Download presentation
Presentation is loading. Please wait.
1
POPLmark 1A in Cinic Evan Austin, Aaron Stump, and Edwin Westbrook 1
2
We Want to Use HOAS Uses meta-language functions for bindings: Inherits properties from meta-language: – α-equivalence – Substitution – Typing context for names λx:A. x x lam (fun x : trm A app x x) encoded as 2
3
PROBLEM Hard to use HOAS how we would want Difficult to express induction principles – Function types are not inductive Difficult to compare names – Cannot prove x ≠ y because of substitution 3
4
Our Approach: Modify HOAS Throw out “substitution for free” Enables encodings that are easier to use – Can induct over data with bindings – Can compare names Can then define substitution later 4
5
Validating Our Approach Implemented in the Cinic language – Based on Calculus of Nominal Inductive Constructions (CNIC) – CNIC = CIC + name-binding construct Demonstrated by a solution to POPLmark 1A 5
6
Encoding Bindings in CNIC Bindings encoded with ν-abstraction: – Binds fresh name α of type Name A in M – Satisfies α-equivalence by definition Has type α : A. B (where M has type B) – Curry-Howard: “for fresh α, B holds” ν α : A. M 6
7
Example: System F <: Types System F <: types encoded as type tp E.g. ∨ X<:Top. X X encoded as tvar : Name tp => tp top : tp arrow : tp => tp => tp all : tp => ( α:tp. tp) => tp all top (να:tp. arrow (tvar α) (tvar α)) 7
8
Example: System F <: Subtyping sub_top : ΠS:tp. sub S top sub_refl_tvar : Πn:(Name tp). sub (tvar n) (tvar n) sub_trans_tvar : Πn:(Name tp). ΠS 1 :tp. ΠS 2 :tp. Πu:(Name (sub (tvar n) S 1 )). (sub S 1 S 2 ) => sub (tvar n) S 2 sub_arrow : ΠS 1 :tp. ΠS 2 :tp. ΠT 1 :tp. ΠT 2 :tp. (sub S 1 T 1 ) => (sub S 2 T 2 ) => sub (arrow S 1 S 2 ) (arrow T 1 T 2 ) 8
9
Elimination Form for a If: – b : α : A. B – β : Name A is fresh for b Then b @ β returns body of b using β for name – CNIC reduction rule: (να:A.M) @ β [β/α]M Called a “Name Replacement” Like viewing ν as a partial function 9
10
Example: Subtyping for all To prove all T 1 T 2 <: all U 1 U 2 need: – U 1 <: T 1 and body of T 2 <: body of U 2 Encoded as follows: sub_all : ΠT 1 :tp. ΠT 2 :( α:tp. tp). ΠU 1 :tp. ΠU 2 :( α:tp. tp). (sub U 1 T 1 ) => ( α:tp. sub (T 2 @ α) (U 2 @ α)) => sub (all T 1 T 2 ) (all U 1 U 2 ) 10
11
Name-Matching Functions The type Name A is inductive in Cinic – Can match against all names in scope – Must always include “catch-all” case as well Example with α,β,M : Name A match M with | α -> … | β -> … | γ \ γ:A -> … 11
12
Matching under Bindings CIC allows matching for inductive types B CNIC extends to matching for α:A. B Example with M : α:tp. tp match M with | να:tp. tvar x -> … | να:tp. top -> … | να:tp. arrow x y -> … | να:tp. all x y -> … 12
13
Avoiding Scope Extrusion NOTE: Need to avoid scope extrusion – The following is bad: Variables must be @-applied to bound names match (να:tp. tvar α) with | να:tp. tvar x -> x | … match M with | να:tp. tvar (x @ α) -> … | να:tp. top -> … | να:tp. arrow (x @ α) (y @ α) -> … | να:tp. all (x @ α) (y @ α) -> … 13
14
Example: Type Substitution subst (να:tp. tvar (n @ α)) U = match n with | (να:tp. α) -> U | (να:tp. β \ β:tp) -> tvar β subst (να:tp. top) U = top subst (να:tp. arrow (T 1 @ α) (T 2 @ α)) U = arrow (subst T 1 U) (subst T 2 U) subst (να:tp. all (T 1 @ α) (T 2 @ α)) U = all (subst T 1 U) (νβ:tp. subst (να:tp. T 2 @ α @ β) U) 14
15
Solving POPLmark 1A Need to prove Transitivity and Narrowing: transitive Q = ΠS:tp. ΠT:tp. sub S Q => sub Q T => sub S T narrows Q = ΠM:( α:tp. tp). ΠN:( α:tp. tp). ΠP:tp. ( α:tp. β:(sub (tvar α) Q). sub (M @ α) (N @ α)) => sub P Q => α:tp. β:(sub (tvar α) P). sub (M @ α) (N @ α) 15
16
Difficulty with Narrowing Need induction on this type: – Means indices of sub do not contain β – Might not hold for sub-proofs! Can only induct on the more general type: α:tp. β:(sub (tvar α) Q). sub (M @ α) (N @ α) α:tp. β:(sub (tvar α) Q). sub (M’ @ α @ β) (N’ @ α @ β) 16
17
Proving Narrowing Need to prove no tp contains a sub name Prove by implementing a lifting function: Then prove lifting preserves equality: Can then cast narrowing helper that proves: tt-lift : ( β:(sub S T). tp) => tp tt-lift-eq : tt-lift ( β:(sub S T). M) = M α:tp. β:(sub (tvar α) P). sub (M’ @ α @ β) (N’ @ α @ β) 17
18
Solving POPLmark 1A Remainder of proof is straightforward – Primary induction on Q – Secondary induction on subtyping derivations Total of 1,038 lines of Cinic (with whitespace): – 418 lines of inversion lemmas – 176 lines of lemmas related to lifting – 444 lines of “real proof” (385 w/out comments/ws) ~1 month for one MS student (with some coaching) with no Coq background 18
19
Status of Cinic Implemented in OCaml (~6.1 kLoc) Consistency has been proved for a fragment – Fragment only allows one name type Name Unit – Proof sketch for full system, still in progress Formalized other examples: – Confluence of untyped λ-calculus – Higher-order encoding of simply-typed λ-calculus Download at: http://www.cs.rice.edu/~emw4 19
20
Conclusion Can “Have your cake and eat it too” for HOAS – Get α-equivalence and typing from meta-language – Can compare names and induct over bindings The trick is to sacrifice substitution 20
21
Future Work Better approach to substitution & indexed types – Narrowing is essentially dependently-typed substitution (see e.g. [Pientka ‘07]) – Current approach requires tt-lift and casts One idea: multi-arity substitution – Need to match under arbitrarily many binders – Similar to Contextual Modal Type Theory 21
22
Implementing tt-lift tt-lift : ( β:(sub S T). tp) => tp tt-lift (νβ:(sub S T). α) = α tt-lift (νβ:(sub S T). top) = top tt-lift (νβ:(sub S T). arrow (T 1 @ β) (T 2 @ β)) = arrow (tt-lift T 1 ) (tt-lift T 2 ) tt-lift (νβ:(sub S T). all (T 1 @ β) (T 2 @ β)) = all (tt-lift T 1 ) (να:tp. tt-lift (νβ:(sub S T). T 2 @ β @ α) 22
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.