CS 611: Lecture 29

1
CS 611 Lecture 29

• Soundness of Denotational Semantics and Strong
  Normalization in theSimply-Typed Lambda Calculus
• November 5, 1999
• Cornell University Computer Science Department
• Andrew Myers

2
Soundness for SOS

• Last time soundness of typing rules for
  structural operational semantics
• e is typable
• ? e t
• e does not get stuck
• ?e . e ? e ? value(e) ? ? e . e ? e
• Soundness e is typable ? e does not get
  stuck
• Three parts to proof
• Preservation/Subject reduction ? e t ? e ? e
  ? ? e t
• Progress ? e t ? value(e) ? ? e . e ? e
• Induction on number of steps (generic)
• New tool induction on height of type derivation
• Real languages much harder...

3
Outline

• Soundness of denotational semantics
• Agreement between operational and denotational
  semantics (briefly)
• Proof of strong normalization

4
Denotational semantics for TLC

• Semantic function C is applied to type judgements
  C?G ? e t? rather than just to expressions
• Function C is defined only for legal type
  judgements only typable expressions have a
  denotation
• Environment r must satisfy the type context G
• r ? G ? ?x?dom(G) . r(x) ? T ?G(x)?
• Denotational semantics are sound with respect to
  typing if they map expressions to meta-language
  values of the right type
• r ? G ? C?G ? e t? r ? T ?t?

5
Denotational Semantics

• C?G ? n int? r n
• C?G ? x G(x)? r r(x)
• C?G? e0 e1 t? r C?G? e0 t1?t?r (C?G ? e1 t1?
  r)
• C?G? (l x t . e) t?t? r
• l v ? T ?t? . C?Gx?t ? e t? r x?v
• Example
• C?G? (l x int . x) int ? int? r
• l v ? T ?int? . C?Gx?int ? x int? r x?v
• l v ? Z . v
• identity function on integers

6
Type soundness

• To show G? e t ? r ? G ? C?G ? e t? r ? T?t?
• Use induction on height of type derivation for
  type judgement
• Axioms
• C?G ? n int? r n n ? Z
• C?G ? x G(x)? r r(x) r ? G ? r(x) ? T ?G(x)?
• C?G? e0 e1 t? r C?G? e0 t2?t?r (C?G ? e1 t2?
  r)

T ?t2?t? T ?t2??T?t?
T ?t2?
7
Type soundness, cont.

• C?G? l x t . e t?t? r
• l v ? T ?t? . C?Gx?t ? e t? r x?v
• Gx?t ? e t
• G? l x t . e t?t
• r x?v ? Gx?t since v ? T ?t?

T ?t?
T ?t??T ?t? T ?t?t?
8
Agreement

• Would like to know that denotational semantics
  and operational semantics agree
• Operational
• e ? e ? e ? ? v t
• C ?? v t? r0 ? T ?t?
• Denotational

9
Adequacy

• Denotational semantics are adequate with respect
  to operational semantics
• Operational evaluation produces one of the values
  allowed by denotational semantics
• e ? v ? ? e t ? C ?? e t? r0 C ?? v
  t? r0
• They agree on observable results divergence
• ? v . e ? v ? ? e t ? C ?? e t ? r0
  ? ?
• and also on ground types (e.g. int)
• e ? v ? ? e int ? C ?? e int ? r0
  v
• Proof last years CS 611 lecture notes

10
Strong normalization

• Every program in l? terminates. Is this obvious?
• Reduction can increase size of an expression
• Reduction can increase number of contained lambda
  expressions
• ((l f int?int . ( (f 0) (f 1))) (l y int .
  ( y 2)))
• Untyped lambda calculus is not strongly
  normalizing
• Idea size of types decreases
• Proof strategy define set of strongly
  normalizing expressions SNt for every type t,
  show by induction on type derivation that
  expression of type t is a member of SNt.
• Problem induction hypothesis is not strong
  enough to handle application expressions.

11
Stable expressions

• Strengthen induction hypothesis define subset of
  strongly normalizing expressions (the stable
  expressions) show all expressions in l? are
  stable.
• Stable expressions are strongly normalizing and
  result in strongly normalizing expressions when
  applied to other strongly normalizing
  expressions.
• Tt is the set of stable expressions of type t.
• Define inductively (note e ? v ? e ? v )
• Tint e ? e int ? e ? n
• Tt?t e ? e t?t ? e ? v ? (?e? Tt .
  (e e ) ? Tt)
• Goal ? e t ? e ? Tt

12
Strategy

• Tint e ? e int ? e ? n
• Tt?t e ? e t?t ? e ? v ? (?e? Tt . (e
  e ) ? Tt)
• Goal ? e t ? e ? Tt
• Will use induction on type derivation for e
• Problem rule for typing l exprs adds to type
  context G. Need to extend form of goal to allow
  it to be proved inductively use substitution
  operators.
• Introduce function g mapping variables to
  expressions. g Var ? Exp
• g only substitutes stable expressions of the
  right type g ? G ? ?x?dom(g) . g(x) ? TG(x)

13
Substitution function

• Given any function g, we can define a related
  function g mapping Exp?Exp and performing all the
  substitutions specified by g
• g?x? g(x) if x?dom(g)
• g?x? x if x?dom(g)
• g?n? n
• g?e0 e1? g?e0? g?e1?
• g?l x t . e? l x t . g?e?
• g is identical to g except that it
  does not map x

14
Refined goal

• Original goal show all expressions are stable
• ? e t ? e ? Tt
• Suppose we can prove the following goal
• G ? e t ? ?? ?? . ? ?e? ? Tt
• Now consider G ?. The only g satisfying this
  type context is the identity mapping. Therefore,
  our refined goal becomes our original goal.
• Now we turn the inductive crank.

15
Part I

• To show G ? e t ? ?? ?? . ? ?e? ? Tt
• Integers G ? n int ? ?? ?? . n ? Tint
• Variables G ? x G(x) ? ?? ?? . ? (x) ? TG(x)
• if ? ? ? then ? (x) ? TG(x) by definition.
• Application G ? (e0 e1) t
• Consider a ? such that ? ??
• ? ?e0 e1? ? ?e0? ? ?e1?
• From type judgement G ? e0 t1 ? t, G ? e1
  t1
• inductive hypothesis gives us ? ?e0? and ? ?e1?
  are stable therefore their application is too.

16
Part II

• To show G ? (l x t . e) t?t ? ?? ?? . ?
  ?(l x t . e) ? ? Tt?t
• Assume LHS, consider arbitrary g ??
• Recall Tt?t e ? e t?t ? e ? v ?
  (?e? Tt . (e e ) ? Tt)
• ? ?(l x t . e) ? is already a value so e ? v
• Need (?e? Tt . (? ?(l x t . e) ? e ) ? Tt)
• ? ?(l x t . e) ? e ? ?e? e/x
  ??e? where ? ? x ? e
• From proof rule Gx ? t ? e t
• Applying induction hypothesis???x ? t ?
  ?(e) ? Tt ? ??x?t (e? Tt )
• QED

17
Coming soon richer types

• Recursive types
• Polymorphic types
• Subtyping
• Objects