Proof Theory and Type Theory - ANU College of Engineering...

Simply Typed λ-calculusCurry-Howard Isomorphism

Normalisation Proofsλ-calculus and Sequent Calculus

Proof Theory and Type Theory

Linda Buisman

August 7, 2007

Linda Buisman Proof Theory and Type Theory



Outline

1 Simply Typed λ-calculusUntyped λ-calculusSimply Typed λ-calculusTyping Rules and Derivations

2 Curry-Howard IsomorphismProofs as TermsProof NormalisationTerm Normalisation

3 Normalisation ProofsWeak Normalisation ProofStrong Normalisation Proof

4 λ-calculus and Sequent CalculusLJTλ̄-calculusCorrespondence between LJT and λ̄Cut Elimination and Strong Normalisation




References

• Girard, et. al., Proofs and Types, Chapters 3, 4, 6

• Hugo Herbelin. A lambda-calculus structure isomorphic toGentzen-style sequent calculus structure. Proceedings ofComputer Science Logic (CSL) 1994

• Benjamin Pierce, Types and Programming Languages, Chapters8, 9

• Clem Baker-Finch, An Introduction to the Lambda Calculus,Sections 2, 3(http://cs.anu.edu.au/student/comp3610/lectures/lambda/lambda.pdf)




Untyped λ-calculusSimply Typed λ-calculusTyping Rules and Derivations

Untyped λ-calculus

• Calculus of pure functions

• Model of computation

• Avoids giving names to functions

• In algebra, g(x) = x2 + 3 is equivalent to f (x) = x2 + 3

• In the λ-calculus, f and g are both λx .(x2 + 3)

• λ-term syntax:M := x | λx .M | MN | (M)

• Computation = function application

Example:

f (x) = x2 + 3 λx .(x2 + 3)f (2) = 22 + 3 = 7 (λx .(x2 + 3))2 = 22 + 3 = 7





Multiple Arguments

• Consider a function expecting multiple arguments• λx1. · · · .λxn.(x1 · · · xn)• For example, λx .λy .λz.xyz

• We apply the actual arguments one at a time (currying):• (· · · ((λx1. · · · .λxn.(x1 · · · xn))a1) · · · )an

• For example:

(((λx .λy .λz.xyz)a)b)c

= ((λy .λz.ayz)b)c

= (λz.abz)c

= abc





Adding Types

• Type syntax:T := Ti | T → U

• Ti - primitive types (Bool, Int, ...)

• T → U - function types• Goal - ensure type safety

• Check if a term is well-typed





Typing Rules

• Variables xT0 , · · · , xT

n are terms of type T

• If v is a term of type V and xUn is a variable of type U then λxU

n .vis a term of type U → V

• If t is a term of type U → V and u is a term of type U then tu is aterm of type V

xTi ` xT

i (Var)

xUn ` vV

(Abstr)` λxU

n .vU→V

` tU→V ` vV(App)

` tvV

• Note: other authors use the notation xi : T and λxn : U.v : U → T





Typing Derivation - Example

• Let Bool be our only primitive type

• Let true be a constant term of type Bool

• Consider the identity function λx .x

• We show that the term (λxBool .x)true has type Bool

xBool ` xBool(Abstr)

` [λxBool .x ]Bool→Bool ` trueBool

(App)` [(λxBool .x)true]Bool





A More Interesting Example

• Let Bool, Int be our primitive types

• Let true be a constant term of type Bool• Let <expr> be some λ-calculus expression of type Int

• e.g. if x = true then 1 else 0

• Let π be a proof that shows that <expr> is of type Int

• Consider the function [λxBool .<expr>]Bool→Int

• We show that the term (λxBool .<expr>)true has type Int

π

xBool ` <expr>Int(Abstr)

` [λxBool .<expr>]Bool→Int ` trueBool

(App)` [(λxBool .<expr>)true]Int




Proofs as TermsProof NormalisationTerm Normalisation

Curry-Howard Isomorphism

• There is a correspondence betweeen• Proofs in natural deduction* and terms in simply typed λ-calculus• Proof normalisation and λ-term normalisation

• * - We consider the ⇒-fragment of the intuitionistic naturaldeduction calculus





Proofs as Terms

Natural deduction Simply typed λ-calculus

A ! xA ` xA (Var)

[A]

...B

⇒ IA ⇒ B

!

...xA ` vB

(Abstr)` [λxA.v ]A→B

...A ⇒ B

...A

⇒ EB

!

...` tA→B

...` uA

(App)` [tu]B





Proof Normalisation

• A natural deduction proof is normal if it does not contain anysequence of an introduction and an elimination rule

• We can apply the following rewrite to normalise [part of] a proof:

[A]

...B

⇒ IA ⇒ B

...A

⇒ EB

...A...B

• Strong normalisation - every sequence of normalisation stepsterminates in a normal deduction, which is unique





Term Normalisation

• A term is normal if none of its subterms is of form (λx .v)u

• We can apply the following rewrite to normalise [part of] a term:

(λx .v)u v [u/x ]

• For a given term t :• Weak normalisation - there exists a sequence of normalisation

steps that terminates in a unique normal term• Strong normalisation - every sequence of normalisation steps

terminates in a unique normal term




Weak Normalisation ProofStrong Normalisation Proof

Weak Normalisation Proof Outline

• Define the degree δ of• a type T as 1+ the number of →-s in T• a redex (λx .v)U→V u as δ(U → V )• a term t as the maximum of the degrees of t ’s redexes

• A normal term has no redexes• Hence the degree of a normal term is 0

• Normalisation strategy• At each step reduce the redex with maximum degree

• Eventually there are no more redexes left• So we have a normal term





Strong Normalisation Proof Outline

• Reducibility• Abstract notion of reducible terms and their properties

• Reducibility Theorem• If a term is reducible then so is its abstraction

• Strong Normalisation (SN) Theorem• All terms are reducible, so all terms are SN





Reducibility

• Let REDT be the set of reducible terms of type T• REDT is defined inductively:

• If tT is a term and T is atomic then t ∈ REDT if t is SN• If tU→V is a term then t ∈ REDU→V if for all u ∈ REDU , tu ∈ REDV





Reducibility Properties

A term is neutral if it is of the form x or tu

CR 1 If t ∈ REDT then t is SN

CR 2 If t ∈ REDT and t t ′ then t ′ ∈ REDT

CR 3 If t is neutral and whenever we convert a redex of t weobtain a term t ′ ∈ REDT then t ∈ REDT

CR 4 If t is neutral and normal then t ∈ REDT





Reducibility Properties

Theorem

For any T , REDT satisfies the conditions CR 1 to CR 4 (reducibility ispreserved by conversion).

Proof.

By induction on T .Base case - atomic type.Induction step - arrow type U → V . We use properties CR 1 to CR 4for U and V .





Reducibility Theorem

Theorem

If for u ∈ REDU , v [u/x ] is reducible, then so is λx .v (reducibility ispreserved by abstraction).

Proof.

We show that the neutral term (λx .v)u converts to reducible termsonly, and then by CR 3 it is reducible. Then λx .v is reducible (bydefinition of RED).





Main Proof

Theorem

All terms are strongly normalisable.

Proof.

We first show that all terms t are reducible, for all substitutionst[u/x] = t[u1/x1, · · · , un/xn]. We do this by induction on terms.Base case: t = xi . Tautology (if ui is reducible then ui is reducible).Induction step 1: t = wv . By induction hypothesis, both v [u/x ] andw [u/x ] are reducible. Then by definition of RED, so isv [u/x ](w [u/x ]) = t .Induction step 2: t = λy .w . By Reducibility Theorem.Since all terms are reducible, then by CR 1, all terms are SN.




LJTλ̄-calculusCorrespondence between LJT and λ̄

Cut Elimination and Strong Normalisation

Overview

• Herbelin considers• λ̄, an alternative syntax for the simply typed λ-calculus• LJT, a restriced version of implicational LJ

• Cut-free proofs in LJT correspond to normal well-typed λ̄-terms

• Each cut-elimination step corresponds to term reduction






From LJ to LJT

• Consider the →-fragment of LJ

• Observe that the same λ-term may have different proofs

• They differ in the order of applying → L and → R• In other words, the order of building up a term

• Applications or abstractions first?

• To remedy this, we specify that → L is always applied first• Applications first, then abstractions

• We enforce this restriction by using a stoup (aka focussing)






LJT Rules

• Basic rules:

Γ; A ` A AxΓ, A; A ` B

ContΓ, A;` B

Γ;` A Γ; B ` C→ L

Γ; A → B ` CΓ, A;` B

→ RΓ;` A → B

• Cut rules, where Π is zero or one formula in the stoup:

Γ; Π ` A Γ; A ` BCHΓ; Π ` B

Γ;` A Γ, A; Π ` BCMΓ; Π ` B






Multiple Arguments Again

• Recall currying:

(((λx .λy .λz.xyz)a)b)c

= ((λy .λz.ayz)b)c

= (λz.abz)c

= abc

• Nesting corresponds well to natural deduction proofs• But not to sequent calculus proofs

• So in λ̄, we write f [u1; · · · ; un] instead of (· · · (fu1) · · · )un

• E.g., λx .λy .λz.xyz[a; b; c]

• We do not lose expressive power• λ-calculus can be encoded in λ̄-calculus• But we end up with non-normal terms• Normalisation then concatenates multiple arguments into a list






λ̄-calculus Syntax

• Variables: x , y , z, · · ·

• Terms: t ::= (xl) | (λx .t) | (tl) | (t[x := t])

• Argument lists: l ::= [] | [t :: l] | (l@l) | l[x := t]• Substitution is a primitive operation

• Allows better correspondence with cut-elimination steps






Normal Terms

• Normal terms do not contain applications or explicitconcatenations/substitutions:

• Terms: t ::= (xl) | (λx .t)

• Argument lists: l ::= [] | [t :: l]

• Normalisation in λ̄-calculus thus involves• Function application (as in λ-calculus)• Propagation of substitution and concatenation






Definitions

Named formula x : A

Applicative context ( . l)

Hole declaration . : A

Judgement Γ; Π ` t : A• If Π is empty then t is a term• Otherwise t is an applicative context






Rule Correspondence - Applicative Contexts

• Rule definitions - see handout or Section 5 of Herbelin’s paper

• Ax - if we have a hole of type A then applying no arguments tothis hole will give an applicative context of type A

• ImpL - if we have a term u : A and a hole of type B and anapplicative context (.l) of type C, then concatenating u with l willgive hole of type A → B and an applicative context (.[u :: l]) oftype C. That is, we are prefixing the list of arguments with A.

• CutH concatenates two lists of arguments (of types A and Brespectively) to produce a list of arguments of type B

• CutM substitutes a variable x of type A for a term u of type A inthe applicative context of type B






Rule Correspondence - Terms

• Cont - place variable x of type A in the hole, and applyarguments to x and get a term of type B

• ImpR is abstraction as per λ-calculus

• CutH - place term u of type A in the hole, and apply arguments tou and get a term of type B

• CutM - substitute a variable x of type A for a term u of type A inthe term u of type B






Cut Elimination

• In LJT, we permute cuts upwards in proofs or replace cuts with”smaller“ cuts

• Until we reach a cut-free proof

• In λ̄-calculus, we perform reduction operations• Until we reach a normal term

• Each cut-elimination case corresponds to one reduction step






Cut Elimination - β-reduction Case 1

• Case β-cons: (λx .u[v :: l]) (u[x := v ]l)

• Application of [v :: l] to λx .u application of l to u[x := v ]

• Head-cut on A → B smaller head-cut on B plus mid-cut on A

...Γ, A;` B

→RΓ;` A → B

.

..Γ;` A

...Γ; B ` C

→LΓ; A → B ` C

CHΓ;` C

...Γ;` A

...Γ, A;` B

CMΓ;` B

...Γ; B ` C

CHΓ;` C







• Case β-cons: (λx .u[v :: l]) (u[x := v ]l)

• Application of [v :: l] to λx .u application of l to u[x := v ]

• Head-cut on A → B smaller head-cut on B plus mid-cut on A

...Γ, x : A;` u : B

→RΓ;` λx.u : A → B

..

.Γ;` v : A

...Γ; . : B ` (. l) : C

→LΓ; . : A → B ` (. [v :: l]) : C

CHΓ;` λx.u[v :: l] : C

...Γ;` v : A

...Γ, x : A;` u : B

CMΓ;` u[x := v ] : B

...Γ; . : B ` (. l) : C

CHΓ;` u[x := v ]l : C







• Case β-nil: (λx .u[]) λx .u

• Application of empty list of arguments abstraction

• Head-cut with an axiomatic leaf non-axiomatic derivation

...Γ, A;` B

→RΓ;` A → B Γ; A → B ` A → B

CHΓ;` A → B

...Γ, A;` B

→RΓ;` A → B







• Case β-nil: (λx .u[]) λx .u

• Application of empty list of arguments abstraction

• Head-cut with an axiomatic leaf non-axiomatic derivation

...Γ, x : A;` u : B

→RΓ;` λx.u : A → B Γ; . : A → B ` . [] : A → B

CHΓ;` λx.u[] : A → B

...Γ, x : A;` u : B

→RΓ;` λx.u : A → B






Strong Normalisation

• By the isomporhism, SN is equivalent to strong termination ofcut-elimination

• Herbelin proves SN• He first defines SEN, a more general notion of reduction• SEN = + structural reduction (remove head)• He then shows that SEN is preserved by all the λ̄-term

constructions• Then the main proof is by induction on the λ̄-term






Strong Normalisation - Question

Why not show strong termination of cut-elimination instead?

• I think it would have been easier

• Most of Herbelin’s cut-elimination steps reduce cut formula size• The only difficulty is contraction above mid cut

• We go from one mid cut to a head cut and a mid cut• But we never introduce new contractions above cut

• Discuss


Proof Theory and Type Theory - ANU College of Engineering...

Documents

Transcript of Proof Theory and Type Theory - ANU College of Engineering...