Subset coercions in C M S under direction of C P -M Paris-Sud 11 University LRI - D´ Team & INRIA F - P Project TYPES’06 Workshop 18-21 April 2006
The Big Picture
The Big Picture
The Big Picture
The Big Picture
The Big Picture
Outline The idea 1 Theoretical development 2 R Traduction in C The implementation 3
A simple idea Definition { x : T | P } is the set of objects of set T verifying property P . Useful for specifying, widely used in mathematics ; Separates object and property.
A simple idea Definition { x : T | P } is the set of objects of set T verifying property P . Useful for specifying, widely used in mathematics ; Separates object and property. Adapting the idea t : T P [ t / x ] t : { x : T | P } t : { x : T | P } t : T
From “ Predicate subtyping ”. . . PVS Specialized typing algorithm for subset types, generating Type-checking conditions . t : { x : T | P } used as t : T ok used as if P [ t / x ] t : T t : { x : T | P }
From “ Predicate subtyping ”. . . PVS Specialized typing algorithm for subset types, generating Type-checking conditions . t : { x : T | P } used as t : T ok used as if P [ t / x ] t : T t : { x : T | P } + Practical success ;
From “ Predicate subtyping ”. . . PVS Specialized typing algorithm for subset types, generating Type-checking conditions . t : { x : T | P } used as t : T ok used as if P [ t / x ] t : T t : { x : T | P } + Practical success ; – No strong safety guarantee in PVS.
. . . to Subset coercions A property-irrelevant language (R ) with decidable 1 typing ; Γ ⊢ t : { x : T | P } Γ ⊢ t : T Γ ⊢ t : T Γ , x : T ⊢ P : Prop t : { x : T | P }
. . . to Subset coercions A property-irrelevant language (R ) with decidable 1 typing ; A total traduction to C terms with holes ; 2 Γ ⊢ t : { x : T | P } Γ ⊢ σ 1 t : T Γ ⊢ t : T Γ , x : T ⊢ P : Prop Γ ⊢ ? : P [ t / x ] ( t , ?) : { x : T | P }
. . . to Subset coercions A property-irrelevant language (R ) with decidable 1 typing ; A total traduction to C terms with holes ; 2 A method to turn the holes into proof obligations. 3
Outline The idea 1 Theoretical development 2 R Traduction in C The implementation 3
R ’s typing ⊢ and coercion � Calculus of Constructions - C + Γ ⊢ t : U Γ ⊢ T : s U � T C Γ ⊢ t : T
R ’s typing ⊢ and coercion � Calculus of Constructions - C + Γ ⊢ t : U Γ ⊢ T : s U � T C Γ ⊢ t : T T ≡ βπ U S � T T � U S -T S -C S � U T � U
R ’s typing ⊢ and coercion � Calculus of Constructions - C + Γ ⊢ t : U Γ ⊢ T : s U � T C Γ ⊢ t : T T ≡ βπ U S � T T � U S -T S -C S � U T � U U � V U � V S -S { x : U | P } � V S -P U � { x : V | P }
R ’s typing ⊢ and coercion � Calculus of Constructions - C + Γ ⊢ t : U Γ ⊢ T : s U � T C Γ ⊢ t : T T ≡ βπ U S � T T � U S -T S -C S � U T � U U � V U � V S -S { x : U | P } � V S -P U � { x : V | P } 0 : nat nat � { x : nat | x � 0 } 0 : { x : nat | x � 0 }
R ’s typing ⊢ and coercion � Calculus of Constructions - C + Γ ⊢ t : U Γ ⊢ T : s U � T C Γ ⊢ t : T T ≡ βπ U S � T T � U S -T S -C S � U T � U U � V U � V S -S { x : U | P } � V S -P U � { x : V | P } 0 : nat nat � { x : nat | x � 0 } 0 : { x : nat | x � 0 } ? : 0 � 0
R ’s typing ⊢ and coercion � Calculus of Constructions - C + Γ ⊢ t : U Γ ⊢ T : s U � T C Γ ⊢ t : T T ≡ βπ U S � T T � U S -T S -C S � U T � U U � V U � V S -S { x : U | P } � V S -P U � { x : V | P } U � T V � W S -P Π x : T . V � Π x : U . W
Results Theorem (Decidability of type checking) Γ ⊢ t : T is decidable. Γ ⊢ f : T T � Π x : A . B Γ ⊢ e : E E � A A Γ ⊢ ( f e ) : B [ e / x ]
Results Theorem (Decidability of type checking) Γ ⊢ t : T is decidable. Lemma (Elimination of transitivity) If T � U ∧ U � V then T � V . Γ ⊢ f : T T � Π x : A . B Γ ⊢ e : E E � A A Γ ⊢ ( f e ) : B [ e / x ]
Outline The idea 1 Theoretical development 2 R Traduction in C The implementation 3
The target system CIC with metavariables Γ ⊢ ? t : T Γ ⊢ ? p : P [ t / x ] Γ ⊢ ? elt T P t p : { x : T | P } Γ ⊢ ? t : { x : T | P } Γ ⊢ ? t : { x : T | P } Γ ⊢ ? σ 1 t : T Γ ⊢ ? σ 2 t : P [ σ 1 t / x ] Γ ⊢ ? P : Prop Γ ⊢ ? ? P : P
From C to R The easy way ( σ 1 t ) ◦ t ◦ = ( elt T P t p ) ◦ t ◦ = ( σ 2 t ) ◦ = ⊥ (? P ) ◦ = ⊥ If Γ ⊢ ? t : T then Γ ◦ ⊢ t ◦ : T ◦ if () ◦ is defined on Γ , t and T .
From C to R and back The easy way ( σ 1 t ) ◦ t ◦ = ( elt T P t p ) ◦ t ◦ = ( σ 2 t ) ◦ = ⊥ (? P ) ◦ = ⊥ If Γ ⊢ ? t : T then Γ ◦ ⊢ t ◦ : T ◦ if () ◦ is defined on Γ , t and T . The hard way If Γ ⊢ t : T then � Γ � ⊢ ? � t � Γ : � T � Γ .
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ .
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? : T � U
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? • : T � U
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? • : T � U Γ ⊢ ? : { x : T | P } � T
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? • : T � U Γ ⊢ ? σ 1 • : { x : T | P } � T
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? • : T � U Γ ⊢ ? σ 1 • : { x : T | P } � T : T � { x : T | P } Γ ⊢ ?
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? • : T � U Γ ⊢ ? σ 1 • : { x : T | P } � T Γ ⊢ ? elt • ? � P � Γ , x : T [ • / x ] : T � { x : T | P }
Traduction : deriving explicit coercions Traduction for coercions If T � U then Γ ⊢ ? c [ • ] : T � U which implies � Γ � ⊢ ? λ x : � T � Γ . c [ x ] : � T � Γ → � U � Γ . Definition T ≡ βπ U Γ ⊢ ? • : T � U Γ ⊢ ? σ 1 • : { x : T | P } � T Γ ⊢ ? elt • ? � P � Γ , x : T [ • / x ] : T � { x : T | P } Example Γ ⊢ ? 0 : nat Γ ⊢ ? c : nat � { x : nat | x � 0 } Γ ⊢ ? ( elt • ? ( x � 0)[ • / x ] )[0] = elt 0 ? 0 � 0 : { x : nat | x � 0 }
Traduction : interpretation of terms �� Γ Example (Application) Γ ⊢ f : T T � Π x : V . W : s Γ ⊢ u : U U � V Γ ⊢ ( f u ) : W [ u / x ] � f u � Γ let π = coerce Γ T ( Π x : V . W ) in = let c = coerce Γ U V in ( π [ � f � Γ ]) ( c [ � u � Γ ]) Theorem (Soundness) If Γ ⊢ t : T then � Γ � ⊢ ? � t � Γ : � T � Γ .
Theoretical matters ⊢ ? ’s equational theory : ( β ) ( λ x : X . e ) v ≡ e [ v / x ] σ i ( elt E P e 1 e 2 ) ( σ i ) ≡ e i ( η ) ( λ x : X . e x ) ≡ e if x � FV ( e ) ( SP ) elt E P ( σ 1 e ) ( σ 2 e ) ≡ e
Theoretical matters ⊢ ? ’s equational theory : ( β ) ( λ x : X . e ) v ≡ e [ v / x ] σ i ( elt E P e 1 e 2 ) ( σ i ) ≡ e i ( η ) ( λ x : X . e x ) ≡ e if x � FV ( e ) ( SP ) elt E P ( σ 1 e ) ( σ 2 e ) ≡ e elt E P t ′ p ′ if t ≡ t ′ ( σ ) elt E P t p ≡ ⇒ Proof Irrelevance
Recommend
More recommend
![[V IRTUALIZATION ] Shrideep Pallickara Computer Science Colorado State University CS370:](https://c.sambuz.com/741288/v-irtualization-s.jpg)
