Classical logic, control calculi and data types Robbert Krebbers November 2, 2010 @ The Brouwer seminar
The Curry-Howard correspondence Computation Logic Types ⇐ ⇒ Formulas Programs ⇐ ⇒ Proofs Reduction ⇐ ⇒ Proof normalization
Classical logic ◮ People originally believed: “Curry-Howard is limited to constructive logic” ◮ Classical logic contains constructive content [Kreisel, Friedman] PA ⊢ Π 0 2 ➺ Proof translation HA ⊢ Π 0 2 ◮ But this is an indirect result
Griffin’s discovery ◮ Felleisen’s control operator C can be typed with DN Γ ⊢ t : ¬¬ ρ Γ ⊢ C ρ t : ρ ◮ Curry-Howard correspondence for classical logic! ◮ This is a direct result ◮ Continuation passing style (CPS) translation ◮ Not only a simulation of control in a system without ◮ Also an embedding of classical logic into constructive logic
Problem ◮ Many control calculi present in the literature ◮ Which is the best? ◮ Most of these calculi are quite simple ◮ No ‘real’ data types (natural numbers, lists, . . . ) ◮ No polymorphism ◮ No dependent types ◮ . . . ◮ No program extraction ` a la Paulin/Letouzey
My work ◮ Compared the λ C -, λ ∆ - and λ µ -calculus ◮ Main theoretical properties ◮ Simulation of catch and throw ◮ Possibility of extension with data types ◮ Developed the λ T µ -calculus ◮ λ µ with natural numbers and primitive recursion ◮ Proven its main theoretical properties ◮ Embedding of λ T µ into other systems
Control mechanisms Allow to separate the unusual case from the normal case ◮ Domain failures: precondition fails ◮ Range failures: postcondition cannot be satisfied For example, Lisp’s catch and throw ◮ To evaluate catch α t we evaluate t ◮ If evaluation of t yields an actual result v = ⇒ normal return: catch α t yields v ◮ If we encounter throw α s during the evaluation of t = ⇒ exceptional return: catch α t yields s
Control mechanisms Example The ordinary list product function: let rec listmult l = match l with | nil -> 1 | x :: k -> x * (listmult k ) With control: listmult l = catch α (listmult2 l ) let let rec listmult2 l = match l with | nil -> 1 | 0 :: k -> throw α 0 | x :: k -> x * (listmult2 k )
Simple type theory Types: ρ, δ ::= α | ρ → δ Terms: t , r , s ::= x | λ x : ρ. t | ts Typing rules: x : ρ ∈ Γ Γ , x : ρ ⊢ t : δ Γ ⊢ t : ρ → δ Γ ⊢ s : ρ Γ ⊢ x : ρ Γ ⊢ λ x : ρ. t : ρ → δ Γ ⊢ ts : δ Curry-Howard correspondence: Simple type theory ⇐ ⇒ Minimal logic Reduction: ( λ x : ρ. t ) r → β t [ x := r ]
The λ C -calculus [Felleisen, Griffin] ◮ Simple type theory extended with: Γ ⊢ t : ¬¬ ρ Γ ⊢ t : ⊥ Γ ⊢ A ρ t : ρ Γ ⊢ C ρ t : ρ ◮ Does originally not satisfy subject reduction t : ⊥ A ρ t : ρ t : ⊥ ⊲ A E [ A ρ t ] : δ ◮ Some ad hoc modifications needed. ◮ Evaluation instead of reduction theory ◮ Inconvenient for equational reasoning ◮ If t 1 ⇒ t 2 , then not necessarily E [ t 1 ] ⇒ E [ t 2 ] ◮ Known reduction theories are unsatisfactory
The λ ∆ -calculus [Rehof, Sørensen] ◮ Simple type theory extended with: Γ , x : ρ → ⊥ ⊢ t : ⊥ Γ ⊢ ∆ x : ρ → ⊥ . t : ρ ◮ Reduction instead of evaluation ◮ Satisfies subject reduction, confluence, strong normalization ◮ Not able to simulate throw β ( throw α s ) → throw α s
The λ µ -calculus [Parigot] Terms and commands: t , r , s ::= x | λ x : ρ. r | ts | µα : ρ. c c , d ::= [ α ] t Two kinds of judgments: Γ; ∆ ⊢ c : and Γ; ∆ ⊢ t : ρ = | Two contexts: Γ : assumptions and ∆ : passivated goals The typing rules of simple type theory and the following rules: Γ; ∆ , α : ρ ⊢ c : Γ; ∆ ⊢ t : ρ α : ρ ∈ ∆ = | Γ; ∆ ⊢ µα : ρ. c : ρ Γ; ∆ ⊢ [ α ] t : = |
The λ µ -calculus Minimal classical logic Theorem Γ ⊢ A in minimal classical logic = ⇒ ; Γ ⊢ t : A in λ µ . Proof. Peirce’s law is inhabited: x : ρ [ α ] x : = | µβ. [ α ] x : δ t : ( ρ → δ ) → ρ λ x .µβ. [ α ] x : ρ → δ t ( λ x .µβ. [ α ] x ) : ρ [ α ] t ( λ x .µβ. [ α ] x ) : = | µα. [ α ] t ( λ x .µβ. [ α ] x ) : ρ
The λ µ -calculus Classical logic Theorem Γ; ∆ ⊢ t : ρ in λ µ = ⇒ Γ , ¬ ∆ ⊢ ρ in classical logic. Γ; ∆ , α : ρ ⊢ c : Γ; ∆ ⊢ t : ρ α : ρ ∈ ∆ = | Γ; ∆ ⊢ µα : ρ. c : ρ Γ; ∆ ⊢ [ α ] t : = | Γ , ¬ ∆ , ¬ ρ ⊢ ⊥ Γ , ¬ ∆ ⊢ ρ Γ , ¬ ∆ ⊢ ¬ ρ Γ , ¬ ∆ ⊢ ρ Γ , ¬ ∆ ⊢ ⊥ Theorem Γ; ⊢ t : ρ in λ µ = ⇒ Γ ⊢ ρ in minimal classical logic.
The λ µ -calculus Contexts: E ::= � | Et For example: E = � z ( λ xy . x ) then E [ t ] ≡ t z ( λ xy . x ) Structural substitution: x [ α := β E ] := x ( λ x . r )[ α := β E ] := λ x . r [ α := β E ] ( ts )[ α := β E ] := t [ α := β E ] s [ α := β E ] ( µγ. c )[ α := β E ] := µγ. c [ α := β E ] ([ γ ] t )[ α := β E ] := [ γ ] t [ α := β E ] provided that γ � = α ([ α ] t )[ α := β E ] := [ β ] E [ t [ α := β E ]] For example: ([ α ] x ( µβ. [ α ] y ))[ α := γ ( � s )] ≡ [ γ ] x ( µβ. [ γ ] y s ) s
The λ µ -calculus Reduction Intuition: µα. [ β ] t ∼ catch α in t and throw the result to β Another intuition: ( µα. c ) t 1 . . . t n ∼ apply t 1 . . . t n to all subterms labeled α Reduction: ( λ x . t ) r → β t [ x := r ] ( µα. c ) s → µ R µα. c [ α := α ( � s )] µα. [ α ] t → µη t provided that α / ∈ FCV( t ) [ α ] µβ. c → µ i c [ β := α � ] We do not have s ( µα. c ) → µα. c [ α := α ( s � )]
The λ µ -calculus Catch and throw Define: catch α t := µα. [ α ] t throw β s := µγ. [ β ] s provided that γ / ∈ FCV( s ) ∪ { β } We have the following reductions for catch and throw : 1. E [ throw α t ] ։ throw α t E [ µγ. [ β ] s ] → µγ. [ β ] s [ γ := γ E ] ≡ µγ. [ β ] s 2. catch α ( throw α t ) ։ catch α t Not catch α ( throw α t ) ։ t µα. [ α ] µγ. [ α ] t → µα. [ α ] t [ γ := α ] ≡ µα. [ α ] t 3. catch α t ։ t provided that α / ∈ FCV( t ) µα. [ α ] t → t 4. throw β ( throw α s ) → throw α s µγ. [ β ] µδ. [ α ] s → µγ. [ α ] s [ δ := β ] ≡ µγ. [ α ] s
The λ µ -calculus Meta theoretical properties ◮ λ µ satisfies subject reduction c : = | c [ α := α ( � s )] : = → µ R µα. c : ρ → δ s : ρ | µα. c [ α := α ( � s )] : δ ( µα. c ) s : δ t : ρ [ α ] t : → µη t : ρ = | µα. [ α ] t : ρ c : = | → µ i µβ. c : ρ c [ β := α � ] : = | [ α ] µβ. c : = | ◮ λ µ is confluent ◮ λ µ is strongly normalizing
G¨ odel’s T Types: ρ, δ ::= N | ρ → δ Terms: t , r , s ::= x | λ x : ρ. r | ts | 0 | S t | nrec ρ r s t The typing rules of simple type theory and the following rules: Γ ⊢ t : N Γ ⊢ 0 : N Γ ⊢ S t : N Γ ⊢ r : ρ Γ ⊢ s : N → ρ → ρ Γ ⊢ t : N Γ ⊢ nrec ρ r s t : ρ
G¨ odel’s T Reduction: ( λ x . t ) r → β t [ x := r ] nrec r s 0 → 0 r nrec r s ( S t ) → S s t ( nrec r s t ) Expressive power: ◮ Simple type theory: extended polynomials ◮ λ µ -calculus: extended polynomials (by CPS) ◮ G¨ odel’s T : provably recursive functions For example: pred := λ z . nrec 0 ( λ xy . x ) z
The λ T µ -calculus Terms: t , r , s ::= x | λ x : ρ. r | ts | µα : ρ. c | 0 | S t | nrec ρ r s t c , d ::= [ α ] t The typing rules of simple type theory and the following rules: Γ; ∆ ⊢ t : N Γ; ∆ ⊢ 0 : N Γ; ∆ ⊢ S t : N Γ; ∆ ⊢ r : ρ Γ; ∆ ⊢ s : N → ρ → ρ Γ; ∆ ⊢ t : N Γ; ∆ ⊢ nrec ρ r s t : ρ Γ; ∆ , α : ρ ⊢ c : = Γ; ∆ ⊢ t : ρ α : ρ ∈ ∆ | Γ; ∆ ⊢ µα : ρ. c : ρ Γ; ∆ ⊢ [ α ] t : = |
Reduction Contexts: E ::= � | Et | S E | nrec r s E Reduction: ( λ x . t ) r → β t [ x := r ] ( µα. c ) s → µ R µα. c [ α := α ( � s )] µα. [ α ] t → µη t provided that α / ∈ FCV( t ) [ α ] µβ. c → µ i c [ β := α � ] nrec r s 0 → 0 r nrec r s ( S t ) → S s t ( nrec r s t ) nrec r s ( µα. c ) → µ N µα. c [ α := α ( nrec r s � )] Closed normal forms of type N are not necessarily numerals: catch α S( throw α 0) ≡ µα. [ α ] S ( µβ. [ α ]0)
Reduction ( λ x . t ) r → β t [ x := r ] S ( µα. c ) → µ S µα. c [ α := α ( S � )] ( µα. c ) s → µ R µα. c [ α := α ( � s )] µα. [ α ] t → µη provided that α / ∈ FCV( t ) t [ α ] µβ. c → µ i c [ β := α � ] nrec r s 0 → 0 r nrec r s ( S t ) → S s t ( nrec r s t ) nrec r s ( µα. c ) → µ N µα. c [ α := α ( nrec r s � )] Not confluent. For example µα. [ α ] nrec 0 ( λ xh . K ) ( S µγ. [ α ] L ) reduces to: µα. [ α ]( λ xh . K ) ( µγ. [ α ] L ) ( nrec . . . ) → µα. [ α ] K → K µα. [ α ] nrec 0 ( λ xh . K ) ( µγ. [ α ] L ) → µα. [ α ] µγ. [ α ] L → µα. [ α ] L → L
Reduction ( λ x . t ) r → β t [ x := r ] S ( µα. c ) → µ S µα. c [ α := α ( S � )] ( µα. c ) s → µ R µα. c [ α := α ( � s )] µα. [ α ] t → µη t provided that α / ∈ FCV( t ) [ α ] µβ. c → µ i c [ β := α � ] nrec r s 0 → 0 r nrec r s ( S n ) → S s n ( nrec r s n ) nrec r s ( µα. c ) → µ N µα. c [ α := α ( nrec r s � )] However, now the → S -rule looks more like call-by-value?
Recommend
More recommend