formalizing strong normalization proofs
play

Formalizing Strong Normalization Proofs Kazuhiko Sakaguchi College - PowerPoint PPT Presentation

Nov 10, 2023 •293 likes •1.59k views

Formalizing Strong Normalization Proofs Kazuhiko Sakaguchi College of Information Science, University of Tsukuba 2014/12/3 TPP2014 Strong Normalization Theorem In typed -calculi, strong normalization (SN) theorem is as follows. , t ,

  1. Proof Outline of the Equational Properties We can apply some automation techniques for these proofs. eliminating hypotheses case analysis ∀ m . n ≤ m ⇒ P [ n , m ] do !case: ifP → ∀ m ′ . P [ n , n + m ′ ] ֒ structural induction on term applying congruence tactic with some hypotheses: S m + n = S ( m + n ) , m + S n = S ( m + n ) 10 / 42

  2. Proof Outline of the Equational Properties We can apply some automation techniques for these proofs. eliminating hypotheses case analysis ∀ m . n ≤ m ⇒ P [ n , m ] do !case: ifP → ∀ m ′ . P [ n , n + m ′ ] ֒ automation based on omega structural induction on term applying congruence tactic with some hypotheses: S m + n = S ( m + n ) , m + S n = S ( m + n ) 10 / 42

  3. Proof Outline of the Equational Properties We can apply some automation techniques for these proofs. eliminating hypotheses case analysis ∀ m . n ≤ m ⇒ P [ n , m ] do !case: ifP → ∀ m ′ . P [ n , n + m ′ ] ֒ automation based on omega structural induction on term applying congruence tactic manual proof with some hypotheses: S m + n = S ( m + n ) , m + S n = S ( m + n ) 10 / 42

  4. Example Lemma subst_shift_distr n d c ts t : n <= c -> shift d c (substitute n ts t) = substitute n (map (shift d (c - n)) ts) (shift d (size ts + c) t). Proof. elimleq; elim: t n; congruence’ => v n; elimif_omega. - rewrite !nth_default ?size_map /=; elimif_omega. - rewrite -shift_shift_distr // nth_map’ /=; congr shift; apply nth_equal; rewrite size_map; elimif_omega. Qed. 11 / 42

  5. Performance Problem of omega Notation minn x y := (x - (x - y)). Lemma minnA x y z : minn x (minn y z) = minn (minn x y) z. Proof. omega. 12 / 42

  6. Performance Problem of omega minn is the smallest number of two natural numbers. x − ( x − y ) is a frequently appearing pattern in proofs relevant to the de Bruijn representation. Notation minn x y := (x - (x - y)). Lemma minnA x y z : minn x (minn y z) = minn (minn x y) z. Proof. omega. 12 / 42

  7. Performance Problem of omega minn is the smallest number of two natural numbers. x − ( x − y ) is a frequently appearing pattern in proofs relevant to the de Bruijn representation. Notation minn x y := (x - (x - y)). Lemma minnA x y z : minn x (minn y z) = minn (minn x y) z. Proof. omega. 12 / 42

  8. Performance Problem of omega minn is the smallest number of two natural numbers. x − ( x − y ) is a frequently appearing pattern in proofs relevant to the de Bruijn representation. Notation minn x y := (x - (x - y)). Lemma minnA x y z : minn x (minn y z) = minn (minn x y) z. Proof. omega. associativity of minn 12 / 42

  9. Performance Problem of omega minn is the smallest number of two natural numbers. x − ( x − y ) is a frequently appearing pattern in proofs relevant to the de Bruijn representation. Notation minn x y := (x - (x - y)). Lemma minnA x y z : minn x (minn y z) = minn (minn x y) z. Proof. omega. associativity of minn runs forever 12 / 42

  10. Performance Problem of omega minn is the smallest number of two natural numbers. x − ( x − y ) is a frequently appearing pattern in proofs relevant to the de Bruijn representation. Notation minn x y := (x - (x - y)). Lemma minnA x y z : minn x (minn y z) = minn (minn x y) z. Proof. omega. associativity of minn runs forever Some techniques are required to use the omega tactic for proving the equational properties. 12 / 42

  11. Part II Strong Normalization Theorem

  12. λ → : Simply Typed λ -Calculus types and terms: U :: = X t :: = x | ( U → U ) | ( t t ) | ( λ x : U . t ) typing rules: reduction rules: Γ ( x ) = U ( λ x : U . t ) u → β t [ x : = u ] Γ ⊢ x : U t 1 → β t 2 u 1 → β u 2 Γ ⊢ t : U → V Γ ⊢ u : U t 1 u → β t 2 u t u 1 → β t u 2 Γ ⊢ t u : V t → β t ′ { x : U } + Γ ⊢ t : V λ x : U . t → β λ x : U . t ′ Γ ⊢ λ x : U . t : U → V 14 / 42

  13. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. 15 / 42

  14. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. Γ ⊢ t : U (2) Proof by induction on t . Proof by induction RED U ( t ) on t or U . SN → β ( t ) (1) Proof by induction on U . 15 / 42

  15. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. Γ ⊢ t : U (2) Proof by induction on t . Proof by induction RED U ( t ) on t or U . SN → β ( t ) (1) Proof by induction on U . 15 / 42

  16. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. Γ ⊢ t : U (2) Proof by induction on t . Proof by induction RED U ( t ) on t or U . SN → β ( t ) (1) Proof by induction on U . 15 / 42

  17. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. Γ ⊢ t : U (2) Proof by induction on t . Proof by induction RED U ( t ) on t or U . SN → β ( t ) (1) Proof by induction on U . 15 / 42

  18. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. Γ ⊢ t : U (2) Proof by induction on t . Proof by induction RED U ( t ) on t or U . SN → β ( t ) (1) Proof by induction on U . 15 / 42

  19. Proof Outline of the SN Theorem Our proofs are based on the Girard’s proof [GTL89]. Γ ⊢ t : U (2) Proof by induction on t . Proof by induction RED U ( t ) on t or U . SN → β ( t ) (1) Proof by induction on U . 15 / 42

  20. What is RED U ? in the Simply Typed λ -Calculus RED U ( reducibility ) is defined by induction on the type U as follows: def RED X ( t ) ⇐ ⇒ SN → β ( t ) def RED U → V ( t ) ⇐ ⇒ ∀ u . RED U ( u ) ⇒ RED V ( t u ) . 16 / 42

  21. What is RED U ? in the Simply Typed λ -Calculus RED U ( reducibility ) is defined by induction on the type U as follows: def RED X ( t ) ⇐ ⇒ SN → β ( t ) def RED U → V ( t ) ⇐ ⇒ ∀ u . RED U ( u ) ⇒ RED V ( t u ) . In typical definitions, RED U is a set of typed terms. But this definition of RED U contains untyped terms. For example, ( λ x : U . x x ) ∈ RED X . 16 / 42

  22. Part 1: Reducible Terms are SN CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 2 t → β t ′ ∧ RED U ( t ) ⇒ RED U ( t ′ ) neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 3 17 / 42

  23. Part 1: Reducible Terms are SN CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 2 t → β t ′ ∧ RED U ( t ) ⇒ RED U ( t ′ ) neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 3 t is not of the form λ x . u . 17 / 42

  24. Part 1: Reducible Terms are SN CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 2 t → β t ′ ∧ RED U ( t ) ⇒ RED U ( t ′ ) neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 3 t is not of the form λ x . u . CR 2 is proved by induction on U . CR 1,3 are proved together by induction on U . 17 / 42

  25. Part 2: Typed Terms are Reducible First, we prove the following proposition (reducibility theorem) by induction on t . { x 1 : U 1 , . . . , x n : U n , y 1 : V 1 , . . . , y m : V m } ⊢ t : U ∧ ( ∀ i ∈ { 1, . . . , n } . RED U i ( t i )) ⇒ RED U ( t [ x 1 , . . . , x n : = t 1 , . . . , t n ]) 18 / 42

  26. Part 2: Typed Terms are Reducible First, we prove the following proposition (reducibility theorem) by induction on t . { x 1 : U 1 , . . . , x n : U n , y 1 : V 1 , . . . , y m : V m } ⊢ t : U ∧ ( ∀ i ∈ { 1, . . . , n } . RED U i ( t i )) ⇒ RED U ( t [ x 1 , . . . , x n : = t 1 , . . . , t n ]) In case of n = 0, this proposition is equivalent to { y 1 : V 1 , . . . , y m : V m } ⊢ t : U ⇒ RED U ( t ) . 18 / 42

  27. Part 2: Typed Terms are Reducible First, we prove the following proposition (reducibility theorem) by induction on t . { x 1 : U 1 , . . . , x n : U n , y 1 : V 1 , . . . , y m : V m } ⊢ t : U ∧ ( ∀ i ∈ { 1, . . . , n } . RED U i ( t i )) ⇒ RED U ( t [ x 1 , . . . , x n : = t 1 , . . . , t n ]) In case of n = 0, this proposition is equivalent to { y 1 : V 1 , . . . , y m : V m } ⊢ t : U ⇒ RED U ( t ) . Finally, we get a proof of the strong normalization theorem. 18 / 42

  28. Typed Reducibility Unsuccessful Example Now, we redefine the reducibility as a set of typed terms. RED ′ Γ def X ( t ) ⇐ ⇒ SN → β ( t ) RED ′ Γ def ⇒ ∀ u . RED Γ U ( u ) ⇒ RED Γ U → V ( t ) ⇐ V ( t u ) def ⇒ Γ ⊢ t : U ∧ RED ′ Γ RED Γ U ( t ) ⇐ U ( t ) 19 / 42

  29. Typed Reducibility Unsuccessful Example Now, we redefine the reducibility as a set of typed terms. RED ′ Γ def X ( t ) ⇐ ⇒ SN → β ( t ) RED ′ Γ def ⇒ ∀ u . RED Γ U ( u ) ⇒ RED Γ U → V ( t ) ⇐ V ( t u ) def ⇒ Γ ⊢ t : U ∧ RED ′ Γ RED Γ U ( t ) ⇐ U ( t ) In this definition, proof of CR 1 is unsuccessful. 19 / 42

  30. A Proof of CR 1 in Untyped Settings CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 3 neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 1,3 are proved together by induction on U. 20 / 42

  31. A Proof of CR 1 in Untyped Settings CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 3 neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 1,3 are proved together by induction on U. Proof. If U is a type variable, CR 1 is a tautology. The only remaining case is U = V → W . 20 / 42

  32. A Proof of CR 1 in Untyped Settings CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 3 neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 1,3 are proved together by induction on U. Proof. If U is a type variable, CR 1 is a tautology. The only remaining case is U = V → W . RED V → W ( t ) ⇔ ∀ u . RED V ( u ) ⇒ RED W ( t u ) (definition of RED) ⇒ RED V ( x ) ⇒ RED W ( t x ) ( x is a fresh variable) ⇒ RED W ( t x ) (I.H. of CR 3 ) ⇒ SN → β ( t x ) (I.H. of CR 1 ) ⇒ SN → β ( t ) (basic property of SN) 20 / 42

  33. A Proof of CR 1 in Untyped Settings CR 1 RED U ( t ) ⇒ SN → β ( t ) CR 3 neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( t ′ )) ⇒ RED U ( t ) CR 1,3 are proved together by induction on U. Proof. If U is a type variable, CR 1 is a tautology. The only remaining case is U = V → W . RED V → W ( t ) ⇔ ∀ u . RED V ( u ) ⇒ RED W ( t u ) (definition of RED) ⇒ RED V ( x ) ⇒ RED W ( t x ) ( x is a fresh variable) ⇒ RED W ( t x ) (I.H. of CR 3 ) ⇒ SN → β ( t x ) (I.H. of CR 1 ) ⇒ SN → β ( t ) (basic property of SN) In typed settings, a term of type V is not always existing. 20 / 42

  34. Solutions There are 2 ways to solve this issue: ◮ Construct finite set of types by traversing proof tree of Γ ⊢ t : U , and add it to Γ with fresh variables. ◮ Redefine RED U as a Kripke logical predicate. 21 / 42

  35. Solution 1: Proof Tree Traversal � � Γ ( x ) = U = T ′ ( U ) T Γ ⊢ x : U � � P 1 P 2 = T ′ ( V ) ∪ T ( P 1 ) ∪ T ( P 2 ) T Γ ⊢ t u : V � � P 1 = T ′ ( U → V ) ∪ T ( P 1 ) T Γ ⊢ λ x : U . t : U → V T ′ ( X ) = ∅ T ′ ( U → V ) = { U } ∪ T ′ ( U ) ∪ T ′ ( V ) 22 / 42

  36. Solution 1: Proof Tree Traversal It is possible to prove the following CR 1,2,3 in a similar method. CR 1 ( ∀ V ∈ T ′ ( U ) . V ∈ Γ ) ∧ RED Γ U ( t ) ⇒ SN → β ( t ) CR 2 t → β t ′ ∧ RED Γ U ( t ) ⇒ RED Γ U ( t ′ ) CR 3 ( ∀ V ∈ T ′ ( U ) . V ∈ Γ ) ∧ Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED Γ U ( t ′ )) ⇒ RED Γ U ( t ) 23 / 42

  37. Solution 1: Proof Tree Traversal It is possible to prove the following CR 1,2,3 in a similar method. CR 1 ( ∀ V ∈ T ′ ( U ) . V ∈ Γ ) ∧ RED Γ U ( t ) ⇒ SN → β ( t ) CR 2 t → β t ′ ∧ RED Γ U ( t ) ⇒ RED Γ U ( t ′ ) CR 3 ( ∀ V ∈ T ′ ( U ) . V ∈ Γ ) ∧ Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED Γ U ( t ′ )) ⇒ RED Γ U ( t ) 23 / 42

  38. Solution 2: Kripke Logical Predicate def RED ′ X ( Γ , t ) ⇐ ⇒ SN → β ( t ) def RED ′ · ∆ ∧ RED U ( ∆ , u ) ⇒ RED V ( ∆ , t u ) U → V ( Γ , t ) ⇐ ⇒ ∀ ∆ , u . Γ ≤ def ⇒ Γ ⊢ t : U ∧ RED ′ RED U ( Γ , t ) ⇐ U ( Γ , t ) 24 / 42

  39. Solution 2: Kripke Logical Predicate ∀ x ∈ dom ( Γ ) . Γ ( x ) = ∆ ( x ) def RED ′ X ( Γ , t ) ⇐ ⇒ SN → β ( t ) def RED ′ · ∆ U → V ( Γ , t ) ⇐ ⇒ ∀ ∆ , u . Γ ≤ ∧ RED U ( ∆ , u ) ⇒ RED V ( ∆ , t u ) def ⇒ Γ ⊢ t : U ∧ RED ′ RED U ( Γ , t ) ⇐ U ( Γ , t ) 24 / 42

  40. Solution 2: Kripke Logical Predicate ∀ x ∈ dom ( Γ ) . Γ ( x ) = ∆ ( x ) def RED ′ X ( Γ , t ) ⇐ ⇒ SN → β ( t ) def RED ′ · ∆ U → V ( Γ , t ) ⇐ ⇒ ∀ ∆ , u . Γ ≤ ∧ RED U ( ∆ , u ) ⇒ RED V ( ∆ , t u ) def ⇒ Γ ⊢ t : U ∧ RED ′ RED U ( Γ , t ) ⇐ U ( Γ , t ) CR 1 RED U ( Γ , t ) ⇒ SN → β ( t ) CR 2 t → β t ′ ∧ RED U ( Γ , t ) ⇒ RED U ( Γ , t ′ ) CR 3 Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ RED U ( Γ , t ′ )) ⇒ RED U ( Γ , t ) 24 / 42

  41. λ 2: System F [Gir72, GTL89] types and terms: U :: = . . . t :: = . . . | ( Π X . U ) | ( t U ) | ( Λ X . t ) additional typing rules: additional reduction rules: Γ ⊢ t : Π X . U ( Λ X . t ) U → β t [ X : = U ] Γ ⊢ t V : U [ X : = V ] t 1 → β t 2 X / ∈ Γ Γ ⊢ t : U t 1 U → β t 2 U Γ ⊢ Λ X . t : Π X . U t 1 → β t 2 Λ X . t 1 → β Λ X . t 2 25 / 42

  42. Strong Normalization Proofs for System F It is impossible to define a reducibility for System F directly. 26 / 42

  43. Strong Normalization Proofs for System F It is impossible to define a reducibility for System F directly. Proof outline of the part 1: 1. Define the reducibility candidates . This is a (type indexed) family of terms, and defined by conditions like CR 1,2,3 . 2. Define the reducibility with parameters . This corresponds to the reducibility of λ → . 3. Prove that the reducibility with parameters is a reducibility candidate. 26 / 42

  44. Untyped Reducibility Candidates Set of terms R is reducibility candidate if and only if CR 1 R ( t ) ⇒ SN ( t ) CR 2 t → β t ′ ∧ R ( t ) ⇒ R ( t ) neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . CR 3 27 / 42

  45. Untyped Reducibility Candidates Set of terms R is reducibility candidate if and only if CR 1 R ( t ) ⇒ SN ( t ) CR 2 t → β t ′ ∧ R ( t ) ⇒ R ( t ) neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . CR 3 t is not of the form λ x . u or Λ X . u . 27 / 42

  46. Untyped Reducibility Candidates Set of terms R is reducibility candidate if and only if CR 1 R ( t ) ⇒ SN ( t ) CR 2 t → β t ′ ∧ R ( t ) ⇒ R ( t ) neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . CR 3 t is not of the form λ x . u or Λ X . u . For example, SN is a reducibility candidate. 27 / 42

  47. Untyped Reducibility with Parameters � R i ( t ) if Y = X i def RED Y [ X : = R ]( t ) ⇐ ⇒ SN ( t ) if Y / ∈ X def RED U → V [ X : = R ]( t ) ⇐ ⇒ ∀ u . RED U [ X : = R ]( u ) ⇒ RED V [ X : = R ]( t u ) def RED Π Y . U [ X : = R ]( t ) ⇐ ⇒ ∀ V , S . RC ( S ) ⇒ RED U [ Y , X : = S , R ]( t V ) 28 / 42

  48. Untyped Reducibility with Parameters � R i ( t ) if Y = X i def RED Y [ X : = R ]( t ) ⇐ ⇒ SN ( t ) if Y / ∈ X def RED U → V [ X : = R ]( t ) ⇐ ⇒ ∀ u . RED U [ X : = R ]( u ) ⇒ RED V [ X : = R ]( t u ) def RED Π Y . U [ X : = R ]( t ) ⇐ ⇒ ∀ V , S . RC ( S ) ⇒ RED U [ Y , X : = S , R ]( t V ) Lemma If R is a sequence of reducibility candidates, RED U [ X : = R ] is a reducibility candidate. 28 / 42

  49. Typed Reducibility Candidates 1 [Hur10] Set of terms R is reducibility candidate of Γ , U if and only if CR 1 # Γ ⊢ t : U ∧ R ( t ) ⇒ SN ( t ) CR 2 # Γ ⊢ t : U ∧ t → β t ′ ∧ R ( t ) ⇒ R ( t ′ ) CR 3 # Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . where # Γ = { b : Π X . X } + Γ 29 / 42

  50. Typed Reducibility Candidates 1 [Hur10] Set of terms R is reducibility candidate of Γ , U if and only if CR 1 # Γ ⊢ t : U ∧ R ( t ) ⇒ SN ( t ) CR 2 # Γ ⊢ t : U ∧ t → β t ′ ∧ R ( t ) ⇒ R ( t ′ ) CR 3 # Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . where # Γ = { b : Π X . X } + Γ # Γ ⊢ b U : U b U is neutral and normal 29 / 42

  51. Typed Reducibility with Parameters 1 � R i ( t ) if Y = X i def RED Γ Y [ X : = R : U ]( t ) ⇐ ⇒ SN ( t ) if Y / ∈ X def RED Γ V → W [ X : = R : U ]( t ) ⇐ ⇒ ∀ u . # Γ ⊢ u : V [ X : = U ] ⇒ RED Γ V [ X : = R : U ]( u ) ⇒ RED Γ W [ X : = R : U ]( t u ) def RED Γ ⇒ ∀ W , S . RC Γ Π Y . V [ X : = R : U ]( t ) ⇐ W ( S ) ⇒ RED Γ V [ Y , X : = S , R : W , U ]( t W ) 30 / 42

  52. Typed Reducibility with Parameters 1 � R i ( t ) if Y = X i def RED Γ Y [ X : = R : U ]( t ) ⇐ ⇒ SN ( t ) if Y / ∈ X def RED Γ V → W [ X : = R : U ]( t ) ⇐ ⇒ ∀ u . # Γ ⊢ u : V [ X : = U ] ⇒ RED Γ V [ X : = R : U ]( u ) ⇒ RED Γ W [ X : = R : U ]( t u ) def RED Γ ⇒ ∀ W , S . RC Γ Π Y . V [ X : = R : U ]( t ) ⇐ W ( S ) ⇒ RED Γ V [ Y , X : = S , R : W , U ]( t W ) Lemma If R i is a reducibility candidate of Γ , U i for all i ≤ | X | , RED Γ V [ X : = R : U ] is a reducibility candidate of Γ , V [ X : = U ] . 30 / 42

  53. Typed Reducibility Candidates 2 [Gal89] Set of pairs of type environment and term R is reducibility candidate of type U if and only if CR typed R ( Γ , t ) ⇒ Γ ⊢ t : U · ∆ ∧ R ( Γ , t ) ⇒ R ( ∆ , t ) CR 0 Γ ≤ CR 1 R ( t ) ⇒ SN ( t ) CR 2 t → β t ′ ∧ R ( t ) ⇒ R ( t ′ ) CR 3 Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . 31 / 42

  54. Typed Reducibility Candidates 2 [Gal89] Set of pairs of type environment and term R is reducibility candidate of type U if and only if CR typed R ( Γ , t ) ⇒ Γ ⊢ t : U · ∆ ∧ R ( Γ , t ) ⇒ R ( ∆ , t ) CR 0 Γ ≤ CR 1 R ( t ) ⇒ SN ( t ) CR 2 t → β t ′ ∧ R ( t ) ⇒ R ( t ′ ) CR 3 Γ ⊢ t : U ∧ neutral ( t ) ∧ ( ∀ t ′ . t → β t ′ ⇒ R ( t ′ )) ⇒ R ( t ) . 31 / 42

  55. Typed Reducibility with Parameters 2 � R i ( Γ , t ) if Y = X i def RED Y [ X : = R : U ]( Γ , t ) ⇐ ⇒ SN ′ ( Γ , t ) ∈ X if Y / def RED V → W [ X : = R : U ]( Γ , t ) ⇐ ⇒ Γ ⊢ t : V → W · ∆ ∧ ( ∀ ∆ , u . Γ ≤ ⇒ RED V [ X : = R : U ]( ∆ , u ) ⇒ RED W [ X : = R : U ]( ∆ , t u )) def RED Π Y . V [ X : = R : U ]( Γ , t ) ⇐ ⇒ ∀ W , S . RC W ( S ) ⇒ RED V [ Y , X : = S , R : W , U ]( t W ) 32 / 42

  56. Typed Reducibility with Parameters 2 � R i ( Γ , t ) if Y = X i def RED Y [ X : = R : U ]( Γ , t ) ⇐ ⇒ SN ′ ( Γ , t ) ∈ X if Y / def RED V → W [ X : = R : U ]( Γ , t ) ⇐ ⇒ Γ ⊢ t : V → W · ∆ ∧ ( ∀ ∆ , u . Γ ≤ ⇒ RED V [ X : = R : U ]( ∆ , u ) ⇒ RED W [ X : = R : U ]( ∆ , t u )) def RED Π Y . V [ X : = R : U ]( Γ , t ) ⇐ ⇒ ∀ W , S . RC W ( S ) ⇒ RED V [ Y , X : = S , R : W , U ]( t W ) Lemma If R i is a reducibility candidate of U i for all i ≤ | X | , RED V [ X : = R : U ] is a reducibility candidate of V [ X : = U ] . 32 / 42

  57. Comparison of the SN Proofs ◮ SN proofs with typed reducibility requires type preservation lemmas. On the other hand, SN proofs with untyped reducibility are completed without type preservation lemmas. (Untyped proofs are relatively simple.) ◮ Typed reducibilities are capturing the features of reducible terms. 33 / 42

  58. Conclusion ◮ We formalized strong normalization proofs with 6 different definitions of the reducibility. ◮ $ wc -lc **/*.v ... 1808 72327 coq/LC/Debruijn/F.v 647 24413 coq/LC/Debruijn/STLC.v ... 3746 138149 total ◮ https://github.com/pi8027/lambda-calculus 34 / 42

  59. Appendix

  60. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) | ( t t ) | ( t t ) | ( λ x . t ) | ( λ t ) 36 / 42

  61. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) 36 / 42

  62. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t require a variable name in binding positions. 36 / 42

  63. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  64. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  65. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  66. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name 0 in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  67. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  68. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  69. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  70. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name 0 in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

  71. λ -Calculus and Representations of Binding named representation de Bruijn representation [dB72] (name-carrying term) (nameless terms) t :: = x ( ∈ Var ) t :: = x ( ∈ N ) This number indicates the | ( t t ) | ( t t ) index of corresponding binder. | ( λ x . t ) | ( λ t ) Nameless terms don’t examples: require a variable name 1 in binding positions. λ x . λ y . ( λ z . y x z ) x a λλ ( λ 1 2 0 ) 1 2 36 / 42

Recommend

Strong normalization for the parameter-free Strong polymorphic lambda calculus based on the

Strong normalization for the parameter-free Strong polymorphic lambda calculus based on the

Strong Normalization Akiyoshi and Terui Introduction Our Results Strong normalization for the parameter-free Strong polymorphic lambda calculus based on the -rule Normalization Theorem Previous Results Buchholz -Rule Ryota

706 views • 35 slides
Strong normalization for -calculi with recursion Ulrich Berger Swansea 1 Motivation:

Strong normalization for -calculi with recursion Ulrich Berger Swansea 1 Motivation:

Dagstuhl Seminar Mathematics, Algorithms, Proofs 10-14 January, 2005 Strong normalization for -calculi with recursion Ulrich Berger Swansea 1 Motivation: Computational content of classical mathematics 1958 G odel Dialectica

793 views • 30 slides
Formalizing Termination Proofs under Polynomial Quasi-interpretations Naohi Eguchi 1 Chiba

Formalizing Termination Proofs under Polynomial Quasi-interpretations Naohi Eguchi 1 Chiba

Formalizing Termination Proofs under Polynomial Quasi-interpretations Naohi Eguchi 1 Chiba University July 5, 2015, LCC 2015, Kyoto, Japan 1 Supported by Grants-in-Aid for JSPS fellows (No. 25 726 ) Naohi Eguchi (Chiba) Formalizing

565 views • 21 slides
Linear Logic and Strong Normalization Beniamino Accattoli Carnegie Mellon University B.

Linear Logic and Strong Normalization Beniamino Accattoli Carnegie Mellon University B.

Linear Logic and Strong Normalization Beniamino Accattoli Carnegie Mellon University B. Accattoli (CMU) Linear Logic and Strong Normalization 1 / 32 History Girard, TCS 87 : linear logic (LL) and strong normalization (SN). A crucial lemma

822 views • 32 slides
Continuous Semantics for Strong Normalization Ulrich Berger Swansea 1 Contents 1. Motivation

Continuous Semantics for Strong Normalization Ulrich Berger Swansea 1 Contents 1. Motivation

CiE 2005 Amsterdam Continuous Semantics for Strong Normalization Ulrich Berger Swansea 1 Contents 1. Motivation 2. Normalization by approximation 3. Applications 2 1. Motivation Computational content of classical mathematics 1958 G

545 views • 27 slides
Formalizing Mathematical Proofs by Computer John Harrison Intel Corporation 15 April 2012 1

Formalizing Mathematical Proofs by Computer John Harrison Intel Corporation 15 April 2012 1

Formalizing Mathematical Proofs by Computer John Harrison Intel Corporation 15 April 2012 1 Summary I: Formalization and Computers Principia Mathematica Formalization in current mathematics The role of computers II: Theorem

913 views • 63 slides
Strong Normalization for the -calculus with Computational Monads Ian Stark and Sam Lindley

Strong Normalization for the -calculus with Computational Monads Ian Stark and Sam Lindley

Strong Normalization for the -calculus with Computational Monads Ian Stark and Sam Lindley Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh Friday 15 November 2002 Overview We are interested in

403 views • 16 slides
Type Theory and Coq Herman Geuvers Lecture: Normalization for and 2 1 Properties of

Type Theory and Coq Herman Geuvers Lecture: Normalization for and 2 1 Properties of

Type Theory and Coq Herman Geuvers Lecture: Normalization for and 2 1 Properties of Subject Reduction If M : and M N , then N : . Strong Normalization If M : , then all

395 views • 18 slides
Strong Normalization by HOAS Andrei Popescu Joint work with Elsa Gunter Simply-typed

Strong Normalization by HOAS Andrei Popescu Joint work with Elsa Gunter Simply-typed

Strong Normalization by HOAS Andrei Popescu Joint work with Elsa Gunter Simply-typed -calculus - Syntax First-order syntax (up to ): Curry-style: no type annotations Data variables x, y, z, data terms X,Y, Z, data abstractions A,

467 views • 18 slides
Normal forms and normalization An example of normalization using normal forms We assume we have

Normal forms and normalization An example of normalization using normal forms We assume we have

Normal forms and normalization An example of normalization using normal forms We assume we have an enterprise that buys products from different supplying companies, and we would like to keep track of our data by means of a database. We would like

205 views • 9 slides
Normalization by Evaluation in the Delay Monad Andreas Abel 1 James Chapman 2 1 Department of

Normalization by Evaluation in the Delay Monad Andreas Abel 1 James Chapman 2 1 Department of

Normalization by Evaluation in the Delay Monad Andreas Abel 1 James Chapman 2 1 Department of Computer Science and Engineering Gothenburg University, Sweden 2 Computer and Information Sciences Strathclyde University Types for Proofs and Programs

483 views • 19 slides
Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Euclid (300 BC) Proofs, Continued Today Proofs : A style guide Proofs should be easy to verify. All the cleverness goes into finding/writing the proof, not reading/verifying it! P vs. NP (informally) : P =

682 views • 21 slides
Database Normalization Asst. Prof. Dr. Kanda Runapongsa Saikaew (krunapon@kku.ac.th)

Database Normalization Asst. Prof. Dr. Kanda Runapongsa Saikaew (krunapon@kku.ac.th)

Electricite Du Laos (EDL) Database Normalization Asst. Prof. Dr. Kanda Runapongsa Saikaew (krunapon@kku.ac.th) Department of Computer Engineering Khon Kaen University 1 Overview What and why normalization Background to normalization

526 views • 13 slides
Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth workshop Introduction to the workshop PROOFS: Security Proofs for Embedded Systems UCSB August 20, 2016 5th edition of PROOFS PROOFS 2012:

311 views • 7 slides
Normalization Redundancy causes several anomalies : insert, delete and update

Normalization Redundancy causes several anomalies : insert, delete and update

What and Why Normalization? To remove potential redundancy in design Normalization Redundancy causes several anomalies : insert, delete and update Normalization uses concept of dependencies Functional Dependencies Idea used:

73 views • 5 slides
Normalization-Invariant Fuzzy Logic Need for Normalization Operations Explain Empirical Success

Normalization-Invariant Fuzzy Logic Need for Normalization Operations Explain Empirical Success

Traditional . . . Need for Heavy-Tailed . . . What We Do Normalization-Invariant Fuzzy Logic Need for Normalization Operations Explain Empirical Success of How to Combine Degrees Student Distributions in Describing Deriving Student . . .

322 views • 13 slides
Normalization by Evaluation for Martin-Lf Type Theory with One Universe Peter Dybjer,

Normalization by Evaluation for Martin-Lf Type Theory with One Universe Peter Dybjer,

Normalization Martin-Lf type theory Normalization algorithm Decidability of equality Normalization by Evaluation for Martin-Lf Type Theory with One Universe Peter Dybjer, Gteborg (with Andreas Abel, Munich, and Klaus Aehlig, Swansea)

616 views • 28 slides
Formalizing Dijkstra John Harrison Intel Corporation A Discipline of Programming

Formalizing Dijkstra John Harrison Intel Corporation A Discipline of Programming

Formalizing Dijkstra 1 Formalizing Dijkstra John Harrison Intel Corporation A Discipline of Programming Mechanizing programming logics Relational semantics Weakest preconditions Guarded commands Theorems about loops

299 views • 18 slides
CSE 116: Fall 2019 Introduction to Functional Programming Formalizing Nano Owen Arden

CSE 116: Fall 2019 Introduction to Functional Programming Formalizing Nano Owen Arden

CSE 116: Fall 2019 Introduction to Functional Programming Formalizing Nano Owen Arden UC Santa Cruz Based on course materials developed by Nadia Polikarpova Formalizing Nano Goal: we want to guarantee properties about programs, such

426 views • 10 slides
Genealogical Place Name Normalization Bob Leaman (bob.leaman@asu.edu) What is meant by

Genealogical Place Name Normalization Bob Leaman (bob.leaman@asu.edu) What is meant by

Genealogical Place Name Normalization Bob Leaman (bob.leaman@asu.edu) What is meant by Normalization? Enforcing a standardized representation Increases accuracy Data shared over e-mail can be very hard to correct Easier

471 views • 15 slides
Formal Proofs of Floating-Point Algorithms John Harrison Intel Corporation SCAN 2010 28th

Formal Proofs of Floating-Point Algorithms John Harrison Intel Corporation SCAN 2010 28th

Formal Proofs of Floating-Point Algorithms John Harrison Intel Corporation SCAN 2010 28th September 2010 0 Overview Formal verification and theorem proving Formalizing floating-point arithmetic Square root example Reciprocal

534 views • 42 slides
Common Knowledge: Formalizing the Social Applications 1 Today and Thursday well take a step

Common Knowledge: Formalizing the Social Applications 1 Today and Thursday well take a step

Common Knowledge: Formalizing the Social Applications 1 Today and Thursday well take a step in the direction of formalizing the social puzzles, such as omission commission. 2 First, a reminder of the set-up and the theorem 3 The set-

932 views • 59 slides
CMPS 112: Spring 2019 Comparative Programming Languages Formalizing Nano Owen Arden

CMPS 112: Spring 2019 Comparative Programming Languages Formalizing Nano Owen Arden

CMPS 112: Spring 2019 Comparative Programming Languages Formalizing Nano Owen Arden UC Santa Cruz Based on course materials developed by Nadia Polikarpova Formalizing Nano Goal: we want to guarantee properties about programs,

621 views • 12 slides
Relational Normalization Theory Chapter 6 1 Limitations of E-R Designs Provides a set of

Relational Normalization Theory Chapter 6 1 Limitations of E-R Designs Provides a set of

Relational Normalization Theory Chapter 6 1 Limitations of E-R Designs Provides a set of guidelines, does not result in a unique database schema Does not provide a way of evaluating alternative schemas Normalization theory

610 views • 33 slides

More recommend