unfold the body of the power2016' function. The firstassumption is that we can evaluate the body of a function at our convenience. This allows us to go inside afunction and evaluate its body at the time that the function is defined. Under this assumption, when we definethe function power2016', we can evaluate the body power 2016 x of the function \x -> (power 2016x). The second assumption is that we can evaluate a function with partially known parameters, which isknown as partial evaluation [JGS93]. Although the second parameter x of the power function is unknown,we can evaluate the partial application power 2016 x based on its first argument 2016. Then power 2016x is unfolded to the expression xβxβ ...βxοΈΈ οΈ·οΈ· οΈΈ2016 xβsβ1. As a result under these two assumptions, the function \x ->(power 2016 x) evaluates to \x -> xβxβ ...βxοΈΈ οΈ·οΈ· οΈΈ2016 xβsβ1.As a matter of fact, the essence of these two assumptions is to let programmers customise the order inwhich the terms of a program are evaluated. This capability constitutes the foundation for the programmingparadigm of our interest, multi-stage programming (MSP) [TS97, Tah99a, She01, Tah04].1.3 Multi-stage ProgrammingMulti-stage programming is a programming paradigm that supports runtime code generation and execution[Tah04]. Multi-stage programming supports meta-programming in the sense that a multi-stage program canbe executed within a multi-stage program. A multi-stage language serves as both a meta-language and anobject language.31.4. Static Analysis of Multi-stage ProgramsMulti-stage programming also supports program specialisation [JGS93]. One can start programmingwith a general-purpose program and then specialise it based on the a priori information about partial inputsof the program. A well-written multi-stage solution to a programming problem is easier to implement andmaintain, more reusable and reliable than a special-purpose solution, and runs faster than a general-purposesolution.Multi-stage programming lets programmers control the order in which the terms of a program are eval-uated in order to optimise the time and space resources consumed by evaluating the program [She98]. Onecan start programming with a conventional single-stage program and then specify the evaluation order of itsterms with staging annotations to make the program multi-stage.There have been developed several multi-stage programming languages and language extensions suchas MetaML [TS97], MetaOCaml [Tah04], MetaHaskell [Mai12] and Mint [WRI+09]. We intensively studyMetaML, a functional multi-stage language that extends ML, in the thesis.To demonstrate what how a multi-stage program differs from its single-stage counterpart, we annotatethe single-stage power and powerN functions with three staging annotations supported by MetaML: code,splice and run. Code, denoted by γ and γ, are for delaying a computation. Splice, denoted by βΌ, is forcombining delayed computations. Run, denoted by !, is for running a delayed computation.Example 3. The multi-stage power' and powerN' functions are the single-stage power and powerN func-tions with staging annotations.power' n x| n == 0 = γ1γ| otherwise = γβΌx * βΌ(power' (n - 1) x)γpowerN' n = γ\x -> βΌ(power' n γxγ)γFor example, to compute the 2016th power of 1, 2, ..., 100, we evaluate following two-stage program:map !(powerN' 2016) [1..100]At the first stage, !(powerN' 2016) evaluates to the function \x -> xβxβ ...βxοΈΈ οΈ·οΈ· οΈΈ2016 xβsβ1. At the second stage,the program proceeds as:map (\x -> xβxβ ...βxοΈΈ οΈ·οΈ· οΈΈ2016 x'sβ1) [1..100]The recursive calls to the power' function all happen intensively at the first stage when the run operation!(powerN' 2016) evaluates. They never happen again at the second stage.We analyse this example in detail in the next chapter (Chapter 2).1.4 Static Analysis of Multi-stage ProgramsAlthough researchers have extended many mainstream programming languages to support multi-stage pro-gramming, multi-stage programming as a programming paradigm has not been widely recognised or used.41.5. Refining SemanticsThe popularisation of multi-stage programming has been impeded by the lack of development aids such ascode refactoring and optimisation, for which the culprit is the lack of static analysis support. Our ultimategoal is to design a sound and decidable static analysis for a multi-stage programming language.Recently, [VHM12] proposed a general-purpose approach to systematically developing static analysesfor a programming language by applying transformations to its formal semantics. The approach requiresthat the initial semantics be specified as an environmental abstract machine that records the change of con-trol strings, environments and continuations as a program evaluates. The transformations involve using atraditional store to collect execution information and associate it with the source program. After a num-ber of transformations, the machine can be abstracted through its address allocation strategy. With thisprimary point of abstraction, we get a sound and decidable control flow analysis, where the preciseness ofthe analysis is determined by the chosen structure of the addresses used by the address allocator.To apply the framework to multi-stage programming, we shall develop an environmental abstract ma-chine for a multi-stage programming language. The abstract machine must be environmental because it usesenvironments to archive variable bindings, allowing us to trace the function calls in its history.1.5 Refining SemanticsDeveloping an environmental abstract machine for a multi-stage programming language based on a pre-existing semantics is essentially a semantics refinement problem. A stepwise refinement process may pro-duce several intermediate semantics before deriving the destination semantics. We briefly introduce fouroperational semantics that are usually used in solving a refinement problem.1.5.1 Operational SemanticsTo model the runtime behaviour of programs in a language, we can build an operational semantics for thelanguage. Operational semantics include big-step semantics and small-step semantics.β’ Big-step semantics is also known as natural semantics [Kah87]. It describes how the overall compu-tation of a program takes place.For example, in a big-step semantics, the program power 2016 100 big-steps to 1002016.β’ Small-step semantics include structural operational semantics [Plo81], reduction semantics [FH92]and abstract machine semantics [Lan64], ordered from the least practical to the most practical imple-mentation strategies, all of which define how a single step of computation of a program takes place.β Structural operational semantics defines how a program computes with respect to the terms ofthe program in a syntax-oriented and inductive way.β Reduction semantics defines where a reduction may happen and what reduction may happen butdoes not provide a deterministic strategy for finding a place to perform reduction.β Abstract machine semantics refines reduction semantics in the sense that it provides a determin-istic strategy for finding a place to perform reduction.51.5. Refining SemanticsFor example, in a small-step semantics, the program power 2016 100 small-steps to 100 * (power2015 100).We differentiate a substitutional operational semantics from an environmental operational semantics.β’ An operational semantics is substitutional if a function call is performed by substituting the functionβsparameters by arguments where substitutions may be modelled implicitly in the meta-language orexplicitly [Ros96] as several steps of computation.For example, calling the function \x -> x + 1 with the argument x = 1 results in 1 + 1. Then justlooking at 1 + 1 itself does not tell whether a function call has been performed.β’ An operational semantics is environmental if it uses an environment to keep track of variable bindingsso that a function call is performed by updating the functionβs parameters in the environment to thefunctionβs arguments.For example, calling the function \x -> x + 1 with the argument x = 1 results in x + 1 togetherwith a variable binding that x = 1. Then just looking at x + 1 together with the variable binding thatx = 1 implies that a function call with the argument x = 1 has been performed.1.5.2 Refining SemanticsHaving what an operational semantics is in mind, we now consider how to develop an environmental abstractmachine for a multi-stage programming language.Main Semantics Refinement Problem. The multi-stage programming language that we study in the thesisis MetaML. We take the pre-existing substitutional natural semantics defined in [Tah99a] as our reference se-mantics for MetaML. The main research problem of the thesis which we call the main semantics refinementproblem is:Can we refine the pre-existing substitutional natural semantics of MetaML to a correspondingenvironmental abstract machine and demonstrate their equivalence?As an environmental abstract machine is a small-step operational semantics, its development is more naturaland convenient to start from a structural operational semantics than a natural semantics. Thus the veryfirst step to take is to derive a substitutional structural operational semantics for MetaML and show itsequivalence with respect to the substitutional natural semantics. We illustrate this step in Table 1.1 anddiscuss it in detail in Chapter 2.Developing an environmental abstract machine for MetaML is not straightforward and has not been doneso far in the literature. We first attempt the main semantics refinement problem along two dimensionsβeachdimension leads to a less complicated semantics refinement problem.61.5. Refining SemanticsStepwise Developing the CEK Machine for ISWIM. Following the first dimension of simplifying themain semantics refinement problem, we study how to stepwise develop an environmental abstract machinefor a single-stage language ISWIM [Lan66] rather than the multi-stage language MetaML. The problem isdescribed as follows.Can we refine the substitutional structural operational semantics of ISWIM to a correspondingenvironmental abstract machine, which is known as the CEK machine [FF86], and demonstratetheir equivalence?We solve the above problem step by step as follows (see Table 1.1 for a summary).1. ISWIM: Substitutions are defined in the meta-language level. Any instance of substitution in programimmediately replaces every relevant variable as part of a single step of computation. We call this"inexplicit" in contrast to explicit substitutions, which we discuss next.We take the (inexplicitly) substitutional structural operational semantics of ISWIM as the startingpoint of solving the refinement problem for ISWIM.2. Explicit ISWIM: Substitutions are defined as explicit object-language constructs. An instance ofsubstitution replaces every relevant variable step by step by percolating explicit substitutions as severalsteps of computation. This provides a manageable step on the way to developing an environmentalsemantics.3. Suspended ISWIM: Substitutions are modelled explicitly as in Explicit ISWIM and are suspendedoutside of a lambda abstraction until an application is performed. This step turns the semantics moreenvironmental and makes the proofs of semantics equivalence tractable.4. Environmental ISWIM: Environmental ISWIM turns explicit substitutions to environments.Environmental ISWIM is first derived as a structural operational semantics. We then systematicallytransform the semantics from structural operational semantics to reduction semantics and finally to anabstract machine. The abstract machine is also known as the CEK machine.The stepwise development of CEK machine for ISWIM is discussed in detail in Chapter 3.Stepwise Developing the MK Machine for MetaML. Following the second dimension of simplifyingthe main semantics refinement problem, we study how to stepwise develop a substitutional abstract ma-chine rather than an environmental abstract machine for the multi-stage language MetaML. The problem isdescribed as follows.Can we refine the substitutional structural operational semantics of MetaML to a correspondingsubstitutional abstract machine, which we call the MK machine, and demonstrate their equival-ence?71.5. Refining SemanticsAs summarised in Table 1.2, starting from the substitutional structural operational semantics of MetaML,we first derive a substitutional reduction semantics and then a substitutional abstract machine, which we callthe MK machine. The stepwise development of MK machine for MetaML is discussed in detail in Chapter4.Stepwise Developing the MEK Machine for MetaML. Utilising the experience of refining semanticsalong two dimensions, we eventually study how to stepwise develop an environmental abstract machine forthe multi-stage language MetaML. The problem is described as follows.Can we refine the substitutional structural operational semantics of MetaML to a correspond-ing environmental abstract machine, which we call the MEK machine, and demonstrate theirequivalence?We attempt the above problem step by step as follows (see Table 1.3 for a summary).1. MetaML: Substitutions are modelled inexplicitly, analogously to ISWIM.We take the (inexplicitly) substitutional structural operational semantics of MetaML as the startingpoint of refinement.2. Explicit MetaML: Substitutions are modelled explicitly, analogously to Explicit ISWIM. This providesa manageable step on the way to developing an environmental semantics.3. Suspended MetaML: Substitutions are modelled explicitly, analogously to Suspended ISWIM. Thisstep turns the semantics more environmental and makes the proofs of semantics equivalence tractable.4. Environmental MetaML: Environmental MetaML turns explicit substitutions to environments.Environmental MetaML is first derived as a structural operational semantics. We then systematicallytransform the semantics from structural operational semantics to reduction semantics and finally to anabstract machine. We call the abstract machine the MEK machine.The stepwise development of MEK machine for MetaML is discussed in detail in Chapter 5.Proving Equivalence of Semantics. We introduce and use throughout the thesis three proof techniquesto prove the equivalence of two structural operational semantics, the equivalence of a structural operationalsemantics and a reduction semantics, and the equivalence of a reduction semantics and an abstract machine.We summarise the proof methodology in detail in Chapter 6.81.5. Refining SemanticsNo. Language Semantics Substitutional or Environmental Section1 ISWIM Structural Operational Semantics (Inexplicitly) Substitutional 3.12 Explicit ISWIM Structural Operational Semantics Explicitly Substitutional 3.23 Suspended ISWIM Structural Operational Semantics Explicitly Substitutional 3.34 Environmental ISWIM Structural Operational Semantics Environmental 3.45 Environmental ISWIM Reduction Semantics Environmental 3.56 Environmental ISWIM CEK Abstract Machine Environmental 3.6Table 1.1: Summary of semantics used to refine ISWIMβs substitutional structural operational semantics tothe CEK abstract machine.No. Language Semantics Substitutional or Environmental Section1 MetaML Structural Operational Semantics (Inexplicitly) Substitutional 2.22 MetaML Reduction Semantics (Inexplicitly) Substitutional 4.13 MetaML MK Abstract Machine (Inexplicitly) Substitutional 4.2Table 1.2: Summary of semantics used to refine MetaMLβs substitutional structural operational semantics tothe MK abstract machine.No. Language Semantics Substitutional or Environmental Section1 MetaML Natural Semantics (Inexplicitly) Substitutional 2.22 MetaML Structural Operational Semantics (Inexplicitly) Substitutional 2.2, 5.13 Explicit MetaML Structural Operational Semantics Explicitly Substitutional 5.24 Suspended MetaML Structural Operational Semantics Explicitly Substitutional 5.35 Environmental MetaML Structural Operational Semantics Environmental 5.46 Environmental MetaML Reduction Semantics Environmental 5.57 Environmental MetaML MEK Abstract Machine Environmental 5.6Table 1.3: Summary of semantics used to solve the main semantics refinement problem.9Chapter 2Formal Semantics of MetaMLThis chapter introduces multi-stage programming and the formal semantics of MetaML. We first introducethe three staging annotations of MetaML and informally discuss how a multi-stage program evaluates usingexamples. Then we study the pre-existing substitutional natural semantics of MetaML [Tah99a] and presentour newly developed substitutional structural operational semantics for MetaML. We finally demonstratethat the substitutional natural semantics and the substitutional structural operational semantics are equival-ent.The definitions in Section 2.1 are based on [She98, TS97]. The substitutional natural semantics ofMetaML in Section 2.2 is based on [Tah99a].2.1 Staging AnnotationsMetaML uses staging annotations to explicitly control the evaluation order of terms of a program. Stagingannotations include the code operator, the run operator and the splice operator.Code Operation. A code operation, consisting of (1) the code operator βγβ βγβ and (2) an operand,indicates delaying computing the operand. If a code operation evaluates to itself, it is a code value.Example 4. 3 + 7 evaluates to 10. The code operation γ3 + 7γ evaluates to itself because of delayingcomputing its operand 3 + 7. Hence the code operation γ3 + 7γ is is also a code value.Run Operation. A Run operation, consisting of (1) the run operator ! and (2) an operand, indicatesexecuting the delayed computation of the operand. A run operation expects its operand to reduce to a codeoperation. A run operation eliminates the code brackets from the result of evaluating its operand.Example 5. !γ3 + 7γ evaluates to 10. Its step-by-step reduction is as follows.1 !γ3 + 7γThe run operator executes the delayed computation of the operand, 3 + 7.2 3 + 7The addition operation 3 + 7 evaluates to 10.3 10The natural number 10 is irreducible.102.1. Staging AnnotationsSplice Operation. An splice operation, consisting of (1) the splice operator ββΌβ and (2) an operand,indicates splicing the delayed computation produced by evaluating the operand into the current context. Asplice operation may only appear in a delayed computation, i.e., under code brackets. Only a splice operationcan be reduced under code brackets. A splice operation expects its operand to reduce to a code value. Asplice operation eliminates the code brackets from the result of evaluating its operand.Example 6. γ βΌγ3 + 7γ * βΌγ3 + 7γ γ evaluates to γ (3 + 7) * (3 + 7) γ. Its step-by-step reduc-tion is as follows.1 γ βΌγ3 + 7γ * βΌγ3 + 7γ γThe first escape operator splices the delayed computation of the operand, 3 + 7, into the contextsurrounded by code brackets.2 γ (3 + 7) * βΌγ3 + 7γ γThe second escape operator splices the delayed computation of the operand, 3 + 7, into the contextsurrounded by code brackets.3 γ (3 + 7) * (3 + 7) γThe code operation γ (3 + 7) * (3 + 7) γ is irreducible.Level of a Term. To explicitly regulate under what circumstances the run operation eliminates code andthe splice operation combines code, we introduce the concept of levels. The level of a term is the differenceof the number of surrounding brackets and the number of surrounding escapes.Example 7. (1) 3 in γ3 + 7γ is at level 1.(2) The first 3 in γ βΌγ3 + 7γ * βΌγ3 + 7γ γ is at level 2β1 = 1.(3) The first 3 in γ (3 + 7) * (3 + 7) γ is at level 1.(4) 3 in !γ3 + 7γ is at level 1.(5) The function \x -> x in !γ βΌγ3 + 7γ * βΌ((\x -> x) γ3 + 7γ) γ is at level 1β1 = 0.Roughly speaking, a splice operation ...βΌγtγ... reduces to ...t... only if βΌγtγ is at level 1, and a runoperation ...!γtγ... reduces to ...t... only if !γtγ is at level 0, where t is an arbitrarily legal term. Level 0corresponds to single-stage programming. An function call or an addition only reduces at level 0. Forexample, 3 + 7 reduces to 10 at level 0 and is irreducible at other levels.Example 8. !γ βΌγ3 + 7γ * βΌ((\x -> x) γ3 + 7γ) γ evaluates to 100. Its step-by-step reduction is asfollows. The reducible term of each step is underlined.1 !γ:::βΌγ3:::+:::7γ * βΌ((\x -> x) γ3 + 7γ) γIn the splice operationβΌγ3 + 7γ, the delayed computation of the operand 3 + 7 is spliced into thecontext.2 !γ (3 + 7) * βΌ(:::(\x::::->:::x):::γ3::+:::::7γ) γThe application (\x -> x) γ3 + 7γ reduces to γ3 + 7γ.3 !γ (3 + 7) *::::βΌγ3::+:::7γ γIn the splice operationβΌγ3 + 7γ, the delayed computation of the operand 3 + 7 is spliced into thecontext.112.1. Staging Annotations4::!γ:::(3::+::::7)::*:::(3:::+:::7)::γ:The run operator executes the delayed computation of the operand (3 + 7) * (3 + 7).5::(3::+::::7) * (3 + 7)The first operand of the multiplication operation 3 + 7 reduces to 10.6 10 *:::(3::+:::7)The second operand of the multiplication operation 3 + 7 reduces to 10.7::10::*::::10The multiplication operation 10 * 10 reduces to 100.8 100The natural number 100 irreducible.The code operation introduces a code value, the run operation eliminates a code value, and the spliceoperation combines code values. Taking the above evaluation as an example, in the first step, the outermostcode operation generates a code value in which two inner code operations introduce two smaller code values.In the third step, the splice operation combines code values. In the fourth step, the run operation executes acode value.Evaluating a Multi-stage Program. A multi-stage program can be constructed from a conventionalsingle-stage program by manually adding staging annotations [TS97]. We demonstrate how a multi-stageprogram evaluates through Example 3 from Chapter 1, which is re-described below as Example 9.Example 9. The multi-stage power' and powerN' functions are the single-stage power and powerN func-tions with staging annotations.power' n x| n == 0 = γ1γ| otherwise = γβΌx * βΌ(power' (n - 1) x)γpowerN' n = γ\x -> βΌ(power' n γxγ)γThe power' function is a special-purpose program generator. When the parameter n of the powerN'function is known, !(powerN n) generates a special-purpose program that computes its parameter raised ton. For example, to compute the 4th power of an integer, !(powerN' 4) eventually reduces to \x -> (x *x * x * x * 1). Its step-by-step reduction is as follows. The reducible term of each step is underlined.1 !(::::::::powerN'::4)2 !γ \x -> βΌ(:::::::power'::4::::γxγ) γ3 !γ \x -> βΌ(γ:::::βΌγxγ * βΌ(power' 3 γxγ) γ) γ4 !γ \x -> βΌ(γ x * βΌ(::::::power':::3::::γxγ) γ) γ5 !γ \x -> βΌ(γ x * βΌ(γ::::βΌγxγ * βΌ(power' 2 γxγ) γ) γ) γ6 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(:::::::power'::2::::γxγ) γ) γ) γ7 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(γ::::βΌγxγ * βΌ(power' 1 γxγ) γ) γ) γ) γ8 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(γ x * βΌ(:::::::power'::1::::γxγ) γ) γ) γ) γ122.2. Formal Semantics of MetaML9 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(γ x * βΌ(γ:::::βΌγxγ * βΌ(power' 0 γxγ) γ) γ) γ) γ) γ10 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(γ x * βΌ(γ x * βΌ(::::::power':::0::::γxγ) γ) γ) γ) γ) γ11 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(γ x * βΌ(γ x *:::::::βΌ(γ1γ) γ) γ) γ) γ) γ12 !γ \x -> βΌ(γ x * βΌ(γ x * βΌ(γ x *::::βΌ(γ::x:::*::::1γ) γ) γ) γ) γ13 !γ \x -> βΌ(γ x * βΌ(γ x *::::βΌ(γ::x::*:::x::*::1:::γ) γ) γ) γ14 !γ \x -> βΌ(γ x *:::βΌ(γ:::x::*::x::*:::x::*::1:::γ) γ) γ15 !γ \x ->::::βΌ(γ::x:::*::x::*::x:::*::x::*::1::::γ) γ16::!γ::::\x:::->::::(x::*::x::*:::x::*::x::*::::1)::γ:17 \x -> (x * x * x * x * 1)We make a few observations from the example above. (1) A run operation expects its operand to reduce to acode operation, as illustrated by Steps 1 to 16. (2) A splice operation expects its operand to reduce to a codeoperation, as illustrated by Steps 2 to 15, Steps 4 to 14, Steps 6 to 13, Steps 8 to 12 and Steps 10 to 11. (3)A run operation eliminates the code brackets of its operand only if the operand is irreducible, as illustratedby Steps 1 to 16. (4) A splice operation eliminates the code brackets of its operand only if the operand isirreducible, as illustrated by Steps 2 to 15, Steps 4 to 14, Steps 6 to 13, Steps 8 to 12 and Steps 10 to 11.Informal Reasoning is Insufficient. Our explanation about how a multi-stage program evaluates isinformal. One may ask: what computation can be performed in the operand of a code operation, a spliceoperation or a run operation? When can the body of a function be evaluated? Is our evaluation strategydeterministic? How do we implement our evaluation strategy?Furthermore, it is tedious and error-prone to evaluate unintuitive programs such as!γΞ»y.βΌ ((Ξ»x.γxγ)(Ξ»x.γyγ))0γ5, which was introduced in [Tah99a], through informal reasoning as Example9. To rigorously explain how a multi-stage program evaluates, we need to define a formal semantics.2.2 Formal Semantics of MetaMLPreviously, we have informally discussed how MetaML works as a multi-stage programming language. Inthis section, we explain the formal semantics of MetaML: its syntax, substitutional natural semantics andsubstitutional structural operational semantics. For the sake of simplicity and convenience, we make twominor modifications to the formal specifications of MetaML presented in [Tah99a]: we add natural numbersand addition to the language, and we discard the fixed point operator from the language as a fixed pointoperator can be implemented using the Y combinator.2.2.1 SyntaxWe first define the basic syntax of the language: terms, values and denotable terms. Then we presentsome properties implied by the definitions. Finally we define the free variable function and the substitutionfunction.132.2. Formal Semantics of MetaML2.2.1.1 TermsWe start with two sets: the set of variables, VAR, and the set of natural numbers, N.Definition 10 (Terms). Let TERM be the set of terms.x β VAR, n β N, i β N, t β TERMt ::= x | t t | Ξ»x.t | γtγ | βΌt | !t | n | t+ tThe definition tells that a term can be (1) a variable, (2) an application in which both the operator andthe operand are terms, (3) a lambda abstraction whose body is a term, (4) a code operation whose operandis a term, (5) a splice operation whose operand is a term, (6) a run operation whose operand is a term, (7) anatural number, or (8) an addition operation whose two operands are terms.Recall that the level of a term is the difference of the number of surrounding brackets and the numberof surrounding escapes. A term cannot occur at the position of an arbitrary level. For example, a spliceoperation cannot occur at a level-0 position because it must be in some code operation. We use levels asindexes to finely distinguish subclasses of terms.Definition 11 (Level-indexed Terms). Let TERMi be the set of terms at level i.x β TERMit1 β TERMi t2 β TERMit1 t2 β TERMit β TERMiΞ»x.t β TERMit β TERMi+1γtγ β TERMit β TERMiβΌ t β TERMi+1t β TERMi!t β TERMi n β TERMit1 β TERMi t2 β TERMit1+ t2 β TERMiThe definition tells that (1) a variable can be at an arbitrary level, (2) an application can be at the anylevel that its operator and operand share, (3) a lambda abstraction can be at any level that its body can, (4)a code operation can be at any level that is one level lower than its operand, (5) a splice operation can be atany level that is one level higher than its operand, (6) a run operation is can be at any level that its operandcan, (7) a natural number can be at an arbitrary level, and (8) an addition can be at any level that its twooperands share.The definition ensures that a splice operation cannot be a term at level 0. A splice combines a delayedcomputation into the context surrounded by code brackets. Hence the context of a splice has to be at somelevel higher than 0.We use t i with or without any subscript or any other superscript as a metavariable to range over TERMi.We continue to use t with or without any subscript or superscript as a metavariable to range over TERM.We make two observations about terms and level-indexed terms. (1) The sets TERMi contain strictlymore terms as the level i increases. For example, the term βΌx can be at any level higher than 0 and theterm βΌβΌx can be at any level higher than 1. Our syntax lets us write code generators that generates codegenerators. (2) Every term has at least one level. To make a conventional single-stage program multi-stage,we can experiment annotating the program with various combinations of staging annotations as long as theprogram is at level 0. We formalise our observations as the following propositions.Proposition 12. For any i β N, TERMi β TERMi+1.142.2. Formal Semantics of MetaMLProposition 13. TERM =βiβNTERMi.2.2.1.2 ValuesA value at level i is a term at level i that represents a result of computation at its indicated level. Thus thedefinition of values closely relates to the operational semantics of the language.Definition 14 (Level-indexed Values). Let VALUEi be the set of values at level i.x β VALUEi+1t1 β VALUEi+1 t2 β VALUEi+1t1 t2 β VALUEi+1 Ξ»x.t β VALUE0 where t β TERM0t β VALUEi+1Ξ»x.t β VALUEi+1t β VALUEi+1γtγ β VALUEit β VALUEi+1βΌ t β VALUEi+2v β VALUEi+1!v β VALUEi+1 n β VALUEit1 β VALUEi+1 t2 β VALUEi+1t1+ t2 β VALUEi+1Recall that in the multi-stage language MetaML, level 0 corresponds to single-stage programming, andlevels higher than zero delay some computation. We briefly explain the intuition behind the above definition.(1) A variable is not a value at level 0, analogous to the fact that a variable is not a result of computation insingle-stage programming. At higher levels, we delay dereferencing a variable, making the variable a value.(2) As a lambda abstraction is a value in single-stage programming, it is a value at level 0. At higher levels,it is a value if its body is a value. (3) For an application or an addition, an interesting reduction may onlyhappen at level 0. At higher levels, it is a value if its immediate substructures are values. (4) For a codeoperation γtγ, it is a code value if its operand t is irreducible one level up. (5) For a splice operation and arun operation, an interesting reduction may only happen at level 1 and level 0 respectively. For any higherlevel, a splice/run operation is a value if its operand is a value. (6) A natural number is always a value.We use vi with or without any subscript or any other superscript as a metavariable to range over VALUEi.Definition 15 (Values). Let VALUE be the set of values.VALUE =βi VALUEi where i β NWe use v with or without any subscript or superscript as a metavariable to range over VALUE.To demonstrate the relationship between terms and values, we make three observations. (1) There is aone-to-one correspondence between the subclasses of terms and the subclasses of values. One the one hand,a value at some level is a term at the next lower level. This justifies the semantics of run: if we have a level-ivalue γtγ, then t is a level-(i+1) value but not necessarily a level-i value. Removing the brackets makes t alevel-i term and allows us to reduce t at level i. Although running happens only at level 0, this uniformitymakes it clear that we can reason seamlessly about multi-stage programs at levels higher than 0 and 1 in thesame way that you reason about two-stage programs. One the other hand, a term at some level is a value atthe next higher level. We can always delay a computation by putting a pair of brackets around it. (2) A valueat some level represents a result of computation at that level. Hence a value at some level must be a term atthat level. This corresponds to our intuition and later formalisation of evaluating at a level. (3) Terms andvalues are represented by the exact same set of syntactic symbols. More importantly, every term is a value152.2. Formal Semantics of MetaMLat some level. It is always possible to turn a term to a value by putting a finite number of brackets around it.We list our observations as the following propositions.Proposition 16. For any i β N, VALUEi+1 = TERMi.Proposition 17. For any i β N, VALUEi β TERMi.Proposition 18. TERM = VALUE.2.2.1.3 Denotable TermsThe denotable terms are terms that are substituted for variables in the semantics.Definition 19 (Denotable Terms). Let DENOTABLE be the set of denotable terms.DENOTABLE = VARβͺVALUE0There are two circumstances that a variable is substituted. If a variable gets renamed, the variable issubstituted by a variable. If a lambda abstraction is applied to a value at level 0, then the lambda boundvariable is substituted by the value. Hence a variable may refer to a variable or a value at level 0. We use wwith or without any subscript or superscript as a metavariable to range over DENOTABLE.2.2.1.4 Free Variable FunctionWe define FV (t) to be the set of all variables that occur free in the term t.Definition 20 (Free Variable Function). Let the free variable function FV be a total function from the set ofterms to the power set of variables.FV : TERMβP(VAR)FV (x) = x (1)FV (t1 t2) = FV (t1)βͺFV (t2) (2)FV (Ξ»x.t) = FV (t)\{x} (3)FV (γtγ) = FV (t) (4)FV (!t) = FV (t) (5)FV (βΌt) = FV (t) (6)FV (n) = /0 (7)FV (t1+ t2) = FV (t1)βͺFV (t2) (8)Example 21. FV (Ξ»x.(x+y)) = FV (x+y)\{x}= (FV (x)βͺFV (y))\{x}= ({x}βͺ{y})\{x}= {x,y}\{x}={y}.Example 22. FV ((Ξ»x.x) x) = FV (Ξ»x.x)βͺFV (x) = (FV (x)\{x})βͺ{x}= ({x}\{x})βͺ{x}= /0βͺ{x}= {x}.Definition 23 (Closed Terms). A term t is closed if and only if FV (t) = /0.162.2. Formal Semantics of MetaML2.2.1.5 Substitution FunctionWe define t[w/x] to be the result of substituting the denotable term w for each free occurrence of the variablex in the term t.Definition 24 (Substitution Function). Let the substitution function Β·[Β·/Β·] be a total function from the 3-tupleof the set of terms, the set of denotable terms and the set of variables, to the set of terms.Β·[Β·/Β·] : (TERMΓDENOTABLEΓVAR)β TERMx[w/x] = w (1)x1[w/x2] = x1 where x1 6β‘ x2 (2)(t1 t2)[w/x] = (t1[w/x]) (t2[w/x]) (3)(Ξ»x1.t0)[w/x2] = Ξ»x3.t0[x3/x1][w/x2]where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (4)γt0γ[w/x] = γt0[w/x]γ (5)(!t0)[w/x] = !t0[w/x] (6)(βΌt0)[w/x] = βΌt0[w/x] (7)n[w/x] = n (8)(t1+ t2)[w/x] = (t1[w/x])+(t2[w/x]) (9)Equation (4) could be replaced by the following two rules:(Ξ»x1.t0)[w/x2] = Ξ»x1.t0 where x1 β‘ x2 (4-1)(Ξ»x1.t0)[w/x2] = Ξ»x3.t0[x3/x1][w/x2] where x1 6β‘ x2 and x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (4-2)The above two rules do not rename a lambda bound variable when it does not have to. For example, by (4)we have:(Ξ»x1.x1)[x1/x1] = Ξ»x2.x1[x2/x1][x1/x1] = Ξ»x2.x2 where x1 6β‘ x2In contrast, by (4-1), we have:(Ξ»x1.x1)[x1/x1] = Ξ»x1.x1For the sake of proof simplicity, we do not replace (4) by (4-1) and (4-2). It can be proved that these twoforms always produce alpha equivalent results. Definition 130 defines the alpha equivalence relation.Strictly speaking, the definition itself does not define a function. In (4), x3 can be an arbitrary variableas long as x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2}. The definition indeed defines a relation rather than a function.To make what we have defined become a real function, we can impose a total order on variables, i.e., VARis a total order. In (4), let x3 be the least element from VAR such that x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2}. Asa result, Β·[Β·/Β·] truly becomes a function. However, this approach makes the later proofs overcomplicated.Alternatively, we can equate all terms that only differ in the names of their lambda bound variables,i.e., we equal all Ξ±-equivalent terms. Then, a term is a representative of its Ξ±-equivalent class. Recall thatthe destination semantics of the main semantics refinement problem is an abstract machine, which is close172.2. Formal Semantics of MetaMLto a practical implementation. We do not use this approach because meta-linguistic equivalence classes ofvariables do not map well to a concrete implementation.At this moment, we are not concerned with how a fresh variable is chosen so we call Β·[Β·/Β·] the substitutionfunction.Example 25. Let x 6β‘ y. Then (Ξ»x.x+ y)[x/y] = Ξ» z.(x+ y)[z/x][x/y] = Ξ» z.(x[z/x]+ y[z/x])[x/y] = Ξ» z.(z+y)[x/y] = Ξ» z.(z[x/y]+ y[x/y]) = Ξ» z.z+ x where z 6β‘ y.2.2.2 Substitutional Natural SemanticsWe lay out the substitutional natural semantics through a family of level-indexed big-step relations.Definition 26 (Level-indexed Big-step Relations). For any i β N, define the level-indexed big-step relationβi be a binary relation between the set of terms at level i and the set of values at level i.βiβ TERMiΓVALUEiΞ»x.t0 β0 Ξ»x.t0 (lambda-0)t i+11 βi+1 vi+12Ξ»x.t i+11 βi+1 Ξ»x.vi+12(lambda-(i+1))t01 β0 Ξ»x.t011 t02 β0 v02 t011[v02/x] β0 v0t01 t02 β0 v0(app-0)t i+11 βi+1 vi+11 t i+12 βi+1 vi+12t i+11 ti+12 βi+1 vi+11 vi+12(app-(i+1))t01 β0 γv11γ v11 β0 v02!t01 β0 v02(run-0)t i+1 βi+1 vi+1!t i+1 βi+1!vi+1 (run-(i+1))t i+1 βi+1 vi+1γt i+1γ βi γvi+1γ (code-i)No (splice-0)t0 β0 γv1γβΌt0 β1 v1 (splice-1)t i+1 βi+1 vi+1βΌt i+1 βi+2 βΌvi+1 (splice-(i+2))No (ref-0) x βi+1 x (ref-(i+1))n βi n (num-i)t01 β0 n1 t02 β0 n2t01 + t02 β0 nwhere n = n1+n2 (plus-0)t i+11 βi+1 vi+11 t i+12 βi+1 vi+12t i+11 + ti+12 βi+1 vi+11 + vi+12(plus-(i+1))The big-step relation t i1 βi vi2 reads as βt1 big-steps to v2 at level iβ, meaning that the value v2 is the resultof computing the term t1 at level i.Recall that a term can be a variable x, an application t1 t2, a lambda abstraction Ξ»x.t, a code operationγtγ, a splice operationβΌt, a run operation !t, a natural number n and an addition operation t1+t2. We explainhow an arbitrary term gets evaluated by the above relation.182.2. Formal Semantics of MetaMLGiven a variable x, we may use the (ref-(i+1)) depending on its level. (1) If the variable x is at level 0,we get stuck because there is no (ref-0) rule. (2) If the variable is at level i+ 1, the variable evaluates toitself as it is a value at level i+1.Given an application t1 t2, we may evaluate it using the (app-0) rule or the (app-(i+1)) rule dependingon the current level. (1) If the application is at level 0, we first evaluate its operator t1 at level 0 to a lambdaabstraction Ξ»x.t11 and evaluate its operand t2 at level 0 to a value v2. Then we substitute every free occurrenceof the variable x in the term t11 by the value v2, denoted by t11[v2/x]. Finally we evaluate t11[v2/x] at level 0to a value v, which is the final result of evaluating the application t1 t2 at level 0. Evaluating an applicationat level 0 is the same as evaluating an application in a single-stage language. (2) If the application is at leveli+1, we evaluate its operator t1 at level i+1 to a value v1 and evaluate its operand t2 at level i+1 to a valuev2. The application v1 v2 is a value at level i+1, which is the result of evaluating the application t1 t2 at leveli+1. We do not perform any application at levels higher than 0.Given a lambda abstraction Ξ»x.t, we may evaluate it using the (lambda-0) rule or the (lambda-(i+1)) ruledepending on its level. (1) If the lambda abstraction is at level 0, then it evaluates to itself as it is a valueat level 0. (2) If the lambda abstraction is at level i+ 1, we evaluate its body t to at level i+ 1 a value v,corresponding to the intuition that we may evaluate the body of a function at levels higher than 0. Then thelambda abstraction Ξ»x.v is the result of evaluating the lambda abstraction Ξ»x.t at level i+1.Given a code operation γtγ at level i, we may evaluate it using the (code-i) rule. We evaluate the bodyof the code operation at level i+1 to a value v. Then bracketing the value gives the result of evaluating thecode operation at level i.Given a splice operation βΌt, we may evaluate it using the (splice-1) rule or the (splice-(i+2)) rule de-pending on the current level. (1) If the splice operation is at level 0, we get stuck because there is no(splice-0) rule. (2) If the splice operation is at level 1, we evaluate its operand at level 0 to a bracketedvalue, corresponding to the intuition that a splice operation expects its operand to be a code operation. Thebracketed value is spliced into the context of the splice operation and its the result of evaluating the spliceoperation βΌt. (3) If the splice operation is at level i+2, we evaluate its operand t at level i+1 to a value v.Then the splice operation βΌv is the result of evaluating the splice operation βΌt at level i+2.Given a run operation !t, we may evaluate it using the (run-0) rule or the (run-(i+1)) rule depending onthe current level. (1) If the run operation is at level 0, we first evaluate its operand at level 0 to a bracketedvalue, corresponding to the intuition that a run operation expects its operand to be a code operation. Thenwe evaluate the bracketed value at level 0 (rather than level 1), corresponding to the intuition that a runoperation executes a code operation. What this step returns is the result of evaluating the run operation !t atlevel 0. (2) If the run operation is at level i+1, we evaluate its operand t at level i+1 to a value v. Then therun operation !v is the result of evaluating the run operation !t at level i+1.Given a natural number n, we may evaluate it using the (num-i). The natural number itself is a value andevaluates to itself regardless of its level.Given an addition operation t1 + t2, we may evaluate it using the (plus-0) rule or the (plus-(i+1)) ruledepending on the current level. (1) If the addition is at level 0, we first evaluate its first operand t1 at level 0to a natural number n1 and evaluate its second operand t2 at level 0 to a natural number n2. Then we compute192.2. Formal Semantics of MetaMLn1 plus n2 and get its result n. The natural number n is the result of evaluating the addition operation t1+ t2at level 0. Evaluating an addition at level 0 is the same as evaluating an addition in a single-stage language.(2) If the addition is at level i+1, we evaluate its first operand t1 at level i+1 to a value v1 and evaluate itssecond operand t2 at level i+1 to a value v2. The addition operation v1 + v2 is a value at level i+1, whichis the result of evaluating the addition t1+ t2 at level i+1. We do not perform any addition at levels higherthan 0.Observations. The rules of the big-step relations can be classified into three categories. (1) The rules(lambda-0), (ref-(i+1)) and (num-i) are value rules where the term being evaluated is a value at its indicatedlevel. (2) All the rules except the three axiomatic rules are structural rules which define how to evaluate aterm with respect to its sub-terms. (3) The rules (app-0), (run-0), (splice-1) and (plus-0) are reduction ruleswhich perform a real step of computation.The big-step relations tell that the language is call-by-value. In (app-0) the variable x is substituted bythe value v02 that t01 big-steps to.The rules of the big-step relations cooperate with each other in various ways. As an illustration, let iin (code-i) be 0. Given a code operation γt1γ at level 0, we first evaluate its operand t1 at level 1. Whena splice operation is encountered, we invoke (splice-1). The operand of the splice operation evaluates to acode operation whose operand is a value. The value is then spliced to the context of t1 which is surroundedby code brackets.Not every term has a corresponding rule. (1) There is no (splice-0) because a splice operation is alwaysat some level higher than 0. (2) There is no (ref-0). Level 0 of multi-stage programming corresponds tosingle-stage programming in which solely evaluating a free variable is disallowed.Nontermination terms do not big-step. For example, to evaluate (Ξ»x.x x) (Ξ»x.x x) at level 0, we needto know what (Ξ»x.x x) (Ξ»x.x x) big-steps to at level 0. Since this circular reasoning never terminates,(Ξ»x.x x) (Ξ»x.x x) does not big-step at level 0.In (plus-0), the addition operator in the side condition is different from the addition operator in thebottom of the rule. The addition operation in the side condition happens in the metalanguage, i.e., thelanguage that defines MetaML. For the sake of simplicity, we do not make clear distinction between naturalnumbers in the language and in the metalanguage.Examples. To get familiar with the big-step relations, consider the following examples. We use the blacktriangle N to indicate where an evaluation gets stuck.Example 27. Evaluate γβΌγ1γγ at level zero using the big-step relations.We have:1 β1 1 (num-i)γ1γ β0 γ1γ (code-i)βΌγ1γ β1 1 (splice-1)γβΌγ1γγ β0 γ1γ (code-i)202.2. Formal Semantics of MetaMLA code operation big-steps to a code value. A splice operator splices code into its current context.Example 28. Evaluate γΞ»x.xγ at level zero using the big-step relations.We have:x β1 x (ref-(i+1))Ξ»x.x β1 Ξ»x.x (lambda-(i+1))γΞ»x.xγ β0 γΞ»x.xγ (code-i)A code value big-steps to itself.Example 29. Evaluate γΞ»x.βΌγxγγ at level zero using the big-step relations.We have:x β1 x (ref-(i+1))γxγ β0 γxγ (code-0)βΌγxγ β1 x (splice-1)Ξ»x.βΌγxγ β1 Ξ»x.x (lambda-(i+1))γΞ»x.βΌγxγγ β0 γΞ»x.xγ (code-i)At levels higher than 0, we can go inside a lambda abstraction to evaluate its body.Example 30. Evaluate γΞ»x.βΌxγ at level zero using the big-step relations.Observe γΞ»x.βΌxγ 6β0 because:x β0 NβΌx β1 (splice-1)Ξ»x.βΌx β1 (lambda-(i+1))γΞ»x.βΌxγ β0 (code-i)γΞ»x.βΌxγ is a bad program. It is indeed a term, but is not meant to be written. The evaluation gets stuck atN because to evaluate x at level 0, no rule can apply. The splice operator βΌ expects the operand to evaluateto code, but x is stuck.Example 31. Evaluate γΞ»x.βΌ(1+1)γ at level zero using the big-step relations.Observe γΞ»x.βΌ(1+1)γ 6β0 because1 β0 1 (num-i) 1 β0 1 (num-i)1+1 β0 2 (plus-0)βΌ(1+1) β1 N (splice-1)Ξ»x.βΌ(1+1) β1 (lambda-(i+1))γΞ»x.βΌ(1+1)γ β0 (code-i)γΞ»x.βΌ(1+1)γ is a bad program. The evaluation gets stuck at N because the rule (splice-1) expects 1+1to evaluate to code but 2 is not code. The splice operator βΌ expects the operand to evaluate to code. Unlikethe previous example, the operand 1+1 is not stuck but does not evaluate to code.212.2. Formal Semantics of MetaMLPrograms and Answers. We can define an evaluator that takes a program as its input and provides ananswer as its output. We first define the set of programs and the set of answers.Closed level-0 terms are programs in MetaMLDefinition 32 (Programs). Let the set of programs PRGMMetaML be the set of closed terms at level 0.PRGMMetaML = {t β TERM0 | FV (t) = /0}.Answers are the observational results of evaluating programs. An answer can be the text function, thetext code or a natural number.Definition 33 (Answers). Let the set of answers ANSMetaML be the union of the set {function,code} andthe set of natural numbers.ANSMetaML = {function,code}βͺN.The set of programs PRGMMetaML and answers ANSMetaML are defined for MetaML, not for any partic-ular semantics of MetaML.Evaluator. We now define an evaluator in terms of the substitutional natural semantics of MetaML. Givena program t, the evaluator applies the big-step relations on t at level 0. If the program big-steps to a naturalnumber, then the evaluator outputs the number. Otherwise, the evaluator indicates the class of value that theprogram big-steps to, i.e., either function or code. The evaluator is undefined for programs that get stuckand programs that do not terminate.Definition 34 (Evaluator based on Substitutional Natural Semantics). Let the evaluator evalMetaML:SubNat bea partial function from the set of programs PRGMMetaML to the set of answers ANSMetaML.evalMetaML:SubNat : PRGMMetaML β ANSMetaMLevalMetaML:SubNat(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if t β0 Ξ»x.t β²0code if t β0 γv1γn if t β0 nThis above evaluator is defined in terms of the substitutional natural semantics. The subscript βMetaML:SubNatβin evalMetaML:SubNat denotes the substitutional natural semantics of MetaML.We demonstrate how the evaluator works by evaluating the puzzle program below that was originallypresented in [Tah99a].!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5Example 35. We haveevalMetaML:SubNat(!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5) = code222.2.FormalSemanticsofMetaMLΞ»x.γxγ β0 Ξ»x.γxγ Ξ»x.γaγ β0 Ξ»x.γaγa β2 aγaγ β1 γaγΞ»x.γaγ β1 Ξ»x.γaγγΞ»x.γaγγ β0 γΞ»x.γaγγ(Ξ»x.γxγ)(Ξ»x.γaγ) β0 γΞ»x.γaγγβΌ ((Ξ»x.γxγ)(Ξ»x.γaγ)) β1 Ξ»x.γaγ 0 β1 0βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0 β1 (Ξ»x.γaγ)0Ξ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0 β1 Ξ»a.((Ξ»x.γaγ)0)γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ β0 γΞ»a.((Ξ»x.γaγ)0)γ Ξ»a.((Ξ»x.γaγ)0) β0 Ξ»a.((Ξ»x.γaγ)0)!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ β0 Ξ»a.((Ξ»x.γaγ)0) 5 β0 5Ξ»x.γ5γ β0 Ξ»x.γ5γ 0 β0 05 β1 5γ5γ β0 γ5γ(Ξ»x.γ5γ)0 β0 γ5γ!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5 β0 γ5γFigure 2.1: Evaluation of !γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5 in Substitutional Natural Semantics of MetaML.232.2. Formal Semantics of MetaMLbecause!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5 β0 γ5γas shown in Figure 2.1 and γ5γ β VALUE0.2.2.3 Substitutional Structural Operational SemanticsPreviously, we have studied the substitutional natural semantics of MetaML. The main semantics refinementproblem is to define an environmental abstract machine for MetaML, which we call the MEK machine. TheMEK machine is a small-step operational semantics. As the first step in the process of deriving the MEKmachine, we refine the substitutional natural semantics of MetaML to a substitutional structural operationalsemantics.Natural semantics relates a term to its final result of computation. Structural operational semanticsrelates a term to its next small step of computation on the way to its final result. One advantage of thestructural operational semantics is that it allows reasoning about programs that do not terminate such as anoperating system. In contrast, natural semantics is only defined for programs that can produce a final result.We lay out the substitutional structural operational semantics through a family of level-indexed single-step relations and a family of level-indexed multi-step relations.Definition 36 (Level-indexed Single-step Relations). For any iβN, let the level-indexed single-step relationββi be a binary relation between the set of terms at level i and the set of terms at level i.ββiβ TERMiΓTERMiNo (lambda-0)t i+11 ββi+1 t i+12Ξ»x.t i+11 ββi+1 Ξ»x.t i+12(lambda-(i+1))t i11 ββi t i12t i11 ti2 ββi t i12 t i2(appL-i)t i21 ββi t i22vi1 ti21 ββi vi1 t i22(appR-i)(Ξ»x.t0) v0 ββ0 t0[v0/x] (app-0)!γv1γ ββ0 v1 (run-0)t i1 ββi t i2!t i1 ββi!t i2(run-i)t i+11 ββi+1 t i+12γt i+11 γ ββi γt i+12 γ(code-i)No (splice-0) βΌγv1γ ββ1 v1 (splice-1)t i1 ββi t i2βΌt i1 ββi+1 βΌt i2(splice-(i+1))No (ref-i)No (num-i)242.2. Formal Semantics of MetaMLt i11 ββi t i12t i11+ ti2 ββi t i12+ t i2(plusL-i)t i21 ββi t i22vi1+ ti21 ββi vi1+ t i22(plusR-i)n1+n2 ββ0 nwhere n = n1+n2 (plus-0)The single-step relation t i1 ββi t i2 reads as βt1 single-steps to t2 at level iβ.Recall that a term can be a variable x, an application t1 t2, a lambda abstraction Ξ»x.t, a code operationγtγ, a splice operationβΌt, a run operation !t, a natural number n and an addition operation t1+t2. We explainhow an arbitrary term gets evaluated by the above relations.Given a variable x, we get stuck because there is no (ref-i) rule.Given an application t1 t2, we may evaluate it using the (appL-i) rule, the (appR-i) rule or the (app-0)rule depending on the current level and whether its operator/operand is a value. We first repeatedly applythe (appL-i) rule to evaluate the operator t1 and finally get a value v1. Then we use repeatedly apply the(appR-i) rule to evaluate the operand t2 and finally get a value v2. If we have been evaluating at level 0, weexpect v1 to be a lambda abstraction and we then perform the application v1 v2 using the (app-0) rule. If wehave been evaluating at level i+1, the resulting application v1 v2 is a value at that level.Given a lambda abstraction Ξ»x.t, we may evaluate it using the (lambda-(i+1)) rule depending on its leveland whether the body t is a value. (1) If the lambda abstraction is at level 0, then we get stuck because thereis no (lambda-0) rule. (2) If the lambda abstraction is at level i+1, we repeatedly apply the (lambda-(i+1))rule to evaluate its body t at level i+1 and finally get a value v. The resulting application Ξ»x.v is a value atlevel i+1.Given a code operation γtγ, we may evaluate it using the (code-i) rule depending on whether its operandis a value. We repeatedly apply the (code-i) rule to evaluate its operand t and finally get a value v. Theresulting code operation γvγ is a value .Given a splice operation βΌt, we may evaluate it using the (splice-1) rule or the (splice-(i+1)) rule de-pending on the current level and whether its operand is a value. (1) If the splice operation is at level 0, weget stuck because there is no (splice-0) rule. (2) If the splice operation is at level i+1, we repeatedly applythe (splice-(i+1)) rule to evaluate its operand t and finally get a value v. (2.1) If we have been evaluating atlevel 1, we expect v to be code operation and we apply (splice-1) to merge the code into the context. (2.2) Ifwe have been evaluating at level i+2, the resulting splice operation βΌv is a value at that level.Given a run operation !t, we may evaluate it using the (run-0) rule or the (run-i) rule depending onthe current level and whether its operand is a value. We first repeatedly apply the (run-i) rule to evaluate itsoperand t and finally get a value v. (1) If we have been evaluating at level 0, we expect v to be code operationand we apply (run-0) to execute the code. (2) If we have been evaluating at level i+ 1, the resulting codeoperation !v is a value at that level.Given a natural number n, we get stuck because there is no (num-i) rule.Given an addition operation t1 + t2, we may evaluate it using the (plusL-i) rule, the (plusR-i) rule orthe (plus-0) rule depending on the current level and whether its first or second operand is a value. We first252.2. Formal Semantics of MetaMLrepeatedly apply the (appL-i) rule to evaluate the first operand t1 and finally get a value v1. Then we userepeatedly apply the (plusR-i) rule to evaluate the second operand t2 and finally get a value v2. If we havebeen evaluating at level 0, we expect v1 and v2 to be two natural numbers and we perform the addition v1+v2using the (plus-0) rule. If we have been evaluating at level i+1, the resulting addition v1 + v2 is a value atthat level.Observations. The rules of the single-step relations can be classified into two categories. (1) The rules(app-0), (run-0), (splice-1) and (plus-0) are reduction rules which perform a real step of computation. (2)The other rules are structural rules which define how to evaluate a term with respect to its sub-terms. Thereare no value rules in the single-step relations as opposed to the big-step relations. This is because steppingalways does work and there is no work left to do for values.The single-step relations tell that the language is call-by-value. The (app-0) rule restricts the operand ofthe application to be a value.The big-step relations do not specify which argument to a two-argument operation, like function ap-plication or addition, must be evaluated first. The single-step relations, on the other hand, force evaluationto proceed from left to right, as indicated by (appL-i), (appR-i), (plusL-i) and (plusR-i). We say that thesingle-step relations are tailored to leftmost reduction.The single-step relations have fewer rules than the big-step relations. (1) There are no (lambda-0), (ref-(i+1)) and (num-i) because values do not reduce in the single-step relations but evaluate to themselves in thebig-step relations. (2) There is no (ref-0), analogous to the fact that evaluating a free variable in a single-stage programming language is disallowed. (3) There is no (splice-0) because a splice operation is alwaysat some level higher than 0.Intuitively, a level-indexed single-step relation ββi defines a single step of computation at level i. Torepresent multiple (zero or more) steps of computation at level i, we define the level-indexed multi-steprelation βββi.Definition 37 (Level-indexed Multi-step Relation). Define the level-indexed multi-step relation ββiβ to bethe reflexive-transitive closure of the level-indexed single-step relation ββi.ββiββ TERMiΓTERMit i1 ββiβ t i2where t i1 ββi t i2 (step) t i ββiβ t i (refl)t i1 ββiβ t i2 t i2 ββiβ t i3t i1 ββiβ t i3(trans)The multi-step relation t i1 ββiβ t2 reads as βt1 multi-steps to t2 at level iβ. The (step) rule implies thatthe multi-step relation respects the single-step relation with the same level index. The (refl) rule implies thatthe multi-step relation is reflexive. The (trans) rule implies that the multi-step relation is transitive.Examples. To get familiar with the substitutional structural operational semantics, consider the followingexamples. These examples are the same as the ones in we presented for substitutional natural semantics.262.2. Formal Semantics of MetaMLExample 38. Evaluate γβΌγ1γγ at level 0 using the substitutional structural operational semantics.We have:βΌγ1γ ββ1 1 (splice-1)γβΌγ1γγ ββ0 γ1γ (code-i)Observe γ1γ 6ββ0 because:1ββ1 Nγ1γ ββ0 (code-i)The evaluation gets stuck at N because there is no (num-i) rule. Furthermore, we have γ1γ β VALUE0.By the (step) rule of the multi-step relation, γβΌγ1γγ ββ0β γ1γ.Example 39. Evaluate γΞ»x.xγ at level 0 using the substitutional structural operational semantics.Observe γΞ»x.xγ 6ββ0 becausexββ1 NΞ»x.xββ1 (lambda-(i+1))γΞ»x.xγ ββ0 (code-i)The evaluation gets stuck at N because there is no (ref-i) rule. Furthermore, we have γΞ»x.xγ β VALUE0.By the (refl) rule of the multi-step relation, γΞ»x.xγ ββ0 γΞ»x.xγ.Example 40. Evaluate γΞ»x.βΌγxγγ at level 0 using the substitutional structural operational semantics.We have:βΌγxγ ββ1 x (splice-1)Ξ»x.βΌγxγ ββ1 Ξ»x.x (lambda-(i+1))γΞ»x.βΌγxγγ ββ0 γΞ»x.xγ (code-i)Observe γΞ»x.xγ 6ββ0 becausexββ1 NΞ»x.xββ1 (lambda-(i+1))γΞ»x.xγ ββ0 (code-i)The evaluation gets stuck at because there is no (ref-i) rule. Furthermore, we have γΞ»x.xγ β VALUE0.By the (step) rule of the multi-step relation, γΞ»x.βΌγxγγ ββ0β γΞ»x.xγ.Example 41. Evaluate γΞ»x.βΌxγ at level 0 using the substitutional structural operational semantics.Observe γΞ»x.βΌxγ 6ββ0 because:xββ0 NβΌxββ1 (splice-1)Ξ»x.βΌxββ1 (lambda-(i+1))γΞ»x.βΌxγ ββ0 (code-i)272.2. Formal Semantics of MetaMLThe evaluation gets stuck at N because there is no (ref-i) rule. Furthermore, we have γΞ»x.βΌxγ 6β VALUE0and γΞ»x.βΌxγ is a stuck term.By the (refl) rule of the multi-step relation, γΞ»x.βΌxγ ββ0β γΞ»x.βΌxγ.Example 42. Evaluate γΞ»x.βΌ(1+1)γ at level 0 using the substitutional structural operational semantics.We have:1+1ββ0 2 (plus-0)βΌ(1+1)ββ1 βΌ2 (splice-1)Ξ»x.βΌ(1+1)ββ1 Ξ»x.βΌ2 (lambda-(i+1))γΞ»x.βΌ(1+1)γ ββ0 γΞ»x.βΌ2γ (code-i)Observe γΞ»x.βΌ2γ 6ββ0 because:2ββ0 NβΌ2ββ1 (splice-(i+1))Ξ»x.βΌ2ββ1 (lambda-(i+1))γΞ»x.βΌ2γ ββ0 (code-i)The evaluation gets stuck at N because there is no (num-i) rule. Furthermore, we have γΞ»x.βΌ2γ 6βVALUE0 and γΞ»x.βΌ2γ is a stuck term.By the (step) rule of the multi-step relation, γΞ»x.βΌ(1+1)γ ββ0β γΞ»x.βΌ2γ.Evaluator. We now define an evaluator in terms of the substitutional natural semantics of MetaML. Givena program t, the evaluator applies the multi-step relations on t at level 0. If the program multi-steps to anatural number, then the evaluator outputs the number. Otherwise, the evaluator indicates the class of valuethat the program multi-steps to, i.e., either function or code. The evaluator is undefined if the programgets stuck or does not terminate.Definition 43 (Evaluator based on Substitutional Structural Operational Semantics). Define the evaluatorevalMetaML:SubSOS to be a partial function from the set of programs PRGMMetaML to the set of answersANSMetaML.evalMetaML:SubSOS : PRGMMetaML β ANSMetaMLevalMetaML:SubSOS(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if t ββ0β Ξ»x.t β²0code if t ββ0β γv1γn if t ββ0β nThis evaluator is defined in terms of the substitutional structural operational semantics. The subscriptβMetaML:SubSOSβ in evalMetaML:SubSOS denotes the substitutional structural operational semantics of MetaML.We demonstrate how the evaluator works by evaluating the same puzzle program as Example 35.282.2.FormalSemanticsofMetaML(Ξ»x.γxγ)(Ξ»x.γaγ)ββ0 γΞ»x.γaγγ where γxγ β TERM0 and Ξ»x.γaγ β VALUE0βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))ββ1βΌ γΞ»x.γaγγβΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0ββ1βΌ γΞ»x.γaγγ 0Ξ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0ββ1 Ξ»a.βΌ γΞ»x.γaγγ 0γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ ββ0 γΞ»a.βΌ γΞ»x.γaγγ 0γ!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ ββ0!γΞ»a.βΌ γΞ»x.γaγγ 0γ!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ 5ββ0!γΞ»a.βΌ γΞ»x.γaγγ 0γ 5(a) Derivation of !γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5ββ0!γΞ»a.βΌ γΞ»x.γaγγ0γ5.βΌ γΞ»x.γaγγ ββ1 Ξ»x.γaγ where Ξ»x.γaγ β VALUE1βΌ γΞ»x.γaγγ 0ββ1 (Ξ»x.γaγ) 0Ξ»a.βΌ γΞ»x.γaγγ 0ββ1 Ξ»a.(Ξ»x.γaγ) 0γΞ»a.βΌ γΞ»x.γaγ 0γ ββ0 γΞ»a.(Ξ»x.γaγ) 0γ!γΞ»a.βΌ γΞ»x.γaγ 0γ ββ0!γΞ»a.(Ξ»x.γaγ) 0γ!γΞ»a.βΌ γΞ»x.γaγγ 0γ 5ββ0!γΞ»a.(Ξ»x.γaγ) 0γ 5(b) Derivation of !γΞ»a.βΌ γΞ»x.γaγγ0γ5ββ0!γΞ»a.(Ξ»x.γaγ)0γ5.!γΞ»a.(Ξ»x.γaγ) 0γ ββ0 Ξ»a.(Ξ»x.γaγ) 0 where Ξ»a.(Ξ»x.γaγ) 0 β VALUE1!γΞ»a.(Ξ»x.γaγ) 0γ 5ββ0 (Ξ»a.(Ξ»x.γaγ) 0) 5(c) Derivation of !γΞ»a.(Ξ»x.γaγ) 0γ 5ββ0 (Ξ»a.(Ξ»x.γaγ) 0) 5.(Ξ»x.γaγ) 0ββ0 γaγ where γaγ β TERM0 and 0 β VALUE0Ξ»a.(Ξ»x.γaγ) 0ββ0 Ξ»a.γaγ(Ξ»a.(Ξ»x.γaγ) 0) 5ββ0 (Ξ»a.γaγ) 5(d) Derivation of (Ξ»a.(Ξ»x.γaγ) 0) 5ββ0 (Ξ»a.γaγ) 5.(Ξ»a.γaγ) 5ββ0 γ5γ where γaγ β TERM0 and 5 β VALUE0(e) Derivation of (Ξ»a.γaγ) 5ββ0 γ5γ.Figure 2.2: Evaluation of !γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5 in Substitutional Structural Operational Semantics of MetaML.292.3. Chapter SummaryExample 44. We haveevalMetaML:SubSOS(!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5) = codebecause!γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5ββ0β γ5γas shown in Figure 2.2 and γ5γ β VALUE0.Examples 35 and 44 show that two evaluators we have defined so far agree on the evaluation of thepuzzle program !γΞ»a.βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ5. In fact, these two evaluators agree on all programs.Theorem 45 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubNat(t) is Kleene equalto evalMetaML:SubSOS(t).The above theorem uses Kleene Equality introduced in [Kle52]: for any expressions A and B, A is Kleeneequal to B if and only if (1) both A and B are defined and are equal or (2) both A and B are undefined. Weprove the theorem in the appendices.2.3 Chapter SummaryWe first introduced three staging annotations and informally discussed how a multi-stage program evaluates.Then we studied the pre-existing substitutional natural semantics of MetaML and derived a substitutionalstructural operational semantics for MetaML. We defined evaluators for both semantics and demonstratedtheir equivalence.30Chapter 3Refining Semantics for ISWIM: Developingthe CEK MachineFollowing the first dimension of simplifying the main semantics refinement problem, we study how tostepwise develop an environmental abstract machine for the single-stage language ISWIM rather than themulti-stage language MetaML. The problem is restated as follows.Can we refine the substitutional structural operational semantics of ISWIM to a correspondingenvironmental abstract machine, which is known as the CEK machine, and demonstrate theirequivalence?We tackle this problem progressively in several manageable steps through several intermediate semantics.3.1 ISWIMISWIM, whose acronym stands for βif you see what I meanβ, was originally developed by [Lan66]. Itwas introduced to understand and design the whole landscape of programming languages [Lan64]. It hasinfluenced the development of functional programming languages such as ML and Haskell.We consider a variant of ISWIM that has natural numbers and addition. We sometimes call what ispresented in this section Substitutional ISWIM in order to differentiate it from the subsequent dialects, i.e.,Explicit ISWIM, Suspended ISWIM and Environmental ISWIM.3.1.1 SyntaxWe first define the basic syntax of the language: terms, values and denotable terms. Then we define thefree variable function, the substitution function and the alpha equivalence relation. We finally present thecommutativity of substitutions.3.1.1.1 Terms, Values and Denotable TermsWe start with two sets: the set of variables, VAR, and the set of natural numbers, N.Definition 46 (Terms, Values and Denotable Terms). Let (1) TERM be the set of terms, (2) VALUE be theset of values, and (3) DENOTABLE be the set of denotable terms.313.1. ISWIMx β VAR, n β N, t β TERM, v β VALUE, w β DENOTABLEt ::= x | t t | Ξ»x.t | n | t+ tv ::= Ξ»x.t | nw ::= x | vISWIM can be viewed as a single-stage restricted form of MetaML. Given the syntax of MetaML, if weremove all terms that contain any staging annotation or is not at level 0, we get ISWIM.3.1.1.2 Free Variable FunctionWe define the free variable function as follows.Definition 47 (Free Variable Function). Define the free variable function FV to be a total function from theset of terms to the power set of variables.FV : TERM ββP(VAR)FV (x) = x (1)FV (t1 t2) = FV (t1)βͺFV (t2) (2)FV (Ξ»x.t) = FV (t)\{x} (3)FV (n) = /0 (4)FV (t1+ t2) = FV (t1)βͺFV (t2) (5)The free variable function for ISWIM is the same as for MetaML but restricted to the single-stage part.Definition 48 (Closed Terms). A term t is closed if and only if FV (t) = /0.3.1.1.3 Substitution FunctionWe define the substitution function as follows.Definition 49 (Substitution Function). Define the substitution function Β·[Β·/Β·] to be a total function from the3-tuple of the set of terms, the set of denotable terms and the set of variables, to the set of terms.Β·[Β·/Β·] : (TERMΓDENOTABLEΓVAR)ββ TERMx1[w/x2] = w where x1 β‘ x2 (1)x1[w/x2] = x1 where x1 6β‘ x2 (2)(t1 t2)[w/x] = (t1[w/x]) (t2[w/x]) (3)(Ξ»x1.t0)[w/x2] = Ξ»x3.t0[x3/x1][w/x2]where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (4)n[w/x] = n (5)(t1+ t2)[w/x] = (t1[w/x])+(t2[w/x]) (6)The substitution function for ISWIM is the same as for MetaML but restricted to the single-stage part.323.1. ISWIM3.1.1.4 Alpha Equivalence RelationAlpha equivalence reflects that the particular choice of the bound variable in a lambda abstraction does notmatter. Two terms are Ξ±-equivalent if and only if they are identical except for renaming bound variables.Definition 50 (Alpha Equivalence Relation). Define the alpha equivalence relationβΌΞ± to be a binary relationbetween the set of terms and the set of terms.βΌΞ± β TERMΓTERMxβΌΞ± x (var)t11 βΌΞ± t21 t12 βΌΞ± t22(t11 t12)βΌΞ± (t21 t22) (app)t1[x3/x1]βΌΞ± t2[x3/x2](Ξ»x1.t1)βΌΞ± (Ξ»x2.t2) where x3 /β FV (t1)βͺFV (t2) (lam)t11 βΌΞ± t21 t12 βΌΞ± t22(t11+ t12)βΌΞ± (t21+ t22) (plus) nβΌΞ± n (num)We did not introduce the alpha equivalence relation for MetaML in the previous chapter. This is becauseit is usually not difficult to demonstrate equivalence of two semantics of the exact same language. However,in this chapter and later chapters, we need to prove equivalence of semantics of different dialects of ISWIMor MetaML. It is not uncommon that two semantics evaluate the same term to two syntactically differentvalues that have the same meaning semantically. Since our evaluators only concern observational results,such values should be equated. For example, Ξ»x.x and Ξ»y.y represent the same lambda abstraction. Theyare related by the alpha equivalence relation. Furthermore, the alpha equivalence relation makes our proofseasier. In many cases, we may replace a term by its alpha equivalent term in our proof at our convenience.Example 51. We have ((Ξ»x.x x) (Ξ»x.x))βΌΞ± ((Ξ»y.y y) (Ξ» z.z)). The left-hand side and right-hand side of therelation represent the lambda abstractions that only differ naming lambda bound variables.3.1.1.5 Commutativity of SubstitutionsWe make several observations with respect to the commutativity of substitutions, which are useful in justify-ing the design of the succeeding semantics. (1) After substituting a variable with a denotable term that doesnot contain it, further substitutions for the same variable have no meaningful effect, so they can be dropped.(2) Two non-clashing substitutions can commute with one another. (3) More generally, two substitutionsthat arise in practice during an evaluation commute which involves more work to ensure no clash happens.Proposition 52. If x /β FV (w1), then t[w1/x][w2/x]βΌΞ± t[w1/x].Proposition 53. If x1 6β‘ x2, x1 /β FV (w2) and x2 /β FV (w1), then t[w1/x1][w2/x2]βΌΞ± t[w2/x2][w1/x1].Proposition 54. t[w1/x1][w2/x2]βΌΞ± t[x3/x1][w2/x2][w1[w2/x2]/x3] where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2}.333.1. ISWIM3.1.2 Substitutional Structural Operational SemanticsWe lay out the substitutional structural operational semantics through the single-step relation ββ and themulti-step relation βββ.Definition 55 (Single-step Relation). Let the single-step relation ββ be a binary relation between the setof terms and the set of terms.βββ TERMΓTERMt11 ββ t12t11 t2 ββ t12 t2 (appL)t21 ββ t22v1 t21 ββ v1 t22 (appR) (Ξ»x.t) vββ t[v/x] (app)t11 ββ t12t11+ t2 ββ t12+ t2 (plusL)t21 ββ t22v1+ t21 ββ v1+ t22 (plusR) n1+n2 ββ n where n = n1+n2 (plus)The single-step relation t1 ββ t2 reads as βt1 single-steps to t2β.Definition 56 (Multi-step Relation). Let the multi-step relation βββ be the reflexive-transitive closure ofthe single-step relation ββ.βββ β TERMΓTERMt1 βββ t2 where t1 ββ t2 (step) t βββ t (refl)t1 βββ t2 t2 βββ t3t1 βββ t3 (trans)The multi-step relation t1 βββ t2 reads as βt1 multi-steps to t2β.The single-step relation and multi-step relation for the substitutional structural operational semantics ofISWIM are the same as for the substitutional structural operational semantics of MetaML but restricted tothe single-stage part.Example 57. Consider ((Ξ»x1.Ξ»x2.x1) 7) 4 where x1 6β‘ x2.By the substitutional structural operational semantics of ISWIM, we have:((Ξ»x1.Ξ»x2.x1) 7) 4 (1)ββ (Ξ»x2.x1)[7/x1] 4 (2)= (Ξ»x2.x1[x2/x2][7/x1]) 4 where x2 6β‘ x1 (3)= (Ξ»x2.x1[7/x1]) 4 (4)= (Ξ»x2.7) 4 (5)ββ 7[4/x2] (6)= 7 (7)The first single-step is indeed from (1) to (5), including applying the substitution [7/x1] on the lambdaabstraction Ξ»x2.x1. The substitution is performed in the meta-language and does not count as any additionalreduction step.343.2. Explicit ISWIMProperties. We observe the following properties that are useful in proving semantics equivalence. (1) Thesingle-step relation preserves alpha equivalence. During an evaluation, we may conveniently replace a termby its alpha equivalent term without changing the observational result of the evaluation. (2) The multi-steprelation preserves the closedness of a term. Evaluating a program never produces the error of evaluating afree variable. This ensures that the behaviour of a program does not depend on the outside world.Proposition 58. If ta1 βΌΞ± tb1 and ta1 ββ ta2 , then tb1 ββ tb2 and ta2 βΌΞ± tb2 .Proposition 59. If FV (t1) = /0 and t1 βββ t2, then FV (t2) = /0.Programs and Answers. To define an evaluator for ISWIM, we first programs and answers.Closed terms are programs in ISWIM.Definition 60 (Programs). Let the set of programs PRGMIWSIM be the set of closed terms.PRGMISWIM = {t β TERM | FV (t) = /0}.An answers is the text function or a natural number.Definition 61 (Answers). Let the set of answers ANSISWIM be the union of the set {function} and the setof natural numbers.ANSISWIM = {function}βͺN.The set of programs PRGMISWIM and the set of answers ANSISWIM are defined for ISWIM, not for anyparticular dialect or semantics of ISWIM.Evaluator. We now define an evaluator in terms of the substitutional structural operational semantics ofISWIM.Definition 62 (Evaluator based on Substitutional ISWIM). Let the evaluator evalISWIM:SubSOS be a partialfunction from the set of programs PRGMISWIM to the set of answers ANSISWIM.evalISWIM:SubSOS : PRGMISWIM β ANSISWIMevalISWIM:SubSOS(t) =ο£±ο£²ο£³function if t βββ Ξ»x.t β²n if t βββ nThis evaluator is defined in terms of the substitutional structural operational semantics of ISWIM. Thesubscript βISWIM:SubSOSβ in evalISWIM:SubSOS denotes the substitutional structural operational semantics ofISWIM. The evaluator is essentially the same as the single-stage subset of the evaluator defined in terms ofthe substitutional structural operational semantics of MetaML.3.2 Explicit ISWIMConsider again the (app) rule of the substitutional structural operational semantics of ISWIM.(Ξ»x.t) vββ t[v/x] (app)353.2. Explicit ISWIMBecause the substitution function Β·[Β·/Β·] is defined as equations in the meta-language, the (app) rule says thatin the expression t[v/x] each free occurrence of the variable x is immediately replaced by the value v inthe term t. Evaluating a substitution does not take any additional step regardless of how complicated thesubstitution is. It is not evident how to attain our objective of this chapter, i.e., how to develop an environ-mental abstract machine for ISWIM, based directly on the substitutional structural operational semantics ofISWIM.We propose to turn the big gap of what is less clear into several small moves of what is more evident,each of which leads to an intermediate semantics. As the very first move, we integrate the percolation ofsubstitutions into the structural operational semantics, leading to explicit substitutions [Cur85, ACCL91].As a result, the (app) rule becomes(Ξ»x.t) vββ t[x := v] (app)where [x := v] is an explicit substitution. Depending on how complex the term t is, it may take several stepsto percolate the substitution [x := v] through the term t.We call the resulting dialect Explicit ISWIM and present its structural operational semantics.3.2.1 SyntaxWe first define the basic syntax of Explicit ISWIM: terms, values and denotable terms. Then we define thefree variable function, the substitution function and the alpha equivalence relation.3.2.1.1 Terms, Values and Denotable TermsDefinition 63 (Terms, Values and Denotable Terms). Let (1) TERM be the set of terms, (2) VALUE be theset of values, and (3) DENOTABLE be the set of denotable terms.x β VAR, n β N, t β TERM, v β VALUE, w β DENOTABLEt := x | t t | Ξ»x.t | n | t+ t | t[x := w]v := Ξ»x.t | nw := x | vThe language has been enhanced with a term surrounded by an explicit substitution t[x := w], whichmeans that each free occurrence of the variable x in the term t needs to be substituted by the denotableterm w. Evaluating an explicit substitution takes steps. In contrast, an implicit substitution t[w/x] used inSubstitutional ISWIM represents the result of substituting the denotable term w for each free occurrence ofthe variable x in the term t.3.2.1.2 Free Variable FunctionWe define the free variable function by extending Definition 47 to accommodate explicit substitutions.Definition 64 (Free Variable Function). Let the free variable function FV be a total function from the set ofterms to the power set of variables.363.2. Explicit ISWIMFV : TERM ββP(VAR)............FV (t[x := w]) = (FV (t)\{x})βͺFV (w) (6)Equations (1)-(5) are the same as Definition 47 in Substitutional ISWIM. Recall that t[x := w] is intro-duced to represent what an application (Ξ»x.t)w evaluates to. Observe that there is no free variable introducedor eliminated during the evaluation. We have FV (t[x := w]) = FV ((Ξ»x.t) w) = (FV (t)\{x})βͺFV (w).3.2.1.3 Substitution FunctionWe define the substitution function by extending Definition 49 to accommodate explicit substitutions.Definition 65 (Substitution Function). Let the substitution function Β·[Β·/Β·] be a total function from the 3-tupleof the set of terms, the set of denotable terms and the set of variables, to the set of terms.Β·[Β·/Β·] : (TERMΓDENOTABLEΓVAR)ββ TERM............(t0[x1 := w1])[w2/x2] = t0[x3/x1][w2/x2][x3 := w1[w2/x2]]where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (7)Equations (1)-(6) are the same as Definition 49 in Substitutional ISWIM. Recall that Proposition 54 sayst[w1/x1][w2/x2] βΌΞ± t[x3/x1][w2/x2][w1[w2/x2]/x3] where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2}, correspondingto Equation (7).3.2.1.4 Alpha Equivalence RelationWe define the alpha equivalence relation by extending Definition 50 to accommodate explicit substitutions.Definition 66 (Alpha Equivalence Relation). Define the alpha equivalence relationβΌΞ± to be a binary relationbetween the set of terms and the set of terms.βΌΞ± β TERMΓTERM...w1 βΌΞ± w2 t1[x3/x1]βΌΞ± t2[x3/x2](t1[x1 := w1])βΌΞ± (t2[x2 := w2]) where x3 /β FV (t1)βͺFV (t2) (sub)All rules except the (sub) rule are the same as Definition 50 in Substitutional ISWIM. Recall thatt[x := w] is introduced to represent what an application (Ξ»x.t) w evaluates to. If we can show(Ξ»x1.t1) w1 βΌΞ± (Ξ»x2.t2) w2, then we should be able to show (t1[x1 := w1]) βΌΞ± (t2[x2 := w2]). The premiseof the (sub) rule indeed shows (Ξ»x1.t1) w1 βΌΞ± (Ξ»x2.t2) w2.373.2. Explicit ISWIM3.2.2 Structural Operational SemanticsWe lay out the structural operational semantics through the single-step relationββ, the single-step substitu-tion reduction relation ββx, the multi-step substitution reduction relation ββxβ and the multi-step relationβββ.Definition 67 (Single-step Relation). Define the single-step relationββ to be a binary relation between theset of terms and the set of terms.βββ TERMΓTERMt11 ββ t12t11 t2 ββ t12 t2 (appL)t21 ββ t22v1 t21 ββ v1 t22 (appR) (Ξ»x.t) vββ t[x := v] (app)t11 ββ t12t11+ t2 ββ t12+ t2 (plusL)t21 ββ t22v1+ t21 ββ v1+ t22 (plusR) n1+n2 ββ n where n = n1+n2 (plus)...The only rule that is different from Substitutional ISWIM is (app) which replaces the meta-languagesubstitution [v/x] with the explicit substitution [x := v]. The definition of the single-step relation is currentlyincomplete because how explicit substitutions percolate has not been defined yet.To specify how explicit substitutions percolate, we define a new relation t[x := w]ββx t. This relationensures that explicit substitutions percolate deterministically.Definition 68 (Single-step Substitution Reduction Relation). Let the single-step substitution reduction rela-tion ββx be a binary relation between the set of terms and the set of terms.ββx β TERMΓTERMx[x := w]ββx w (var-eq-subst) x1[x2 := w]ββx x1 where x1 6β‘ x2 (var-df-subst)n[x := w]ββx n (num-subst)(t1 t2)[x := w]ββx (t1[x := w]) (t2[x := w]) (app-subst)(t1+ t2)[x := w]ββx (t1[x := w])+(t2[x := w]) (plus-subst)(Ξ»x1.t)[x2 := w]ββx Ξ»x3.t[x1 := x3][x2 := w] where x3 /β FV (Ξ»x1.t)βͺFV (w)βͺ{x2} (lam-subst)t1[x1 := w1]ββx t2t1[x1 := w1][x2 := w2]ββx t2[x2 := w2] (subst-subst)Most of the rules describe how explicit substitutions behave when encountering other terms in the lan-guage. Rules (var-eq-subst), (var-df-subst), (app-subst), (lam-subst), (num-subst) and (plus-subst) corres-pond to Equations (1) to (5) of Substitutional ISWIMβs substitution function (Definition 49) respectively.The (subst-subst) rule implies that only a single-step of substitution reduction may happen underneath anexplicit substitution.383.2. Explicit ISWIMEvery single-step substitution reduction counts as a single step of computation. We add the followingrule to the definition of the single-step relation, Definition 67.t1[x := w]ββ t2 where t1[x := w]ββx t2 (subst)Definition 69 (Multi-step Substitution Reduction Relation). Define the multi-step substitution reductionrelation ββxβ to be the reflexive-transitive closure relation on the single-step substitution reduction relationββx.Definition 70 (Multi-step Relation). Define the multi-step relationβββ to be the reflexive-transitive closurerelation on the single-step relation ββ.Example 71. Let x1 6β‘ x2. We observe that((Ξ»x1.x2) 5)[x2 := 2] 6ββ (x2[x1 := 5])[x2 := 2].As (Ξ»x1.x2) 5 ββ x2[x1 := 5] is merely a single-step computation but not a substitution reduction, itcannot be performed underneath the explicit substitution [x2 := 2].The explicit substitution [x2 := 2] has to propagate first. Correctly, we have:((Ξ»x1.x2) 5)[x2 := 2]ββ (Ξ»x1.x2)[x2 := 2] 5[x2 := 2]ββ (Ξ»x1.x2[x1 := x1][x2 := 2]) 5[x2 := 2] where x1 6β‘ x2ββ (Ξ»x1.x2[x1 := x1][x2 := 2]) 5ββ x2[x1 := x1][x2 := 2][x1 := 5]ββ x2[x2 := 2][x1 := 5]ββ 2[x1 := 5]ββ 2Example 72. Let x1 6β‘ x2. By the structural operational semantics of Explicit ISWIM, we have:(Ξ»x1.Ξ»x2.x1) 7ββ (Ξ»x2.x1)[x1 := 7]ββ Ξ»x2.x1[x2 := x2][x1 := 7] where x2 6β‘ x1In contrast, by the substitutional structural operational semantics of ISWIM, we have:(Ξ»x1.Ξ»x2.x1) 7ββ (Ξ»x2.x1)[7/x1]= Ξ»x2.x1[x2/x2][7/x1] where x2 6β‘ x1= Ξ»x2.x1[7/x1]= Ξ»x2.7Explicit ISWIM takes two single-steps while Substitutional ISWIM completes the execution in onesingle-step. Explicit ISWIM terminates at a lambda abstraction where its body is a term surrounded byexplicit substitutions. Explicit ISWIM reduces substitutions in a lazy fashion in the sense that it only pushesexplicit substitutions to the body of a lambda abstraction but does not perform any substitution reduction onthe body of a lambda abstraction.393.3. Suspended ISWIMProperties. We observe the following properties that are useful in proving semantics equivalence. (1) Thesingle-step relation preserves alpha equivalence. (2) The multi-step relation preserves the closedness of aterm. These are the same properties that Substitutional ISWIM holds.Proposition 73. If ta1 βΌΞ± tb1 and ta1 ββ ta2 , then tb1 ββ tb2 and ta2 βΌΞ± tb2 .Proposition 74. If FV (t1) = /0 and t1 βββ t2, then FV (t2) = /0.Evaluator. We now define an evaluator in terms of the structural operational semantics of Explicit ISWIM.The evaluator is analogous to the one defined in terms of Substitutional ISWIM.Definition 75 (Evaluator based on Structural Operational Semantics of Explicit ISWIM). Define the eval-uator evalISWIM:ExpSOS to be a partial function from the set of programs PRGMISWIM to the set of answersANSISWIM.evalISWIM:ExpSOS : PRGMISWIM β ANSISWIMevalISWIM:ExpSOS(t) =ο£±ο£²ο£³function if t βββ Ξ»x.t β²n if t βββ nThis evaluator is defined in terms of the structural operational semantics of Explicit ISWIM. The sub-script βISWIM:ExpSOSβ in evalISWIM:ExpSOS denotes the structural operational semantics of Explicit ISWIM.We claim that the evaluators defined in terms of the Substitutional ISWIM and Explicit ISWIM areequivalent.Theorem 76 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:SubSOS(t) is Kleene equalto evalISWIM:ExpSOS(t).We prove the theorem in the appendices.3.3 Suspended ISWIMExplicit ISWIM models how substitutions percolate at the semantical level. However, the integration hasintroduced unnecessary or unconventional computation. Consider the (lam-subst) rule of the structural op-erational semantics of Explicit ISWIM.(Ξ»x1.t)[x2 := w]ββx Ξ»x3.t[x1 := x3][x2 := w] where x3 /β FV (Ξ»x1.t)βͺFV (w)βͺ{x2} (lam-subst)Pushing an explicit substitution into a lambda abstraction requires rewriting the body of the lambda ab-straction. Furthermore, when an explicit substitution is pushed into a lambda abstraction, a new explicitsubstitution to rename the lambda bound variable is created, which may get pushed downward.We propose to delay explicit substitutions outside of any lambda abstraction until the lambda abstractionis called in an application. The resulting dialect is Suspended ISWIM.403.3. Suspended ISWIM3.3.1 SyntaxWe first define the basic syntax of the Suspended ISWIM: terms, values and denotable terms. Then wedefine the free variable function, the substitution function and the alpha equivalence relation.3.3.1.1 Terms, Values and Denotable TermsDefinition 77 (Terms, Values and Denotable Terms). Let (1) TERM be the set of terms, (2) VALUE be theset of values, and (3) DENOTABLE be the set of denotable terms.x β VAR, n β N, t β TERM, v β VALUE, w β DENOTABLEt ::= x | t t | Ξ»x.t | n | t+ t | t[x := w]v ::= (Ξ»x.t)[x := w] | nw ::= x | vThe definition uses (Ξ»x.t)[x := w] to represent that the lambda abstraction Ξ»x.t is surrounded by zero ormore explicit substitutions [x := w].2 Since we delay explicit substitutions outside of lambda abstractions,(Ξ»x.t)[x := w] is a value in Suspended ISWIM.A term surrounded by explicit substitutions, t[x1 := w1][x2 := w2]...[xn := wn], truly represents a termsurrounded by explicit substitutions cascadedly, (...((t[x1 := w1])[x2 := w2])...)[xn := wn]. We usually omitthe parentheses for convenience.3.3.1.2 Free Variable Function, Substitution Function and Alpha Equivalence RelationThe free variable function, substitution function and alpha equivalence relation are the same as ExplicitISWIM (Section 3.2).3.3.2 Structural Operational SemanticsWe lay out the structural operational semantics through the single-step relationββ, the single-step substitu-tion reduction relation ββx, the multi-step substitution reduction relation ββxβ and the multi-step relationβββ.Definition 78 (Single-step Relation). Let the single-step relation ββ be a binary relation between the setof terms and the set of terms.2We state several syntactic conventions. (1) [xi := wi] denotes zero or more explicit substitutions. (2) [xi := wi]ni=1 denotes eitherzero explicit substitutions or n explicit substitutions of the form [x1 := w1][x2 := w2]...[xn := wn]. (3) [xi := wi]βni=β1 denotes eitherzero explicit substitutions or n explicit substitutions of the form [xβ1 := wβ1][xβ2 := wβ2]...[xβn := wβn]. (4) [xi := wi]+denotesone or more explicit substitutions. [xi := wi]+βni=β1 denotes n explicit substitutions of the form [xβ1 := wβ1][xβ2 := wβ2]...[xβn :=wβn].413.3. Suspended ISWIMβββ TERMΓTERMt11 ββ t12t11 t2 ββ t12 t2 (appL)t21 ββ t22v1 t21 ββ v1 t22 (appR) (Ξ»x.t)[xi := wi] vββ t[x := v][xi := wi](app)t11 ββ t12t11+ t2 ββ t12+ t2 (plusL)t21 ββ t22v1+ t21 ββ v1+ t22 (plusR) n1+n2 ββ n where n = n1+n2 (plus)t1[x := w]ββ t2 where t1[x := w]ββx t2 (subst)The only rule that is different from Explicit ISWIM is the (app) rule.Someone may attempt to use the following one as the (app) rule.(Ξ»x.t)[xi := wi] vββ t[xi := wi][x := v](app-incorrect)This rule is incorrect. For example, if (app-incorrect) is used, we have ((Ξ»x.x)[x := 9]) 7ββ x[x := 9][x :=7] ββ 9[x := 7] ββ 9. In contrast, Explicit ISWIM evaluates ((Ξ»x.x)[x := 9]) 7 to 7, and SubstitutionalISWIM evaluates ((Ξ»x.x)[9/x]) 7 to 7 as well.Someone may attempt to use the following one as the (app) rule.(Ξ»x.t)[xi := wi] vββ t[x := x0][xi := wi][x0 := v]where x0 /β FV (Ξ»x.t)βͺβi(FV (wi)βͺ{xi}) (app-optional)This rule is correct but not ideal. We want to eliminate all renamings in Suspended ISWIM, but (app-optional) still renames the lambda bound variable.Keep in mind that this chapter aims to develop an environmental operational semantics for ISWIM. The(app) rule promotes the substitution for the lambda bound variable to the front, overwriting any existingexplicit substitution for that variable, which is close to the operation of updating an environment. We shallkeep the (app) rule.To specify how explicit substitutions percolate, we define the single-step substitution reduction relationββx.Definition 79 (Single-step Substitution Reduction Relation). Let the single-step substitution reduction rela-tion ββx be a binary relation between the set of terms and the set of terms.423.3. Suspended ISWIMββx β TERMΓTERMx[x := w]ββx w (var-eq-subst) x1[x2 := w]ββx x1 where x1 6β‘ x2 (var-df-subst)n[x := w]ββx n (num-subst)(t1 t2)[x := w]ββx (t1[x := w]) (t2[x := w]) (app-subst)(t1+ t2)[x := w]ββx (t1[x := w])+(t2[x := w]) (plus-subst)no (lam-subst)t1[x1 := w1]ββx t2t1[x1 := w1][x2 := w2]ββx t2[x2 := w2] (subst-subst)All rules are the same as the single-step substitution reduction relation of Explicit ISWIM. The (lam-subst) rule no longer exists in Suspended ISWIM because a lambda abstraction surrounded by explicitsubstitutions is a value.The above two definitions have fully eliminated variable renamings. The denotable term w in an arbitrarysubstitution [x := w] must be a value. As a result, the definition of denotable terms in Definition 77w := x | vshall be replaced byw := vwhere w β DENOTABLE, x β VAR and v β VALUE. For convenience, we may use [x := v] or keep using[x := w] to represent an explicit substitution in Suspended ISWIM.Definition 80 (Multi-step Substitution Reduction Relation). Define the multi-step substitution reductionrelation ββxβ to be the reflexive-transitive closure relation on the single-step substitution reduction relationββx.Definition 81 (Multi-step Relation). Define the multi-step relationβββ to be the reflexive-transitive closurerelation on the single-step relation ββ.Example 82. Consider ((Ξ»x1.Ξ»x2.x1) 7) 4 where x1 6β‘ x2. By the structural operational semantics of Sus-pended ISWIM, we have:((Ξ»x1.Ξ»x2.x1) 7) 4ββ ((Ξ»x2.x1)[x1 := 7]) 4ββ x1[x2 := 4][x1 := 7]ββ x1[x1 := 7]ββ 7.433.3. Suspended ISWIMIn contrast, by the structural operational semantics of Explicit ISWIM, we have:((Ξ»x1.Ξ»x2.x1) 7) 4ββ ((Ξ»x2.x1)[x1 := 7]) 4ββ (Ξ»x2.x1[x2 := x2][x1 := 7]) 4 where x2 6β‘ x1ββ x1[x2 := x2][x1 := 7][x2 := 4]ββ x1[x1 := 7][x2 := 4]ββ 7[x2 := 4]ββ 7Suspended ISWIM takes two fewer steps than Explicit ISWIM. Given (Ξ»x2.x1)[x1 := 7], SuspendedISWIM does not push the substitution [x1 := 7] into the lambda abstraction Ξ»x2.x1. Instead, the substitutionis suspended until the lambda abstraction is called in an application. Given ((Ξ»x2.x1)[x1 := 7]) 4, SuspendedISWIM promotes the substitution for the lambda bound variable to the front, resulting in x1[x2 := 4][x1 := 7].Properties. We observe the following properties that are useful in proving semantics equivalence. (1)The single-step relation preserves alpha equivalence. (2) The multi-step relation preserves the closedness ofa term. These are the same properties that Substitutional ISWIM and Explicit ISWIM hold.Proposition 83. If ta1 βΌΞ± tb1 and ta1 ββ ta2 , then tb1 ββ tb2 and ta2 βΌΞ± tb2 .Proposition 84. If FV (t1) = /0 and t1 βββ t2, then FV (t2) = /0.Evaluator. We now define an evaluator in terms of the substitutional structural operational semantics ofSuspended ISWIM. The evaluator is analogous to be one defined for Explicit ISWIM.Definition 85 (Evaluator based on Structural Operational Semantics of Suspended ISWIM). Let the eval-uator evalISWIM:SusSOS be a partial function from the set of programs PRGMISWIM to the set of answersANSISWIM.evalISWIM:SusSOS : PRGMISWIM β ANSISWIMevalISWIM:SusSOS(t) =ο£±ο£²ο£³function if t βββ (Ξ»x.t β²)[xi := wi]n if t βββ nThis evaluator is defined in terms of the structural operational semantics of Suspended ISWIM. The sub-script βISWIM:SusSOSβ in evalISWIM:SusSOS denotes the structural operational semantics of Suspended ISWIM.We claim that the evaluators defined in terms of the Substitutional ISWIM and Suspended ISWIM areequivalent.Theorem 86 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:SubSOS(t) is Kleene equalto evalISWIM:SusSOS(t).We prove the theorem in the appendices.443.4. Environmental ISWIM - Structural Operational Semantics3.4 Environmental ISWIM - Structural Operational SemanticsSuspended ISWIM is peculiar in the sense that the top-level structure of a lambda abstraction surroundedby zero or more explicit substitutions is not immediately recognisable. Consider (Ξ»x.t)[xi := wi]ni=1 whichtruly represents (...(((Ξ»x.t)[x1 := w1])[x2 := w2])...)[xn := wn]. To ensure that its top-level structure is alambda abstraction, we have to dive down through the cascaded explicit substitutions to search for a lambdaabstraction.Furthermore, since our evaluator only concerns closed terms, we can safely claim that all denotable termssubstituting variables in cascaded explicit substitutions are closed. Then a cascade of explicit substitutionscan be viewed as a whole when operating on a term and its subterms. For example, consider a cascade ofexplicit substitutions operating on a variable, x[xi := wi]ni=1. We compare x against xi where i = 1,2, ...,n inorder. There are two possibilities. (1) If none of xiβs refers to x, the cascaded explicit substitutions disappear,i.e., x[xi := wi]ni=1 steps to x. (2) If we find the leftmost xp where 1β€ pβ€ n such that xp refers to x, then x isreplaced by wp and the remaining cascaded substitutions [xi := wi]ni=p+1 disappear, i.e., x[xi := wi]ni=1 steps towp where xp is the leftmost xi such that xβ‘ xp. We make these two observations because the denotable termwp is closed and remains unchanged when encountering any explicit substitution. After further analysis, werealise that there will always be a cascade of explicit substitutions that reach a variable in Suspended ISWIM.It is a natural step to treat a cascade of explicit substitutions as a whole and replace it by an environment,leading to Environmental ISWIM.3.4.1 SyntaxWe first define the basic syntax of the Environmental ISWIM: terms, values, denotable terms, configurationsand environments. Then we define the free variable function.3.4.1.1 Terms, Values, Denotable Terms, Configurations and EnvironmentsDefinition 87 (Terms, Values, Denotable Terms and Configurations). Let (1) TERM be the set of terms,(2) VALUE be the set of values, (3) DENOTABLE be the set of denotable terms, (4) CONF be the set ofconfigurations, and (5) ENV be a finite partial function from the set of variables to the set of denotableterms.x β VAR, n βN, t β TERM, v β VALUE, w β DENOTABLE, c β CONF, Ο β ENV = VAR finβ DENOTABLEt := x | t t | Ξ»x.t | n | t+ tv := n | /Ξ»x.t, Ο . where FV (Ξ»x.t)β dom(Ο)w := vc := v | c c | c+ c | γt, Ογ where FV (t)β dom(Ο)A pair of a term and an environment where the former is closed by the latter, i.e., γt, Ογ where FV (t)βdom(Ο) or /Ξ»x.t, Ο. where FV (Ξ»x.t)β dom(Ο), is called a closure. A pair of a lambda abstraction and anenvironment where the former is closed by the latter, i.e., /Ξ»x.t, Ο. where FV (Ξ»x.t)β dom(Ο), is called aclosure value.453.4. Environmental ISWIM - Structural Operational SemanticsA closure makes its top-level structure immediately evident. For example, given a closure γΞ»x.t, Ογ, it isimmediately recognisable that its top-level structure is a lambda abstraction Ξ»x.t without having to dive intothe environment Ο . In contrast, in Suspended ISWIM, to check the top-level structure of (Ξ»x.t)[x := w], wehave to dive down through the cascaded explicit substitutions [x := w] until reaching the lambda abstractionΞ»x.t.Unlike the previous dialects of ISWIM, Environmental ISWIM deems the set of configurations ratherthan the set of terms to be the fundamental set on which the operational semantics is defined.Definition 88 (Environments). An environment Ο β ENV is a finite partial function from the set of variablesto the set of denotable terms. Let dom(Ο) be the domain of the environment Ο and rng(Ο) be the range ofthe environment Ο . Let Ο[x 7β w] be an environment update and Ο(x) be an environment lookup. We have:Ο[x 7β w](y) =ο£±ο£²ο£³w if xβ‘ yΟ(y) if x 6β‘ ySuppose an environment Ο maps x1 to w1, x2 to w2, ..., xn to wn, where xi 6β‘ x j for any i, j such that i 6= j,and Ο has no other mapping. The environment Ο can be represented as a finite set {(x1,w1),(x2,w2), ...,(xn,wn)}.The domain of the environment Ο is dom(Ο) = {x1,x2, ...,xn} and the range of the environment Ο isrng(Ο) = {w1,w2, ...,wn}.3.4.1.2 Free Variable FunctionWe define the free variable function by extending Definition 47 to accommodate configurations.Definition 89 (Free Variable Function). Let the free variable function FV be a total function from the set ofconfigurations to the power set of variables.FV : CONF ββP(VAR)FV (x) = x (1)FV (t1 t2) = FV (t1)βͺFV (t2) (2)FV (Ξ»x.t) = FV (t)\{x} (3)FV (n) = /0 (4)FV (t1+ t2) = FV (t1)βͺFV (t2) (5)FV (γt, Ογ) = /0 (6)FV (/Ξ»x.t, Ο.) = FV (γΞ»x.t, Ογ) (7)FV (c1 c2) = FV (c1)βͺFV (c2) (8)FV (c1+ c2) = FV (c1)βͺFV (c2) (9)Equations (1)-(5) are the same as Definition 47 in Substitutional ISWIM. Equations (6) and (7) are basedon the definitions of closures and closure values. Equations (8) and (9) are analogous to Equations (2) and(5).463.4. Environmental ISWIM - Structural Operational SemanticsDefinition 90 (Closed Configurations). A configuration c is closed if and only if FV (c) = /0.3.4.2 Structural Operational SemanticsWe lay out the structural operational semantics of Environmental ISWIM through the single-step relationββ and the multi-step relation βββ.Definition 91 (Single-step Relation). Define the single-step relationββ to be a binary relation between theset of configurations and the set of configurations.βββ CONFΓCONFc11 ββ c12c11 c2 ββ c12 c2 (appL)c21 ββ c22v1 c21 ββ v1 c22 (appR) /(Ξ»x.t), Ο . vββ γt, Ο[x 7β v]γ (app)c11 ββ c12c11+ c2 ββ c12+ c2 (plusL)c21 ββ c22v1+ c21 ββ v1+ c22 (plusR)n1+n2 ββ n where n = n1+n2 (plus)γ(Ξ»x.t), Ογ ββ /(Ξ»x.t), Ο. (clos-env)γx, Ογ ββ w where Ο(x) = w (var-env)γn, Ογ ββ n (num-env)γ(t1 t2), Ογ ββ γt1, Ογ γt2, Ογ (app-env)γ(t1+ t2), Ογ ββ γt1, Ογ+ γt2, Ογ (plus-env)The single-step relation c1 ββ c2 reads as βc1 single-steps to c2β. (1) Rules (appL), (appR), (plusL),(plusR) and (plus) are analogous to the rules of the same names in Suspended ISWIMβs single-step relation.The only difference is that Suspended ISWIM defined the relation on terms but we now define the relationon configurations. (2) The (app) rule models performing an application by environment updating, whichcompletes the unfinished job of Suspended ISWIMβs (app) rule. (3) The other rules discuss how to evaluatea closure. The (clos-env) rule turns a closure to a closure value. Other (*-env) rules correspond to SuspendedISWIMβs single-step substitution reduction relation.Rules of the single-step relation can be categorised into reduction rules and structural rules. Structuralrules are (appL), (appR), (plusL) and (plusR). The others are reduction rules.Definition 92 (Multi-step Relation). Define the multi-step relationβββ to be the reflexive-transitive closureof the single-step relation ββ.Example. To get familiar with the structural operational semantics, consider the following example.Example 93. Consider (Ξ»x1.Ξ»x2.x1) 7) 4 where x1 6β‘ x2.473.4. Environmental ISWIM - Structural Operational SemanticsWe first construct a configuration that pairs the above term with an empty environment, i.e., γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ.By the structural operational semantics of Environmental ISWIM, we have:γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ (1)ββ γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γ4, /0γ (2)ββ (γ(Ξ»x1.Ξ»x2.x1), /0γ γ7, /0γ) γ4, /0γ (3)ββ (/(Ξ»x1.Ξ»x2.x1), /0. γ7, /0γ) γ4, /0γ (4)ββ (/(Ξ»x1.Ξ»x2.x1), /0. 7) γ4, /0γ (5)ββ γ(Ξ»x2.x1), {(x1,7)}γ γ4, /0γ (6)ββ /(Ξ»x2.x1),{(x1,7)}. γ4, /0γ (7)ββ /(Ξ»x2.x1),{(x1,7)}. 4 (8)ββ γx1,{(x2,4),(x1,7)}γ (9)ββ 7. (10)As shown in Line (1), we always evaluate a program with an empty environment.Property. We observe the following property that is useful in proving semantics equivalence. The multi-step relation preserves the closedness of a term. This is the same property that Substitutional ISWIM,Explicit ISWIM and Suspended ISWIM hold.Proposition 94. If FV (c1) = /0 and c1 βββ c2, then FV (c2) = /0.Evaluator. We now define an evaluator in terms of the structural operational semantics of EnvironmentalISWIM. Environmental ISWIMβs multi-step relation is defined on sets of configurations rather than sets ofterms. Given a program t, the evaluator applies the multi-step relation on the configuration γt, /0γ in whichthe program is associated with an empty environment. The evalutor is otherwise analogous to the evaluatordefined for Suspended ISWIM.Definition 95 (Evaluator based on Structural Operational Semantics of Environmental ISWIM). Let theevaluator evalISWIM:EnvSOS to be a partial function from the set of programs PRGMISWIM to the set of answersANSISWIM.evalISWIM:EnvSOS : PRGMISWIM β ANSISWIMevalISWIM:EnvSOS(t) =ο£±ο£²ο£³function if γt, /0γ βββ /(Ξ»x.t β²), Ο.n if γt, /0γ βββ nThis evaluator is defined in terms of the structural operational semantics of Environmental ISWIM. Thesubscript βISWIM:EnvSOSβ in evalISWIM:EnvSOS denotes the structural operational semantics of EnvironmentalISWIM.We claim that the evaluators defined in terms of Substitutional ISWIM and Environmental ISWIM areequivalent.483.5. Environmental ISWIM - Reduction SemanticsTheorem 96 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:SubSOS(t) is Kleene equalto evalISWIM:EnvSOS(t).We prove the theorem in appendices.3.5 Environmental ISWIM - Reduction SemanticsThis chapter aims to develop an environmental abstract machine for ISWIM. Since a reduction semanticscan be viewed as a concise representation of an abstract machine, we develop a reduction semantics forEnvironmental ISWIM, based on which we develop an abstract machine in the next section.3.5.1 SyntaxThe definitions of terms, values, denotable terms, configurations and environments are the same as Section3.4.3.5.1.1 Evaluation ContextsWe now define evaluation contexts to regulate the only places where an arbitrary reduction may happen.Definition 97 (Evalutation Contexts: Inside-out). Let ECXT be the set of evaluation contexts.E β ECXT, c β CONF, v β VALUE β ECXT (ept)E β ECXTE[ c] β ECXT (appL)E β ECXTE[v] β ECXT (appR)E β ECXTE[+ c] β ECXT (plusL)E β ECXTE[v+] β ECXT (plusR)The sole hole in an evaluation context can be filled by a configuration. E[c] is a configuration con-structed by filling the sole hole of the evaluation context E by the configuration c.There is a correspondence between evaluation contexts and structural rule of the single-step relationdefined as Definition 91. (1) The evaluation context E[ c] allows reduction at the operator position of anapplication, corresponding to the (appL) rule of the semantics. (2) The evaluation context E[v ] allowsreduction at the operand position of an application, corresponding to the (appR) rule of the semantics. (3)The evaluation context E[+ c] allows reduction at the first operand position of an addition, correspondingto the (plusL) rule of the semantics. (4) The evaluation context E[v+] allows reduction at second operandposition of an addition, corresponding to the (plusR) rule of the semantics. (5) The evaluation context allows reduction immediately.This definition is called inside-out because it makes the innermost structure of an evaluation context themost evident. An alternative but equivalent definition of evaluation contexts is provided in Definition 106.493.5. Environmental ISWIM - Reduction Semantics3.5.2 Reduction SemanticsWe lay out the reduction semantics of Environmental ISWIM through the notions of reduction R, the re-duction relation 7ββ and the multi-reduction relation 7βββ.Definition 98 (Notions of Reduction). Let the notions of reduction,R, be a binary relation between the setof configurations and the set of configurations.R β CONFΓCONF/(Ξ»x.t), Ο . v R γt, Ο[x 7β v]γ (app)n1+n2 R n where n = n1+n2 (plus)γ(Ξ»x.t), Ογ R /(Ξ»x.t), Ο. (conf-lam)γx, Ογ R w where Ο(x) = w (conf-var)γn, Ογ R n (conf-num)γ(t1 t2), Ογ R γt1, Ογ γt2, Ογ (conf-app)γ(t1+ t2), Ογ R γt1, Ογ+ γt2, Ογ (conf-plus)The notion of reduction c1 R c2 reads as βc1 reduces to c2β. Each notion corresponds to one reductionrule of the single-step relation defined as Definition 91.Definition 99. If c1 R c2, then c1 is a redex and c2 is a contractum.Definition 100 (Reduction Relation). Let the reduction relation 7ββ be a binary relation between the set ofconfigurations and the set of configurations directly based on the notions of reductionR.7ββ β CONFΓCONFc1 R c2E[c1] 7ββ E[c2]The reduction relation c1 7ββ c2 reads as βc1 single-reduces to c2β. The above definition states that thereduction relation respects performing any notion of reduction in an evaluation context.Intuitively, the reduction relation 7ββ defines a single step of computation. We define 7βββ to representmultiple (zero or more) steps of computation.Definition 101 (Multi-reduction Relation). Define the multi-reduction relation 7βββ to be the reflexive-transitive closure of the reduction relation 7ββ.The multi-reduction relation c1 7βββ c2 reads as βc1 multi-reduces to c2β.Example 102. Consider (Ξ»x1.Ξ»x2.x1) 7) 4 where x1 6β‘ x2.We first pair above term with an empty environment, constructing the configuration γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ.By the reduction semantics of Environmental ISWIM, we have:γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ 7βββ 7as demonstrated in Figure 3.1.503.5. Environmental ISWIM - Reduction Semanticsγ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ= [γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ]7ββ [γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γ4, /0γ] where γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γR γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γ4, /0γ= γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γ4, /0γ= [ γ4, /0γ][γ(Ξ»x1.Ξ»x2.x1) 7, /0γ]7ββ [ γ4, /0γ][γ(Ξ»x1.Ξ»x2.x1), /0γ γ7, /0γ] where γ(Ξ»x1.Ξ»x2.x1) 7, /0γR γ(Ξ»x1.Ξ»x2.x1), /0γ γ7, /0γ= (γ(Ξ»x1.Ξ»x2.x1), /0γ γ7, /0γ) γ4, /0γ= [ γ4, /0γ][ γ7, /0γ][γ(Ξ»x1.Ξ»x2.x1), /0γ]7ββ [ γ4, /0γ][ γ7, /0γ][/(Ξ»x1.Ξ»x2.x1), /0.] where γ(Ξ»x1.Ξ»x2.x1), /0γR / (Ξ»x1.Ξ»x2.x1), /0.= (/(Ξ»x1.Ξ»x2.x1), /0. γ7, /0γ) γ4, /0γ= [ γ4, /0γ][/(Ξ»x1.Ξ»x2.x1), /0. ][γ7, /0γ]7ββ [ γ4, /0γ][/(Ξ»x1.Ξ»x2.x1), /0. ][7] where γ7, /0γR 7= (/(Ξ»x1.Ξ»x2.x1), /0. 7) γ4, /0γ= [ γ4, /0γ][/(Ξ»x1.Ξ»x2.x1), /0. 7]7ββ [ γ4, /0γ][γ(Ξ»x2.x1), {(x1,7)}γ] where / (Ξ»x1.Ξ»x2.x1), /0. 7R γ(Ξ»x2.x1), /0[x1 7β 7]γ= γ(Ξ»x2.x1), {(x1,7)}γ γ4, /0γ= [ γ4, /0γ][γ(Ξ»x2.x1), {(x1,7)}γ]7ββ [ γ4, /0γ][/(Ξ»x2.x1), {(x1,7)}.] where γ(Ξ»x2.x1), {(x1,7)}γR / (Ξ»x2.x1), {(x1,7)}.= /(Ξ»x2.x1),{(x1,7)}. γ4, /0γ= [/(Ξ»x2.x1),{(x1,7)}. ][γ4, /0γ]7ββ [/(Ξ»x2.x1),{(x1,7)}. ][4] where γ4, /0γR 4= /(Ξ»x2.x1),{(x1,7)}. 4= [/(Ξ»x2.x1),{(x1,7)}. 4]7ββ [γx1,{(x2,4),(x1,7)}γ] where / (Ξ»x2.x1),{(x1,7)}. 4R γx1,{(x1,7)}[x2 7β 4]γ= γx1,{(x2,4),(x1,7)}γ= [γx1,{(x2,4),(x1,7)}γ]7ββ [7] where γx1,{(x2,4),(x1,7)}γR 7= 7.Figure 3.1: Evaluation of ((Ξ»x1.Ξ»x2.x1) 7) 4 in Reduction Semantics of Environmental ISWIM.513.5. Environmental ISWIM - Reduction SemanticsTo apply the reduction semantics on a term, follow the following pattern repeatedly until the resultingterm is a value.1. Break the term into an evaluation context and a redex.2. Apply a notion of reduction on the redex and get a contractum.3. Plug the contractum into the evaluation context and get a new term.However, the reduction semantics does not tell how to break a term into an evaluation context and a redex.In other words, the reduction semantics does not encode a systematic strategy to search for an evaluationcontext and a redex.Property. We observe the following property that is useful in proving semantics equivalence. The multi-step relation preserves the closedness of a term. This is the same property that the previos ISWIM dialectshold.Proposition 103. If FV (c1) = /0 and c1 7βββ c2, then FV (c2) = /0.Evaluator. We now define an evaluator in terms of the reduction semantics of Environmental ISWIM.The evalutor is analogous to the evaluator defined in terms of the structural operational semantics of Envir-onmental ISWIM.Definition 104 (Evaluator based on Reduction Semantics of Environmental ISWIM). Let the evaluatorevalISWIM:EnvRed be a partial function from the set of programs PRGMISWIM to the set of answers ANSISWIM.evalISWIM:EnvRed : PRGMISWIM β ANSISWIMevalISWIM:EnvRed(t) =ο£±ο£²ο£³function if γt, /0γ 7βββ /(Ξ»x.t β²), Ο.n if γt, /0γ 7βββ nThis evaluator is defined in terms of the reduction semantics of Environmental ISWIM. The subscriptβISWIM:EnvRedβ in evalISWIM:EnvRed denotes the reduction semantics of Environmental ISWIM.We claim that the evaluators defined in terms of the structural operational semantics and the reductionsemantics of Environmental ISWIM are equivalent.Theorem 105 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:EnvSOS(t) is Kleene equalto evalISWIM:EnvRed(t).We prove the theorem in appendices.523.6. Environmental ISWIM - CEK Abstract Machine3.6 Environmental ISWIM - CEK Abstract MachineReduction semantics can be viewed as a concise representation of an abstract machine in the sense that itabstracts away the search for an evaluation context and a redex. In contrast, an abstract machine encodes asystematic strategy to search for an evaluation context and a redex. We finish refining semantics for ISWIMby developing an abstract machine for Environmental ISWIM. The environmental abstract machine is alsoknown as the CEK machine.3.6.1 SyntaxThe definitions of terms, values, denotable terms, configurations and environments are the same as Sections3.4 and 3.5.3.6.1.1 Evaluation ContextsWe provide two definitions of evaluation contexts. The first definition is the same as the one used in Section3.5. The second one is as follows. These two definitions are equivalent and are used interchangeably at ourconvenience.Definition 106 (Evaluation Contexts: Outside-in). Let ECXT be the set of evaluation contexts.E β ECXT, c β CONF, v β VALUE β ECXT (ept)E β ECXT(E c) β ECXT (appL)E β ECXT(v E) β ECXT (appR)E β ECXT(E + c) β ECXT (plusL)E β ECXT(v+E) β ECXT (plusR)This definition is called outside-in because it makes the outermost structure of an evaluation context themost evident.3.6.1.2 Machine ConfigurationsThe states of an abstract machine are represented by machine configurations.Definition 107 (Machine Configurations). Let CFG be the set of machine configurations.C β CFG, c β CONF, v β VALUE, E β ECXTC ::= v| γE, cγr| γE, cγf| γE, vγbThe machine operates in four modes: the value mode v, the reduce mode γE, cγr, the focus mode γE, cγfand the build mode γE, vγb.533.6. Environmental ISWIM - CEK Abstract MachineA machine configuration γE, cγ? where ? β {r, f,b} unloads to the configuration E[c]. Precisely, theconfiguration c in the machine configuration γE, cγr needs to be a redex.3.6.2 CEK Abstract MachineWe lay out an abstract machine of Environmental ISWIM, which is known as the CEK machine, throughthe reduction relation 7ββcek and the multi-reduction relation 7βββcek.Definition 108 (Reduction Relation). Let the reduction relation 7ββcek be a binary relation between the setof machine configurations and the set of machine configurations.7ββcek β CFGΓCFGReduce rules:γE, /(Ξ»x.t), Ο . vγr 7ββcek γE, γt, Ο[x 7β v]γγf (r-app)γE, n1+n2γr 7ββcek γE, nγf where n = n1+n2 (r-plus)γE, γ(Ξ»x.t), Ογγr 7ββcek γE, /(Ξ»x.t), Ο.γf (r-conf-lam)γE, γx, Ογγr 7ββcek γE, wγf where Ο(x) = w (r-conf-var)γE, γn, Ογγf 7ββcek γE, nγf (r-conf-num)γE, γ(t1 t2), Ογγr 7ββcek γE, γt1, Ογ γt2, Ογγf (r-conf-app)γE, γ(t1+ t2), Ογγr 7ββcek γE, γt1, Ογ+ γt2, Ογγf (r-conf-plus)Focus rules:γE, γt, Ογγf 7ββcek γE, γt, Ογγr (f-conf)γE, c1 c2γf 7ββcek γE[ c2], c1γf (f-app)γE, /(Ξ»x.t), Ο.γf 7ββcek γE, /(Ξ»x.t), Ο.γb (f-lam)γE, nγf 7ββcek γE, nγb (f-num)γE, c1+ c2γf 7ββcek γE[+ c2], c1γf (f-plus)Build rules:γ, vγb 7ββcek v (b-val)γE[ c2], v1γb 7ββcek γE[v1 ], c2γf (b-appL)γE[v1 ], v2γb 7ββcek γE, v1 v2γr (b-appR)γE[+ c2], v1γb 7ββcek γE[v1+], c2γf (b-plusL)γE[v1+], v2γb 7ββcek γE, v1+ v2γr (b-plusR)The reduction relation C1 7ββcek C2 reads as βC1 single-reduces to C2β.A machine configuration at the reduce mode, γE, cγr, signifies that a proper notion of reduction can beapplied on the redex c. A machine configuration at the focus mode, γE, cγf, indicates searching downwardinto the configuration c for a redex to reduce. A machine configuration at the build mode, γE, vγb, returnsthe value v to the current evaluation context E. A machine configuration at the value mode, v, representsthat the value v is the result of executing the machine.543.6. Environmental ISWIM - CEK Abstract MachineIntuitively, the reduction relation 7ββcek defines a single step of computation. We define 7βββcek torepresent multiple (zero or more) steps of computation.Definition 109 (Multi-reduction Relation). Let the multi-reduction relation 7βββcek be the reflexive-transitiveclosure of the reduction relation 7ββcek.The multi-reduction relation C1 βββcek C2 reads as βC1 multi-reduces to C2β.The abstract machine defined above is also known as the CEK machine. C stands for control, i.e., theconfiguration under evaluation, E stands for environment, and K stands for continuation, i.e., the evaluationcontext.Example 110. Consider (Ξ»x1.Ξ»x2.x1) 7) 4 where x1 6β‘ x2.We first construct a machine configuration that contains the above term with an empty evaluation contextand an empty environment and start running the machine configuration at focus mode.By the CEK machine, we haveγ, γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γγf 7βββcek 7as demonstrated in Figure 3.2.Evaluator. We now define an evaluator in terms of the CEK machine. CEK machineβs multi-reductionrelation is defined on sets of machine configurations. Given a program t, the evaluator applies the multi-transformation relation on the machine configuration γ, γt, /0γγf in which the program is associated withan empty environment and an empty evaluation context. The evaluator is otherwise analogous to the onedefined in terms of the reduction semantics of Environmental ISWIM.Definition 111 (Evaluator based on CEK Machine). Let the evaluator evalISWIM:CEK be a partial functionfrom the set of programs PRGMISWIM to the set of answers ANSISWIM.evalISWIM:CEK : PRGMISWIM β ANSISWIMevalISWIM:CEK(t) =ο£±ο£²ο£³function if γ, γt, /0γγf 7βββcek /(Ξ»x.t β²), Ο.n if γ, γt, /0γγf 7βββcek nThis evaluator is defined in terms of the CEK machine. The subscript βISWIM:CEKβ in evalISWIM:CEKdenotes the CEK machine of ISWIM.We claim that the evaluators defined in terms of the reduction semantics and based on the CEK abstractmachine of Environmental ISWIM are equivalent.Theorem 112 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:EnvRed(t) is Kleene equalto evalISWIM:CEK(t).553.6. Environmental ISWIM - CEK Abstract Machineγ, γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ γf7ββcek γ, γ((Ξ»x1.Ξ»x2.x1) 7) 4, /0γ γr7ββcek γ, γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γ4, /0γ γf7ββcek γ[ γ4, /0γ], γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γf7ββcek γ[ γ4, /0γ], γ(Ξ»x1.Ξ»x2.x1) 7, /0γ γr7ββcek γ[ γ4, /0γ], γΞ»x1.Ξ»x2.x1, /0γ γ7, /0γ γf7ββcek γ[ γ4, /0γ][ γ7, /0γ], γΞ»x1.Ξ»x2.x1, /0γ γf7ββcek γ[ γ4, /0γ][ γ7, /0γ], γΞ»x1.Ξ»x2.x1, /0γ γr7ββcek γ[ γ4, /0γ][ γ7, /0γ], /Ξ»x1.Ξ»x2.x1, /0. γf7ββcek γ[ γ4, /0γ][ γ7, /0γ], /Ξ»x1.Ξ»x2.x1, /0. γb7ββcek γ[ γ4, /0γ][/Ξ»x1.Ξ»x2.x1, /0. ], γ7, /0γ γf7ββcek γ[ γ4, /0γ][/Ξ»x1.Ξ»x2.x1, /0. ], γ7, /0γ γr7ββcek γ[ γ4, /0γ][/Ξ»x1.Ξ»x2.x1, /0. ], 7 γf7ββcek γ[ γ4, /0γ][/Ξ»x1.Ξ»x2.x1, /0. ], 7 γb7ββcek γ[ γ4, /0γ], /Ξ»x1.Ξ»x2.x1, /0. 7 γr7ββcek γ[ γ4, /0γ], γΞ»x2.x1, {(x1,7)}γ γf7ββcek γ[ γ4, /0γ], γΞ»x2.x1, {(x1,7)}γ γr7ββcek γ[ γ4, /0γ], /Ξ»x2.x1, {(x1,7)}. γf7ββcek γ[ γ4, /0γ], /Ξ»x2.x1, {(x1,7)}. γb7ββcek γ[/Ξ»x2.x1, {(x1,7)}. ], γ4, /0γ γf7ββcek γ[/Ξ»x2.x1, {(x1,7)}. ], γ4, /0γ γr7ββcek γ[/Ξ»x2.x1, {(x1,7)}. ], 4 γf7ββcek γ[/Ξ»x2.x1, {(x1,7)}. ], 4 γb7ββcek γ, /Ξ»x2.x1, {(x1,7)}. 4 γr7ββcek γ, γx1, {(x1,7),(x2,4)}γ γf7ββcek γ, γx1, {(x1,7),(x2,4)}γ γr7ββcek γ, 7 γf7ββcek γ, 7 γb7ββcek 7Figure 3.2: Evaluation of ((Ξ»x1.Ξ»x2.x1) 7) 4 in the CEK Machine.563.7. Chapter SummaryWe prove the above theorem in appendices.As a corollary, the evaluators defined in terms of the Substitutional ISWIM and the CEK machine areequivalent.Corollary 113 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:SubSOS(t) is Kleeneequal to evalISWIM:CEK(t).Proof. It immediately follows from Theorems 96, 105 and 112 by the transitivity of Kleene equality.3.7 Chapter SummaryFollowing the first dimension of the semantics refinement problem, this chapter solved the following prob-lem that is less complicated than the main semantics refinement problem.Can we refine the substitutional structural operational semantics of ISWIM to a correspondingsubstitutional abstract machine, which is known as the CEK machine, and demonstrate theirequivalence?We accomplished the development progressively in several manageable steps, each of which led to an in-termediate semantics. We first studied the substitutional structural operational semantics of ISWIM. Thenwe successively developed the structural operational semantics of Explicit ISWIM, the structural opera-tional semantics of Suspended ISWIM, the structural operational semantics of Environmental ISWIM, thereduction semantics of Environmental ISWIM, and finally derived the abstract machine of EnvironmentalISWIM. The abstract machine of Environmental ISWIM is also known as the CEK machine.We defined an evaluator based on each semantics. By proving the equivalence of every two adjacentsemantics, we finally showed that the CEK machine is equivalent to the substitutional structural operationalsemantics of ISWIM.57Chapter 4Refining Semantics for MetaML:Developing the MK MachineFollowing the second dimension of simplifying the main semantics refinement problem, we study how tostepwise develop an substitutional abstract machine rather than an environmental abstract machine for themulti-stage language MetaML. The problem is restated as follows.Can we refine the substitutional structural operational semantics of MetaML to a correspondingsubstitutional abstract machine, which we call the MK machine, and demonstrate their equival-ence?Recall that Sections 3.4, 3.5 and 3.6 have shown an approach to refining a structural operational semanticsto a reduction semantics and finally to an abstract machine. We adopt the same strategy in deriving the MKmachine.4.1 MetaML - Substitutional Reduction SemanticsMetaMLβs substitutional structural operational semantics has been presented in Section 2.2. Following thepath of refining a structural operational semantics to a reduction semantics as shown in Section 3.5, wederive a substitutional reduction semantics for MetaML.4.1.1 SyntaxThe definitions of terms, values and denotable terms are the same as Section 2.2.1.4.1.1.1 Evaluation ContextsSection 3.5 defined evaluation contexts to regulate the only places where an arbitrary reduction may happenin a single-stage language. We now extend the definition to accommodate the multi-stage setting.Definition 114 (Level-indexed Evaluation Contexts: Inside-out). Let ECXTi( j be the set of evaluationcontexts with inner level i and outer level j.584.1. MetaML - Substitutional Reduction SemanticsE i( j β ECXTi( j, t i β TERMi, vi β VALUEi β ECXTi(i (ept-i)E β ECXTi( jE[ t i2] β ECXTi( j(appL-i) E β ECXTi( jE[vi1 ] β ECXTi( j(appR-i)E β ECXT(i+1)( jE[Ξ»x.] β ECXT(i+1)( j(lambda-(i+1))E β ECXTi( jE[γγ] β ECXT(i+1)( j(code-i) E β ECXT(i+1)( jE[βΌ] β ECXTi( j (splice-(i+1))E β ECXTi( jE[!] β ECXTi( j (run-i)E β ECXTi( jE[+ t i2] β ECXTi( j(plusL-i) E β ECXTi( jE[vi1+] β ECXTi( j(plusR-i)An evaluation context E i( j comes with an inner level i and an outer level j. The inner level i is the levelof the hole of the context, indicating the level of terms that can fill the hole. The outer level j is the level ofthe term produced by the context when the hole of the context is filled.The sole hole i(i in an evaluation context can be filled by a level-i term. E i( j[t i] is a level- j termconstructed by filling the sole hole of the evaluation context E i( j by a level-i term t i. The levels i and jin an evaluation context E i( j can be related in any of the following three ways. (1) i > j. For example, alevel-0 term !γΞ»x.xγ can be represented as ([!][γγ][Ξ»x.])1(0[x]. (2) i= j. For example, a level-0 term(Ξ»x.x) ((Ξ»x.x) 7) can be represented as ([(Ξ»x.x)])0(0[(Ξ»x.x) 7]. (3) i < j. For example, a level-1 termβΌ((Ξ»x.x) γΞ»x.xγ) can be represented as ([βΌ])0(1[(Ξ»x.x) γΞ»x.xγ].The definition of evaluation contexts is motivated by the structural rules of the single-step relations(Definition 36). For example, the (code-i) rulet i+11 ββi+1 t i+12γt i+11 γ ββi γt i+12 γ(code-i)tells that a code operation at level i can be evaluated by reducing its operand at level i+1. Since an evaluationcontext defines where a reduction may happen, we may replace the (code-i) rule by an evaluation context([γγ])(i+1)(i and allow any level-(i+ 1) reduction to happen at the hole of the context. We observethe following correspondences between evaluation contexts and structural rule of the single-step relations(Definition 36). (1) The evaluation context E[ t i2] corresponds to (appL-i). (2) The evaluation contextE[vi1 ] corresponds to (appR-i). (3) The evaluation context E[Ξ»x.] corresponds to (lambda-(i+1)). (4)The evaluation context E[!] corresponds to (run-i). (5) The evaluation context E[γγ] corresponds to(code-i). (6) The evaluation context E[βΌ] corresponds to (splice-i). (7) The evaluation context E[+ t i2]corresponds to (plusL-i). (8) The evaluation context E[vi1+] corresponds to (plusR-i). To get familiar with594.1. MetaML - Substitutional Reduction Semanticsthe above correspondences, consider the following example:βΌγxγ ββ1 x (splice-1)Ξ»x.βΌγxγ ββ1 Ξ»x.x (lambda-(i+1))γΞ»x.βΌγxγγ ββ0 γΞ»x.xγ (code-i)The level-0 term γΞ»x.βΌγxγγ can be represented as ([γγ][Ξ»x.])1(0[βΌγxγ]. The evaluation context ([γγ][Ξ»x.])1(0corresponds to the structural rules (code-i) and (lambda-(i+1)).We can get the evaluation contexts that are suitable for a single-stage language such as ISWIM if weremove the rules that involve any multi-stage annotation and repeatedly apply the rules that define evaluationcontexts with an inner level 0 and an outer level 0.This definition is inside-out. An outside-in definition is provided in Definition 121.4.1.2 Substitutional Reduction SemanticsWe lay out the substitutional reduction semantics through a family of level-indexed notions of reductionR i,a family of level-indexed reduction relations 7ββi and a family of level-indexed multi-reduction relations7ββiβ.Definition 115 (Level-indexed Notions of Reduction). For any i β {0,1}, let the level-indexed notions ofreductionR i be a binary relation between the set of terms at level i and the set of terms at level i.R i β TERMiΓTERMi(Ξ»x.t0) v0 R0 t0[v0/x] (app-0)!γv1γ R0 v1 (run-0)βΌγv1γ R1 v1 (splice-1)n1+n2 R0 n where n = n1+n2 (plus-0)The notion of reduction t i1 Ri t i2 reads as βt1 reduces to t2 at level iβ. Each notion corresponds to onereduction rule of the single-step relations presented in Definition 36.Definition 116 (Level-indexed Reduction Relations). For any i βN, let the level-indexed reduction relation7ββi be a binary relation between the set of terms and the set of terms directly based on the notions ofreductionR j.7ββi β TERMiΓTERMit j1 Rj t j2E j(i[t j1] 7ββi E j(i[t j2]The reduction relation t i1 7ββi t i2 reads as βt1 single-reduces to t2 at level iβ. The above definition statesthat the reduction relation respects performing any notion of reduction in an evaluation context.Intuitively, a level-indexed reduction relation 7ββi defines a single step of computation at level i. Wedefine the level-indexed multi-reduction relation 7ββiβ to represent multiple (zero or more) steps of compu-tation at level i.604.1. MetaML - Substitutional Reduction Semantics!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ= ([!][γγ][Ξ»y.][ 0][βΌ])0(0[(Ξ»x.γxγ) (Ξ»x.y)]7ββ0 ([!][γγ][Ξ»y.][ 0][βΌ])0(0[γΞ»x.yγ] where (Ξ»x.γxγ) (Ξ»x.y)R0 γΞ»x.yγ= !γΞ»y.(βΌγΞ»x.yγ 0)γ= ([!][γγ][Ξ»y.][ 0])1(0[βΌγΞ»x.yγ]7ββ0 ([!][γγ][Ξ»y.][ 0])1(0[Ξ»x.y] where βΌγΞ»x.yγR1 Ξ»x.y= !γΞ»y.((Ξ»x.y) 0)γ= 0(0[!γΞ»y.((Ξ»x.y) 0)γ]7ββ0 0(0[Ξ»y.((Ξ»x.y) 0)] where !γΞ»y.((Ξ»x.y) 0)γR0 Ξ»y.((Ξ»x.y) 0)= Ξ»y.((Ξ»x.y) 0)Figure 4.1: Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in Substitutional Reduction Semantics of MetaML.Definition 117 (Level-indexed Multi-reduction Relations). For any iβN, let the level-indexed multi-reductionrelation 7ββiβ be the reflexive-transitive closure of the reduction relation 7ββi.The multi-reduction relation t i1 7ββiβ t i2 reads as βt1 multi-reduces to t2 at level iβ.Example 118. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ.By the substitutional reduction semantics of MetaML, we have:!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ 7ββ0β Ξ»y.((Ξ»x.y) 0)as demonstrated in Figure 4.1.A comparison of Figures 4.1 and 3.1 tells that MetaMLβs substitutional reduction semantics followsthe exact same three-step break-apply-plug pattern of evaluating a program as Environmental ISWIMβsreduction semantics.Evaluator We now define an evaluator in terms of the substitutional reduction semantics of MetaML. Theevaluator is analogous to the evaluator defined in terms of the substitutional structural operational semanticsof MetaML.Definition 119 (Evaluator based on Substitutional Reduction Semantics of MetaML). Let the evaluatorevalMetaML:SubRed be a partial function from the set of programs PRGMMetaML to the set of answers ANSMetaML.evalMetaML:SubRed : PRGMMetaML β ANSMetaMLevalMetaML:SubRed(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if t 7ββ0β Ξ»x.t β²0code if t 7ββ0β γv1γn if t 7ββ0β nThis evaluator is defined in terms of the substitutional reduction semantics. The subscript βMetaML:SubRedβin evalMetaML:SubRed denotes the substitutional reduction semantics of MetaML.We claim that the evaluators defined in terms of the substitutional structural operational semantics andthe substitutional reduction semantics of MetaML are equivalent.614.2. MetaML - MK Abstract MachineTheorem 120 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubSOS(t) is Kleeneequal to evalMetaML:SubRed(t).We prove the theorem in appendices.4.2 MetaML - MK Abstract MachineWith a systematic strategy to search for an evaluation context and a redex, we can refine MetaMLβs sub-stitutional reduction semantics to a corresponding substitutional abstract machine which we call the MKmachine. This section mostly follows the path of refining Environmental ISWIMβs reduction semantics tothe CEK abstract machine as presented in Section 3.6.4.2.1 SyntaxThe definitions of terms, values and denotable terms are the same as Sections 2.2.1 and 4.1.4.2.1.1 Evaluation ContextsEvaluation contexts have been defined in Section 4.1 as inside-out. We provide an outside-in definition asfollows. These two definitions are equivalent and are used interchangeably at our convenience.Definition 121 (Level-indexed Evaluation Contexts: Outside-in). Let i, j β N. Define ECXTi( j to be theset of evaluation contexts with inner level i and outer level j. β ECXT j( j (ept-j)E β ECXTi( j(E t j2) β ECXTi( j(appL-j) E β ECXTi( j(v j1 E) β ECXTi( j(appR-j)E β ECXTi(( j+1)Ξ»x.E β ECXTi(( j+1)(lambda-(j+1))E β ECXTi(( j+1)γEγ β ECXTi( j (code-j)E β ECXTi( jβΌE β ECXTi(( j+1)(splice-(j+1)) E β ECXTi( j!E β ECXTi( j (run-j)E β ECXTi( j(E + t j2) β ECXTi( j(plusL-j) E β ECXTi( j(v j1+E) β ECXTi( j(plusR-j)4.2.1.2 Machine ConfigurationsSection 3.6 defined the states of the CEK machine through four modes of machine configurations. Weextend the four-mode definition to accommodate multiple stages.Definition 122 (Machine Configurations). Let CFG be the set of machine configurations624.2. MetaML - MK Abstract MachineC β CFG, t i β TERMi, vi β VALUEi, E i( j β ECXTi( jC ::= v0| γi, E i(0, t iγr| γi, E i(0, t iγf| γi, E i(0, viγbThe machine operates in four modes: the value mode v0, the reduce mode γi, E i(0, t iγr, the focus modeγi, E i(0, t iγf, the build mode γi, E i(0, viγb.A machine configuration γi, E i(0, t iγ? where ? β {r, f,b} unloads to the configuration E i(0[t i].4.2.2 MK Abstract MachineWe lay out the substitutional abstract machine, i.e., the MK machine, through the reduction relation 7ββmkand the multi-reduction relation 7βββmk.Definition 123 (Reduction Relation). Let the reduction relation 7ββmk be a binary relation between the setof machine configurations and the set of machine configurations.7ββmk β CFGΓCFGReduce rules: γi, E i(0, t iγrγ0, E, (Ξ»x.t0) v0γr 7ββmk γ0, E, t0[v0/x]γf (r-app-0)γ0, E, !γv1γγr 7ββmk γ0, E, v1γf (r-run-0)γ1, E, βΌγv1γγr 7ββmk γ1, E, v1γf (r-splice-1)γ0, E, n1+n2γr 7ββmk γ0, E, nγf where n = n1+n2 (r-plus-0)Focus rules: γi, E i(0, t iγfγi+1, E, xγf 7ββmk γi+1, E, xγb (f-var-(i+1))γi, E, t1 t2γf 7ββmk γi, E[ t2], t1γf (f-appL-i)γ0, E, Ξ»x.tγf 7ββmk γ0, E, Ξ»x.tγb (f-lambda-0)γi+1, E, Ξ»x.tγf 7ββmk γi+1, E[Ξ»x.], tγf (f-lambda-(i+1))γi, E, γtγγf 7ββmk γi+1, E[γγ], tγf (f-code-i)γi+1, E, βΌtγf 7ββmk γi, E[βΌ], tγf (f-splice-(i+1))γi, E, !tγf 7ββmk γi, E[!], tγf (f-run-i)γi, E, nγf 7ββmk γi, E, nγb (f-num-i)γi, E, t1+ t2γf 7ββmk γi, E[+ t2], t1γf (f-plusL-i)Build rules: γi, E i(0, viγb634.2. MetaML - MK Abstract Machineγ0, , vγb 7ββmk v (b-value-0)γi, E[ t2], v1γb 7ββmk γi, E[v1 ], t2γf (b-appL-i)γ0, E[v1 ], v2γb 7ββmk γ0, E, v1 v2γr (b-appR-0)γi+1, E[v1 ], v2γb 7ββmk γi+1, E, v1 v2γb (b-appR-(i+1))γi+1, E[Ξ»x.], vγb 7ββmk γi+1, E, Ξ»x.vγb (b-lambda-(i+1))γi+1, E[γγ], vγb 7ββmk γi, E, γvγγb (b-code-(i+1))γ0, E[βΌ], vγb 7ββmk γ1, E, βΌvγr (b-splice-0)γi+1, E[βΌ], vγb 7ββmk γi+2, E, βΌvγb (b-splice-(i+1))γ0, E[!], vγb 7ββmk γ0, E, !vγr (b-run-0)γi+1, E[!], vγb 7ββmk γi+1, E, !vγb (b-run-(i+1))γi, E[+ t2], v1γb 7ββmk γi, E[v1+], t2γf (b-plusL-i)γ0, E[v1+], v2γb 7ββmk γ0, E, v1+ v2γr (b-plusR-0)γi+1, E[v1+], v2γb 7ββmk γi+1, E, v1+ v2γb (b-plusR-(i+1))The reduction relation C1 7ββmk C2 reads as βC1 single-reduces to C2β.The intuition behind the above relation is analogous to that of CEK machineβs reduction relation. Seecomments below Definition 108.Intuitively, the reduction relation 7ββmk defines a single step of computation. We define 7βββmk torepresent multiple (zero or more) steps of computation.Definition 124 (Multi-reduction Relation). Let the multi-reduction relation 7βββmk be the reflexive-transitiveclosure of the reduction relation 7ββmk.The multi-transformation relation C1 7βββmk C2 reads as βC1 multi-reduces to C2β.The abstract machine defined above is also known as the MK machine. M stands for multi-stage and Kstands for continuation, i.e., the evaluation context.Evaluator. We now define an evaluator in terms of the MK machine. The MK machineβs multi-reductionrelation is defined on machine configurations. Given a program t, the evaluator applies the multi-reductionrelation on the machine configuration γ0, , tγf in which the program is associated with an empty evaluationcontext and is evaluated at level 0. The evaluator is otherwise analogous to the one defined in terms of thesubstitution reduction semantics of MetaML.Definition 125 (Evaluator based on MK Machine). Let the evaluator evalMetaML:MK be a partial functionfrom the set of programs PRGMMetaML to the set of answers ANSMetaML.evalMetaML:MK : PRGMMetaML β ANSMetaMLevalMetaML:MK(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if γ0, , tγf 7βββmk Ξ»x.t β²0code if γ0, , tγf 7βββmk γv1γn if γ0, , tγf 7βββmk n644.2. MetaML - MK Abstract Machineγ0, , !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γγf7ββmk γ0, [!], γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γγf7ββmk γ1, [!][γγ], Ξ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γf7ββmk γ1, [!][γγ][Ξ»y.], βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0γf7ββmk γ1, [!][γγ][Ξ»y.][ 0], βΌ((Ξ»x.γxγ) (Ξ»x.y))γf7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ], (Ξ»x.γxγ) (Ξ»x.y)γf7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ][ (Ξ»x.y)], Ξ»x.γxγγf7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ][ (Ξ»x.y)], Ξ»x.γxγγb7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ][(Ξ»x.γxγ)], Ξ»x.yγf7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ][(Ξ»x.γxγ)], Ξ»x.yγb7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ], (Ξ»x.γxγ) (Ξ»x.y)γr7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ], γΞ»x.yγγr7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ], γΞ»x.yγγf7ββmk γ1, [!][γγ][Ξ»y.][ 0][βΌ][γγ], Ξ»x.yγf7ββmk γ1, [!][γγ][Ξ»y.][ 0][βΌ][γγ], Ξ»x.yγb7ββmk γ0, [!][γγ][Ξ»y.][ 0][βΌ], γΞ»x.yγγb7ββmk γ1, [!][γγ][Ξ»y.][ 0], βΌγΞ»x.yγγr7ββmk γ1, [!][γγ][Ξ»y.][ 0], Ξ»x.yγf7ββmk γ1, [!][γγ][Ξ»y.][ 0], Ξ»x.yγb7ββmk γ1, [!][γγ][Ξ»y.][(Ξ»x.y)], 0γf7ββmk γ1, [!][γγ][Ξ»y.][(Ξ»x.y)], 0γb7ββmk γ1, [!][γγ][Ξ»y.], (Ξ»x.y) 0γb7ββmk γ1, [!][γγ], Ξ»y.((Ξ»x.y) 0)γb7ββmk γ0, [!], γΞ»y.((Ξ»x.y) 0)γγb7ββmk γ0, , !γΞ»y.((Ξ»x.y) 0)γγr7ββmk γ0, , Ξ»y.((Ξ»x.y) 0)γf7ββmk γ0, , Ξ»y.((Ξ»x.y) 0)γb7ββmk Ξ»y.((Ξ»x.y) 0)Figure 4.2: Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in the MK Machine.This evaluator is defined in terms of the MK machine. The subscript βMetaML:MKβ in evalMetaML:MKdenotes the MK machine of MetaML.Example 126. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ.We have:evalMetaML:MK(!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ) = functionThis is becauseγ0, , !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γγf 7βββmk Ξ»y.((Ξ»x.y) 0)as demonstrated in Figure 4.2.The above example has appeared as Example 118. By MetaMLβs substitutional reduction semantics, wehave:evalMetaML:SubRed(!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ) = functionThe evaluators defined in terms of the substitutional reduction semantics of MetaML and the MK machine654.3. Chapter Summaryagree on evaluating the the evaluation of the puzzle program !γΞ»a. βΌ ((Ξ»x.γxγ)(Ξ»x.γaγ))0γ. In fact, thesetwo evaluators agree on all programs.Theorem 127 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubRed(t) is Kleeneequal to evalMetaML:MK(t).We prove the above theorem in appendices.As a corollary, the evaluators defined in terms of the substitutional structural operational semantics ofMetaML and based on the MK machine are equivalent.Corollary 128 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubSOS(t) is Kleeneequal to evalMetaML:MK(t).Proof. It immediately follows from Theorems 120 and 127 by the transitivity of Kleene equality.4.3 Chapter SummaryFollowing the second dimension of the semantics refinement problem, this chapter solved the followingproblem that is less complicated than the main semantics refinement problem.Can we refine the substitutional structural operational semantics of MetaML to a correspondingsubstitutional abstract machine, which we call the MK machine, and demonstrate their equival-ence?Given the substitutional structural operational semantics of MetaML, as a manageable step towards devel-oping the MK machine, we developed an equivalent substitutional reduction semantics. Then based onthe substitutional reduction semantics, we developed an equivalent substitutional abstract machine, the MKmachine.We defined an evaluator for each semantics. By proving the equivalence of every two adjacent semantics,we finally showed that the MK machine is equivalent to the substitutional structural operational semanticsof MetaML.66Chapter 5Refining Semantics for MetaML:Developing the MEK MachineDeveloping an environmental abstract machine for the multi-stage language MetaML is not straightforward.On the one hand, even for a single-stage language such as ISWIM, it is challenging to refine a substitutionalstructural operational semantics to a corresponding environmental abstract machine. On the other hand, it isuneasy to refine semantics for a multi-stage language such as MetaML even if substitutions are not replacedwith environments.Chapter 3 studies how to develop an environmental abstract machine for the single-stage languageISWIM. We split the problem into two subproblems. The first subproblem is to stepwise refine the knownsubstitutional structural operational semantics to a corresponding environmental structural operational se-mantics. The crucial points of our approach include replacing meta-language substitutions by explicit sub-stitutions, modelling how an explicit substitution percolates through a term at the semantical level, delayingexplicit substitutions outside lambda abstractions and replacing cascaded explicit substitutions by environ-ments. The second subproblem is to stepwise refine the environmental structural operational semantics toa corresponding environmental abstract machine. The key to our approach is relating these two semanticsby an environmental reduction semantics because a reduction semantics is a concise representation of anabstract machine. At this point, we are unclear whether our approach to refining semantics for ISWIM isapplicable to MetaML.To understand how refining semantics for MetaML is different from ISWIM and whether our approachto refining semantics for ISWIM is applicable to MetaML, Chapter 4 studies how to develop a substitutionalabstract machine for the multi-stage language MetaML. This problem is analogous to the second subproblemof refining semantics for ISWIM. Taking the same approach, we successfully derive a substitutional abstractmachine for MetaML. After Chapter 4, we are now familiar with refining semantics for MetaML and webelieve refining semantics for MetaML is analogous to refining semantics for ISWIM.Utilising the experience of solving two less complicated semantics refinement problems in Chapters 3and 4, we concentrate on the main semantics refinement problem in this chapter. We study how to stepwisedevelop an environmental abstract machine for the multi-stage language MetaML. The problem is restatedas follows.Can we refine the substitutional structural operational semantics of MetaML to a correspond-ing environmental abstract machine, which we call the MEK machine, and demonstrate theirequivalence?Taking the approach to refining semantics in Chapter 3, we propose to first stepwise derive an environmental675.1. MetaMLstructural operational semantics for MetaML and then refine the semantics to an environmental abstractmachine. We also draw lessons from Chapter 4 for refining a structural operational semantics to an abstractmachine for MetaML.5.1 MetaMLFor convenience, this section revisits the substitutional structural operational semantics of MetaML, whichhas been intensively studied in Section 2.2.Terms, Values and Denotable Terms. Terms, values and denotable terms have been defined in Section2.2 using inductive rules. We present an equivalent definition in Backus Naur Form (BNF) as follows.Definition 129 (Terms, Values and Denotable Terms). For any i β N, let TERMi be the set of level-indexedterms at level i and VALUEi be the set of level-indexed values at level i. Let DENOTABLE be the set ofdenotable terms.x β VAR, i,n β N, t i β TERMi, vi β VALUEi, w β DENOTABLEt0 ::= x | t0 t0 | Ξ»x.t0 | γt1γ | !t0 | n | t0+ t0t i+1 ::= x | t i+1 t i+1 | Ξ»x.t i+1 | γt i+2γ | βΌt i | !t i+1 | n | t i+1+ t i+1v0 ::= Ξ»x.t0 | γv1γ | nv1 ::= x | v1 v1 | Ξ»x.v1 | γv2γ | !v1 | n | v1+ v1vi+2 ::= x | vi+2 vi+2 | Ξ»x.vi+2 | γvi+3γ | βΌvi+1 | !vi+2 | n | vi+2+ vi+2w ::= x | v0Given how concise the above BNF definition is, we can more clearly present the syntax changes betweendifferent dialects of MetaML.Alpha Equivalence Relation. Section 3.1.1.4 presents the alpha equivalence for the single-languageISWIM and justifies why such a relation is necessary for proving equivalence of semantics of differentdialects of ISWIM or MetaML. We extend the definition of alpha equivalence for ISWIM (Definition 50) toaccommodate the multi-stage setting.Definition 130 (Alpha Equivalence Relation). Let the alpha equivalence relation βΌΞ± be a binary relation onterms.685.2. Explicit MetaMLβΌΞ± β TERMΓTERMxβΌΞ± x (var)t11 βΌΞ± t21 t12 βΌΞ± t22(t11 t12)βΌΞ± (t21 t22) (app)t1[x3/x1]βΌΞ± t2[x3/x2](Ξ»x1.t1)βΌΞ± (Ξ»x2.t2) where x3 /β FV (t1)βͺFV (t2) (lam)t1 βΌΞ± t2γt1γ βΌΞ± γt2γ (code)t1 βΌΞ± t2βΌt1 βΌΞ± βΌt2 (splice)t1 βΌΞ± t2!t1 βΌΞ± !t2 (run)t11 βΌΞ± t21 t12 βΌΞ± t22(t11+ t12)βΌΞ± (t21+ t22) (plus) nβΌΞ± n (num)The alpha equivalence relation makes proving equivalence of semantics easier. In many cases, we mayreplace a term by its alpha equivalent term in a proof at our convenience.Properties. We observe the following properties that are useful in proving semantics equivalence. (1) Thesingle-step relation preserves alpha equivalence. (2) The multi-step relation preserves the closedness of aterm. They are the same properties that Substitutional ISWIM holds.Proposition 131. If t i1 βΌΞ± t i2 and t i1 ββi t i11, then t i2 ββi t i21 and t i11 βΌΞ± t i21.Proposition 132. If FV (t i1) = /0 and ti1 βββi t i2, then FV (t i2) = /0.5.2 Explicit MetaMLFollowing the path of refining Substitutional ISWIM to Explicit ISWIM in Section 3.2, we refine Substi-tutional MetaML to Explicit MetaML. Explicit MetaML replaces Substitutional MetaMLβs meta-languagesubstitutions (e.g., t[w/x]) by explicit substitutions (e.g., t[x := w]) and models how an explicit substitutionpercolates through a term at the semantical level.5.2.1 SyntaxWe first define the basic syntax of Explicit MetaML: source terms, runtime terms, values and denotableterms. Then we define the free variable function, the substitution function and the alpha equivalence relation.5.2.1.1 Source Terms, Runtime Terms, Values and Denotable TermsDefinition 133 (Source Terms, Runtime Terms, Values and Denotable Terms). For any i β N, let STERMibe the set of level-indexed source terms at level i, RTERMi be the set of level-indexed runtime terms at leveli and VALUEi be the set of level-indexed values at level i. Let DENOTABLE be the set of denotable terms.695.2. Explicit MetaMLx β VAR, i,n β N, t is β STERMi, t i β RTERMi, vi β VALUEi, w β DENOTABLEt0s := x | t0s t0s | Ξ»x.t0s | γt1s γ | !t0s | n | t0s + t0st i+1s := x | t i+1s t i+1s | Ξ»x.t i+1s | γt i+2s γ | βΌt is | !t i+1s | n | t i+1s + t i+1st0 := x | t0 t0 | Ξ»x.t0 | γt1γ | !t0 | n | t0+ t0 | Ξ»x.t0 | t0[x := w]t i+1 := x | t i+1 t i+1 | Ξ»x.t i+1 | γt i+2γ | βΌt i | !t i+1 | n | t i+1+ t i+1 | Ξ»x.t0 | t i[x := w]v0 := γv1γ | n | Ξ»x.t0v1 := x | v1 v1 | Ξ»x.v1 | γv2γ | !v1 | n | v1+ v1 | Ξ»x.t0vi+2 := x | vi+2 vi+2 | Ξ»x.vi+2 | γvi+3γ | βΌvi+1 | !vi+2 | n | vi+2+ vi+2 | Ξ»x.t0w := x | v0The set of source terms of Explicit MetaML is the same as the set of terms of Substitutional MetaML.Explicit MetaML has been enhanced with an explicit substitution t i[x := w], which means that each freeoccurrence of the variable x in the term t i needs to be substituted by the denotable term w. Evaluating anexplicit substitution takes steps.To make Explicit MetaML be consistent with Substitutional MetaML, we must ensure that a value atone level must be a value at any higher level. To preserve this property in Explicit MetaML, we introducean underlined lambda abstraction, Ξ»x.t0. To understand the necessity of this change of syntax, consider theexample of substituting a lambda abstraction for a variable where the variable is at a level higher than 0.Since a lambda abstraction acts as a denotable term, it must be a level-0 value. When the substitution isperformed, the lambda abstraction is at a level higher than 0. We only perform substitution reduction for thebody of a lambda abstraction at a level higher than 0. Although the lambda abstraction is a level-0 value, itmay not be a value at a level higher than 0. We explain the reason in more detail through Example 142 afterpresenting the semantics.Explicit MetaML differs from Substitutional MetaML in what terms count as values. A (conventional)lambda abstraction Ξ»x.t0 is no longer a value at level 0. An underlined lambda abstraction Ξ»x.t0 is a valueat any level. We usually call Ξ»x.vi+1 a level-(i+1) lambda value and call Ξ»x.t0 a level-0 lambda value.5.2.1.2 Free Variable FunctionWe define the free variable function by extending Substitutional MetaMLβs Definition 24 to accommodateunderlined lambda abstractions and explicit substitutions.Definition 134 (Free Variable Function). Let the free variable function FV be a total function from the setof runtime terms to the power set of variables.705.2. Explicit MetaMLFV : RTERM ββP(VAR)............FV (Ξ»x.t) = FV (Ξ»x.t) (10)FV (t[x := w]) = (FV (t)\{x})βͺFV (w) (11)Equations (1)-(9) are the same as Definition 20 in Substitutional MetaML. Equation (10) is trivial.Equation (11) is analogous to Equation (6) of Explicit ISWIMβs free variable function (Definition 64).5.2.1.3 Substitution FunctionWe define the substitution function by extending Substitutional MetaMLβs Definition 24 to accommodateunderlined lambda abstractions and explicit substitutions.Definition 135 (Substitution Function). Let the substitution function Β·[Β·/Β·] be a partial function from the3-tuple of the set of runtime terms, the set of denotable terms and the set of variables, to the set of runtimeterms.Β·[Β·/Β·] : (RTERMΓDENOTABLEΓVAR)β RTERM............(Ξ»x1.t0)[w/x2] = Ξ»x3.t0[x3/x1][w/x2]where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (10)(t0[x1 := w1])[w2/x2] = t0[x3/x1][w2/x2][x3 := w1[w2/x2]]where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (11)Equations (1)-(9) are the same as Definition 24 in Substitutional MetaML. Equation (10) is analogousto Equation (4). Equation (11) is analogous to Equation (6) of Explicit ISWIMβs Definition 65.5.2.1.4 Alpha Equivalence RelationWe define the alpha equivalence relation by extending Substitutional MetaMLβs Definition 130 to accom-modate underlined lambda abstractions and explicit substitutions.Definition 136 (Alpha Equivalence Relation). Let the alpha equivalence relation βΌΞ± be a binary relation onruntime terms.715.2. Explicit MetaMLβΌΞ± β RTERMΓRTERM...t1[x3/x1]βΌΞ± t2[x3/x2](Ξ»x1.t1)βΌΞ± (Ξ»x2.t2) where x3 /β FV (t1)βͺFV (t2) (lamu)w1 βΌΞ± w2 t1[x3/x1]βΌΞ± t2[x3/x2](t1[x1 := w1])βΌΞ± (t2[x2 := w2]) where x3 /β FV (t1)βͺFV (t2) (sub)All rules except the (sub) rule are the same as Definition 130 in Substitutional MetaML. The (lamu) ruleis analogous to the (lam) rule. The (sub) rule is analogous to the (sub) rule of Explicit ISWIMβs Definition66.5.2.2 Structural Operational SemanticsWe lay out the structural operational semantics of Explicit MetaML through the level-indexed single-steprelations ββi, the level-indexed single-step substitution reduction relations ββxi, the level-indexed multi-step substitution reduction relations ββxiβ and the level-indexed multi-step relations ββiβ.Definition 137 (Level-indexed Single-step Relations). For any i β N, let the level-indexed single-step rela-tion ββi be a binary relation between the set of runtime terms at level i and the set of runtime terms at leveli.ββiβ RTERMiΓRTERMiΞ»x.t0 ββ0 Ξ»x.t0 (lambda-0)t i+11 ββi+1 t i+12Ξ»x.t i+11 ββi+1 Ξ»x.t i+12(lambda-(i+1))t i11 ββi t i12t i11 ti2 ββi t i12 t i2(appL-i)t i21 ββi t i22vi1 ti21 ββi vi1 t i22(appR-i)(Ξ»x.t0) v0 ββ0 t0[x := v0] (app-0)t i1 ββi t i2!t i1 ββi !t i2(run-i)!γv1γ ββ0 v1 (run-0)t i+11 ββi+1 t i+12γt i+11 γ ββi γt i+12 γ(code-i)t i1 ββi t i2βΌt i1 ββi+1 βΌt i2(splice-(i+1)) βΌγv1γ ββ1 v1 (splice-1)725.2. Explicit MetaMLt i11 ββi t i12t i11+ ti2 ββi t i12+ t i2(plusL-i)t i21 ββi t i22vi1+ ti21 ββi vi1+ t i22(plusR-i)n1+n2 ββ0 nwhere n = n1+n2 (plus-0)The (app-0) rule is different from Substitutional MetaML and is analogous to the (app) rule of ExplicitISWIMβs Definition 67. The (lambda-0) rule is new, corresponding to the definition of level-0 values. Thereis no equivalent of the (lambda-(i+1)) rule for underlined lambda abstractions because an underlined lambdaabstraction is a value at any level.The definition of the level-indexed single-step relations is currently incomplete because the percolationof explicit substitutions has not been defined yet.To show how explicit substitutions percolate, we define new relations t i[x := w]ββxi t i for substitutionreductions. The new relations ensure that explicit substitutions percolate deterministically.Definition 138 (Level-indexed Single-step Substitution Reduction Relations). For any i β N, let the level-indexed single-step substitution reduction relation ββxi be a binary relation between the set of runtimeterms at level i and the set of runtime terms at level i.ββxiβ RTERMiΓRTERMix[x := w]ββxi w (var-eq-subst) x1[x2 := w]ββxi x1where x1 6β‘ x2 (var-df-subst)n[x := w]ββxi n (num-subst)(t i1 ti2)[x := w]ββxi (t i1[x := w]) (t i2[x := w])(app-subst)(t i1+ ti2)[x := w]ββxi (t i1[x := w])+(t i2[x := w])(plus-subst)(Ξ»x1.t i)[x2 := w]ββxi Ξ»x3.t i[x1 := x3][x2 := w]where x3 /β FV (Ξ»x1.t i)βͺFV (w)βͺ{x2} (lam-subst)(Ξ»x1.t0)[x2 := w]ββxi Ξ»x3.t0[x1 := x3][x2 := w]where x3 /β FV (Ξ»x1.t0)βͺFV (w)βͺ{x2} (lamu-subst)γt i+1γ[x := w]ββxi γt i+1[x := w]γ (code-subst)(!t i)[x := w]ββxi !t i[x := w] (run-subst)(βΌt i)[x := w]ββx(i+1) βΌt i[x := w] (splice-subst)t i1[x1 := w1]ββxi t i2t i1[x1 := w1][x2 := w2]ββxi t i2[x2 := w2](subst-subst)735.2. Explicit MetaMLMost rules describe how explicit substitutions behave when encountering other terms in the language.Every rule except the (lamu-subst) rule and the (subst-subst) rule correspond to an equation of SubstitutionalMetaMLβs substitution function (Definition 24). The (subst-subst) rule is analogous to the (subst-subst)rule of Explicit ISWIMβs single-step substitution reduction relation, implying that only a single-step ofsubstitution reduction may happen underneath an explicit substitution. The (lamu-subst) rule accommodatesthe newly invented underlined lambda abstraction and is analogous to the (lam-subst) rule.Every single-step substitution reduction counts as a single step of computation. Thus we add the follow-ing (inj-subst) rule to the definition of the level-indexed single-step relations, Definition 138.t i1 ββi t i2where t i1 ββxi t i2 (inj-subst)Definition 139 (Level-indexed Multi-step Substitution Reduction Relations). For any i β N, let the level-indexed multi-step substitution reduction relation ββxiβ be the reflexive-transitive closure of the level-indexed single-step substitution reduction relation ββxi.Definition 140 (Level-indexed Multi-step Relations). For any iβN, let the level-indexed multi-step relationββiβ be the reflexive-transitive closureof the level-indexed single-step relation ββi.Example 141. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ.By the structural operational semantics of Explicit MetaML, we have:!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γββ0 !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γββ0 !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γββ0 !γΞ»y.(βΌ(γxγ[x := (Ξ»x.y)]) 0)γββ0 !γΞ»y.(βΌ(γx[x := (Ξ»x.y)]γ) 0)γββ0 !γΞ»y.(βΌγΞ»x.yγ 0)γββ0 !γΞ»y.((Ξ»x.y) 0)γββ0 Ξ»y.((Ξ»x.y) 0)ββ0 Ξ»y.((Ξ»x.y) 0)As a comparison, by the substitutional structural operational semantics of MetaML, we have:!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γββ0 !γΞ»y.(βΌ(γxγ[(Ξ»x.y)/x]) 0)γ= !γΞ»y.(βΌ(γx[(Ξ»x.y)/x]γ) 0)γ= !γΞ»y.(βΌγΞ»x.yγ 0)γββ0 !γΞ»y.((Ξ»x.y) 0)γββ0 Ξ»y.((Ξ»x.y) 0)Explicit MetaML takes eight single-steps while Substitutional MetaML completes the execution in threesingle-steps. Some of these right steps are percolating an explicit substitution through a term and the restare turning a lambda abstraction to its underlined counterpart.745.2. Explicit MetaMLExample 142. Suppose x2 6β‘ x3 and w β DENOTABLE. Consider (Ξ»x1.γx1γ) ((Ξ»x2.(Ξ»x3.x2)) w).By the structural operational semantics of Explicit MetaML, we have:(Ξ»x1.γx1γ) ((Ξ»x2.(Ξ»x3.x2)) w)ββ0 (Ξ»x1.γx1γ) ((Ξ»x2.(Ξ»x3.x2)) w)ββ0 (Ξ»x1.γx1γ) ((Ξ»x3.x2)[x2 := w])ββ0 (Ξ»x1.γx1γ) (Ξ»x4.x2[x3 := x4][x2 := w]) where x4 /β FV (Ξ»x3.t)βͺFV (w)βͺ{x3}ββ0 (Ξ»x1.γx1γ) (Ξ»x4.x2[x3 := x4][x2 := w])ββ0 γx1γ[x1 := (Ξ»x4.x2[x3 := x4][x2 := w])]ββ0 γx1[x1 := (Ξ»x4.x2[x3 := x4][x2 := w])]γββ0 γΞ»x4.x2[x3 := x4][x2 := w]γSuppose we had not introduced the underlined lambda abstraction to Explicit MetaML, the above ex-ample would become:(Ξ»x1.γx1γ) ((Ξ»x2.(Ξ»x3.x2)) w)ββ0 (Ξ»x1.γx1γ) ((Ξ»x3.x2)[x2 := w])ββ0 (Ξ»x1.γx1γ) (Ξ»x4.x2[x3 := x4][x2 := w]) where x4 /β FV (Ξ»x3.t)βͺFV (w)βͺ{x3}ββ0 γx1γ[x1 := (Ξ»x4.x2[x3 := x4][x2 := w])]ββ0 γx1[x1 := (Ξ»x4.x2[x3 := x4][x2 := w])]γββ0 γΞ»x4.x2[x3 := x4][x2 := w]γββ0 γΞ»x4.x2[x2 := w]γββ0 γΞ»x4.wγAfter two single-steps, the lambda abstraction Ξ»x4.x2[x3 := x4][x2 := w] is a level-0 value. Then it becomesa denotable term in the next step and shall be identified as a denotable term at all times ever since. However,after five single-steps, the lambda abstraction Ξ»x4.x2[x3 := x4][x2 := w] is put into the context of level 1. Wecan apply the (lambda-(i+1)) rule to evaluate the body of the lambda abstraction at level 1. This destroys theproperty that a value at one level must be a value at any higher level, making Explicit MetaML inconsist-ent with Substitutional MetaML. To avoid this awkward circumstance, we let a level-0 lambda abstractionsingle-step to its underlined counterpart and make it a value at any level to prevent it from being reduced athigher levels.In Explicit MetaML, explicit substitutions stop within the top of the body of a level-0 lambda value,even if it sits at higher level. This plays into the development of the analogous conception closures inEnvironmental MetaML.Properties. We observe the following properties, which are useful in proving semantics equivalence. (1)The single-step relation preserves alpha equivalence. (2) The multi-step relation preserves the closedness ofa runtime term. These are the same properties that Substitutional MetaML holds and are analogous to theones that Explicit ISWIM holds.755.3. Suspended MetaMLProposition 143. If t i1 βΌΞ± t i2 and t i1 ββi t i11, then t i2 ββi t i21 and t i11 βΌΞ± t i21.Proposition 144. If FV (t i1) = /0 and ti1 βββi t i2, then FV (t i2) = /0.Evaluator. We now define an evaluator in terms of the structural operational semantics of ExplicitMetaML. The evaluator is analogous to the one defined in terms of Substitutional MetaML.Definition 145 (Evaluator based on Structural Operational Semantics of Explicit MetaML). Define theevaluator evalMetaML:ExpSOS to be a partial function from the set of programs PRGMMetaML to the set ofanswers ANSMetaML.evalMetaML:ExpSOS : PRGMMetaML β ANSMetaMLevalMetaML:ExpSOS(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if t ββ0β Ξ»x.t β²0code if t ββ0β γv1γn if t ββ0β nThis evaluator is defined based on the structural operational semantics of Explicit MetaML. The sub-script βMetaML:ExpSOSβ in evalMetaML:ExpSOS denotes the structural operational semantics of Explicit MetaML.We claim that the evaluators defined based on Substitutional MetaML and Explicit MetaML are equi-valent.Theorem 146 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubSOS(t) is Kleeneequal to evalMetaML:ExpSOS(t).We prove the theorem in the appendices.5.3 Suspended MetaMLFollowing the path of refining Explicit ISWIM to Suspended ISWIM as presented in Section 3.3, we re-fine Explicit MetaML to Suspended MetaML. Suspended MetaML delays explicit substitutions outsideof a level-0 lambda value until the lambda abstraction is called in an application. When performing anapplication at level 0, Suspended MetaML promotes substitution for the lambda bound variable to thefront and overwrites any existing explicit substitution for that variable. That is, a level-0 application(Ξ»x.t0)[xi := wi] v0 single-steps to t0[x := v0][xi := wi] in Suspended MetaML. This transformation mo-tivates introducing additional complexity in the ensuing dialects of MetaML. Proving the correctness ofthis transformation for Suspended MetaML is substantially more complex than for Suspended ISWIM. Weintroduce a notion of well-boundness judgement to help justify this transformation.5.3.1 SyntaxWe first define the basic syntax of the language: source terms, runtime terms, values and denotable terms.Then we define the free variable function, the substitution function and the alpha equivalence relation.765.3. Suspended MetaML5.3.1.1 Source Terms, Runtime Terms, Values and Denotable TermsDefinition 147 (Source Terms, Runtime Terms, Values and Denotable Terms). For any i β N, let STERMibe the set of level-indexed source terms at level i, RTERMi be the set of level-indexed runtime terms at leveli and VALUEi be the set of level-indexed values at level i. Let DENOTABLE be the set of denotable terms.x β VAR, i,n β N, t is β STERMi, t i β RTERMi, vi β VALUEi, w β DENOTABLEt0s := x | t0s t0s | Ξ»x.t0s | γt1s γ | !t0s | n | t0s + t0st i+1s := x | t i+1s t i+1s | Ξ»x.t i+1s | γt i+2s γ | βΌt is | !t i+1s | n | t i+1s + t i+1st0 := x | t0 t0 | Ξ»x.t0 | γt1γ | !t0 | n | t0+ t0 | Ξ»x.t0 | t0[x := w]t i+1 := x | t i+1 t i+1 | Ξ»x.t i+1 | γt i+2γ | βΌt i | !t i+1 | n | t i+1+ t i+1 | Ξ»x.t0 | t i[x := w] | Ξ»Λx.t i+1v0 := γv1γ | n | (Ξ»x.t0)[x := w]v1 := x | v1 v1 | Ξ»x.v1 | γv2γ | !v1 | n | v1+ v1 | (Ξ»x.t0)[x := w]vi+2 := x | vi+2 vi+2 | Ξ»x.vi+2 | γvi+3γ | βΌvi+1 | !vi+2 | n | vi+2+ vi+2 | (Ξ»x.t0)[x := w]w := x | v0In Explicit MetaML, a level-0 lambda value Ξ»x.t0 is a value at any level. Since Suspended MetaML doesnot push explicit substitutions into an underlined lambda abstraction, a level-0 lambda value surrounded byexplicit substitutions, (Ξ»x.t0)[x := w], is a value at any level.Suspended MetaML evaluates the level-0 application (Ξ»x.t0)[xi := wi] v0 to t0[x := v0][xi := wi] ratherthan t0[x := xN ][xi := wi][xN := v0] (where xN is a fresh variable). To make it sound with respect to ExplicitMetaML, we need to ensure that FV (v0)β© (βi{xi}) = /0. In Suspended MetaML, the only way that v0can have free variables is as a result of performing an evaluation under lambdas at levels higher than 0.It is sufficient to make sure that whenever we go under a lambda during an evaluation at a level higherthan 0, the lambda bound variable gets renamed to a fresh variable so that it is guaranteed not to clashwith other variables. That is, when evaluating a lambda abstraction Ξ»x.t i+1 where t i+1 /β VALUEi+1, werename the lambda bound variable x to a globally fresh variable xN , resulting in Ξ»xN .t i+1[x := xN ], whichis observationally equivalent to Ξ»x.t i+1. To avoid falling in a loop of renaming the lambda bound variable,we replace Ξ» by its hatted counterpart Ξ»Λ to explicitly indicate that such a renaming has been done. Thisexplains why we need a hatted lambda abstraction in Suspended MetaML. We demonstrate this in detail inExample 157.5.3.1.2 Free Variable FunctionWe define the free variable function by extending Explicit MetaMLβs Definition 134 to accommodate hattedlambda abstractions.Definition 148 (Free Variable Function). Let the free variable function FV be a total function from the set775.3. Suspended MetaMLof runtime terms to the power set of variables.FV : RTERM ββP(VAR)............FV (Ξ»Λx.t) = FV (Ξ»x.t) (11)Equations (1)-(10) are the same as Definition 134 in Explicit MetaML. Equation (11) tells that the freevariables of a hatted lambda abstraction is the same as its unhatted counterpart.5.3.1.3 Substitution FunctionWe define the substitution function by extending Explicit MetaMLβs Definition 135 to accommodate hattedlambda abstractions.Definition 149 (Substitution Function). Let the substitution function Β·[Β·/Β·] be a partial function from the3-tuple of the set of runtime terms, the set of denotable terms and the set of variables, to the set of runtimeterms.Β·[Β·/Β·] : (RTERMΓDENOTABLEΓVAR)β RTERM............(Ξ»Λx1.t0)[w/x2] = Ξ»Λx3.t0[x3/x1][w/x2]where x3 /β FV (Ξ»Λx1.t0)βͺFV (w)βͺ{x2} (12)Equations (1)-(11) are the same as Definition 135 in Explicit MetaML. Equation (12) is analogous toEquations (4) and (10).5.3.1.4 Alpha Equivalence RelationWe define the alpha equivalence relation by extending Explicit MetaMLβs Definition 136 to accommodatehatted lambda abstractions.Definition 150 (Alpha Equivalence Relation). Let the alpha equivalence relation βΌΞ± be a binary relation onruntime terms.βΌΞ± β RTERMΓRTERM...t1[x3/x1]βΌΞ± t2[x3/x2](Ξ»Λx1.t1)βΌΞ± (Ξ»Λx2.t2)where x3 /β FV (t1)βͺFV (t2) (lamh)All rules except (lamh) are the same as Definition 136 in Explicit MetaML. The (lamh) rule is analogousto the (lam) rule and the (lamu) rule.785.3. Suspended MetaML5.3.2 Structural Operational SemanticsWe lay out the structural operational semantics of Suspended MetaML through the level-indexed single-steprelations ββi, the level-indexed single-step substitution reduction relations ββxi, the global single-steprelation .ββ , the level-indexed multi-step substitution reduction relations ββxiβ, the level-indexed multi-step relations ββiβ and the global multi-step relation .βββ.Definition 151 (Level-indexed Single-step Relations). For any i β N, let the level-indexed single-step re-lation ββi be a 5-ary relation on the power set of variables, the power set of variables, the power set ofvariables, the set of runtime terms at level i and the set of runtime terms at level i.ββi β P(VAR)ΓP(VAR)ΓP(VAR)ΓRTERMiΓRTERMiU ;V ;X ` (Ξ»x.t0)[x j := w j]ββ0 (Ξ»x.t0)[x j := w j](lambda-0)U ;V ;X ` Ξ»x.t i+1 ββi+1 Ξ»ΛxN .t i+1[x := xN ]where t i+1 /β VALUEi+1 and xN /βX (lambda-(i+1)-t)U βͺ{x};V βͺ{x};X ` t i+11 ββi+1 t i+12U ;V ;X ` Ξ»Λx.t i+11 ββi+1 Ξ»Λx.t i+12(lambda-(i+1)-r)U ;V ;X ` Ξ»Λx.vi+1 ββi+1 Ξ»x.vi+1(lambda-(i+1)-v)U ;V ;X ` t i11 ββi t i12U ;V ;X ` t i11 t i2 ββi t i12 t i2(appL-i)U ;V ;X ` t i21 ββi t i22U ;V ;X ` vi1 t i21 ββi vi1 t i22(appR-i)U ;V ;X ` (Ξ»x.t0)[xi := wi] v0 ββ0 t0[x := v0][xi := wi](app-0)U ;V ;X ` t i1 ββi t i2U ;V ;X ` !t i1 ββi !t i2(run-i)U ;V ;X ` !γv1γ ββ0 v1 (run-0)U ;V ;X ` t i+11 ββi+1 t i+12U ;V ;X ` γt i+11 γ ββi γt i+12 γ(code-i)U ;V ;X ` t i1 ββi t i2U ;V ;X ` βΌt i1 ββi+1 βΌt i2(splice-(i+1))U ;V ;X ` βΌγv1γ ββ1 v1 (splice-1)U ;V ;X ` t i11 ββi t i12U ;V ;X ` t i11+ t i2 ββi t i12+ t i2(plusL-i)U ;V ;X ` t i21 ββi t i22U ;V ;X ` vi1+ t i21 ββi vi1+ t i22(plusR-i)U ;V ;X ` n1+n2 ββ0 nwhere n = n1+n2 (plus-0)U ;V ;X ` t i1 ββi t i2whereU ;V ;X ` t i1 ββxi t i2 (inj-subst)795.3. Suspended MetaMLDefinition 152 (Level-indexed Single-step Substitution Reduction Relations). For any i β N, let the level-indexed single-step substitution reduction relation ββxi be a 5-ary relation on the power set of variables,the power set of variables, the power set of variables, the set of runtime terms at level i and the set of runtimeterms at level i.ββxiβP(VAR)ΓP(VAR)ΓP(VAR)ΓRTERMiΓRTERMiU ;V ;X ` x[x := w]ββxi w (var-eq-subst)U ;V ;X ` x1[x2 := w]ββxi x1where x1 6β‘ x2 (var-df-subst)U ;V ;X ` n[x := w]ββxi n (num-subst)U ;V ;X ` (t i1 t i2)[x := w]ββxi (t i1[x := w]) (t i2[x := w])(app-subst)U ;V ;X ` (t i1+ t i2)[x := w]ββxi (t i1[x := w])+(t i2[x := w])(plus-subst)U ;V ;X ` (Ξ»x1.t i+1)[x2 := w]ββx(i+1) Ξ»xN .t i+1[x1 := xN ][x2 := w]where xN /βX (lam-subst)no (lamu-subst)U ;V ;X ` γt i+1γ[x := w]ββxi γt i+1[x := w]γ (code-subst)U ;V ;X ` (!t i)[x := w]ββxi !t i[x := w] (run-subst)U ;V ;X ` (βΌt i)[x := w]ββx(i+1) βΌt i[x := w] (splice-subst)U βͺ{x2};V ;X ` t i1[x1 := w1]ββxi t i2U ;V ;X ` t i1[x1 := w1][x2 := w2]ββxi t i2[x2 := w2](subst-subst)The level-indexed single-step relationU ;V ;X ` t i1ββi t i2 reads as βt1 single-steps to t2 at level i boundby U , V andX β.To make a small-step when evaluating a program, we need to repeatedly apply the structural rules untilwe find a subterm of the program on which a reduction rule can be applied. Suppose we have found sucha subterm t i1 that is reducible and we have U ;V ;X ` t i1 ββi t i2. As illustrated by the (subst-subst) ruleand the (lambda-(i+1)-r) rule, the free variables of the term t i1 must be bound by any means (i.e., explicitsubstitutions or hatted lambda bound variables) in the surrounding scope, which are tracked byU . The freevariables of the term t i1 that are bound by hatted lambda bound variables are also tracked by the variableset V because the well-boundness judgement introduced in Definition 159 needs to pay special attention tothese variables. Both of the variable sets U and V play important roles in justifying the (app-0) rule. Thevariable set X records all variables in the subterm t i1 and its surrounding scope. We need the variable setX to determine whether a variable is fresh in the sense that it has not appeared in the term being currentlyevaluated or in its surrounding scope. The variable sets U , V and X help specify the well-boundness805.3. Suspended MetaMLproperty of terms (Proposition 161).The (app-0) rule is refined from the following (app-0-naive) rule.U ;V ;X ` (Ξ»x.t0)[xi := wi] v0 ββ0 t0[x := x0][xi := wi][x0 := v0]wherex0 /β FV (Ξ»x.t0)βͺβi(FV (wi)βͺ{xi})(app-0-naive)The (app-0-naive) rule is semantically correct but not ideal. We want to eliminate renamings in any level-0application, but the (app-0-naive) rule still renames the lambda bound variable.Observe that if FV (v0)β©(βi{xi}) = /0, then we can promote the substitution [x0 := v0] to the front of theexplicit substitutions [xi := wi]. Then we can eliminate renaming the lambda bound variable x by combining[x := x0] and [x0 := v0] to [x := v0]. It is provable that when the (app-0) rule is applied to a subterm of anintermediate result of evaluating a program, we have FV (v0)β©(βi{xi}) = /0. We discuss the intuition behindthis after presenting the well-boundness judgement whose primary purpose is to help complete this proof.Since the ultimate goal of the main refinement problem is to develop an environmental operationalsemantics for MetaML, the (app-0) rule promotes the substitution for the underlined lambda bound variableto the front, superseding any existing explicit substitution for that variable, which is close to the operationof updating an environment in Environmental MetaML that is introduced in the next section.Explicit MetaMLβs (lambda-(i+1)) rule is replaced with three (lambda-(i+1)-?) rules in SuspendedMetaML. To evaluate a level-(i+ 1) lambda abstraction, if its body is not a level-(i+ 1) value, we firstapply the (lambda-(i+1)-t) rule to rename the lambda bound variable to a fresh variable that has not oc-curred in the current term being evaluated and in the surrounding scope and replace Ξ» by Ξ»Λ to indicatesuch a renaming is done. It is important to check whether the lambda abstraction is already a value beforerenaming the lambda bound variable, which ensures no unnecessary renaming can happen. Checking this isa deep syntactic operation in Suspended MetaML but becomes a shallow check in the MEK machine. Thenwe repeatedly apply the (lambda-(i+1)-r) rule to reduce its body until it is a value. Finally we apply the(lambda-(i+1)-v) rule to change Ξ»Λ back to Ξ» . Suspended MetaML forces the renaming to make the (app-0) rule sound. Example 157 shows evaluations would behave unexpectedly if Suspended MetaML usedExplicit MetaMLβs (lambda-(i+1)) rule instead.The (lam-subst) rule no longer concerns level 0 because a level-0 lambda abstraction surrounded byexplicit substitutions single-steps to its underlined counterpart which is a level-0 value. There is no (lamu-subst) rule because an underlined lambda abstraction surrounded by explicit substitutions is a value at anylevel.To apply the level-indexed single-step relation on a program, the variable sets U ;V ;X need to beproperly initialised. Moreover, from a userβs perspective, the only interface to the single-step relation shouldbe the program to be evaluated. We define the global single-step relation, which initialises the variable setsU ;V ;X by itself and only shows what an entire program single-steps to.Definition 153 (Global Single-step Relation). Let the global single-step relation .ββ be a binary relationbetween the set of level-0 runtime terms and the set of level-0 runtime terms.. t01 ββ t02 if and only if /0; /0; VAR(t01) ` t01 ββ0 t02815.3. Suspended MetaMLThe global single-step relation . t01 ββ t02 reads as βt1 single-steps to t2β.Definition 154 (Level-indexed Multi-step Substitution Reduction Relations). For any i β N, let the multi-step substitution reduction relation ββxiβ be a 5-ary relation on the power set of variables, the power set ofvariables, the power set of variables, the set of runtime terms at level i and the set of runtime terms at level idirectly based on the level-indexed single-step substitution relation ββxi.ββxiββP(VAR)ΓP(VAR)ΓP(VAR)ΓRTERMiΓRTERMiU ;V ;X ` t i1 ββxiβ t i2where U ;V ;X `t i1 ββxi t i2 (step) U ;V ;X ` t i ββxiβ t i (refl)U ;V ;X ` t i1 ββxiβ t i2 U ;V ;X βͺVAR(t i2) ` t i2 ββxiβ t i3U ;V ;X ` t i1 ββxiβ t i3(trans)Definition 155 (Level-indexed Multi-step Relations). For any iβN, let the level-indexed multi-step relationββiβ be a 5-ary relation on the power set of variables, the power set of variables, the power set of variables,the set of runtime terms at level i and the set of runtime terms at level i directly based on the level-indexedsingle-step relation ββi.ββiββP(VAR)ΓP(VAR)ΓP(VAR)ΓRTERMiΓRTERMiU ;V ;X ` t i1 ββiβ t i2where U ;V ;X `t i1 ββi t i2 (step) U ;V ;X ` t i ββiβ t i (refl)U ;V ;X ` t i1 ββiβ t i2 U ;V ;X βͺVAR(t i2) ` t i2 ββiβ t i3U ;V ;X ` t i1 ββiβ t i3(trans)Definition 156 (Global Multi-step Relation). Let the global multi-step relation . βββ be the reflexive-transitive closure of the global single-step relation .ββ.Example 157. Consider !γΞ»y.βΌ(((Ξ»y.(Ξ»x.x)) n) γyγ)γ.825.3. Suspended MetaMLBy the structural operational semantics of Suspended MetaML, we have:!γΞ»y.βΌ(((Ξ»y.(Ξ»x.x)) n) γyγ)γ.ββ !γΞ»Λ z.(βΌ(((Ξ»y.(Ξ»x.x)) n) γyγ))[y := z]γ where z /β {x,y}.ββ !γΞ»Λ z.(βΌ(((Ξ»y.(Ξ»x.x)) n) γyγ)[y := z])γ.ββ !γΞ»Λ z.βΌ(((Ξ»y.(Ξ»x.x)) n)[y := z] γyγ[y := z])γ.ββ !γΞ»Λ z.βΌ(((Ξ»y.(Ξ»x.x))[y := z] n[y := z]) γyγ[y := z])γ.ββ !γΞ»Λ z.βΌ(((Ξ»y.(Ξ»x.x))[y := z] n[y := z]) γyγ[y := z])γ.ββ !γΞ»Λ z.βΌ(((Ξ»y.(Ξ»x.x))[y := z] n) γyγ[y := z])γ.ββ !γΞ»Λ z.βΌ((Ξ»x.x)[y := n][y := z] γyγ[y := z])γ.ββ !γΞ»Λ z.βΌ((Ξ»x.x)[y := n][y := z] γyγ[y := z])γ.ββ !γΞ»Λ z.βΌ((Ξ»x.x)[y := n][y := z] γy[y := z]γ)γ.ββ !γΞ»Λ z.βΌ((Ξ»x.x)[y := n][y := z] γzγ)γ.ββ !γΞ»Λ z.βΌ(x[x := γzγ][y := n][y := z])γ.ββ !γΞ»Λ z.βΌγzγ[y := n][y := z]γ.ββ !γΞ»Λ z.βΌγz[y := n]γ[y := z]γ.ββ !γΞ»Λ z.βΌγz[y := n][y := z]γγ.ββ !γΞ»Λ z.βΌγz[y := z]γγ.ββ !γΞ»Λ z.βΌγzγγ.ββ !γΞ»Λ z.zγ.ββ !γΞ» z.zγ.ββ Ξ» z.z.ββ Ξ» z.zSuppose we had not introduced the hatted lambda abstraction to Suspended MetaML, the above evaluationwould become!γΞ»y.βΌ(((Ξ»y.(Ξ»x.x)) n) γyγ)γ.ββ !γΞ»y.βΌ(((Ξ»y.(Ξ»x.x)) n) γyγ)γ.ββ !γΞ»y.βΌ((Ξ»x.x)[y := n] γyγ)γ.ββ !γΞ»y.βΌ( (Ξ»x.x)[y := n] γyγ )γ.ββ !γΞ»y.βΌ( x[x := γyγ][y := n] )γ.ββ !γΞ»y.βΌ(γyγ[y := n])γ.ββ !γΞ»y.βΌγy[y := n]γγ.ββ !γΞ»y.βΌγnγγ.ββ !γΞ»y.nγ.ββ Ξ»y.nwhose result is incorrect. The boxes highlight a critical mistake of the evaluation.Since we did not rename the lambda bound variable at the first single-step before we dove into the bodyof the lambda abstraction, we have FV (γyγ)β©{y} 6= /0 for the boxed application (Ξ»x.x)[y := n] γyγ. Hence835.3. Suspended MetaMLwe cannot apply the (app-0) rule to the application. We should apply the (app-0-naive) rule and we getx[x := x0][y := n][x0 := γyγ] where x0 /β FV (Ξ»x.x)βͺFV (n)βͺ{y}.Example 158. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ» z.y)) 0)γ 5.By the structural operational semantics of Suspended MetaML, we have:!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ» z.γyγ)) 0)γ 5.ββ !γΞ»Λu.(βΌ((Ξ»x.γxγ) (Ξ» z.γyγ)) 0)[y := u]γ 5 where u /β {x,y,z}.ββ !γΞ»Λu.(βΌ((Ξ»x.γxγ) (Ξ» z.γyγ))[y := u] 0[y := u])γ 5.ββ !γΞ»Λu.(βΌ(((Ξ»x.γxγ) (Ξ» z.γyγ))[y := u]) 0[y := u])γ 5.ββ !γΞ»Λu.(βΌ((Ξ»x.γxγ)[y := u] (Ξ» z.γyγ)[y := u]) 0[y := u])γ 5.ββ !γΞ»Λu.(βΌ((Ξ»x.γxγ)[y := u] (Ξ» z.γyγ)[y := u]) 0[y := u])γ 5.ββ !γΞ»Λu.(βΌ((Ξ»x.γxγ)[y := u] (Ξ» z.γyγ)[y := u]) 0[y := u])γ 5.ββ !γΞ»Λu.(βΌγxγ[x := (Ξ» z.γyγ)[y := u]][y := u] 0[y := u])γ 5.ββ !γΞ»Λu.(βΌγx[x := (Ξ» z.γyγ)[y := u]]γ[y := u] 0[y := u])γ 5.ββ !γΞ»Λu.(βΌγx[x := (Ξ» z.γyγ)[y := u]][y := u]γ 0[y := u])γ 5.ββ !γΞ»Λu.(βΌγ(Ξ» z.γyγ)[y := u][y := u]γ 0[y := u])γ 5.ββ !γΞ»Λu.((Ξ» z.γyγ)[y := u][y := u] 0[y := u])γ 5.ββ !γΞ»Λu.((Ξ» z.γyγ)[y := u][y := u] 0)γ 5.ββ !γΞ»u.((Ξ» z.γyγ)[y := u][y := u] 0)γ 5.ββ (Ξ»u.((Ξ» z.γyγ)[y := u][y := u] 0)) 5.ββ (Ξ»u.((Ξ» z.γyγ)[y := u][y := u] 0)) 5.ββ ((Ξ» z.γyγ)[y := u][y := u] 0)[u := 5].ββ (Ξ» z.γyγ)[y := u][y := u][u := 5] 0[u := 5].ββ (Ξ» z.γyγ)[y := u][y := u][u := 5] 0.ββ γyγ[z := 0][y := u][y := u][u := 5].ββ γy[z := 0]γ[y := u][y := u][u := 5].ββ γy[z := 0][y := u]γ[y := u][u := 5].ββ γy[z := 0][y := u][y := u]γ[u := 5].ββ γ y[z := 0][y := u][y := u][u := 5] γ.ββ γy[y := u][y := u][u := 5]γ.ββ γu[y := u][u := 5]γ.ββ γu[u := 5]γ.ββ γ5γConsider the boxed term, y[z := 0][y := u][y := u][u := 5]. The variable y is bound by the substitution[y := u] in which the denotable term u is bound by the substitution [u := 5]. By the (subst-subst) rule, Suspen-ded MetaML resolve the substitutions by performing one substitution at a time. If we represent substitutionsusing environments, a trivial approach will go wrong. This is discussed in detail at the beginning of the nextsection.845.3. Suspended MetaMLProperties. Our sole purpose of developing the structural operational semantics is to evaluate programswhich are closed level-0 source terms. To evaluate a program t0s at level 0, we expect that the program t0smulti-steps to a value v0 at level 0. Suppose the closed term t01 is an intermediate result of evaluating theprogram t0s . For any subterm t11 of the term t01 , we want to ensure that all its free variables are bound inits surrounding scope. In particular, we are interested in the free variables that are bound by hatted lambdabound variables in the surrounding scope. We define the following judgement to specify the well-boundnessof a term. We demonstrate how this judgement helps prove the correctness of the (app-0) rule.Definition 159 (Well-boundness Judgement). Let the well-boundness judgement ` wb be a ternary relationon the power set of variables, the power set of variables and the set of runtime terms.` wb β P(VAR)ΓP(VAR)ΓRTERMU ;V ` x wb where x βUU ;V ` t1 wb U ;V ` t2 wbU ;V ` t1 t2 wbU βͺ{x};V ` t wbU ;V ` Ξ»x.t wb where x /β VU βͺ{x};V ` t wbU ;V ` Ξ»x.t wb where x /β VU βͺ{x};V βͺ{x} ` t wbU ;V ` Ξ»Λx.t wb where x /β VU ;V ` t wbU ;V ` γtγ wbU ;V ` t wbU ;V `βΌ t wbU ;V ` t wbU ;V `!t wbU ;V ` n wbU ;V ` t1 wb U ;V ` t2 wbU ;V ` t1+ t2 wbU ;V ` w wb U βͺ{x};V ` t wbU ;V ` t[x := w] wb where x /β VThe well-boundness judgement U ;V ` t wb reads as βt is well bound by U and V β.We come back to our discussion on the well-boundness of the subterm t11 of the term t01 . By the abovedefinition, we have /0; /0 ` t01 wb. Observe that a sub-derivation of /0; /0 ` t1 wb must be the derivation ofU ;V ` t11 wb for some variable sets U and V . The variable set U tracks all free variables of the subterm855.3. Suspended MetaMLt11 that are bound in the surrounding scope. We observe the following property which shows if a term is wellbound, we can get an upper bound of the free variables of the term. We can use well-boundness judgementto estimate the free variables of a term.Proposition 160. If U ;V ` t wb, then FV (t)βU .The variable set V inU ;V ` t11 wb tracks the free variables of the subterm t11 that are bound by hattedlambdas in the surrounding scope. Consider a special case of the subterm t11 of the term t01 . Suppose t11is an application (Ξ»x.t0)[xi := wi] v0 that is reducible by the (app-0) rule. Since the (app-0) rule is nota substitution reduction, it cannot be applied under any explicit substitution. Thus the free variables ofv0 must be bound by hatted lambdas in its surrounding context, which are tracked by the variable set Vof the judgement U ;V ` (Ξ»x.t0)[xi := wi] v0 wb. By the definition of the well-boundness judgement, wehave xi /β V . Hence we have FV (v0)β© (βi{xi}) = /0, which we call the well-boundness of the application(Ξ»x.t0)[xi := wi] v0. This guarantees the correctness of the (app-0) rule.The well-boundness judgement cooperates well with the multi-step relation. The second property saysthe former is preserved by the latter.Proposition 161. If U ;V ` t i1 wb, VAR(t i1)βX , V βU βX and U ;V ;X ` t i1 ββiβ t i2, then U ;V `t i2 wb.As a corollary of the above properties, the multi-step relation preserves the closedness of runtime terms.Evaluator. We now define an evaluator in terms of the structural operational semantics of SuspendedMetaML. The evaluator is analogous to the one defined for Explicit MetaML.Definition 162 (Evaluator based on Structural Operational Semantics of Suspended MetaML). Define theevaluator evalMetaML:SusSOS to be a partial function from the set of programs PRGMMetaML to the set ofanswers ANSMetaML.evalMetaML:SusSOS : PRGMMetaML β ANSMetaMLevalMetaML:SusSOS(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if . t βββ (Ξ»x.t β²0)[xi := wi]code if . t βββ γv1γn if . t βββ nThis evaluator is defined based on the structural operational semantics of Suspended MetaML. Thesubscript βMetaML:SusSOSβ in evalMetaML:SusSOS denotes the structural operational semantics of SuspendedMetaML.We claim that the evaluators defined in terms of Substitutional MetaML and Suspended MetaML areequivalent.Theorem 163 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubSOS(t) is Kleeneequal to evalMetaML:SusSOS(t).We prove the above theorem in appendices.865.4. Environmental MetaML - Structural Operational Semantics5.4 Environmental MetaML - Structural Operational SemanticsRefining Suspended ISWIM to Environmental ISWIM is discussed in Section 3.4. For a term surroundedby cascaded explicit substitutions, t[xi := wi], every denotable term wi is closed in Suspended ISWIM. It isa natural step to replace the explicit substitutions with a corresponding environment.However, MetaML allows replacing a variable by a open denotable term. In Suspended MetaML, thedenotable term of some early explicit substitution in a cascade may have free variables that are bound bysome later substitution. Example 158 shows. !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ» z.y)) 0)γ 5 βββ γy[z := 0][y := u][y := u][u := 5]γwhere u /β {x,y,z}. The term y[z := 0][y := u][y := u][u := 5] has y bound by u that is bound by 5. If werepresent the explicit substitutions that surround a term by one environment, an environment lookup maylead to an unsound result. For example, we represent y[z := 0][y := u][y := u][u := 5] by pairing y with theenvironment Ο = {(z,0),(y,u),(u,5)}. Looking up y in the environment Ο returns u solely which is notpaired with an environment. Then we incorrectly output u as the final result of the evaluation. The correctresult is 5 because u is bound to 5.To refine Suspended MetaML to Environmental MetaML, we propose to replace cascaded explicit sub-stitutions with meta-environments instead of environments. A meta-environment is a finite sequence ofenvironments, among which the free variables of one environment are bound by the next environment inthe sequence. To evaluate a variable with a meta-environment, we look up the variable in the first environ-ment of the meta-environment and return the lookup result paired with the remaining environments of themeta-environment. For example, y[z := 0][y := u][y := u][u := 5] may be represented by pairing y with themeta-environment (Ο1;Ο2) where Ο1 = {(z,0),(y,u)} and Ο2 = {(u,5)}. After one small-step of evaluation,we have u paired with the meta-environment Ο2 because Ο1(y) = u. After another step, we get the final result5 because Ο2(u) = 5.5.4.1 SyntaxWe first define the basic syntax of the Environmental MetaML: source terms, runtime terms, values, denot-able terms, configurations, environments and meta-environments. Then we define the free variable function.5.4.1.1 Source Terms, Runtime Terms, Values, Denotable Terms, Configurations, Environmentsand Meta-environmentsDefinition 164 (Source Terms, Runtime Terms, Values, Denotable Terms and Configurations). For anyi β N, let STERMi be the set of level-indexed source terms at level i, RTERMi be the set of level-indexedruntime terms at level i, VALUEi be the set of level-indexed values at level i, and CONFi be the set of level-indexed configurations at level i. Let DENOTABLE be the set of denotable terms and ENV be a finite partialfunction from the set of variables to the set of denotable terms.875.4. Environmental MetaML - Structural Operational Semanticsx β VAR, i,n β N, t is β STERMi, t i β RTERMi, vi β VALUEi, w β DENOTABLE, c β CONF,Ο β ENV = VAR finβ DENOTABLEt0s := x | t0 t0 | Ξ»x.t0 | γt1γ | !t0 | n | t0+ t0t i+1s := x | t i+1 t i+1 | Ξ»x.t i+1 | γt i+2γ | βΌt i | !t i+1 | n | t i+1+ t i+1t0 := x | t0 t0 |IΞ»x.t0, ΟβJ | γt1γ | !t0 | n | t0+ t0t i+1 := x | t i+1 t i+1 | Ξ»x.t i+1 | γt i+2γ | βΌt i | !t i+1 | n | t i+1+ t i+1v0 := IΞ»x.t0, ΟβJ | γv1γ | nv1 := x | v1 v1 | Ξ»x.v1 | γv2γ | !v1 | n | v1+ v1vi+2 := x | vi+2 vi+2 | Ξ»x.vi+2 | γvi+3γ | βΌvi+1 | !vi+2 | n | vi+2+ vi+2w := x | v0c0 := v0 | c0 c0 | Ξ»x.c0 |Gt0, ΟβH | γc1γ |!c0 | c0+ c0ci+1 := vi+1 | ci+1 ci+1 | Ξ»x.ci+1 |Gt i+1, ΟβH | γci+2γ | βΌci |!ci+1 | ci+1+ ci+1We usually call Ξ»x.ci+1 a level-(i+1) non-value lambda if c /β VALUEi+1 and a level-(i+1) lambda valueif c β VALUEi+1.Definition 165 (Environments). An environment Ο β ENV is a finite partial function from the set of variablesto the set of denotable terms. Let dom(Ο) be the domain of the environment Ο and rng(Ο) be the range ofthe environment Ο . Let Ο[x 7β w] be an environment update and Ο(x) be an environment lookup. We have:Ο[x 7β w](y) =ο£±ο£²ο£³w if xβ‘ yΟ(y) if x 6β‘ yDefinition 166 (Initial Environments). LetX β VAR. The initial environment ΟXinit is the identity functionwhose domain isX .Definition 167 (Meta-environments). A meta-environment Οβ β ENVβ is a finite sequence of environments.An empty meta-environment is denoted by Ξ΅ . A meta-environment containing an empty environment isdenoted by ( /0;Ξ΅).A term paired with a meta-environment, i.e., Gt i, ΟβH or IΞ»x.t0, ΟβJ, is called a closure. A level-0lambda abstraction paired with a meta-environment, i.e., IΞ»x.t0, ΟβJ, is called a closure value. A clos-ure that is not a value, Gt i, ΟβH, is called a non-value closure. A closure makes its top-level structureimmediately evident. For example, it is immediately recognisable that its top-level structure of the closureIΞ»x.t0, ΟβJ is a level-0 lambda abstraction Ξ»x.t0 without having to dive into the meta-environment Οβ.As a comparison, in Suspended MetaML, to check the top-level structure of (Ξ»x.t0)[xi := wi], we have to885.4. Environmental MetaML - Structural Operational Semanticsdive down through the cascaded explicit substitutions [xi := wi] until reaching the level-0 lambda abstractionΞ»x.t0.A closure Gt, ΟβH has the meta-environment Οβ. The meta-environment of the closure Gt, ( /0;Ξ΅)H hasone environment /0. The meta-environment of the closure Gt, Ξ΅H has no environments.Environmental MetaMLβs closures are different from Environmental ISWIMβs closures. In Environ-mental ISWIM, for an arbitrary closure γt, Ογ, the term t is closed by the environment Ο . In EnvironmentalMetaML, a closure Gt, ΟβH is a pair of a term t and a meta-environment Οβ. Suppose Οβ = Ο1;Ο2; ...;Οm.The free variables of the term t are bound by the first environment Ο1. If the first environment Ο1 does notclose the term t, the free variables of the closure Gt, Ο1H must be bound by the second environment Ο2 andthe free variables of the closure Gt, (Ο1;Ο2)H must be bound by the third environment Ο3, and so on. Theclosure Gt, ΟβH may also have free variables, which are bound by its surrounding context.The design choice of closures and closure values are compatible with the original interpreter of MetaMLintroduced in [Tah99a]. To ensure that any variable that has been eliminated by some substitution or renam-ing does not escape from the scope of the substitution or renaming, they used a delayed environment called acover. A cover works like a normal environment on non-function terms. If a cover encounters a function, thesubstitutions of the cover are delayed and are only performed on the result of calling the function. Analog-ously, in Environmental MetaML, environments on a level-0 lambda abstraction are delayed, as modelledby closure values. These environments work like normal environments on the result of applying the level-0lambda abstraction.Unlike the previous dialects of MetaML, Environmental MetaML deems the set of configurations ratherthan the set of (runtime) terms to be the fundamental set on which the operational semantics is defined.Recall that programs are closed level-0 source terms. To evaluate a program t0s , we first pair it with theinitial meta-environment (ΟVAR(t0s )init ;Ξ΅), resulting in the initial configuration c0s = Gt0s , (ΟVAR(t0s )init ;Ξ΅)H. Wethen pass the initial configuration to the operational semantics. Someone may wonder why the initial meta-environment is (ΟVAR(t0s )init ;Ξ΅) rather than ( /0;Ξ΅). In short, choosing (ΟVAR(t0s )init ;Ξ΅) makes rules of the semanticsconsistent, eases proving equivalence of semantics and preserves the correctness of the semantics. Wediscuss its reasons in detail after introducing the evaluator for the semantics.5.4.1.2 Free Variable FunctionWe define the free variable function by extending Substitutional MetaMLβs Definition 20 to accommodateconfigurations.Definition 168 (Free Variable Function). Let the free variable function FV be a total function from the setof configurations to the power set of variables.895.4. Environmental MetaML - Structural Operational SemanticsFV : CONF ββP(VAR)FV (x) = x (1)FV (n) = /0 (2)FV (c1 c2) = FV (c1)βͺFV (c2) (3)FV (Ξ»x.c) = FV (c)\{x} (4)FV (γcγ) = FV (c) (5)FV (!c) = FV (c) (6)FV (βΌc) = FV (c) (7)FV (c1+ c2) = FV (c1)βͺFV (c2) (8)FV (Gt, Ξ΅H) = FV (t) (9)FV (Gt, Οβ1 ;Ο2H) = βi FV (Ο2(xi)) where xi β FV (Gt, Οβ1H) (10)FV (IΞ»x.t, ΟβJ) = FV (GΞ»x.t, ΟβH) (11)Equations (1)-(2) are the same as Equations (1) and (7) of Definition 20 in Substitutional MetaML.Equations (3)-(8) are analogous to Equations (2)-(6) and (8) of Definition 20. Equations (9)-(11) are basedon the definitions of closures and closure values.5.4.2 Structural Operational SemanticsWe lay out the structural operational semantics of Environmental MetaML through the level-indexed single-step relations ββi, the global single-step relation . ββ , the level-indexed multi-step relations ββiβ andthe global multi-step relation .βββ.Definition 169 (Level-indexed Single-step Relations). For any i β N, let the level-indexed single-step rela-tionββi be a 4-ary relation on the power set of variables, the power set of variables, the set of configurationsat level i and the set of configurations at level i.905.4. Environmental MetaML - Structural Operational Semanticsββi β P(VAR)ΓP(VAR)ΓCONFiΓCONFiV βͺ{x};X ` ci+11 ββi+1 ci+12V ;X ` Ξ»x.ci+11 ββi+1 Ξ»x.ci+12(lambda-(i+1))V ;X ` ci11 ββi ci12V ;X ` ci11 ci2 ββi ci12 ci2(appL-i)V ;X ` ci21 ββi ci22V ;X ` vi1 ci21 ββi vi1 ci22(appR-i)V ;X `IΞ»x.t0, (Ο;Οβ)J v0 ββ0 Gt0, (Ο[x 7β v0];Οβ)H (app-0)V ;X ` ci1 ββi ci2V ;X `!ci1 ββi!ci2(run-i)V ;X `!γv1γ ββ0 Gv1, (ΟXinit;Ξ΅)H (run-0)V ;X ` ci+11 ββi+1 ci+12V ;X ` γci+11 γ ββi γci+12 γ(code-i)V ;X ` ci1 ββi ci2V ;X ` βΌci1 ββi+1 βΌci2(splice-(i+1))V ;X ` βΌγv1γ ββ1 v1 (splice-1)V ;X ` ci11 ββi ci12V ;X ` ci11+ ci2 ββi ci12+ ci2(plusL-i)V ;X ` ci21 ββi ci22V ;X ` vi1+ ci21 ββi vi1+ ci22(plusR-i)V ;X ` n1+n2 ββ0 nwhere n = n1+n2 (plus-0)V ;X `GΞ»x.t0, ΟβHββ0 IΞ»x.t0, ΟβJ (lam-0-env)V ;X `GΞ»x.t i+1, (Ο;Οβ)Hββi+1 Ξ»xN .Gt i+1, (Ο[x 7β xN ][xN 7β xN ];(Ο[xN 7β xN ])β)Hwhere xN /βX (lam-(i+1)-env)V ;X `GIΞ»x.t, Οβ1J, Οβ2Hββi IΞ»x.t, (Οβ1 ;Οβ2 )J (clov-env)V ;X `Gw, Ξ΅Hββi w (den-env)V ;X `Gx, (Ο;Οβ)Hββi GΟ(x), ΟβH (var-env)V ;X `Gn, ΟβHββi n (num-env)V ;X `Gt1 t2, ΟβHββi Gt1, ΟβHGt2, ΟβH (app-env)V ;X `Gγt i+1γ, ΟβHββi γGt i+1, ΟβHγ (code-env)V ;X `G!t i, ΟβHββi!Gt i, ΟβH (run-env)V ;X `GβΌt i, ΟβHββi+1 βΌGt i, ΟβH (splice-env)V ;X `Gt1+ t2, ΟβHββi Gt1, ΟβH+Gt2, ΟβH (plus-env) 915.4. Environmental MetaML - Structural Operational SemanticsThe level-indexed single-step relation V ;X ` ci1 ββi ci2 reads as βc1 single-steps to c2 at level i boundby V andX β.To make a small-step when evaluating a program, we need to repeatedly apply the structural rules untilwe find a configuration of the program on which a reduction rule can be applied. In the meanwhile, wekeep track of lambda bound variables when we dive into the body of a level-(i+1) non-value lambda usingthe (lambda-(i+1)) rule. Suppose we have found such a configuration ci1 that is reducible and we haveV ;X ` ci1 ββi ci2. The free variables of ci1 must be bound by lambda bound variables of level-(i+1)non-value lambdas in the surrounding scope, which are tracked by the variable set V . The variable setX records all variables in the configuration ci1 and its surrounding scope. We need the variable set X todetermine whether a variable is fresh in the sense that it has not appeared in the configuration being currentlyevaluated or in its surrounding scope. The variable sets V andX help specify the well-boundness propertyof configurations (Proposition 177).We briefly explain some rules of the single-step relation. (1) The (app-0) rule models an application byupdating the environment, which completes the unfinished job of Suspended MetaMLβs (app-0) rule. (2)The (run-0) rule is about executing a code value at level 0. Someone may want to replace the configurationGv1, (ΟXinit;Ξ΅)H with the value v1. This is incorrect. The single-step relation is defined on configurations.The value v1 must be paired with a meta-environment in order to be evaluated at level 0. (3) The (*-env)rules discuss how to evaluate a closure. (3.1) The (lam-0-env) rule turns a closure into a closure value.(3.2) The (lam-(i+1)-env) rule combines Suspended MetaMLβs (lambda-(i+1)-t) rule and (lam-subst) rule.To evaluate a lambda abstraction at a level higher than 0, we must rename the lambda bound variable to afresh variable before diving into the body, where the fresh variable must have not occurred in the currentconfiguration being evaluated or in its surrounding scope. (3.3) The (clov-env) rule concatenates two meta-environments. (3.4) The (den-env) rule is trivial. (3.5) The other (*-env) rules correspond to SuspendedMetaMLβs single-step substitution reduction relations.Definition 170 (Global Single-step Relation). Let the global single-step relation .ββ be a binary relationbetween the set of level-0 configurations and the set of level-0 configurations.. c01 ββ c02 if and only if /0; VAR(c01) ` c01 ββ0 c02The global single-step relation . c01 ββ c02 reads as βc1 single-steps to c2β.Definition 171 (Level-indexed Multi-step Relations). For any iβN, let the level-indexed multi-step relationββiβ be a 4-ary relation on the power set of variables, the power set of variables, the set of configurationsat level i and the set of configurations at level i directly based on the level-indexed single-step relation ββi.ββiββP(VAR)ΓP(VAR)ΓCONFiΓCONFiV ;X ` ci1 ββiβ ci2where V ;X `ci1 ββi ci2 (step) V ;X ` ci ββiβ ci (refl)V ;X ` ci1 ββiβ ci2 V ;X βͺVAR(ci2) ` ci2 ββiβ ci3V ;X ` ci1 ββiβ ci3(trans)Definition 172 (Global Multi-step Relation). Let the global multi-step relation . βββ be the reflexive-transitive closure of the global single-step relation .ββ.925.4. Environmental MetaML - Structural Operational SemanticsExample 173. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ. We first construct a configuration that pairs theabove term with an initial meta-environment:G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)HBy the structural operational semantics of Environmental MetaML, we have:G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H.ββ !GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H.ββ !γGΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)Hγ.ββ !γΞ» z.GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)Hγ where z /β {x,y}.ββ !γΞ» z.(GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)HG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌG((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)HG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌ(G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)HG(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌ(I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)JG(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌ(I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)JI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌ(Gγxγ, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌγGx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)HγG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌγGI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J, (Ξ΅)HγG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(βΌγI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)JγG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)JG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ.ββ !γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0)γ.ββ GΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)H.ββ IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)JProperties. Our sole purpose of developing the structural operational semantics is to evaluate programswhich are closed level-0 source terms. To evaluate a program t0s at level 0, we construct the initial configur-ation c0s =Gt0s , (ΟVAR(t0s )init ;Ξ΅)H and pass it to the structural operational semantics. We expect that the initialconfiguration multi-steps to a level-0 value v0. Suppose the closed configuration c01 is an intermediate resultof evaluating the initial configuration c0s . We then repeatedly apply the structural rules on c01 until we find itssubconfiguration c11 on which a reduction rule can apply. We want to ensure that all free variables of c11 arebound in its surrounding scope by lambda bound variables of level-(i+1) non-value lambdas. We define thefollowing judgement to specify the well-boundness of a configuration. We demonstrate how this judgementhelps prove the correctness of the (app-0) rule.Definition 174 (Well-boundness Judgement). Let the well-boundness judgement ` wb be a ternary relationon the power set of variables, the power set of variables and the set of configurations.935.4. Environmental MetaML - Structural Operational Semantics` wb β P(VAR)ΓP(VAR)ΓCONFU ;V ` x wb where x βUU ;V ` c1 wb U ;V ` c2 wbU ;V ` c1 c2 wbU βͺ{x};V ` c wbU ;V ` Ξ»x.c0 wb where x /β VU βͺ{x};V ` c wbU ;V ` Ξ»x.vi+1 wb where x /β VU βͺ{x};V βͺ{x} ` c wbU ;V ` Ξ»x.ci+1 wb where ci+1 /β VALUEi+1 and x /β VU ;V ` t wbU ;V ` γtγ wbU ;V ` t wbU ;V `βΌ t wbU ;V ` t wbU ;V `!t wbU ;V ` n wbU ;V ` t1 wb U ;V ` t2 wbU ;V ` t1+ t2 wbU ;V ` t wbU ;V `Gt, Ξ΅H wbU ;V ` Οm(xmk) wb U βͺ{xmk};V `Gt, (Οimβ11 ;Ξ΅)H wbU ;V `Gt, (Οim1 ;Ξ΅)H wbwhere VAR(Gt, Οim1H)β dom(Οi) for any Οi,Οi(y j) = y j for any Οi and y j β V ,and xmk β FV (Gt, (Οimβ11 ;Ξ΅)H).U ;V `Gt, ΟiH wbU ;V `It, ΟiJ wbNotation 175. A sequence of environments, Ο1;Ο2; ...;Οm, can be abbreviated as Οim1 or Οi.The well-boundness judgement U ;V ` c wb reads as βc is well bound by U and V β. The variable setU tracks all free variables of the configuration c that are bound any means in the surrounding scope. Weobserve the following property which is analogous to Suspended MetaMLβs Proposition 160.Proposition 176. If U ;V ` c wb, then FV (c)βU .We come back to our discussion of the well-boundness of the subconfiguration c11 of the configurationc01. By the definition of well-boundness judgement, we have /0; /0 ` c01 wb. Observe that a sub-derivationof /0; /0 ` c01 wb must be the derivation of U ;V ` c11 wb for some variable sets U and V . The variable945.4. Environmental MetaML - Structural Operational Semanticsset V tracks all free variables of the configuration c11 that are bound in the surrounding scope by lambdabound variables of level-(i+ 1) non-value lambdas. Recall that other than level-(i+ 1) non-value lambdas,the structural rules do not allow evaluating under lambdas or closures. Thus the variable set U is the sameas V . We have V ;V ` c11 wb.Consider a special case of the configuration c11. Suppose c11 is an application IΞ»x.t0, (Οim1 ;Ξ΅)J v0that is reducible by the (app-0) rule. The free variables of v0 must be bound by lambda bound variables oflevel-(i+ 1) non-value lambdas in its surrounding context, which are tracked by the variable set V of thejudgement V ;V `IΞ»x.t0, (Οim1 ;Ξ΅)J v0 wb. By definition, Οi(y j) = y j for any y j β V . By Proposition 176,FV (v0)β V . Hence, Οi(yv) = yv for any yv β FV (v0), which we call the well-boundness of the applicationIΞ»x.t0, (Οim1 ;Ξ΅)J v0.We briefly explain how the correctness of the (app-0) rule is guaranteed by the well-boundness of theapplication IΞ»x.t0, (Οim1 ;Ξ΅)J v0. Letβs represent each environment as a set of variable-and-denotable-termpairs. We have:Οim1 = {(x1i,w1i)};{(x2i,w2i)}; ...;{(xmi,wmi)}Then the application IΞ»x.t0, (Οim1 ;Ξ΅)J v0 denotes(Ξ»x.t0){[w1i/x1i]}{[w2i/x2i]}...{[wmi/xmi]} v0where each braced set of substitutions works as an environment and substitutions in each braced set areunordered. We first rename the lambda bound variable x to a globally fresh variable xN and then push allbraced sets of substitutions under the new lambda. We get:Ξ»xN .(t0{[w1i/x1i][xN/x]}{[w2i/x2i][xN/xN ]}...{[wmi/xmi][xN/xN ]}) v0Then we perform the application and get:t0{[w1i/x1i][xN/x]}{[w2i/x2i][xN/xN ]}...{[wmi/xmi][xN/xN ]}{[v0/xN ]}By the well-boundness of the application IΞ»x.t0, (Οim1 ;Ξ΅)J v0, we know for any yv β FV (v0), yv is substi-tuted by itself in the first m braced sets of substitutions. Then we can splice the last braced substitution intothe first braced set and eliminate renaming the lambda bound variable. We gett0{[w1i/x1i][v0/x]}{[w2i/x2i]}...{[wmi/xmi]}which corresponds toGt0, (Ο1[x 7β v0];Οm2 ;Ξ΅)Hin the (app-0) rule of Environmental MetaML.The well-boundness judgement cooperates well with the multi-step relation. The following propertysays the former is preserved by the latter. It is analogous to Suspended MetaMLβs Proposition 161.Proposition 177. If V ;V ` ci1 wb, VAR(ci1)βX , V βX and V ;X ` ci1 ββiβ ci2, then V ;V ` ci2 wb.955.4. Environmental MetaML - Structural Operational SemanticsAs a corollary of the above properties, the multi-step relation preserves the closedness of configurations.Evaluator. We now define an evaluator in terms of the structural operational semantics of EnvironmentalMetaML. Environmental MetaMLβs multi-step relation is defined on sets of configurations rather than setsof runtime terms. Given a program t, the evaluator applies the multi-step relation on the initial configurationGt, (ΟVAR(t)init ;Ξ΅)H which pairs the program with the initial environment of the program. The evaluator isotherwise analogous to the one defined for Suspended MetaML.Definition 178 (Evaluator based on Structural Operational Semantics of Environmental MetaML). Let theevaluator evalMetaML:EnvSOS be a partial function from the set of programs PRGMMetaML to the set of answersANSMetaML.evalMetaML:EnvSOS : PRGMMetaML β ANSMetaMLevalMetaML:EnvSOS(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if . Gt, (ΟVAR(t)init ;Ξ΅)Hβββ IΞ»x.t β²0 , ΟβJcode if . Gt, (ΟVAR(t)init ;Ξ΅)Hβββ γv1γn if . Gt, (ΟVAR(t)init ;Ξ΅)Hβββ nThis evaluator is defined in terms of the structural operational semantics of Environmental MetaML. Thesubscript βMetaML:EnvSOSβ in evalMetaML:EnvSOS denotes the structural operational semantics of EnvironmentalMetaML.Someone may wonder why the initial configuration has the meta-environment (ΟVAR(t0s )init ;Ξ΅) rather than( /0;Ξ΅). First of all, for any program t, the initial configuration Gt, ΟβH is closed regardless of whetherΟβ = (ΟVAR(t0s )init ;Ξ΅) or Οβ = ( /0;Ξ΅). Choosing (ΟVAR(t0s )init ;Ξ΅) still preserves the closedness of the initial config-uration. Secondly, as implied by the theorem at the end of this section, choosing (ΟVAR(t0s )init ;Ξ΅) over ( /0;Ξ΅)does not destroy the soundness or completeness of the semantics. Thirdly, having the meta-environment(ΟVAR(t0s )init ;Ξ΅) in the initial configuration is consistent with the (run-0) rule where the newly constructed con-figuration has the meta-environment (ΟXinit;Ξ΅). Fourthly, by the well-boundness judgement, given a wellbound closure Gt, ΟβH where Οβ = Οi, we must have VAR(Gt, ΟiH) β dom(Οi) for any Οi. If we do notchoose (ΟVAR(t0s )init ;Ξ΅) over ( /0;Ξ΅), we need a more complicated well-boundness judgement that may obscurethe fundamental concepts, making proving semantics equivalence more complicated. In Section 7.2, wepropose a novel way of modelling environments, which no long requires the ad-hoc step of collecting all thevariables that exist in the program for the initial configuration as (ΟVAR(t0s )init ;Ξ΅).We claim that the evaluators defined in terms of Substitutional MetaML and Environmental MetaMLare equivalent.Theorem 179 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubSOS(t) is Kleeneequal to evalMetaML:EnvSOS(t).We prove the theorem in appendices.965.5. Environmental MetaML - Reduction Semantics5.5 Environmental MetaML - Reduction SemanticsFollowing the path of refining a structural operational semantics to its corresponding reduction semantics aspresented in Sections 3.5 and 4.1, we refine Environmental MetaMLβs structural operational semantics to areduction semantics.5.5.1 SyntaxThe definitions of source terms, runtime terms, values, denotable terms, configurations and meta-environmentsare the same as Section 5.4.5.5.1.1 Evaluation ContextsSection 4.1 defined evaluation contexts for Substitutional MetaML. Unlike Substitutional MetaML, Envir-onmental MetaML defines its semantics on configurations rather than on terms. Taking this difference intoconsideration, we define evaluation contexts for Environmental MetaML, which is analogous to Substitu-tional MetaMLβs Definition 114.Definition 180 (Evaluation Contexts: Inside-out). Let ECXTi( j be the set of evaluation contexts with innerlevel i and outer level j.E i( j β ECXTi( j, ci β CONFi, vi β VALUEi β EXCTi(i (ept-i)E β EXCTi( jE[ ci2] β EXCTi( j(appL-i) E β EXCTi( jE[vi1 ] β EXCTi( j(appR-i)E β EXCT(i+1)( jE[Ξ»x.] β EXCT(i+1)( j(lambda-(i+1))E β EXCTi( jE[γγ] β EXCT(i+1)( j(code-i) E β EXCT(i+1)( jE[βΌ] β EXCTi( j (splice-(i+1))E β EXCTi( jE[!] β EXCTi( j (run-i)E β EXCTi( jE[+ ci2] β EXCTi( j(plusL-i) E β EXCTi( jE[vi1+] β EXCTi( j(plusR-i)5.5.2 Reduction SemanticsWe lay out the reduction semantics through the level-indexed notions of reduction R i, the level-indexedsingle-reduction relations 7ββi, the global single-reduction relation . 7ββ, the level-indexed multi-reductionrelations 7ββiβ and the global multi-reduction relation . 7βββ.Definition 181 (Level-indexed Notions of Reduction). For any i β N, let the notions of reduction R i be abinary relation between the set of configurations at level i and the set of configurations at level i.975.5. Environmental MetaML - Reduction SemanticsR i β P(VAR)ΓCONFiΓCONFiX ` IΞ»x.t0, (Ο;Οβ)J v0 R0 Gt0, (Ο[x 7β v0];Οβ)H (app-0)X ` !γv1γ R0 Gv1, (ΟXinit;Ξ΅)H (run-0)X ` βΌγv1γ R1 v1 (splice-1)X ` n1+n2 R0 n where n = n1+n2 (plus-0)X ` GΞ»x.t0, ΟβH R0 IΞ»x.t0, ΟβJ (conf-lam-0)X ` GΞ»x.t i+1, (Ο;Οβ)H R i+1 Ξ»xN .Gt i+1, (Ο[x 7β xN ];(Ο[xN 7β xN ])βH (conf-lam-(i+1))where xN /βXX ` GIΞ»x.t, Οβ1J, Οβ2H R i IΞ»x.t, (Οβ1 ;Οβ2 )J (conf-clov-i)X ` GΟ, Ξ΅H R i w (conf-den-i)X ` Gx, (Ο;Οβ)H R i GΟ(x), ΟβH (conf-var-i)X ` Gn, ΟβH R i n (conf-num-i)X ` Gt1 t2, ΟβH R i Gt1, ΟβHGt2, ΟβH (conf-app-i)X ` Gγt i+1γ, ΟβH R i γGt i+1, ΟβHγ (conf-code-i)X ` G!t i, ΟβH R i !Gt i, ΟβH (conf-run-i)X ` GβΌt i, ΟβH R i+1 βΌGt i, ΟβH (conf-splice-i)X ` Gt1+ t2, ΟβH R i Gt1, ΟβH+Gt2, ΟβH (conf-plus-i)The notion of reduction X ` ci1 R i ci2 reads as βc1 reduces to c2 at level i bound by X β. Each notioncorresponds to one reduction rule of the single-step relations presented in Definition 169. The variable setX records all variables in the configuration ci1 and in its surrounding context, which is used in the (conf-lam-(i+1)) rule to determine whether a variable is globally fresh.Definition 182 (Level-indexed Single-reduction Relation). For any i β N, let the level-indexed single-reduction relation 7ββi be a binary relation between the set of configurations at level i and the set of config-urations at level i directly based on the notions of reductionR j.7ββi β CONFiΓCONFiX ` t j1 R j t j2X ` E j(i[t j1] 7ββi E j(i[t j2]The level-indexed single-reduction relation X ` ci1 7ββi ci2 reads as βc1 single-reduces to c2 at level ibound byX β. The above definition states that the single-reduction relation respects performing any notionof reduction in an evaluation context.Definition 183 (Global Single-reduction Relation). Let the global single-reduction relation . 7ββ be a binaryrelation between the set of level-0 configurations and the set of level-0 configurations.. c01 7ββ c02 if and only if VAR(c01) ` c01 7ββ0 c02The global single-reduction relation . c01 ββ c02 reads as βc1 single-reduces to c2β. It is defined basedon the single-reduction relation with a particular initialisation of the variable setX .985.5. Environmental MetaML - Reduction SemanticsDefinition 184 (Level-indexed Multi-reduction Relations). For any iβN, let the level-indexed multi-reductionrelation 7ββiβ be the a binary relation between the set of configurations at level i and the set of configurationsat level i directly based on the level-indexed single-reduction relation 7ββi.7ββiββP(VAR)ΓCONFiΓCONFiX ` ci1 7ββiβ ci2whereX `ci1 7ββi ci2 (step) X ` ci 7ββiβ ci (refl)X ` ci1 7ββiβ ci2 X βͺVAR(ci2) ` ci2 7ββiβ ci3X ` ci1 7ββiβ ci3(trans)Definition 185 (Global Multi-reduction Relation). Let the global multi-reduction relation . βββ be thereflexive-transitive closure of the global single-reduction relation .ββ.Example 186. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ.We first construct a configuration that pairs the above term with an initial meta-environment:G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)HBy the reduction semantics of Environmental MetaML, we have:. G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H7βββ IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)Jas demonstrated in Figure 5.1.A comparison of the Figure 5.1 with Figures 3.1 and 4.1 tells that Environmental MetaMLβs reductionsemantics follows the exact same three-step break-apply-plug pattern of evaluating a program as Environ-mental ISWIMβs reduction semantics and Substitutional MetaMLβs reduction semantics.Property. The global multi-reduction relation preserves the closedness of a configuration. This is the sameproperty that Environmental MetaMLβs structural operational semantics holds.Proposition 187 (Closedness of Configurations). If . c01 7βββ c02 and FV (c01) = /0, then FV (c02) = /0.Evaluator. We now define an evaluator based on the reduction semantics of Environmental MetaML. Theevaluator is analogous to the evaluators defined based on the structural operational semantics of Environ-mental MetaML.Definition 188 (Evaluator based on Reduction Semantics of Environmental MetaML). Let the evaluatorevalMetaML:EnvRed be a partial function from the set of programs PRGMMetaML to the set of answers ANSMetaML.995.5. Environmental MetaML - Reduction SemanticsG!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H= 0(0[G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H]. 7ββ 0(0[!GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H]= !GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H= ([!])0(0[GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H]. 7ββ ([!])0(0[γGΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)Hγ]= !γGΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)Hγ= ([!][γγ])1(0[GΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)H]. 7ββ ([!][γγ])1(0[Ξ» z.GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)H] where z /β {x,y}= !γΞ» z.GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)Hγ= ([!][γγ][Ξ» z.])1(0[GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.])1(0[GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)HG0, ({(x,x),(y,z),(z,z)};Ξ΅)H]= !γΞ» z.(GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)HG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H])1(0[GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H])1(0[βΌG((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)H]= !γΞ» z.(βΌG((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)HG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ])0(0[G((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ])0(0[G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)HG(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H]= !γΞ» z.(βΌ(G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)HG(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H])0(0[G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H])0(0[I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J]= !γΞ» z.(βΌ(I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)JG(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J])0(0[G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J])0(0[I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J]= !γΞ» z.(βΌ(I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)JI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ])0(0[I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)JI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ])0(0[Gγxγ, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H]= !γΞ» z.(βΌ(Gγxγ, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H)G0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ])0(0[Gγxγ, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ])0(0[γGx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)Hγ]= !γΞ» z.(βΌγGx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)HγG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ])1(0[Gx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ])1(0[GI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J, (Ξ΅)H]= !γΞ» z.(βΌγGI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J, (Ξ΅)HγG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ])1(0[GI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J, (Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ])1(0[I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J]= !γΞ» z.(βΌγI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)JγG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H])1(0[βΌγI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)Jγ]. 7ββ ([!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H])1(0[I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J]= !γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)JG0, ({(x,x),(y,z),(z,z)};Ξ΅)H)γ= ([!][γγ][Ξ» z.][I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J])1(0[G0, ({(x,x),(y,z),(z,z)};Ξ΅)H]. 7ββ ([!][γγ][Ξ» z.][I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J])1(0[0]= !γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0)γ= 0(0[!γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0)γ]. 7ββ 0(0[GΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)H]= GΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)H= 0(0[GΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)H]. 7ββ 0(0[IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)J]= IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)JFigure 5.1: Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in Reduction Semantics of Environmental MetaML.1005.6. Environmental MetaML - Abstract Machine (MEK Machine)evalMetaML:EnvRed : PRGMMetaML β ANSMetaMLevalMetaML:EnvRed(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if .Gt, (ΟVAR(t)init ;Ξ΅)H 7βββ IΞ»x.t β²0 , ΟβJcode if .Gt, (ΟVAR(t)init ;Ξ΅)H 7βββ γv1γn if .Gt, (ΟVAR(t)init ;Ξ΅)H 7βββ nThis evaluator is defined based on the reduction semantics of Environmental MetaML. The subscriptβMetaML:EnvRedβ in evalMetaML:EnvRed denotes the reduction semantics of Environmental MetaML.We claim that the evaluators defined in terms of the structural operational semantics and the reductionsemantics of Environmental MetaML are equivalent.Theorem 189 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:EnvSOS(t) is Kleeneequal to evalMetaML:EnvRed(t).We prove the theorem in appendices.5.6 Environmental MetaML - Abstract Machine (MEK Machine)Following the path of refining a reduction semantics to a corresponding abstract machine as presented inSections 3.6 and 4.2, we refine Environmental MetaMLβs reduction semantics to an abstract machine. Wecall the abstract machine the MEK machine.5.6.1 SyntaxThe definitions of source terms, runtime terms, values, denotable terms, configurations and meta-environmentsare the same as Sections 5.4 and 5.5.5.6.1.1 Evaluation ContextsAnalogous to Substitutional MetaMLβs Definition 121, we provide an alternative definition for evaluationcontexts.Definition 190 (Evaluation Contexts: Outside-in). Let i, j β N. Define ECXTi( j to be the set of evaluationcontexts with inner level i and outer level j.1015.6. Environmental MetaML - Abstract Machine (MEK Machine)E i( j β ECXTi( j, ci β CONFi, vi β VALUEi β EXCT j( j (ept-j)E β EXCTi( j(E c j2) β EXCTi( j(appL-j) E β EXCTi( j(v j1 E) β EXCTi( j(appR-j)E β EXCTi(( j+1)Ξ»x.E β EXCTi(( j+1)(lambda-(j+1))E β EXCTi(( j+1)γEγ β EXCTi( j (code-j)E β EXCTi( jβΌE β EXCTi(( j+1)(splice-(j+1)) E β EXCTi( j!E β EXCTi( j (run-j)E β EXCTi( j(E + c j2) β EXCTi( j(plusL-j) E β EXCTi( j(v j1+E) β EXCTi( j(plusR-j)5.6.1.2 Machine ConfigurationsSection 4.2 defines the states of the MK machine through four modes of machine configurations. We revisethe four-mode definition to accommodate an environmental semantics.Definition 191 (Machine Configurations). Define CFG to be the set of machine configurations.i, j β N, C β CFG, ci β CONFi, vi β VALUEi, E i( j β ECTXi( jC := v0| γi, E i(0, ciγr| γi, E i(0, ciγf| γi, E i(0, viγbThe machine operates in four modes: the value mode v0, the reduce mode γi, E i(0, ciγr, the focus modeγi, E i(0, ciγf, the build mode γi, E i(0, viγb.A machine configuration γi, E i(0, ciγ? where ? β {r, f,b} unloads to the configuration E i(0[ci]. Pre-cisely, the configuration ci in a machine configuration at reduce mode γi, E i(0, ciγr needs to be a redex.5.6.2 Abstract Machine (MEK Machine)We lay out the abstract machine of Environmental MetaML, i.e., the MEK machine, through the reductionrelation 7ββmek and the multi-reduction relation 7βββmek.Definition 192 (Reduction Relation). Let the reduction relation 7ββmek be a binary relation between the setof machine configurations and the set of machine configurations.7ββmek β CFGΓCFG1025.6. Environmental MetaML - Abstract Machine (MEK Machine)Reduce rules: γi, E i(0, ciγrγ0, E, IΞ»x.t0, (Ο;Οβ)J v0γr 7ββmek γ0, E, Gt0, (Ο[x 7β v0];Οβ)Hγf (r-app-0)γ0, E, !γv1γγr 7ββmek γ0, E, Gv1, (ΟVAR(E[!γv1γ])init ;Ξ΅)Hγf (r-run-0)γ1, E, βΌγv1γγr 7ββmek γ1, E, v1γf (r-splice-1)γ0, E, n1 +n2γr 7ββmek γ0, E, nγf where n = n1 +n2 (r-plus-0)γ0, E, GΞ»x.t0, ΟβHγr 7ββmek γ0, E, IΞ»x.t0, ΟβJγf (r-conf-lam-0)γi+1, E, GΞ»x.t i+1, (Ο;Οβ)Hγr 7ββmek γi+1, E, Ξ»xN .Gt i+1, (Ο[x 7β xN ];Ο[xN 7β xN ]β)Hγfwhere xN /β VAR(E[GΞ»x.t i+1, (Ο;Οβ)H]) (r-conf-lam-(i+1))γi, E, GIΞ»x.t, Οβ1J, Οβ2Hγr 7ββmek γi, E, IΞ»x.t, (Οβ1 ;Οβ2 )Jγf (r-conf-clov-i)γi, E, Gw, Ξ΅Hγr 7ββmek γi, E, wγf (r-conf-den-i)γi, E, Gx, (Ο;Οβ)Hγr 7ββmek γi, E, GΟ(x), ΟβHγf (r-conf-var-i)γi, E, Gn, ΟβHγr 7ββmek γi, E, nγf (r-conf-num-i)γi, E, Gt1 t2, ΟβHγr 7ββmek γi, E, Gt1, ΟβHGt2, ΟβHγf (r-conf-app-i)γi, E, Gγt i+1γ, ΟβHγr 7ββmek γi, E, γGt i+1, ΟβHγγf (r-conf-code-i)γi, E, G!t i, ΟβHγr 7ββmek γi, E, !Gt i, ΟβHγf (r-conf-run-i)γi, E, GβΌt i, ΟβHγr 7ββmek γi, E, βΌGt i, ΟβHγf (r-conf-splice-(i+1))γi, E, Gt1 + t2, ΟβHγr 7ββmek γi, E, Gt1, ΟβH+Gt2, ΟβHγf (r-conf-plus-i)Focus rules: γi, E i(0, ciγfγi, E, Gt, ΟβHγf 7ββmek γi, E, Gt, ΟβHγr (f-conf-i)γi+1, E, xγf 7ββmek γi+1, E, xγb (f-var-(i+1))γi, E, c1 c2γf 7ββmek γi, E[ c2], c1γf (f-appL-i)γ0, E, IΞ»x.t, ΟβJγf 7ββmek γ0, E, IΞ»x.t, ΟβJγb (f-lambda-0)γi+1, E, Ξ»x.cγf 7ββmek γi+1, E[Ξ»x.], cγf (f-lambda-(i+1))γi, E, γcγγf 7ββmek γi+1, E[γγ], cγf (f-code-i)γi+1, E, βΌcγf 7ββmek γi, E[βΌ], cγf (f-splice-(i+1))γi, E, !cγf 7ββmek γi, E[!], cγf (f-run-i)γi, E, nγf 7ββmek γi, E, nγb (f-num-i)γi, E, c1 + c2γf 7ββmek γi, E[+ c2], c1γf (f-plusL-i)Build rules: γi, E i(0, viγbγ0, , vγb 7ββmek v (b-value-0)γi, E[ c2], v1γb 7ββmek γi, E[v1 ], c2γf (b-appL-i)γ0, E[v1 ], v2γb 7ββmek γ0, E, v1 v2γr (b-appR-0)γi+1, E[v1 ], v2γb 7ββmek γi+1, E, v1 v2γb (b-appR-(i+1))γi+1, E[Ξ»x.], vγb 7ββmek γi+1, E, Ξ»x.vγb (b-lambda-(i+1))γi+1, E[γγ], vγb 7ββmek γi, E, γvγγb (b-code-(i+1))γ0, E[βΌ], vγb 7ββmek γ1, E, βΌvγr (b-splice-0)γi+1, E[βΌ], vγb 7ββmek γi+2, E, βΌvγb (b-splice-(i+1))γ0, E[!], vγb 7ββmek γ0, E, !vγr (b-run-0)γi+1, E[!], vγb 7ββmek γi+1, E, !vγb (b-run-(i+1))γi, E[+ c2], v1γb 7ββmek γi, E[v1 +], c2γf (b-plusL-i)γ0, E[v1 +], v2γb 7ββmek γ0, E, v1 + v2γr (b-plusR-0)γi+1, E[v1 +], v2γb 7ββmek γi+1, E, v1 + v2γb (b-plusR-(i+1))1035.6. Environmental MetaML - Abstract Machine (MEK Machine)The reduction relation C1 7ββmek C2 reads as βC1 reduces to C2β or βC1 single-reduces to C2β.The intuition behind the above relation is analogous to that of CEK machineβs reduction relation. Seecomments below Definition 108.Definition 193 (Multi-reduction Relation). Let the multi-reduction relation 7βββmek be the reflexive-transitiveclosure of the reduction relation 7ββmek.The abstract machine defined above is also known as the MEK machine. M stands for multi-stage, Estands for environment, and K stands for continuation, i.e., the evaluation context.Example 194. Consider !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ.We first construct a closure that pairs the above term with an initial meta-environment:G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)HThen we construct the initial machine configuration at focus mode:γ0, , G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)HγfBy the MEK machine, we have:γ0, , G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)Hγf7βββmek IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)Jas demonstrated in Figure 5.2.Evaluator. We now define an evaluator in terms of the MEK machine. The MEK machineβs multi-reduction relation is defined on machine configurations. Given a program t, the evaluator applies themulti-reduction relation on the machine configuration γ0, , Gt, (ΟVAR(t)init ;Ξ΅)Hγf in which the program isassociated with an initial meta-environment and an empty evaluation context. The evaluator is otherwiseanalogous to the one defined in terms of the reduction semantics of Environmental MetaML.Definition 195 (Evaluator based on MEK Machine). Let the evaluator evalMetaML:MEK be a partial functionfrom the set of programs PRGMMetaML to the set of answers ANSMetaML.evalMetaML:MEK : PRGMMetaML β ANSMetaMLevalMetaML:MEK(t) =ο£±ο£΄ο£΄ο£΄ο£²ο£΄ο£΄ο£΄ο£³function if γ0, , Gt, (ΟVAR(t)init ;Ξ΅)Hγf 7βββmek IΞ»x.t β²0 , ΟβJcode if γ0, , Gt, (ΟVAR(t)init ;Ξ΅)Hγf 7βββmek γv1γn if γ0, , Gt, (ΟVAR(t)init ;Ξ΅)Hγf 7βββmek nThis evaluator is defined based on the MEK machine. The subscript βMetaML:MEKβ in evalMetaML:MEKdenotes the MEK machine of Environmental MetaML.1045.6.EnvironmentalMetaML-AbstractMachine(MEKMachine)γ0, , G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H γf7ββmek γ0, , G!γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H γr7ββmek γ0, , !GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H γf7ββmek γ0, [!], GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H γf7ββmek γ0, [!], GγΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ, ({(x,x),(y,y)};Ξ΅)H γr7ββmek γ0, [!], γGΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)Hγ γf7ββmek γ1, [!][γγ], GΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)H γf7ββmek γ1, [!][γγ], GΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0), ({(x,x),(y,y)};Ξ΅)H γr7ββmek γ1, [!][γγ], Ξ» z.GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)H γfwhere z /β {x,y}7ββmek γ1, [!][γγ][Ξ» z.], GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ1, [!][γγ][Ξ» z.], GβΌ((Ξ»x.γxγ) (Ξ»x.y)) 0, ({(x,x),(y,z),(z,z)};Ξ΅)H γr7ββmek γ1, [!][γγ][Ξ» z.], GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)HG0, ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H], GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H], GβΌ((Ξ»x.γxγ) (Ξ»x.y)), ({(x,x),(y,z),(z,z)};Ξ΅)H γr7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H], βΌG(Ξ»x.γxγ) (Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], G(Ξ»x.γxγ) (Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], G(Ξ»x.γxγ) (Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H γr7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)HG(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H], G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H], G(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)H γr7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H], I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H], I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J γb7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J], G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J], G(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)H γr7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)J], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γb7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], I(Ξ»x.γxγ), ({(x,x),(y,z),(z,z)};Ξ΅)JI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γr7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], Gγxγ, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H γf7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], Gγxγ, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H γr7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], γGx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)Hγ γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ], Gx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ], Gx, ({(x,I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J),(y,z),(z,z)};Ξ΅)H γr7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ], GI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J, (Ξ΅)H γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ], GI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J, (Ξ΅)H γr7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ][γγ], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γb7ββmek γ0, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H][βΌ], γI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)Jγ γb7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H], βΌγI(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)Jγ γr7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γf7ββmek γ1, [!][γγ][Ξ» z.][G0, ({(x,x),(y,z),(z,z)};Ξ΅)H], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J γb7ββmek γ1, [!][γγ][Ξ» z.][I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J], G0, ({(x,x),(y,z),(z,z)};Ξ΅)H γf7ββmek γ1, [!][γγ][Ξ» z.][I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J], G0, ({(x,x),(y,z),(z,z)};Ξ΅)H γr7ββmek γ1, [!][γγ][Ξ» z.][I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J], 0 γf7ββmek γ1, [!][γγ][Ξ» z.][I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J], 0 γb7ββmek γ1, [!][γγ][Ξ» z.], I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0 γb7ββmek γ1, [!][γγ], Ξ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0) γb7ββmek γ0, [!], γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0)γ γb7ββmek γ0, , !γΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0)γ γr7ββmek γ0, , GΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)H γf7ββmek γ0, , GΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)H γr7ββmek γ0, , IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)J γf7ββmek γ0, , IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)J γb7ββmek IΞ» z.(I(Ξ»x.y), ({(x,x),(y,z),(z,z)};Ξ΅)J 0), ({(x,x),(y,y),(z,z)};Ξ΅)JFigure 5.2: Evaluation of !γΞ»y.(βΌ((Ξ»x.γxγ) (Ξ»x.y)) 0)γ in the MEK Machine.1055.7. Chapter SummaryWe claim that the evaluators defined in terms of Environmental MetaMLβs reduction semantics and theMEK machine are equivalent.Theorem 196 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:EnvRed(t) is Kleeneequal to evalMetaML:MEK(t).We prove the above theorem in appendices.As a corollary, the evaluators defined in terms of Substitutional MetaML and the MEK machine areequivalent.Corollary 197 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubSOS(t) is Kleeneequal to evalMetaML:MEK(t).Proof. It immediately follows from Theorems 179, 189 and 196 by the transitivity of Kleene equality.5.7 Chapter SummaryUtilising the experience of refining semantics along two dimensions, this chapter eventually solved thefollowing semantics refinement problem.Can we refine the substitutional structural operational semantics of MetaML to a correspond-ing environmental abstract machine, which we call the MEK machine, and demonstrate theirequivalence?We accomplished the development progressively in several manageable steps, each of which led to an inter-mediate semantics. We first reviewed the substitutional structural operational semantics of MetaML that wedeveloped in Section 2.2. Then we successively developed the structural operational semantics of ExplicitMetaML, the structural operational semantics of Suspended MetaML, the structural operational semanticsof Environmental MetaML, the reduction semantics of Environmental MetaML, and finally derived the ab-stract machine of Environmental MetaML. We call the abstract machine of Environmental MetaML theMEK machine.We defined an evaluator based on each semantics. By proving the equivalence of every two adjacentsemantics, we finally showed that the MEK machine is equivalent to the substitutional structural operationalsemantics of MetaML.By this chapter together with Chapter 2, we have successfully solved the main semantics refinementproblem.106Chapter 6Proof Methodology and Related WorkWe first summarise three proof techniques that were adopted throughout the thesis the prove semanticsequivalences. Then we compare our thesis with the related work.6.1 Proof MethodologyMost proofs of the thesis can be categorised as proving (1) the equivalence of two structural operationalsemantics, (2) the equivalence of a structural operational semantics and a reduction semantics, or (3) theequivalence of a reduction semantics and an abstract machine.Proving Equivalence of Two Structural Operational Semantics. To prove the equivalence of structuraloperational semantics of language A (defined by the single-step relation ββA and the multi-step relationβββA) and structural operational semantics of language B (defined by the single-step relation ββB and themulti-step relation βββB), we first define a bisimulation relation between their terms, i.e., ' β TERMAΓTERMB. Then the key is to demonstrate that the bisimulation relation respects the following properties.1. βp β PRGM, injA(p)' injB(p).That is, for any program, its injected initial terms in languages A and B shall be related.2. If vA ' vB, then obsA(vA) = obsB(vB).That is, two related values shall have the same observable results.3. Canonisation:(a) If vA ' tB, then tB βββB vB and vA ' vB.(b) If tA ' vB, then tA βββA vA and vA ' vB.4. Weak Bisimulation:(a) If tA1 ' tB1 and tA1 ββA tA2 , then tB1 βββB tB2 and tA2 ' tB2 .(b) If tA1 ' tB1 and tB1 ββB tB2 , then tA1 βββA tA2 and tA2 ' tB2 .The above-mentioned framework of proving the equivalence of structural operational semantics was motiv-ated by the bisimulation proof method [San11, PS12].1076.2. Related WorkProving Equivalence of a Structural Operational Semantics and a Reduction Semantics. To provethe equivalence of a structural operational semantics (defined by the single-step relation ββ and the multi-step relationβββ) and a reduction semantics (defined by the reduction relation 7ββ and the multi-reductionrelation 7βββ) of the same language, the key is to prove the following two lemmas.1. If t1 ββ t2, then t1 7ββ t2.We may need to prove: If t1 ββ t2 and E β ECXT, then E[t1] 7ββ E[t2].2. If t1 7ββ t2, then t1 ββ t2.We may need to prove: If t1 ββ t2 and E β ECXT, then E[t1]ββ E[t2].Proving Equivalence of a Reduction Semantics and an Abstract Machine. To prove the equivalence ofa reduction semantics (defined by the single-reduction relation 7ββ and the multi-reduction relation 7βββ)and an abstract machine (defined by the reduction relation 7ββabs and the multi-reduction relation 7βββabs) ofthe same language, we first define a translatorT to translate any machine configuration to its correspondingterm. Then the key is to prove the following two lemmas.1. If E0[t0] = E1[t1] and E1[t1] 7ββ E1[t2] where t1 R t2, then γE0, t0γf 7βββabs γE0, t0γf.We may need to prove: If t = E1[t1] and t1 R t2, then γE, tγf 7βββabs γEE1, t1γf.2. If C1 7ββabs C2, then T (C1) 7βββ T (C2).The above-mentioned framework of proving the equivalence of a reduction semantics and an abstract ma-chine was motivated by the proof of the equivalence of the CC machine and the substitutional reductionsemantics of ISWIM in [FFF09].The above-mentioned three proof frameworks are adaptable to more complex languages. For example,the language of our interest may define its single-step relation (or the single-reduction relation) on config-urations rather than on terms. As a result, we need to replace all tβs by cβs in the frameworks. As anotherexample, in a multi-stage language, a machine configuration may have a level component. As a result, weneed to add one more component of levels to any machine configuration in the last framework.6.2 Related WorkMulti-stage Programming Languages. Several multi-stage programming languages and language ex-tensions have been developed. For example, there are MetaML [TS97, She98, Tah99a, Tah99b] extendsML, MetaOCaml [Tah04] extends OCaml, MetaHaskell [Mai12] extends Haskell, Mint [WRI+09] extendsJava and Metaphor [NR04] that extends C#. We intensively studied MetaML in the thesis.Operational Semantics of MetaML. Taha [Tah99a] modelled a minimal subset of MetaML through twoformulations that extend the lambda calculus, i.e., the Ξ» -M language and the Ξ» -U language. They presenteda call-by-value substitutional natural semantics and a call-by-name substitutional natural semantics for the1086.2. Related WorkΞ» -M language. They developed a call-by-name substitutional reduction semantics for the Ξ» -U language anddemonstrated its equivalence with respect to the call-by-name substitutional natural semantics of the Ξ» -Mlanguage.Our thesis took the call-by-value substitutional natural semantics of Ξ» -M language defined in [Tah99a]as the reference semantics of MetaML. The substitutional structural operational semantics of MetaML de-veloped in Chapter 2 can be deemed as a call-by-value substitutional structural operational semantics for theΞ» -M language.Refining Semantics for ISWIM. Felleisen et al. [FFF09] presented how to develop the CEK machinefrom the substitutional reduction semantics of ISWIM and demonstrated their equivalence. Given the sub-stitutional reduction semantics of ISWIM, they first derived a substitutional abstract machine called theCC machine in which a machine state is composed by a control string and an evaluation context. Theythen simplified the CC machine to the SCC machine to eliminate unnecessary state transition rules andside-conditions. Next they introduced a date structure called a continuation to make the evaluation contextaround the current control string the most evident and they refined the SCC machine to the CK machinein which a machine state is composed by a control string and a continuation. Finally they refined the CKmachine to an environmental abstract machine, the CEK machine, by introducing environments to representsubstitutions. Each CEK machine state has three components: a control string, an environment and a con-tinuation. Furthermore, they built an evaluator for each above-mentioned semantics and they demonstratedthe equivalence of the evaluators.Chapter 3 of our thesis developed the CEK machine from the substitutional structural operational se-mantics of ISWIM. Instead of deriving a series of abstract machines, we developed a series of structuraloperational semantics. We introduced explicit substitutions in the structural operational semantics of Ex-plicit ISWIM, suspended explicit substitutions in the structural operational semantics of Suspended ISWIMand environments in the structural operational semantics of Environmental ISWIM. We developed a reduc-tion semantics for Environmental ISWIM, based on which the CEK machine was formulated.Our thesis represents continuations by evaluation contexts. [FFF09] maintained a unique data structureto represent continuations but we did not.Explicit Substitutions. The idea of explicit substitutions was introduced in [Cur85, ACCL91]. The de-velopment of Explicit ISWIM was partially inspired and motivated by the definitions of Ξ»x-terms and thedefinitions of Ξ»xgc-reduction in the Ξ»xgc-calculus [Ros96].Proof Methodology. As mentioned in the previous section, the framework of proving the equivalenceof structural operational semantics was motivated by the bisimulation proof method [San11, PS12]. Theframework of proving the equivalence of a reduction semantics and an abstract machine was motivated bythe proof of the equivalence of the CC machine and the substitutional reduction semantics of ISWIM in[FFF09].109Chapter 7ConclusionWe conclude this thesis, summarise the limitations and list several directions for future work.7.1 ConclusionThis thesis studied the problem of refining operational semantics for MetaML. We took the pre-existingsubstitutional natural semantics presented in [Tah99a] as the reference semantics of MetaML. The mainresearch problem of our thesis, which was called the main semantics refinement problem, was stated as:Can we refine the pre-existing substitutional natural semantics of MetaML to a correspondingenvironmental abstract machine and demonstrate their equivalence?As an environmental abstract machine is a small-step operational semantics, its development is more naturaland convenient to start from a structural operational semantics than a natural semantics. In Chapter 2, wedeveloped a substitutional structural operational semantics for MetaML and demonstrated its equivalencewith respect to the substitutional natural semantics.We then simplified the main semantics refinement problem along two dimensionsβeach dimensionleads to a less complicated semantics refinement problem.Following the first dimension, Chapter 3 studied how to develop an environmental abstract machine for asingle-stage language, ISWIM, rather than the multi-stage language MetaML. We refined the substitutionalstructural operational semantics of ISWIM to its corresponding environmental abstract machine known asthe CEK machine.Following the second dimension, Chapter 4 studied how to develop a substitutional abstract machinerather than an environmental abstract machine for the multi-stage language MetaML. We refined the sub-stitutional structural operational semantics of MetaML to its corresponding substitutional abstract machine,which we called the MK machine.Utilising the experience of refining semantics along two dimensions, Chapter 5 finally studied the mainsemantics refinement problem, i.e., how to develop an environmental abstract machine for MetaML. Werefined the substitutional structural operational semantics of MetaML to its corresponding environmentalabstract machine, which we called the MEK machine.Furthermore, three proof techniques were adopted throughout the thesis to prove the equivalence oftwo structural operational semantics, the equivalence of a structural operational semantics and a reductionsemantics, and the equivalence of a reduction semantics and an abstract machine.1107.2. Limitations and Future Work7.2 Limitations and Future WorkWe briefly summarise the limitations of our thesis and point out several research ideas to be further exploredin future work.Simplifying Abstract Machines. We developed the CEK machine in Chapter 3, the MK machine inChapter 4 and the MEK machine in Chapter 5. These machines have several redundant transformations ofmachine configurations. Felleisen et al. [FFF09] simplified abstract machines by (1) letting the machineexploit information from both the control strings and the evaluation contexts, and (2) combining definitetransformations. Adopting the same approach, we can simplify our CEK machine, CK machine and MEKmachine analogously. For example, for the MEK machine, the (b-appR-0) ruleγ0, E[v1 ], v2γb 7ββmek γ0, E, v1 v2γrand the (r-app-0) ruleγ0, E, IΞ»x.t0, (Ο;Οβ)J v0γr 7ββmek γ0, E, Gt0, (Ο[x 7β v0];Οβ)Hγfcan be merged into one ruleγ0, E[v1 ], v2γb 7ββmek γ0, E, Gt0, (Ο[x 7β v0];Οβ)Hγf.Modelling Fresh Variables. The (lambda-(i+1)-t) rule of the single-step relation of Suspended MetaML,the (lam-(i+1)-env) rule of the single-step relation of Environmental MetaML, the (conf-lam-(i+1)) rule ofthe notions of reduction of Environmental MetaML and the (r-conf-lam-(i+1)) rule of the single-transformationrelation of the MEK machine require that the variable xN is globally fresh in the sense that it has not ap-peared in the current term/configuration being evaluated or in its surrounding context. Being globally freshis a very strict restriction on xN .To loosen the restriction, we may maintain a set of variables W to keep track of the variables that havelost their freshness due to acting as a fresh variable before in the above-mentioned rules. Then we mayinterpret βxN is freshβ as that the variable xN is locally fresh and does not belong to W . We need formalproofs to support our conjecture.Modelling Environments by Finitary Functions. In Environmental MetaML, to evaluate a programt0s , we first construct the initial configuration Gt0s , (ΟVAR(t0s )init ;Ξ΅)H and pass it to the semantics. Moreover,Environmental MetaML reduces !γv1γ to the initial configuration Gt0s , (ΟXinit;Ξ΅)H where the variable setXcontains the variables in the current configuration being evaluated and in its surrounding context. Envir-onmental MetaML models environments as partial functions from variables to denotable terms and needscollecting all variables that exist in the program for the initial configurations.We propose to model environments as total functions from variables to denotable terms with the re-striction that only a finite number of variables do not map to themselves, which we call finitary functions.1117.2. Limitations and Future WorkThere are several reasons that finitary functions are suitable for modelling environments in EnvironmentalMetaML. First of all, this model eliminates the extra ad-hoc step of collecting all variables that exist in theprogram for the initial configurations. The initial meta-environment in an initial configuration is simply thesingleton list containing the identity environment. Secondly, this model captures the possibility of comput-ing with open terms while preserving the finitary character of any environment that may arise during realcomputation. Thirdly, this model still allows us to reason by induction on non-identical mappings of envir-onments. Fourthly, this model allows separating the computer representation (i.e., a finite list of mappings)from the mathematical model (i.e., a finitary function). We conjecture that changing how environments aremodelled in Environmental MetaML will not cause fundamental problems in developing the MEK machine.Machine-checked Proofs. All proofs of the thesis are handwritten, which we believe are error-prone. Wemay utilise the proof assistants [BC04, BDN09] to check our proofs mechanically.Abstract Interpretation of MEK Machine. The reason that we developed the MEK machine is to applya general-purpose framework of developing static analysis [VHM12] to it. With the help of the framework,it is expected that we are able to get a sound and decidable control flow analysis for MetaML.112Bibliography[ACCL91] Martin Abadi, Luca Cardelli, P-L Curien, and J-J LΓ©vy, Explicit substitutions, Journal of func-tional programming 1 (1991), no. 04, 375β416.[BC04] Yves Bertot and Pierre Casteran, Interactive theorem proving and program development, Spring-erVerlag, 2004.[BDN09] Ana Bove, Peter Dybjer, and Ulf Norell, A brief overview of agdaβa functional language with de-pendent types, International Conference on Theorem Proving in Higher Order Logics, Springer,2009, pp. 73β78.[Cur85] P. L. Curien, Categorical combinatory logic, pp. 130β139, Springer Berlin Heidelberg, Berlin,Heidelberg, 1985.[FF86] Matthias Felleisen and Daniel P Friedman, Control operators, the secd-machine, and the Ξ» -calculus, Indiana University, Computer Science Department, 1986.[FFF09] Matthias Felleisen, Robert Bruce Findler, and Matthew Flatt, Semantics engineering with pltredex, The MIT Press, 2009.[FH92] Matthias Felleisen and Robert Hieb, The revised report on the syntactic theories of sequentialcontrol and state, Theoretical computer science 103 (1992), no. 2, 235β271.[JGS93] Neil D Jones, Carsten K Gomard, and Peter Sestoft, Partial evaluation and automatic programgeneration, Peter Sestoft, 1993.[Kah87] G. Kahn, Natural semantics, pp. 22β39, Springer Berlin Heidelberg, Berlin, Heidelberg, 1987.[Kle52] S.C. Kleene, Introduction to metamathematics, Bibliotheca Mathematica, Wolters-Noordhoff,1952.[Lan64] Peter J Landin, The mechanical evaluation of expressions, The Computer Journal 6 (1964), no. 4,308β320.[Lan66] , The next 700 programming languages, Communications of the ACM 9 (1966), no. 3,157β166.[Mai12] Geoffrey Mainland, Explicitly heterogeneous metaprogramming with metahaskell, ACM SIG-PLAN Notices, vol. 47, ACM, 2012, pp. 311β322.113[NR04] Gregory Neverov and Paul Roe, Metaphor: A multi-stage, object-oriented programming lan-guage, pp. 168β185, Springer Berlin Heidelberg, Berlin, Heidelberg, 2004.[Plo81] Gordon D Plotkin, A structural approach to operational semantics.[PS12] Damien Pous and Davide Sangiorgi, Enhancements of the bisimulation proof method, AdvancedTopics in Bisimulation and Coinduction (2012).[Ros96] Kristoffer HΓΈgsbro Rose, Explicit substitution: tutorial & survey, Computer Science Depart-ment, 1996.[San11] Davide Sangiorgi, Introduction to bisimulation and coinduction, Cambridge University Press,New York, NY, USA, 2011.[She98] Tim Sheard, Using metaml: A staged programming language, Advanced Functional Program-ming, Springer, 1998, pp. 207β239.[She01] , Accomplishments and research challenges in meta-programming, pp. 2β44, SpringerBerlin Heidelberg, Berlin, Heidelberg, 2001.[Tah99a] Walid Taha, Multi-stage programming: Its theory and applications, Ph.D. thesis, Oregon Gradu-ate Institute of Science and Technology, 1999.[Tah99b] , A sound reduction semantics for untyped cbn mutli-stage computation. or, the theoryof metaml is non-trival, ACM SIGPLAN Notices 34 (1999), no. 11, 34β43.[Tah04] , A gentle introduction to multi-stage programming, Domain-Specific Program Genera-tion, Springer, 2004, pp. 30β50.[TS97] Walid Taha and Tim Sheard, Multi-stage programming with explicit annotations, ACM SIG-PLAN Notices, vol. 32, ACM, 1997, pp. 203β217.[VHM12] David Van Horn and Matthew Might, Systematic abstraction of abstract machines, Journal ofFunctional Programming 22 (2012), no. 4-5, 705β746.[WRI+09] Edwin Westbrook, Mathias Ricken, Jun Inoue, Yilong Yao, Tamer Abdelatif, and Walid Taha,Multi-stage programming for mainstream languages, Tech. report, Technical Report TR09-02,Rice University, 2009.114Appendix AProofs of Chapter 2A.1 Equivalence of Substitutional Natural Semantics and SubstitutionalStructural Operational Semantics of MetaMLWe demonstrate the equivalence of the substitutional natural semantics and the substitutional structuraloperational semantics of MetaML.Lemma 198.1. If t i+11 βββ(i+1) t i+12 , then Ξ»x.t i+11 βββ(i+1) Ξ»x.t i+12 .2. If t i11 βββi t i12, then t i11 t i2 βββi t i12 t i2.3. If t i21 βββi t i22, then vi1 t i21 βββi vi1 t i22.4. If t i1 βββi t i2, then !t i1 βββi!t i2.5. If t i+11 βββ(i+1) t i+12 , then γt i+11 γ βββi γt i+12 γ.6. If t i1 βββi t i2, then βΌt i1 βββ(i+1) βΌt i2.7. If t i11 βββi t i12, then t i11+ t i2 βββi t i12+ t i2.8. If t i21 βββi t i22, then vi1+ t i21 βββi vi1+ t i22.Proof. We proceed by cases.1. Suppose the length of t i+11 βββ(i+1) t i+12 is j β N. By induction on j.(a) ( j = 0). Then t i+11 = ti+12 . By (refl), Ξ»x.ti+11 βββ(i+1) Ξ»x.t i+12 .(b) Suppose t i+11 ββ( j)(i+1) t i+111 ββ(1)(i+1) t i+12 . By the induction hypothesis, Ξ»x.t i+11 βββ(i+1)Ξ»x.t i+111 . Given ti+111 ββi+1 t i+12 , by (lambda-(i+1)), Ξ»x.t i+111 ββi+1 Ξ»x.t i+12 . By (step) and (trans),Ξ»x.t i+11 βββ(i+1) Ξ»x.t i+12 .2. Suppose the length of t i11 βββi t i12 is j β N. By induction on j.(a) ( j = 0). Then t i11 = ti12. By (refl), ti11 ti2 βββi t i12 t i2.(b) Suppose t i11 ββ( j)(i) t i111 ββ(1)(i) t i12. By the induction hypothesis, t i11 t i2 βββi t i111 t i2. Givent i111 ββi t i12, by (appL-i), t i111 t i2 ββi t i12 t i2. By (step) and (trans), t i11 t i2 βββi t i12 t i2.115A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaML3. Analogous to Case 2.4. Suppose the length of t i1 βββi t i2 is j β N. By induction on j.(a) ( j = 0). Then t i1 = ti2. By (refl), !ti1 βββi!t i2.(b) Suppose t i1 ββ( j)(i) t i11 ββ(1)(i) t i2. By the induction hypothesis, !t i1 βββi!t i11. Given t i11 ββi t i2,by (run-i), !t i11 ββi!t i2. By (step) and (trans), !t i1 βββi!t i2.5. Analogous to Case 4.6. Analogous to Case 4.7. Analogous to Case 2.8. Analogous to Case 3.Theorem 199. βββi admits every rule from βi.1. Ξ»x.t0 βββ0 Ξ»x.t0.2. If t i+11 βββ(i+1) vi+12 , then Ξ»x.t i+11 βββ(i+1) Ξ»x.vi+12 .3. If t01 βββ0 Ξ»x.t011, t02 βββ0 v02, and t011[v02/x]βββ0 v0, then t01 t02 βββ0 v0.4. If t i1 βββi vi1 and t i2 βββi vi2, then t i1 t i2 βββi vi1 vi2.5. If t01 βββ0 γv11γ and v11 βββ0 v02, then !t01 βββ0 v02.6. If t i βββi vi, then !t i βββi!vi.7. If t i+1 βββ(i+1) vi+1, then γt i+1γ βββi γvi+1γ.8. If t0 βββ0 γv1γ, then βΌt0 βββ1 v1.9. If t i βββi vi, then βΌt i βββ(i+1) βΌvi.10. xβββ(i+1) x.11. nβββi n.12. If t01 βββ0 n1, t02 βββ0 n2, and n = n1+n2, then t01 + t02 βββ0 n.13. If t i1 βββi vi1 and t i2 βββi vi2, then t i1+ t i2 βββi vi1+ vi2.Proof. We proceed by cases.1. By (refl), Ξ»x.t0 βββ0 Ξ»x.t0.116A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaML2. By Lemma 198 Case 1.3. By Case 4, t01 t02 βββ0 (Ξ»x.t011) v02. By (app-0), (Ξ»x.t011) v02 ββ0 t011[v02/x]. By (step), (Ξ»x.t011) v02 βββ0t011[v02/x]. Together with t011[v02/x]βββ0 v0, by (trans), t01 t02 βββ0 v0.4. By Lemma 198 Case 2, t i1 ti2βββi vi1 t i2. By Lemma 198 Case 3, vi1 t i2βββi vi1 vi2. By (trans), t i1 t i2βββivi1 vi2.5. By Case 6, !t01 βββ0!γv11γ. By (run-0), !γv11γ ββ0 v11. By (step), !γv11γ βββ0 v11. Together withv11 βββ0 v02, by (trans), !t01 βββ0 v02.6. By Lemma 198 Case 4.7. By Lemma 198 Case 5.8. By Case 9, βΌt0 βββ1 βΌγv1γ. By (splice-1), βΌγv1γ ββ1 v1. By (step) and (trans), βΌt0 βββ1 v1.9. By Lemma 198 Case 6.10. By (refl), xβββ(i+1) x.11. By (refl), nβββi n.12. By Case 13, t01 + t02 βββ0 n1+n2. By (plus-0), n1+n2 ββ0 n. By (step) and (trans), t01 + t02 βββ0 n.13. By Lemma 198 Case 7, t i1+ ti2 βββi vi1+ t i2. By Lemma 198 Case 8, vi1+ t i2 βββi vi1+ vi2. By (trans),t i1+ ti2 βββi vi1+ vi2.We demonstrate the soundness of the substitutional structural operational semantics with respect to thesubstitutional natural semantics of MetaML.Corollary 200 (Soundness of Substitutional Structural Operational Semantics w.r.t Substitutional NaturalSemantics). If t i βi vi then t i βββi vi.Proof. We proceed by induction on the derivation of t i βi vi.Case 1. (lambda-0). By Theorem 199 Case 1.Case 2. (lambda-(i+1)). By Theorem 199 Case 2.Case 3. (app-0). By Theorem 199 Case 3.Case 4. (app-(i+1)). By Theorem 199 Case 4.Case 5. (run-0). By Theorem 199 Case 5.Case 6. (run-(i+1)). By Theorem 199 Case 6.117A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaMLCase 7. (code-i). By Theorem 199 Case 7.Case 8. (splice-1). By Theorem 199 Case 8.Case 9. (splice-(i+2)). By Theorem 199 Case 9.Case 10. (ref-(i+1)). By Theorem 199 Case 10.Case 11. (num-i). By Theorem 199 Case 11.Case 12. (plus-0). By Theorem 199 Case 12.Case 13. (plus-(i+1)). By Theorem 199 Case 13.Theorem 201.1. If Ξ»x.t1 βββi v2, then either(a) i = 0 and v2 = Ξ»x.t1 ; or(b) i = ( j+1)> 0, t1 βββ( j+1) v j+121 , and v2 = Ξ»x.v j+121 .2. If t1 t2 βββi v, then t1 βββi vi1, t2 βββi vi2, and either(a) i = 0, v01 = Ξ»x.t011, and t011[v02/x]βββ0 v; or(b) i = ( j+1)> 0, v = v j+11 vj+12 .3. If !t1 βββi v2, then t1 βββi vi1, and either(a) i = 0, v01 = γv111γ, and v111 βββ0 v2; or(b) i = ( j+1)> 0, and v2 =!vj+11 .4. If γt1γ βββi v2, then t1 βββ(i+1) vi+11 , and v2 = γvi+11 γ.5. If βΌt1 βββi v2, then i = ( j+1)> 0, t1 βββ j v j1, and either(a) j = 0, v01 = γv111γ, and v2 = v111; or(b) j = (k+1)> 0, and v2 =βΌvk+11 .6. If xβββi v, then i = ( j+1)> 0, and v = x.7. If nβββi v, then v = n.8. If t1+ t2 βββi v, then t1 βββi vi1, t2 βββi vi2, and either(a) i = 0, v01 = n1, v02 = n2, and v = n1+n2; or118A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaML(b) i = ( j+1)> 0, v = v j+11 + vj+12 .Proof. We proceed by cases.1. We proceed by cases on i.(a) (i = 0). Then, Ξ»x.t1 β VALUE0, and Ξ»x.t1 6ββ0. By (refl), v2 = Ξ»x.t01 .(b) (i = ( j+1)> 0). Suppose the length of Ξ»x.t1 βββ( j+1) v2 is k β N. By induction on k.i. (k = 0). Then, v2 = Ξ»x.t1, and t1 β VALUEi+1. By (refl), t1 βββ( j+1) t1.ii. Suppose Ξ»x.t1 ββ(1)( j+1) t2 ββ(k)( j+1) v2. Proceed by cases on Ξ»x.t1 ββ j+1 t2. The onlycase is (lambda-(i+1)). Then, t1 ββ j+1 t21, and t2 = Ξ»x.t21. Given Ξ»x.t21 ββ(k)( j+1) v2,by the induction hypothesis, t21 βββ( j+1) v j+121 , and v2 = Ξ»x.v j+121 . By (step) and (trans),t1 βββ( j+1) v j+121 .2. Suppose t1 does not multi-step to a value. Then, (appL-i) is the only rule that is applicable, and itkeeps applying, in which case t1 t2 can never multi-step to v. Hence, t1 has to multi-step to a value,i.e., t1 βββi vi1. Analogously, t2 has to multi-step to a value, i.e., t2 βββi vi2. We have t1 t2 βββi vi1 vi2.We proceed by cases on i.(a) (i= 0). Assume v01 6= Ξ»x.t011. Then, v01 v02 6ββ0 and v01 v02 6βVALUE0. We get t1 t2βββ0 v01 v02 6βββ0v, which contradicts with t1 t2 βββ0 v. Hence, v01 = Ξ»x.t011.Given v01 v02 = (Ξ»x.t011) v02, (app-0) is the only rule that is applicable. By (app-0), (Ξ»x.t011) v02 ββ0t011[v02/x]. Given (Ξ»x.t011) v02 βββ0 v, by the determinism of the language, t011[v02/x]βββ0 v.(b) (i = ( j+1)> 0). Then v j+11 vj+12 β VALUE j+1. v = v j+11 v j+12 .3. Suppose t1 does not multi-step to a value. Then, (run-i) is the only rule that is applicable, and it keepsapplying, in which case !t1 can never multi-step to v2. Hence, t1 has to multi-step to a value, i.e.,t1 βββi vi1. We proceed by cases on i.(a) (i = 0). Assume v01 6= γv111γ. Then, !v01 6ββ0 and !v01 6β VALUE0. We get !t1 βββ0!v01 6βββ0 v2,which contradicts with !t1 βββi v2. Hence, v01 = γv111γ.Given !v01 =!γv111γ, (run-0) is the only rule that is applicable. By (run-0), !γv111γ ββ0 v111. Given!γv111γ βββ0 v2, by the determinism of the language, v111 βββ0 v2.(b) (i = ( j+1)> 0). Then, !v j+11 β VALUE j+1. v2 =!v j+11 .4. Suppose t1 does not multi-step to a value. Then, (code-i) is the only rule that is applicable, and itkeeps applying, in which case γt1γ can never multi-step to v2. Hence, t1 has to multi-step to a value,i.e., t1 βββ(i+1) vi+11 . Then, γvi+11 γ β VALUEi. v2 = γvi+11 γ.5. Analogous to Case 3.6. By (refl), xβββ( j+1) x. x β VALUE j+1. v = x.119A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaML7. By (refl), nβββi n. n β VALUEi. v = n.8. Analogous to Case 2.We demonstrate the completeness of the substitutional structural operational semantics with respect tothe substitutional natural semantics of MetaML.Corollary 202 (Completeness of Substitutional Structural Operational Semantics w.r.t Substitutional Nat-ural Semantics). If t i βββi vi then t i βi vi.Proof. We proceed by the structure of t i β TERMi and by induction on the size of derivation of t i βββi vi.Case 1. (t i = x). By Theorem 201, i = ( j+1)> 0, and v = x. By (ref-(i+1)), x β j+1 x.Case 2. (t i = t i1 ti2). By Theorem 201, ti1 βββi vi1, t i2 βββi vi2, and eitherβ’ i = 0, v01 = Ξ»x.t011, and t011[v02/x]βββ0 v0; orβ’ i = ( j+1)> 0, v j+1 = v j+11 v j+12 .Given t i1 βββi vi1 and t i2 βββi vi2, by the induction hypothesis, t i1 βi vi1 and t i2 βi vi2. Proceed bycases on i.Case i. (i= 0). Obviously the derivation of t011[v02/x]βββ0 v0 is smaller than that of t01 t02 βββ0v0. By the induction hypothesis, t011[v02/x] ββ0 v0. Together with t01 β0 Ξ»x.t011 andt02 β0 v02, by (app-0), t01 t02 β0 v0.Case ii. (i=( j+1)> 0). Given t j+11 β j+1 v j+11 and t j+12 β j+1 v j+12 , by (app-(i+1)), t j+11 t j+12 β j+1v j+11 vj+12 .Case 3. (t i = Ξ»x.t i1). By Theorem 201, eitherβ’ i = 0 and v0 = Ξ»x.t01 ; orβ’ i = ( j+1)> 0, t j+11 βββ( j+1) v j+12 , and v j+1 = Ξ»x.v j+12 .Proceed by cases on i.Case i. (i = 0). By (lambda-0), Ξ»x.t01 β0 Ξ»x.t01 .Case ii. (i = ( j+ 1) > 0). By the induction hypothesis, t j+11 β j+1 v j+12 . By (lambda-(i+1)),Ξ»x.t j+11 β j+1 Ξ»x.v j+12 .Case 4. (t i = γt i+11 γ). By Theorem 201, t i+11 βββ(i+1) vi+11 , and vi = γvi+11 γ. By the induction hypothesis,t i+11 βi+1 vi+11 . By (code-i), γt i+11 γ βi+1 γvi+11 γ.Case 5. (t i+1 =βΌt i1). By Theorem 201, t i1 βββi vi1, and either120A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaML1. i = 0, v01 = γv111γ, and v1 = v111; or2. i = ( j+1)> 0, and v j+2 =βΌv j+11 .Given t i1 βββi vi1, by the induction hypothesis, t i1 βi vi1. Proceed by cases on i.Case i. (i = 0). Given t01 βi γv111γ, by (splice-1), βΌt01 β1 v111.Case ii. (i = ( j+1)> 0). By (splice-(i+2)), βΌt j+11 β j+2 βΌv j+11 .Case 6. (t i =!t i1). Analogous to Case 5.Case 7. (t i = n). By Theorem 201, vi = n. By (num-i), n βi n.Case 8. (t i = t i1+ ti2). Analogous to Case 2.We demonstrate the soundness and completeness of the substitutional structural operational semanticswith respect to the substitutional natural semantics of MetaML.Theorem 203 (Soundness and Completeness of Substitutional Structural Operational Semantics w.r.t Sub-stitutional Natural Semantics). For any i β N, t i βi vi if and only if t i βββi vi.Proof. It directly follows Corollaries 200 and 202.We prove the Kleene equality of evaluators evalMetaML:SubNat(t) and evalMetaML:SubSOS(t).Theorem 204 (Kleene Equality of Evaluators). For any t β PRGMMetaML, evalMetaML:SubNat(t) is Kleeneequal to evalMetaML:SubSOS(t).Proof. For any t β PRGMMetaML, by Theorem 203, t0 β0 v0 if and only if t0 βββ0 v0.We first show if evalMetaML:SubNat(t) = a where a β ANSMetaML, then evalMetaML:SubSOS(t) = a.Case 1. If evalMetaML:SubNat(t) = function, then t β0 Ξ»x.t β²0 . Then t ββ0β Ξ»x.t β²0 .We have evalMetaML:SubSOS(t) = function.Case 2. If evalMetaML:SubNat(t) = code, then t β0 γv1γ. Then t ββ0β γv1γ.We have evalMetaML:SubSOS(t) = code.Case 3. If evalMetaML:SubNat(t) = n, then t β0 n. Then t ββ0β n.We have evalMetaML:SubSOS(t) = n.We then show if evalMetaML:SubSOS(t) = a where a β ANSMetaML, then evalMetaML:SubNat(t) = a.Case 1. If evalMetaML:SubSOS(t) = function, then t ββ0β Ξ»x.t β²0 . Then t β0 Ξ»x.t β²0 .We have evalMetaML:SubNat(t) = function.121A.1. Equivalence of Substitutional Natural Semantics and Substitutional Structural Operational Semantics of MetaMLCase 2. If evalMetaML:SubSOS(t) = code, then t ββ0β γv1γ. Then t β0 γv1γ.We have evalMetaML:SubNat(t) = code.Case 3. If evalMetaML:SubSOS(t) = n, then t ββ0β n. Then t β0 n.We have evalMetaML:SubNat(t) = n.We observe that evalMetaML:SubNat(t) is undefined if and only if evalMetaML:SubSOS(t) is undefined. Therefore,evalMetaML:SubNat(t) is Kleene equal to evalMetaML:SubSOS(t).122Appendix BProofs of Chapter 3B.1 Equivalence of ISWIM and Explicit ISWIMWe demonstrate the equivalence of the substitutional structural operational semantics of ISWIM and thestructural operational semantics of Explicit ISWIM. We use subscripts βsubβ and βexpβ to differentiate thesyntax of (Substitutional) ISWIM from the syntax of Explicit ISWIM.B.1.1 Bisimulation RelationWe first introduce a bisimulation relation that relates (Substitutional) ISWIM terms to Explicit ISWIMterms.Definition 205 (Bisimulation Relation). Define the bisimulation relation' to be a binary relation up to alphaequivalence between the set of terms in (Substitutional) ISWIM and the set of terms in Explicit ISWIM.'β TERMsubΓTERMexpx' x (var-sim)ta1 ' tb1 ta2 ' tb2ta1 ta2 ' tb1 tb2 (app-sim)ta ' tb(Ξ»x.ta)' (Ξ»x.tb) (lam-sim)n' n (num-sim)ta1 ' tb1 ta2 ' tb2ta1 + ta2 ' tb1 + tb2 (plus-sim)ta ' tb wa ' wbta[wa/x]' tb[x := wb] (subst-sim)Remark 206. We explain each rule of the relation as follows.(var-sim) A variable x from (Substitutional) ISWIM relates to the same variable x from Explicit ISWIM.(app-sim) An application ta1 ta2 from (Substitutional) ISWIM and an application tb1 tb2 from Explicit ISWIMare related, if their operators ta1 and tb1 are related, and their operands ta2 and tb2 are related.(lam-sim) A lambda abstraction Ξ»x.ta from (Substitutional) ISWIM and a lambda abstraction Ξ»x.tb fromExplicit ISWIM with the same bound variable are related, if their bodies ta and tb are related.(num-sim) A natural number n from (Substitutional) ISWIM relates to the same natural number n fromExplicit ISWIM.(plus-sim) An addition of terms ta1 +ta2 from (Substitutional) ISWIM and an addition of terms tb1 +tb2 fromExplicit ISWIM are related, if their first operands ta1 and tb1 are related, and their second operands ta2and tb2 are related.123B.1. Equivalence of ISWIM and Explicit ISWIM(subst-sim) A term surrounded by a substitution ta[wa/x] from (Substitutional) ISWIM and a term surroun-ded by an explicit substitution tb[x := wb] from Explicit ISWIM are related, if the terms ta and tb arerelated, and the denotable terms wa and wb are related.Remark 207. The bisimulation relation βΌ is up to alpha equivalence. We immediately have: (1) if ta1 ' tband ta1 βΌΞ± ta2 then ta2 ' tb, and (2) if ta ' tb1 and tb1 βΌΞ± tb2 then ta ' tb2 .B.1.2 Unload FunctionWe define U(t) to unload an Explicit ISWIM term t to (Substitutional) ISWIM.Definition 208 (Unload Function). Define the unloading function U to be a total function from the set ofterms in Explicit ISWIM to the set of terms in (Substitutional) ISWIM.U : TERMexp ββ TERMsubU(x) = xU(t1 t2) = U(t1)U(t2)U(Ξ»x.t) = Ξ»x.U(t)U(n) = nU(t1+ t2) = U(t1)+U(t2)U(t[x := w]) = U(t)[U(w)/x]Lemma 209 (Equality of Related Terms w.r.t. Unload Function). If ta ' tb, then ta =U(tb).Proof. We proceed by structural induction on ta ' tb.Case 1. (var-sim). Then, ta = tb = x. We immediately get x =U(x).Case 2. (app-sim). Then, ta = ta1 ta2 and tb = tb1 tb2 where ta1 ' tb1 and ta2 ' tb2 . By the inductionhypothesis, ta1 =U(tb1) and ta2 =U(tb2). Hence U(tb1 tb2) =U(tb1)U(tb2) = ta1 ta2 .Case 3. (lam-sim). Then, ta = Ξ»x.ta1 and tb = Ξ»x.tb1 where ta1 ' tb1 . By the induction hypothesis, ta1 =U(tb1). Hence U(Ξ»x.tb1) = Ξ»x.U(tb1) = Ξ»x.tb1 .Case 4. (num-sim). Then, ta = tb = n. We immediately get U(n) = n.Case 5. (plus-sim). Then, ta = ta1 + ta2 and tb = tb1 + tb2 where ta1 ' tb1 and ta2 ' tb2 . By the inductionhypothesis, ta1 =U(tb1) and ta2 =U(tb2). Hence U(tb1 + tb2) =U(tb1)+U(tb2) = ta1 + ta2 .Case 6. (subst-sim). Then, ta = ta1 [wa1/x] and tb = tb1 [x := wb1 ] where ta1 ' tb1 and wa1 ' wb1 . By the in-duction hypothesis, ta1 =U(tb1) and wa1 =U(wb1). Hence U(tb1 [x :=wb1 ]) =U(tb1)[U(wb1)/x] =ta1 [wa1/x]124B.1. Equivalence of ISWIM and Explicit ISWIMB.1.3 Substitution Normal FormIn Explicit ISWIM, the terms that cannot perform single-step substitution reduction are in substitution nor-mal form.Definition 210 (Substitution Normal Form). A term t β TERMexp is in substitution normal form if and onlyif t 6ββx.Remark 211. We use s with or without any subscript or superscript as a metavariable to range over the setof terms of Explicit ISWIM in substitution normal form.Remark 212. An Explicit ISWIM term in substitution normal form is not necessarily in the normal formwith respect to the single-step relation ββ. For example, (Ξ»x.t) v is in substitution normal form but is notin the normal form with respect to the single-step relation ββ.Lemma 213. If ta ' tb1 [x := wb1 ], then tb1 ββxβ sb1 , sb1 [x := wb1 ]ββxβ sb2 , and ta ' sb2 .Proof. We proceed by structural induction on ta' tb1 [x :=wb1 ]. Only (subst-sim) applies. Let ta = ta1 [wa1/x]and we haveta1 ' tb1 wa1 ' wb1ta1 [wa1/x]' tb1 [x := wb1 ],We proceed by cases on ta1 β TERMsub.Case 1. (ta1 = x) We havex' tb1 wa1 ' wb1x[wa1/x]' tb1 [x := wb1 ].Then, x[wa1/x] = wa1 . We proceed by cases on x' tb1 .Case i. (var-sim). Let tb1 = x. Then, xββxβ x, x[x := wb1 ]ββx wb1 , and wa1 ' wb1 .Case ii. (subst-sim). Let tb1 = tb11 [x1 := wb11 ]. Given x ' tb11 [x1 := wb11 ], by the inductionhypothesis, we have tb11 ββxβ sb11 , sb11 [x1 :=wb11 ]ββxβ sb12 , and x' sb12 . We proceedby cases on x ' sb12 . The only case is (var-sim), so let sb12 = x. Then, tb1 ββxβ x,x[x := wb1 ]ββx wb1 , and wa1 ' wb1 .Case 2. (ta1 = x0 and x0 6β‘ x). We havex0 ' tb1 wa1 ' wb1x0[wa1/x]' tb1 [x := wb1 ].Then, x0[wa1/x] = x0. We proceed by cases on x0 ' tb1 .Case i. (var-sim). Let tb1 = x0. Then, x0 ββxβ x0, x0[x := wb1 ]ββx x0, and x0 ' x0.125B.1. Equivalence of ISWIM and Explicit ISWIMCase ii. (subst-sim). Let tb1 = tb11 [x1 := wb11 ]. Given x0 ' tb11 [x1 := wb11 ], by the induction hy-pothesis, we have tb11 ββxβ sb11 , sb11 [x1 := wb11 ]ββxβ sb12 , and x0 ' sb12 . We proceedby cases on x0 ' sb12 . The only case is (var-sim), so let sb12 = x0. Then, tb1 ββxβ x0,x0[x := wb1 ]ββxβ x0, and by (var-sim) x0 ' x0.Case 3. (ta1 = (ta11 ta12)). We have(ta11 ta12)' tb1 wa1 ' wb1(ta11 ta12)[wa1/x]' tb1 [x := wb1 ].Then, (ta11 ta12)[wa1/x] = (ta11 [wa1/x]) (ta12 [wa1/x]). We proceed by cases on (ta11 ta12)' tb1 .Case i. (app-sim). Let tb1 = (tb11 tb12) where ta11 ' tb11 and ta12 ' tb12 . We have (tb11 tb12)ββxβ(tb11 tb12) and (tb11 tb12)[x := wb1 ] ββx (tb11 [x := wb1 ]) (tb12 [x := wb1 ]). By (subst-sim)and (app-sim), we get (ta11 [wa1/x]) (ta12 [wa1/x])' (tb11 [x := wb1 ]) (tb12 [x := wb1 ]).Case ii. (subst-sim). Let tb1 = tb11 [x1 := wb11 ]. Given (ta11 ta12) ' tb11 [x1 := wb11 ], by the in-duction hypothesis, we have tb11 ββxβ sb11 , sb11 [x1 := wb11 ]ββxβ sb12 , and (ta11 ta12)'sb12 . We proceed by cases on (ta11 ta12) ' sb12 . The only case is (app-sim), so letsb12 = (tb121 tb122) where ta11 ' tb121 and ta12 ' tb122 . Then, tb1 ββxβ (tb121 tb122) and(tb121 tb122)[x := wb1 ] ββx (tb121 [x := wb1 ]) (tb122 [x := wb1 ]). By (subst-sim) and (app-sim), we get (ta11 [wa1/x]) (ta12 [wa1/x])' (tb121 [x := wb1 ]) (tb122 [x := wb1 ]).Case 4. (ta1 = Ξ»x0.ta11). We have(Ξ»x0.ta11)' tb1 wa1 ' wb1(Ξ»x0.ta11)[wa1/x]' tb1 [x := wb1 ].Then, (Ξ»x0.ta11)[wa1/x] = Ξ»x1.ta11 [x1/x0][wa1/x] where x1 /β FV (Ξ»x0.ta11)βͺFV (wa1)βͺ{x}. Weproceed by cases on (Ξ»x0.ta11)' tb1 .Case i. (lam-sim). Let tb1 = Ξ»x0.tb11 where ta11 ' tb11 . We have Ξ»x0.tb11 ββxβ Ξ»x0.tb11 and(Ξ»x0.tb11)[x :=wb1 ]ββx Ξ»x2.tb11 [x0 := x2][x :=wb1 ]where x2 /βFV (Ξ»x0.tb11)βͺFV (wb1)βͺ{x}.Let x3 /β FV (Ξ»x0.ta11)βͺFV (wa1)βͺFV (Ξ»x0.tb11)βͺFV (wb1)βͺ{x}, then by the defin-ition of Ξ±-equivalence, we get Ξ»x1.ta11 [x1/x0][wa1/x] βΌΞ± Ξ»x3.ta11 [x3/x0][wa1/x] andΞ»x2.tb11 [x0 := x2][x := wb1 ]βΌΞ± Ξ»x3.tb11 [x0 := x3][x := wb1 ].By (lam-sim) and (subst-sim), we get Ξ»x3.ta11 [x3/x0][wa1/x] ' Ξ»x3.tb11 [x0 := x3][x :=wb1 ]. Hence we have Ξ»x1.ta11 [x1/x0][wa1/x]' Ξ»x2.tb11 [x0 := x2][x := wb1 ].Case ii. (subst-sim). Let tb1 = tb11 [x1 := wb11 ]. Given Ξ»x0.ta11 ' tb11 [x1 := wb11 ], by the induc-tion hypothesis, we have tb11 ββxβ sb11 , sb11 [x1 := wb11 ]ββxβ sb12 , and Ξ»x0.ta11 ' sb12 .We proceed by cases on (Ξ»x0.ta11) ' sb12. The only case is (lam-sim), so let sb12 =126B.1. Equivalence of ISWIM and Explicit ISWIMΞ»x0.tb121 where ta11 ' tb121 . We have tb1 ββxβ Ξ»x0.tb121 and (Ξ»x0.tb121)[x := wb1 ] ββxΞ»x2.tb121 [x0 := x2][x := wb1 ] where x2 /β FV (Ξ»x0.tb121)βͺFV (wb1)βͺ{x}.Let x3 /β FV (Ξ»x0.ta11)βͺFV (wa1)βͺFV (Ξ»x0.tb121)βͺFV (wb1)βͺ{x}, then by the defin-ition of Ξ±-equivalence, we get Ξ»x1.ta11 [x1/x0][wa1/x] βΌΞ± Ξ»x3.ta11 [x3/x0][wa1/x] andΞ»x2.tb121 [x0 := x2][x := wb1 ]βΌΞ± Ξ»x3.tb121 [x0 := x3][x := wb1 ].By (lam-sim) and (subst-sim), we get Ξ»x3.ta11 [x3/x0][wa1/x]' Ξ»x3.tb121 [x0 := x3][x :=wb1 ]. Hence we have Ξ»x1.ta11 [x1/x0][wa1/x]' Ξ»x2.tb121 [x0 := x2][x := wb1 ].Case 5. (ta1 = n). We haven' tb1 wa1 ' wb1n[wa1/x]' tb1 [x := wb1 ].Then, n[wa1/x] = n. We proceed by cases on n' tb1 .Case i. (num-sim). Let tb1 = n. We have nββxβ n, n[x := wb1]ββx n and n' n.Case ii. (subst-sim). Let tb1 = tb11 [x1 := wb11 ]. Given n' tb11 [x1 := wb11 ], by the induction hy-pothesis, we have tb11 ββxβ sb11 , sb11 [x1 := wb11 ]ββxβ sb12 , and n' sb12 . We proceedby cases on n' sb12 . The only case is (num-sim), so let sb12 = n. We have tb1 ββxβ n,n[x := wb1 ]ββxβ n and by (num-sim) n' n.Case 6. (ta1 = ta11 + ta12). We haveta11 + ta12 ' tb1 wa1 ' wb1(ta11 + ta12)[wa1/x]' tb1 [x := wb1 ].Then, (ta11 + ta12)[wa1/x] = ta11 [wa1/x]+ ta12 [wa1/x]. We proceed by cases on ta11 + ta12 ' tb1 .Case i. (plus-sim). Let tb1 = tb11 +tb12 where ta11 ' tb11 and ta12 ' tb12 . We have tb11 +tb12 ββxβtb11 tb12 and (tb11 +tb12)[x :=wb1 ]ββx tb11 [x :=wb1 ]+tb12 [x :=wb1 ]. By (subst-sim) and(plus-sim), we get ta11 [wa1/x]+ ta12 [wa1/x]' tb11 [x := wb1 ]+ tb12 [x := wb1 ].Case ii. (subst-sim). Let tb1 = tb11 [x1 := wb11 ]. Given ta11 + ta12 ' tb11 [x1 := wb11 ], by the in-duction hypothesis, we have tb11 ββxβ sb11 , sb11 [x1 := wb11 ]ββxβ sb12 , and ta11 + ta12 'sb12 . We proceed by cases on ta11 + ta12 ' sb12 . The only case is (plus-sim), so letsb12 = tb121 + tb122 where ta11 ' tb121 and ta12 ' tb122 . Then, tb1 ββxβ tb121 + tb122 and(tb121 + tb122)[x := wb1 ]ββx tb121 [x := wb1 ]+ tb122 [x := wb1 ]. By (subst-sim) and (plus-sim), we get ta11 [wa1/x]+ ta12 [wa1/x]' tb121 [x := wb1 ]+ tb122 [x := wb1 ].127B.1. Equivalence of ISWIM and Explicit ISWIMB.1.4 CanonisationGiven two related terms, if one term is a value, then the other term is a value or multi-steps to a value. Wehave the following two lemmas.Lemma 214 (Canonisation of (Substitutional) ISWIM). If ta1 ' vb1 , then ta1 β VALUEsub.Proof. We proceed by structural induction on ta1 ' vb1 .Case 1. (var-sim). This case is vacuous.Case 2. (app-sim). This case is vacuous.Case 3. (lam-sim). Let ta1 = Ξ»x.ta11 and vb1 = Ξ»x.tb11 where ta11 ' tb11 . We have Ξ»x.ta11 β VALUEsub.Case 4. (num-sim). Let ta1 = vb1 = n. We have n β VALUEsub.Case 5. (plus-sim). This case is vacuous.Case 6. (subst-sim). This case is vacuous.Lemma 215 (Canonisation of Explicit ISWIM). If va1 ' tb1 , then tb1 βββ vb2 and va1 ' vb2 .Proof. We proceed by structural induction on va1 ' tb1 .Case 1. (var-sim). This case is vacuous.Case 2. (app-sim). This case is vacuous.Case 3. (lam-sim). Let va1 = Ξ»x.ta11 and tb1 = Ξ»x.tb11 where ta11 ' tb11 . We have Ξ»x.tb11 βββ Ξ»x.tb11 ,Ξ»x.tb11 β VALUEexp and va1 ' Ξ»x.tb11 .Case 4. (num-sim). Let va1 = tb1 = n. We have nβββ n, n β VALUEexp, and va1 ' n.Case 5. (plus-sim). This case is vacuous.Case 6. (subst-sim). Let va1 = ta11 [wa1/x] and tb1 = tb11 [x := wb1 ] where ta11 ' tb11 and wa1 ' wb1 . ByLemma 213, we get tb11 [x := wb1 ] βββ sb12 and ta11 [wa1/x] ' sb12 . We proceed by cases onta11 [wa1/x]' sb12 .Case i. (var-sim). This case is vacuous.Case ii. (app-sim). This case is vacuous.Case iii. (lam-sim). Let ta11 [wa1/x] = Ξ»x1.ta111 and sb12 = Ξ»x1.tb121 where ta111 ' tb121 . We havetb11 [x := wb1 ]βββ Ξ»x1.tb121 , Ξ»x1.tb121 β VALUEexp and va1 ' Ξ»x1.tb121 .128B.1. Equivalence of ISWIM and Explicit ISWIMCase iv. (num-sim). Let ta11 [wa1/x] = sb12 = n. We have tb11 [x := wb1 ] βββ n, n β VALUEexpand va1 ' n.Case v. (plus-sim). This case is vacuous.Case vi. (subst-sim). This case is vacuous.B.1.5 Explicit Substitution Descendant RelationWe define the explicit substitution descendant relation and show its well-foundedness. As a result, we cando induction on explicit substitution descendants.Definition 216 (Explicit Substitution Descendant Relation). For any t1, t2 β TERMexp, t1 βΊx t2 if and only ift2 ββx t1. We call βΊx the explicit substitution descendant relation.Definition 217 (Weight Function). For any t β TERMexp, its weight is W (t) where W is a function definedas follows.W : TERMexp ββ Z+W (x) = 1W (t1 t2) = W (t1)+W (t2)+1W (Ξ»x.t) = 1W (n) = 1W (t1+ t2) = W (t1)+W (t2)+1W (t[x := w]) = W (t) Β· (W (w)+1)Lemma 218 (Substitution reduction decreases weight.). For any t1, t2 β TERMexp, if t1ββx t2, then W (t2)<W (t1).Proof. We proceed by structural induction on t1 ββx t2.Case 1. (var-eq-subst). Let t1 = x[x :=w] and t2 =w. Then, W (x[x :=w]) =W (x) Β·(W (w)+1) =W (w)+1. We have W (w)<W (w)+1 =W (x[x := w]).Case 2. (var-dif-subst). Let t1 = x1[x2 := w] and t2 = x1 where x1 6β‘ x2. Then, W (x1[x2 := w]) =W (x1) Β·(W (w)+1) =W (w)+1. We have W (x1) = 1 <W (w)+1 =W (x1[x2 := w]).Case 3. (num-subst). Let t1 = n[x :=w] and t2 = n. Then, W (n[x :=w]) =W (n) Β·(W (w)+1) =W (w)+1.We have W (n) = 1 <W (w)+1 =W (n[x := w]).Case 4. (app-subst). Let t1 = (t11 t12)[x := w] and t2 = (t11[x := w]) (t12[x := w]). Then, W (t11[x :=w] t12[x := w]) =W (t11[x := w])+W (t12[x := w])+1 =W (t11) Β· (W (w)+1)+W (t12) Β· (W (w)+1) + 1 = (W (t11) +W (t12)) Β· (W (w) + 1) + 1 and W ((t11 t12)[x := w]) = W (t11 t12) Β· (W (w) +129B.1. Equivalence of ISWIM and Explicit ISWIM1) = (W (t11) +W (t12) + 1) Β· (W (w) + 1) = (W (t11) +W (t12)) Β· (W (w) + 1) +W (w) + 1. Wehave W ((t11[x := w]) (t12[x := w])) = (W (t11)+W (t12)) Β· (W (w)+ 1)+ 1 < (W (t11)+W (t12)) Β·(W (w)+1)+W (w)+1 =W ((t11 t12)[x := w]).Case 5. (plus-subst). Let t1 = (t11 + t12)[x := w] and t2 = t11[x := w] + t2[x := w]). Then, W (t11[x :=w]+t12[x :=w]) =W (t11[x :=w])+W (t12[x :=w])+1=W (t11) Β·(W (w)+1)+W (t12) Β·(W (w)+1)+1 = (W (t11)+W (t12)) Β· (W (w)+1)+1 and W ((t11+ t12)[x := w]) =W (t11+ t12) Β· (W (w)+1) = (W (t11)+W (t12)+1) Β· (W (w)+1) = (W (t11)+W (t12)) Β· (W (w)+1)+W (w)+1. We haveW (t11[x :=w]+ t12[x :=w]) = (W (t11)+W (t12)) Β·(W (w)+1)+1 < (W (t11)+W (t12)) Β·(W (w)+1)+W (w)+1 =W ((t11+ t12)[x := w]).Case 6. (lam-subst). Let t1 = (Ξ»x1.t)[x2 := w] and t2 = Ξ»x3.t[x1 := x3][x2 := w] where x3 /β FV (Ξ»x1.t)βͺFV (w)βͺ{x2}. Then, W ((Ξ»x1.t11)[x2 := w]) =W (Ξ»x1.t11) Β· (W (w)+ 1) =W (w)+ 1. We haveW (Ξ»x3.t11[x1 := x3][x2 := w]) = 1 <W (w)+1 =W ((Ξ»x1.t11)[x2 := w]).Case 7. (subst-subst). Let t1 = t11[x1 := w1][x2 := w2] and t2 = t21[x2 := w2] where t11[x1 := w1]ββx t21.By the induction hypothesis, W (t21) < W (t11[x1 := w1]). Then, W (t21[x2 := w2]) = W (t21) Β·(W (w2)+1) and W (t11[x1 :=w1][x2 :=w2])=W (t11[x1 :=w1])Β·(W (w2)+1). We have W (t21[x2 :=w2])=W (t21)Β·(W (w2)+1)=W (t21)Β·(W (w2)+1)<W (t11[x1 :=w1])Β·(W (w2)+1)=W (t11[x1 :=w1][x2 := w2]).Lemma 219 (Well-foundedness of Explicit Substitution Descendant Relation). The explicit substitutiondescendant relation βΊx is well-founded.Proof. Lemma 218 has proved that if t1 ββx t2, then W (t2) < W (t1), for any t1.t2 β TERMexp. For anyt β TERMexp, the length of the descending chain with respect toβΊx starting from t is bound by W (t). Hence,the explicit substitution descendant relation βΊx is well-founded.B.1.6 BisimulationWe demonstrate (Substitutional) ISWIM bisimulates Explicit ISWIM. Intuitively, given two related terms,if one term single-steps, then the other term multi-steps, and the resulting two terms are related.Lemma 220 (Simulation: Explicit ISWIM simulates (Substitutional) ISWIM.). If ta1 ' tb1 and ta1 ββ ta2 ,then tb1 βββ tb2 and ta2 ' tb2 .Proof. We proceed by induction on the structure of ta1 ' tb1 and by induction on the explicit substitutiondescendants βΊx tb1 simultaneously.Case 1. (var-sim). This case is vacuous.Case 2. (app-sim). Let ta1 = ta11 ta12 and tb1 = tb11 tb12 where ta11 ' tb11 and ta12 ' tb12 . We proceed by caseson ta1 ββ ta2 .130B.1. Equivalence of ISWIM and Explicit ISWIMCase i. (appL). Let ta11 ββ ta21 and ta2 = ta21 ta12 . By the induction hypothesis, tb11 βββ tb21and ta21 ' tb21 . Then, tb11 tb12 βββ tb21 tb12 and by (app-sim) ta21 ta12 ' tb21 tb12 .Case ii. (appR). Let ta11 = va11 , ta12 ββ ta22 and ta2 = va11 ta22 . Given va11 ' tb11 , by Lemma 215,tb11 βββ vb11 and va11 ' vb11 . By the induction hypothesis, tb12 βββ tb22 and ta22 ' tb22 .Then, tb11 tb12 βββ vb11 tb12 βββ vb11 tb22 and by (app-sim) va11 ta22 ' vb11 tb22 .Case iii. (app). Let ta11 = Ξ»x.ta111 , ta12 = va12 , and ta2 = ta111 [va12/x]. Given Ξ»x.ta111 ' tb11 ,by Lemma 215, tb11 βββ vb11 and Ξ»x.ta111 ' vb11 . Given va12 ' tb12 , by Lemma 215,tb12 βββ vb12 and va12 ' vb12 . We proceed by cases on Ξ»x.ta111 ' vb11 . The only case is(lam-sim), so let vb11 = Ξ»x.tb111 and ta111 ' tb111 . Then, tb11 tb12 βββ (Ξ»x.tb111) tb12 βββ(Ξ»x.tb111) vb12 ββ tb111 [x := vb12 ]. By (subst-sim), we get ta111 [va12/x]' tb111 [x := vb12 ].Case 3. (lam-sim). This case is vacuous.Case 4. (num-sim). This case is vacuous.Case 5. (plus-sim). Let ta1 = ta11 + ta12 and tb1 = tb11 + tb12 where ta11 ' tb11 and ta12 ' tb12 . We proceed bycases on ta1 ββ ta2 .Case i. (plusL). Let ta11 ββ ta21 and ta2 = ta21 + ta12 . By the induction hypothesis, tb11 βββ tb21and ta21 ' tb21 . Then, tb11 + tb12 βββ tb21 + tb12 and by (plus-sim) ta21 + ta12 ' tb21 + tb12 .Case ii. (plusR). Let ta11 = va11 , ta12 ββ ta22 and ta2 = va11 + ta22 . Given va11 ' tb11 , by Lemma215, tb11 βββ vb11 and va11 ' vb11 . By the induction hypothesis, tb12 βββ tb22 andta22 ' tb22 . Then, tb11 +tb12 βββ vb11 +tb12 βββ vb11 +tb22 and by (plus-sim) va11 +ta22 'vb11 + tb22 .Case iii. (plus). Let ta11 = n1, ta12 = n2, and ta2 = n where n = n1 + n2. Given n1 ' tb11 , byLemma 215, tb11 βββ vb11 and n1' vb11 . Given n2' tb12 , by Lemma 215, tb12 βββ vb12and n2 ' vb12 . We proceed by cases on n1 ' vb11 . The only case is (num-sim), so letvb11 = n1. We proceed by cases on n2 ' vb12 . The only case is (num-sim), so letvb12 = n2. Then, tb11 + tb12 βββ n1 + tb12 βββ n1 + n2 ββ n where n = n1 + n2. By(num-sim), we get n' n.Case 6. (subst-sim). Let ta1 = ta11 [wa11/x] and tb1 = tb11 [x :=wb11 ] where ta11 ' tb11 and wa11 'wb11 . Giventa1 ' tb11 [x := wb11 ], by Lemma 213, tb11 [x := wb11 ]ββxβ sb21 and ta1 ' sb21 . Then, sb21 βΊx tb1 . Ifta1 ββ ta2 , by the induction hypothesis, sb21 βββ tb2 and ta2 ' tb2 . We have tb1 βββ sb21 βββ tb2 .Remark 221. In the last case of the proof, given ta1 ' tb1 , ta1 ' sb21 and sb21 βΊx tb1 , if ta1 ββ ta2 , by theinduction hypothesis, sb21 βββ tb2 and ta2 ' tb2 .Lemma 222 (Single-step explicit substitution reduction preserves simulation relation.). If ta1 ' tb1 andtb1 ββx tb2 , then ta1 ' tb2 .131B.1. Equivalence of ISWIM and Explicit ISWIMProof. We proceed by structural induction on ta1 ' tb1 . Since tb1 ββx tb2 , only (subst-sim) applies. Letta1 = ta11 [wa11/x1] and tb1 = tb11 [x1 := wb11 ] where ta11 ' tb11 and wa11 ' wb11 . We proceed by cases ontb1 ββx tb2 .Case 1. (var-eq-subst). Let tb11 = x1. We have x1[x1 := wb11 ]ββx wb11 . We proceed by cases on ta11 ' x1.The only case is (var-sim), thus we get ta11 = x1. Then, x1[wa11/x1] = wa11 and wa11 ' wb11 .Case 2. (var-dif-subst). Let tb11 = x2 and x2 6β‘ x1. We have x2[x1 := wb11 ] ββx x2. We proceed by caseson ta11 ' x2. The only case is (var-sim), thus we get ta11 = x2. Then, x2[wa11/x1] = x2 and x2 ' x2.Case 3. (num-subst). Let tb11 = n. We have n[x1 := wb11 ] ββx n. We proceed by cases on ta11 ' n. Theonly case is (num-sim), thus we get ta11 = n. Then, n[wa11/x1] = n and n' n.Case 4. (app-subst). Let tb11 = tb111 tb112 . We have (tb111 tb112)[x1 :=wb11 ]ββx (tb111 [x1 :=wb11 ]) (tb112 [x1 :=wb11 ]). We proceed by cases on ta11 ' tb111 tb112 . The only case is (app-sim), thus we get ta11 =ta111 ta112 , ta111 ' tb111 and ta112 ' tb112 . Then, (ta111 ta112)[wa11/x1] = (ta111 [wa11/x1]) (ta112 [wa11/x1])and by (subst-sim) and (app-sim) (ta111 [wa11/x1]) (ta112 [wa11/x1]) ' (tb111 [x1 := wb11 ]) (tb112 [x1 :=wb11 ]).Case 5. (plus-subst). Let tb11 = tb111 + tb112 . We have (tb111 + tb112)[x1 := wb11 ] ββx tb111 [x1 := wb11 ] +tb112 [x1 := wb11 ]. We proceed by cases on ta11 ' tb111 + tb112 . The only case is (plus-sim), thus weget ta11 = ta111 + ta112 , ta111 ' tb111 and ta112 ' tb112 . Then, (ta111 + ta112)[wa11/x1] = ta111 [wa11/x1]+ta112 [wa11/x1] and by (subst-sim) and (plus-sim) ta111 [wa11/x1]+ ta112 [wa11/x1]' tb111 [x1 := wb11 ]+tb112 [x1 := wb11 ].Case 6. (lam-subst). Let tb11 = Ξ»x2.tb111 . We have (Ξ»x2.tb111)[x1 := wb11 ] ββx Ξ»x3.tb111 [x2 := x3][x1 :=wb11 ] where x3 6β FV (Ξ»x2.tb111)βͺFV (wb11)βͺ{x1}. We proceed by cases on ta11 ' Ξ»x2.tb111 . Theonly case is (lam-sim), thus we get ta11 = Ξ»x2.ta111 where ta111 ' tb111 . Then, (Ξ»x2.ta111)[wa11/x1] =Ξ»x4.ta111 [x4/x2][wa11/x1] where x4 /β FV (Ξ»x2.ta111)βͺFV (wa11)βͺ{x1}.Let x5 /β FV (Ξ»x2.tb111)βͺFV (wb11)βͺFV (Ξ»x2.ta111)βͺFV (wa11)βͺ {x1}, we have Ξ»x3.tb111 [x2 :=x3][x1 :=wb11 ]βΌΞ± Ξ»x5.tb111 [x2 := x5][x1 :=wb11 ] and Ξ»x4.ta111 [x4/x2][wa11/x1]βΌΞ± Ξ»x5.ta111 [x5/x2][wa11/x1].By (subst-sim) and (lam-sim), we get Ξ»x5.ta111 [x5/x2][wa11/x1] ' Ξ»x5.tb111 [x2 := x5][x1 := wb11 ].Hence Ξ»x4.ta111 [x4/x2][wa11/x1]' Ξ»x3.tb111 [x2 := x3][x1 := wb11 ].Case 7. (subst-subst). Let tb11 = tb111 [x2 := wb12 ]. We have (tb111 [x2 := wb12 ])[x1 := wb11 ] ββx tb121 [x1 :=wb11 ] where tb111 [x2 := wb12 ]ββx tb121 . By the induction hypothesis, ta11 ' tb121 . Then, by (subst-sim) ta11 [wa11/x1]' tb121 [x1 := wb11 ].Lemma 223 (Simulation: (Substitutional) ISWIM simulates Explicit ISWIM.). If ta1 ' tb1 and tb1 ββ tb2 ,then ta1 βββ ta2 and ta2 ' tb2 .Proof. We proceed by induction on the structure of ta1 ' tb1 .132B.1. Equivalence of ISWIM and Explicit ISWIMCase 1. (var-sim). This case is vacuous.Case 2. (app-sim). Let ta1 = ta11 ta12 and tb1 = tb11 tb12 where ta11 ' tb11 and ta12 ' tb12 . We proceed by caseson tb1 ββ tb2 .Case i. (appL). Let tb11 ββ tb21 and tb2 = tb21 tb12 . By the induction hypothesis, ta11 βββ ta21and ta21 ' tb21 . Then, ta11 ta12 βββ ta21 ta12 and by (app-sim) ta21 ta12 ' tb21 tb12 .Case ii. (appR). Let tb11 = vb11 , tb12 ββ tb22 and tb2 = vb11 tb22 . Given ta11 ' vb11 , by Lemma 214,ta11 βββ va11 and va11 ' vb11 . By the induction hypothesis, ta12 βββ ta22 and ta22 ' tb22 .Then, ta11 ta12 βββ va11 ta12 βββ va11 ta22 and by (app-sim) va11 ta22 ' vb11 tb22 .Case iii. (app). Let tb11 = Ξ»x.tb111 , tb12 = vb12 , and tb2 = tb111 [x := vb12 ]. Given ta11 ' Ξ»x.tb111 ,by Lemma 214, ta11 βββ va11 and va11 ' Ξ»x.tb111 . Given ta12 ' vb12 , by Lemma 214,ta12 βββ va12 and va12 ' vb12 . We proceed by cases on va11 ' Ξ»x.tb111 . The only case is(lam-sim), so let va11 = Ξ»x.ta111 and ta111 ' tb111 . Then, ta11 ta12 βββ (Ξ»x.ta111) ta12 βββ(Ξ»x.ta111) va12 ββ ta111 [va12/x]. By (subst-sim), we get ta111 [va12/x]' tb111 [x := vb12 ].Case 3. (lam-sim). This case is vacuous.Case 4. (num-sim). This case is vacuous.Case 5. (plus-sim). Let ta1 = ta11 + ta12 and tb1 = tb11 + tb12 where ta11 ' tb11 and ta12 ' tb12 . We proceed bycases on tb1 ββ tb2 .Case i. (plusL). Let tb11 ββ tb21 and tb2 = tb21 + tb12 . By the induction hypothesis, ta11 βββ ta21and ta21 ' tb21 . Then, ta11 + ta12 βββ ta21 + ta12 and by (plus-sim) ta21 + ta12 ' tb21 + tb12 .Case ii. (plusR). Let tb11 = vb11 , tb12 ββ tb22 and tb2 = vb11 + tb22 . Given ta11 ' vb11 , by Lemma214, ta11 βββ va11 and va11 ' vb11 . By the induction hypothesis, ta12 βββ ta22 andta22 ' tb22 . Then, ta11 +ta12 βββ va11 +ta12 βββ va11 +ta22 and by (plus-sim) va11 +ta22 'vb11 + tb22 .Case iii. (plus). Let tb11 = n1, tb12 = n2, and tb2 = n where n = n1 + n2. Given ta11 ' n1, byLemma 214, ta11 βββ va11 and va11 ' n1. Given ta12 ' n2, by Lemma 214, ta12 βββ va12and va12 ' n2. We proceed by cases on va11 ' n1. The only case is (num-sim), so letva11 = n1. We proceed by cases on va12 ' n2. The only case is (num-sim), so letva12 = n2. Then, ta11 + ta12 βββ n1 + ta12 βββ n1 + n2 ββ n where n = n1 + n2. By(num-sim), we get n' n.Case 6. (subst-sim). Let ta1 = ta11 [wa11/x] and tb1 = tb11 [x :=wb11 ] where ta11 ' tb11 and wa11 'wb11 . Giventa1 ' tb11 [x := wb11 ], by Lemma 213, tb11 [x := wb11 ]ββxβ sb21 and ta1 ' sb21 . Since tb11 [x := wb11 ]is not in the substitution normal form but sb21 is in substitution normal form, we have tb11 [x :=wb11 ]ββx tb21 ββxβ sb21 . By Lemma 222, ta1 ' tb21 . We also have ta1 βββ ta1 .133B.1. Equivalence of ISWIM and Explicit ISWIMB.1.7 Soundness and CompletenessWe demonstrate the soundness and completeness of Explicit ISWIM with respect to (Substitutional) ISWIM.Theorem 224 (Soundness of Explicit ISWIM w.r.t. (Substitutional) ISWIM). If ta1 ' tb1 and ta1 βββ va2 in(Substitutional) ISWIM, then tb1 βββ vb2 in Explicit ISWIM and va2 ' vb2 .Proof. We proceed by induction on the length of ta1 βββ va2 .Case 1. (0). Let ta1 = va2 . By Lemma 215, tb1 βββ vb2 and va2 ' vb2 .Case 2. (n+1). Let ta1 ββ ta2 ββ(n) va2 . Given ta1 ' tb1 and ta1 ββ ta2 , by Lemma 220, tb1 βββ tb2 andta2 ' tb2 . Given ta2 ' tb2 and ta2 ββ(n) va2 , by the induction hypothesis, tb2 βββ vb2 and va2 ' vb2 .We have tb1 βββ tb2 βββ vb2 and va2 ' vb2 .Remark 225. The parenthesised superscripted number n in ββ(n) denotes the number of single step is n.Theorem 226 (Completeness of Explicit ISWIM w.r.t. (Substitutional) ISWIM). If ta1 ' tb1 and tb1 βββ vb2in Explicit ISWIM, then ta1 βββ va2 in (Substitutional) ISWIM and va2 ' vb2 .Proof. We proceed by induction on the length of tb1 βββ vb2 .Case 1. (0). Let tb1 = vb2 . By Lemma 214, ta1 β VALUEsub. Let va2 = ta1 . We have ta1 βββ va2 andva2 ' vb2 .Case 2. (n+1). Let tb1 ββ tb2 ββ(n) vb2 . Given ta1 ' tb1 and tb1 ββ tb2 , by Lemma 223, ta1 βββ ta2 andta2 ' tb2 . Given ta2 ' tb2 and tb2 ββ(n) vb2 , by the induction hypothesis, ta2 βββ va2 and va2 ' vb2 .We have ta1 βββ va2 and va2 ' vb2 .B.1.7.1 An alternative proof.We demonstrate a different proof of Theorem 226 which does not use Lemma 223. We start with twolemmas. Their proofs are omitted.Lemma 227. If ta1 ' tb1 , tb1 ββ tb2 and ta1 6' tb2 , then ta1 ββ ta2 .Remark 228. Lemma 227 does not imply whether or not ta2 ' tb2 .Lemma 229. If ta1 ' tb1 and ta1 ββ ta2 , then tb1 ββ+ tb2 and ta2 ' tb2 .Remark 230. Lemma 229 is stronger than Lemma 220. In other words, Lemma 229 implies Lemma 220.We restate and prove Theorem 226 as follows.134B.1. Equivalence of ISWIM and Explicit ISWIMTheorem 231 (Completeness of Explicit ISWIM w.r.t. (Substitutional) ISWIM). If ta1 ' tb1 and tb1 βββ vb2in Explicit ISWIM, then ta1 βββ va2 in (Substitutional) ISWIM and va2 ' vb2 .Proof. We proceed by induction on the length of tb1 βββ vb2 .Case 1. (0). Let tb1 = vb2 . By Lemma 214, ta1 β VALUEsub. Let va2 = ta1 . We have ta1 βββ va2 andva2 ' vb2 .Case 2. (n+1). Let tb1 ββ tb2 ββ(n) vb2 . We proceed by cases on ta1 ' tb1 , in particular on whether it is(subst-sim) or not.Case i. (subst-sim). Let ta1 = ta11 [wa1/x] and tb1 = tb11 [x := wb1 ] where ta11 ' tb11 and wa1 'wb1 . By Lemma 213, tb1 ββxβ sb2 . Observe that tb1 is not in substitution normalform but sb2 is in substitution normal form. By the determinism of the small-stepsemantics, tb1 ββx tb2 ββx(p) sb2 ββ(q) vb2 and p+q= n where p,qβ₯ 0. By Lemma222, ta1 ' tb2 . By the induction hypothesis, ta1 βββ va2 and va2 ' vb2 .Case ii. (other cases). We proceed by cases on whether ta1 ' tb2 .Case a. (ta1 ' tb2). Then, by the induction hypothesis, ta1 βββ va2 and va2 ' vb2 .Case b. (ta1 6' tb2). By Lemma 227, ta1 ββ ta2 . By Lemma 229, tb1 ββ+ tb3 andta2 ' tb3 . By the determinism of the small-step semantics, tb1 ββ tb2 ββ(p)tb3 ββ(q) vb2 and p+ q = n where p,q β₯ 0. By the induction hypothesis,ta2 βββ va2 and va2 ' vb2 .B.1.8 Kleene Equality of EvaluatorsWe prove the Kleene equality of evaluators evalISWIM:SubSOS(t) and evalISWIM:ExpSOS(t).Theorem 232 (Kleene Equality of Evaluators). For any t β PRGMISWIM, evalISWIM:SubSOS(t) is Kleene equalto evalISWIM:ExpSOS(t).Proof. We first show if evalISWIM:SubSOS(t) = a where a β ANSISWIM, then evalISWIM:ExpSOS(t) = a.Case 1. If evalISWIM:SubSOS(t) = function, then t βββ Ξ»x.t β². By Theorem 224, t βββ vβ² and Ξ»x.t β² βΌ vβ².Proceed by induction on Ξ»x.t β² βΌ vβ². Th
- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Theses and Dissertations /
- Refining semantics for multi-stage programming
Open Collections
UBC Theses and Dissertations
Featured Collection
UBC Theses and Dissertations
Refining semantics for multi-stage programming Ge, Rui 2016
pdf
Notice for Google Chrome users:
If you are having trouble viewing or searching the PDF with Google Chrome, please download it here instead.
If you are having trouble viewing or searching the PDF with Google Chrome, please download it here instead.
Page Metadata
Item Metadata
Title | Refining semantics for multi-stage programming |
Creator |
Ge, Rui |
Publisher | University of British Columbia |
Date Issued | 2016 |
Description | Multi-stage programming is a programming paradigm that supports runtime code generation and execution. Though researchers have extended several mainstream programming languages to support it, multi-stage programming has not been widely recognised or used. The popularisation of multi-stage programming has been impeded by the lack of development aids such as code refactoring and optimisation, for which the culprit is the lack of static analysis support. Van Horn and Might proposed a general-purpose approach to systematically developing static analyses for a programming language by applying transformations to its formal semantics, an approach we believe is applicable to multi-stage programming. The approach requires that the initial semantics be specified as an environmental abstract machine that records the change of control strings, environments and continuations as a program evaluates. Developing an environmental abstract machine for a multi-stage language is not straightforward and has not been done so far in the literature. In the thesis, we study multi-stage programming through a functional language, MetaML. The main research problem of the thesis is: Can we refine the pre-existing substitutional natural semantics of MetaML to a corresponding environmental abstract machine and demonstrate their equivalence? We first develop a substitutional structural operational semantics for MetaML. Then we simplify the research problem along two dimensionsβeach dimension leads to a less complicated semantics refinement problem. The first dimension is to refine semantics for a single-stage language rather than a multi-stage language: we stepwise develop an environmental abstract machine, the CEK machine, for a single-stage language, ISWIM, based on its substitutional structural operational semantics. The second dimension is to derive a substitutional abstract machine rather than an environmental abstract machine: we stepwise develop a substitutional abstract machine, the MK machine, for the multi-stage language MetaML, based on its substitutional structural operational semantics. Finally, utilising the experience of refining semantics along two dimensions, we stepwise develop an environmental abstract machine, the MEK machine, for MetaML, based on its substitutional structural operational semantics. Furthermore, we introduce three proof techniques which are used throughout the thesis to prove the equivalence of semantics. |
Genre |
Thesis/Dissertation |
Type |
Text |
Language | eng |
Date Available | 2016-10-25 |
Provider | Vancouver : University of British Columbia Library |
Rights | Attribution-NonCommercial-NoDerivatives 4.0 International |
DOI | 10.14288/1.0319338 |
URI | http://hdl.handle.net/2429/59552 |
Degree |
Master of Science - MSc |
Program |
Computer Science |
Affiliation |
Science, Faculty of Computer Science, Department of |
Degree Grantor | University of British Columbia |
GraduationDate | 2016-11 |
Campus |
UBCV |
Scholarly Level | Graduate |
Rights URI | http://creativecommons.org/licenses/by-nc-nd/4.0/ |
AggregatedSourceRepository | DSpace |
Download
- Media
- 24-ubc_2016_november_ge_rui.pdf [ 1.52MB ]
- Metadata
- JSON: 24-1.0319338.json
- JSON-LD: 24-1.0319338-ld.json
- RDF/XML (Pretty): 24-1.0319338-rdf.xml
- RDF/JSON: 24-1.0319338-rdf.json
- Turtle: 24-1.0319338-turtle.txt
- N-Triples: 24-1.0319338-rdf-ntriples.txt
- Original Record: 24-1.0319338-source.json
- Full Text
- 24-1.0319338-fulltext.txt
- Citation
- 24-1.0319338.ris