Blame and Coercion: Together Again for the First Time

Similar documents
Geometric interpretation of signals: background

Blame for All. Amal Ahmed, Robert Bruce Findler, Jeremy Siek, Philip Wadler

Optimality of an Algorithm Solving the Bottleneck Tower of Hanoi Problem

Blame, coercion, and threesomes: Together again for the first time

Total Ordering on Subgroups and Cosets

Threesomes, With and Without Blame

Maximum Achievable Gain of a Two Port Network

Information Storage Capacity of Crossbar Switching Networks

Lecture Notes on Sequent Calculus

Copyright 1972, by the author(s). All rights reserved.

A Weak Post s Theorem and the Deduction Theorem Retold

Parametric Polymorphism and Operational Improvement

CS 436 HCI Technology Basic Electricity/Electronics Review

Adaptive Online Gradient Descent

Preliminary Results on Social Learning with Partial Observations

On the Impact of Objective Function Transformations on Evolutionary and Black-Box Algorithms

Natural Deduction. Formal Methods in Verification of Computer Systems Jeremy Johnson

Multiple Limit Cycles for Predator- Prey Models

The natural numbers. Definition. Let X be any inductive set. We define the set of natural numbers as N = C(X).

Natural Deduction for Propositional Logic

Complexity Tradeoffs for Read and Update Operations

Copyright 1996, by the author(s). All rights reserved.

Electric-Energy Generation Using Variable-Capacitive Resonator for Power-Free LSI: Efficiency Analysis and Fundamental Experiment

A Note on the Recursive Calculation of Incomplete Gamma Functions

Stability Analysis of Predator- Prey Models via the Liapunov Method

CS 6110 Lecture 28 Subtype Polymorphism 3 April 2013 Lecturer: Andrew Myers

Test Generation for Designs with Multiple Clocks

Lecture Notes on Cut Elimination

10 Propositional logic

Propositional Language - Semantics

Compound Propositions

Strategies for Proofs

A Characterization of Regular Expressions under Bisimulation

Implementing Memristor Based Chaotic Circuits

Approximation Metrics for Discrete and Continuous Systems

Trade Space Exploration with Ptolemy II

Online Appendix to The Recovery of a Schema Mapping: Bringing Exchanged Data Back

Sec$on Summary. Mathematical Proofs Forms of Theorems Trivial & Vacuous Proofs Direct Proofs Indirect Proofs

Thank you so much for your interest in The Measured Mom printables!

Formulas for which Contraction is Admissible

Lecture Notes on Classical Linear Logic

Congruence of Bisimulation in a Non-Deterministic Call-By-Need Lambda Calculus

1. Propositions: Contrapositives and Converses

Midterm 1. Your Exam Room: Name of Person Sitting on Your Left: Name of Person Sitting on Your Right: Name of Person Sitting in Front of You:

Laver Tables A Direct Approach

University of Illinois at Chicago Department of Computer Science. Final Examination. CS 151 Mathematical Foundations of Computer Science Fall 2012

Overview. I Review of natural deduction. I Soundness and completeness. I Semantics of propositional formulas. I Soundness proof. I Completeness proof.

Copyright 1965, by the author(s). All rights reserved.

Sums of Squares. Bianca Homberg and Minna Liu

Copyright 1966, by the author(s). All rights reserved.

On the Complexity of Optimal K-Anonymity

Ackermann s Function

Weights in Stable Marriage Problems Increase Manipulation Opportunities

Mathematical Logic (IX)

Blame and Coercion: Together Again for the First Time

A non-classical refinement of the interpolation property for classical propositional logic

Confusion of Memory. Lawrence S. Moss. Department of Mathematics Indiana University Bloomington, IN USA February 14, 2008

The following techniques for methods of proofs are discussed in our text: - Vacuous proof - Trivial proof

Correspondence between Kripke Structures and Labeled Transition Systems for Model Minimization

Some Applications of Logic to Feasibility in Higher Types

Foundations of Programming Languages and Software Engineering

Copyright 1984, by the author(s). All rights reserved.

The min cost flow problem Course notes for Search and Optimization Spring 2004

Simulating a Fountain

Basic Problems in Multi-View Modeling

Craig Interpolation Theorem for L!1! (or L!! )

Fermat's Little Theorem

CS 151 Complexity Theory Spring Solution Set 5

On the Standardization Theorem for λβη-calculus

Feasibility-Preserving Crossover for Maximum k-coverage Problem

Landscapes and Other Art Forms.

Statistics on Data Streams

Source Code Metrics for Programmable Logic Controller (PLC) Ladder Diagram (LD) Visual Programming Language

Effectiveness of Reverse Body Bias for Leakage Control in Scaled Dual Vt CMOS ICs

Algorithm 808: ARfit A Matlab package for the estimation of parameters and eigenmodes of multivariate autoregressive models

Integer Least Squares: Sphere Decoding and the LLL Algorithm

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/33

Bisimulation for conditional modalities

CS 70 Discrete Mathematics and Probability Theory Fall 2016 Seshia and Walrand Midterm 1 Solutions

Group-Contribution Estimation of the Critical Properties of Hydrocarbons

CSE 311: Foundations of Computing I Autumn 2014 Practice Final: Section X. Closed book, closed notes, no cell phones, no calculators.

Strong Normalization with Singleton Types

Polynomial-Time Perfect Matchings in Dense Hypergraphs

Chapter 3 Deterministic planning

Extensional Equivalence and Singleton Types

Reducing Delay Uncertainty in Deeply Scaled Integrated Circuits Using Interdependent Timing Constraints

Interpolation in Logics with Constructors

Probabilistic Bisimilarity as Testing Equivalence

Complete Induction and the Well- Ordering Principle

A The equivalence of the torus and the product of two circles in homotopy type theory

Finding Telescopers with Minimal Depth for Indefinite Nested Sum and Product Expressions

The min cost flow problem Course notes for Optimization Spring 2007

Randomized Truthful Auctions of Digital Goods are Randomizations over Truthful Auctions

There are seven questions, of varying point-value. Each question is worth the indicated number of points.

CIS 500 Software Foundations Fall October. Review. Administrivia. Subtyping

What is Logic? Introduction to Logic. Simple Statements. Which one is statement?

CS154 Final Examination

Induction on Failing Derivations

Solving Satisfiability and Implication Problems in Database Systems

VAN DER WAERDEN S THEOREM.

Transcription:

Blame and Coercion: Together Again for the First Time Supplementary Material Jeremy Siek Indiana University, USA jsiek@indiana.edu Peter Thiemann Universität Freiburg, Germany thiemann@informatik.uni-freiburg.de Philip Wadler University of Edinburgh, UK wadler@inf.ed.ac.uk Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. PLDI 15, June 13 17, 2015, Portland, OR, USA. Copyright c 2015 ACM 978-1-4503-3468-6/15/06... $15.00. http://dx.doi.org/10.1145/

A. Positive and negative subtyping Lemma 1 (Positive and negative subtyping). 1. A <: + B iff A p = B BC safe C p. 2. A <: B iff A p = B BC safe C p. Proof. A <: + B implies A = p B BC safe C p and A <: B implies A = p B BC safe C p is proved by mutual induction on the definition of A = p B BC. s for positive subtyping: p ι = ι BC = id ι satisfies ι <: + ι and id ι safe C p. A B = p A B BC = A p = A BC B = p B BC. From the assumption A B <: + A B, we obtain A <: A and B <: + B. By induction, we get that A p = A BC safe C p and B = p B BC safe C p, which proves the claim. = p BC = id satisfies <: + and id safe C p. G = p BC = G!. Immediate because G <: +. A = p BC = A = p G BC ; G! where A, A G, and A G. Hence, it must be that G = and A = A B so that A = p G BC = A B p = BC = = p A BC B p = BC. Since <: A and B <: +, the result holds by induction. = p G BC. Not applicable because : + G. = p A BC where A, A G, and A G. Not applicable because : + A. s for negative subtyping: p ι = ι BC = id ι satisfies ι <: ι and id ι safe C p. A B = p A B BC = A p = A BC B = p B BC. From the assumption A B <: A B, we obtain A <: + A and B <: B. By induction, we get that A p = A BC safe C p and B = p B BC safe C p, which proves the claim. = p BC = id satisfies <: and id safe C p. G = p BC = G!. Immediate because G <:. A = p BC = A = p G BC ; G!. If A <:, then it must be that A <: G. Hence, the claim holds by induction. = p G BC = G? p is safe for p and <: G holds. = p B BC = G? p ; G = p B BC (where B, B G, and G B). <: B is satisfied regardless of B. Hence, it must be that G = so that B = A B and we need to examine = p A B BC = A p = BC = p B BC. As A <: + and <: B we can argue by induction that A p = BC safe C p and = p B BC safe C p. The reverse implication is proved by similar mutual induction on the definition of the translation.

B. Bisimulation between coercions and threesomes Here we give the full proof of Proposition 16. Lemma 2 (Compose Identity Threesomes). s id A CS = s and id A CS s = s Proof. The proof is a straightforward induction on s and A. Lemma 3. If M s and t V 2, then M s t V 2. Proof of Proposition 16. Part 1 and 2. We proceed by case analysis on M M, in each case proving the two statements: 1. If M C N then M S N and N N for some N. 2. If M S N then M C N and N N for some N. (Here we assume parts 3 and 4, which we later prove independently.) Both statements are vacuously true because k cannot reduce. k k M M op( M) op( M ) 1. op( k) op( M ) op( k) δ(op, k) δ(op, k) 2. op( M) op( k) op( k) δ(op, k) δ(op, k) x x Both statements are vacuously true because x cannot reduce. M M λx:a. M λx:a. M Both statements are vacouously true because lambda terms cannot reduce. M 1 M 1 M 2 M 2 M 1 M 2 M 1 M 2 1. We proceed by case analysis on M = M 1 M 2 C N. So either M 1 reduces, M 2 reduces, or they are both values. Suppose M 1 reduces, i.e., M 1 C M 3. From M 1 M 2 M, we have M = M 1 M 2 and M 1 M 1 and M 2 M 2. By the induction hypothesis, M 1 S M 3 and M 3 M 3. So M 1 M 2 S M 3 M 2 and M 3 M 2 M 3 M 2. The case for M 2 reducing is essentialy the same as for M 1 reducing. Suppose M 1 and M 2 are values. We proceed by cases on M 1. M 1 = k: M cannot reduce; M 1 = λx:a. M 11: part of beta redex, see (a) below; M 1 = V c d : part of coercion redex, see (b) below; M 1 = V G! : M cannot reduce. Let V 2 = M 2. (a) (λx:a. M 11) V 2 C M 11[x := V ] We have (λx:a. M 11) V 2 M 1 M 2 then proceed by case analysis on (λx:a. M 11) V 1. V 2

Subcase M 11 M 11 λx:a. M 11 λx:a. M 11 (λx:a. M 11) V 2 (λx:a. M 11) V 2 Subcase λx:a. M 11 U λx:a. M 11 U id A B CS M 11[x := V 2] M 11[x := V 2] (λx:a. M 11) V 2 U id A B CS V 2 (U V 2 id A CS ) id B CS ((λx:a. M 11) V 2 id A CS ) id B CS M 11[x := V 2] M 11[x := V 2 id A CS ] id B CS (b) (V c d ) W C (V W c ) d We proceed by induction on V c d M 1. There are two cases to consider. (Rule (iii) does not apply because the premise would relate a value to a function application.) Subcase rule (i). V c d M 11 V c d : A B V c d M 11 id A id B We have M 11 1 and V c d 1 by induction. So we have 1 = U (s 1 s 2) c d CS and V U s 1 s 2. (V c d ) W The left is related to the right by rule (iii). Subcase rule (ii). because (M 11 id A id B ) M 2 U (s 1 s 2) c d CS id A id B V 2 U (s 1 s 2) c d CS (id A id B) V 2 Lemma 2 (V W c ) d (U (s 1 s 2) c d CS ) V (V c d ) W (V W c ) d V M 11 s (M 11 s c CS d CS ) M 2 W M 2 W c M 2 c CS V W c (M 11 s ) (M 2 c CS ) (V W c ) d (M 11 s c CS d CS ) M 2 2. We proceed by case analysis on M 1 M 2 S N. (a) (λx:a. M 11) V 2 S M 11[x := V 2] M 1 M 2 (λx:a. M 11) V 2 (λx:a. M 11) V M 11[x := V 2] M 11[x := V 2] 2 2

(b) (U s t ) W S (U W s ) t M 1 M 2 ( c n d n c 1 d 1 ) V 2 (U s t ) W ( (V 2 c 1 c n )) d n d 1 (U W s ) t M 1 M 1 c CS = s M 1 c M 1 s 1. We proceed by case analysis on M 1 c C N. (a) id A C V1 ida M 1 id A CS (b) G! G? p C V1 G! G? p V 1 id A CS M 1 id G CS ; G! G? p ; id G CS (c) G! H? p C blame p V 1 id G CS ; G! G? p ; id G CS V G! H? p M 1 id G CS ; G! H? p ; id H CS 1 M 1 p A B blame p blame p (d) c; d C c d (e) p A B C blame p 2. We proceed by case analysis on M 1 t S N. c; d c d p A B M 1 t M 1 p A B blame p blame p (a) U id ι S U M1 idι id ι U id ι U

(b) U id S U M 1 id id U id (c) M 2 s t S M 2 s t U M 1 c M 2 s t We have M 1 M 2 s and therefore M 1 c M 2 s t. (d) U p A B S blame p M 1 c M 2 s t M 1 p A B p A B U p A B blame p blame p M 1 M 1 s c CS = t M 1 c M 1 s t 1. We proceed by case analysis on M 1 c C N. (a) id A C id A (b) G! G? p C G! G? p M 1 s id A CS M 1 s G! G? p (c) G! H? p C blame p G! H? p M 1 s M 1 s G! H? p ; id H CS M 1 p A B (d) c; d C c d (e) p A B C blame p blame p blame p c; d c d p A B M 1 s t M 1 s p A B M 1 p A B blame p blame p

2. We proceed by case analysis on M 1 s t S N. (a) U id ι S U. There are two cases for s t = id ι: i. s = t = id ι M 1 id ι id ι U id ι U ii. s = id ι; ι! and t = ι? p ; id ι. In that case, the assumption is M 1 U id ι; ι!. By inversion, M 1 = M 11 ι! and M 11 U id ι. By further inversion, M 11 U. Hence: M 11 ι! ι? p ι! ι? p U id ι U (b) U id S U M 1 id id U id (c) M 2 s s t S M 2 s s t U M 1 c M 2 s s t M 1 c M 2 s s t We have M 1 M 2 s s and therefore M 1 M 2 s s. With t CS = c we conclude M 1 c M 2 s s t. (d) U p A B S blame p There are three ways that we could have s t = p A B. i. s = (g; G!), t = (H? p ; i) M 1 c U p A B G! H? p blame p blame p ii. s = p A B We have M 1 U p A B so by the induction hypothesis M1 blame p. M 1 c U p A B blame p blame p iii. t = p A B M 1 p A B p A B blame p U p A B blame p

M 1 M 1 s M 2 t 1 d CS = t 2 M 1 d M 1 s (t 1 t 2) M 2 1. We proceed by case analysis on M 1 d C N, but every case is vacuously true because they require M 1 to be a value, but M 1 corresponds to a function application. 2. We proceed by cases on M 1 s (t 1 t 2) M 2 S N. We have M 1 U s 1 s 2 W t 1. So M 1 = (M 2 M 3 c c 1 ) d 1 where c d CS = t 1 t 2 and c 1 d 1; ; c n d n CS = s 1 s 2. (M 2.. c k d k M 3 c c 1..).. d 1 d (V 2.. c k d k V 3 c c 1..).. d 1 d U s 1 s 2 t 1 t 2 W (V 2 W c c 1.. c n ) d n.. d 1 d (U W t 1 s 1 ) s 2 t 2 Part 3. We show that the term M on the right can become a value V that corresponds to V. We proceed by induction on V. V = k. We proceed by cases on k M, but we only have one case to consider. Subcase k k Take V = k. V = λx:a. N. We proceed by induction on (λx:a. N) M. Subcase N N λx:a. N λx:a. N We take V = λx:a. N. λx:a. N M 1 id A B CS = id A id B Subcase λx:a. N M 1 id A id B By the inner induction hypothesis we have the following. Now suppose = λx:a. N. Then id A id B is a value. On the other hand, suppose = U s t. λx:a. N M 1 id A id B V 1 id A id B λx:a. N U s t id A id B U s t V = G!. We proceed by induction on G! M. There is one case to consider. (Rule (iii) does not apply because the premises would relate a value to a function application.) Subcase rule (i) G! M 1 G! M 1 id CS G! M 1 id V 1 id Subcase rule (ii) G! V M 1 s G! M 1 s G! CS 1

The inner induction hypothesis gives us V1 M 1 s Suppose = k. Then k G! CS is a value. By Lemma 3 we have k G! M 1 s G! CS k G! CS Suppose V 1 = λx:a. N. Then (λx:a. N ) G! CS is a value. By Lemma 3 we have G! M 1 s G! CS (λx:a. N ) G! CS Suppose = U g; H!. Then has type, but that contradicts it having type G. Suppose = U s t. We have G! U s t G! CS By Lemma 3 we conclude U (s t ); G! G! M 1 s G! CS U (s t ); G! V = c d. We proceed by induction on c d M. There are three cases to consider. (Rule (iii) does not apply because the premise would relate a value to a function application.) Subcase rule (i) c d M 1 c d : A B id A B CS = t c d M 1 t We have M 1 and c d by the inner induction hypothesis. We proceed by cases on with the knowledge that it is of function type. Suppose = λx:a. e. Then id A id B is a value and we relate the left to the right by rule (i). Suppose = U c d. c d U c d id A CS id A CS Subcase rule (ii) M 1 s c d CS = t U (c d ) ( id A CS id A CS ) Lemma 2 c d U c d c d M 1 s t We have M 1 s and by the inner induction hypothesis. Then applying some case analysis on we have c CS d CS V and c d V for some V. Part 4. We show that the term M on the left can become a value that corresponds to V. We proceed by induction on V. V = k. By inversion on M k we have M = k, which is already a value, so we take V = M. V = λx:a. N. By inversion on M λx:a. N we have M = λx:a. N and take V = M. V = U s t. Inversion of M U s t gives us two cases to consider. Subcase for rule (i) M U M : A id A CS = s t M U s t

By the induction hypothesis, M C V where V U. Then the left and right sides are related by rule (i). Subcase for rule (ii). M 1 U s c CS = t M 1 c U s t We have M = M 1 c and (s t ) = s t. By the induction hypothesis, M 1 C where U s. We proceed with a nested induction on c. Suppose c = id A. id A U s id A CS Lemma 2 U s Suppose c = G!. Then t = G! CS = id G CS ; G!, but that contradicts (s t ) = s t. Suppose c = G? p. Then t = G? p ; id G CS. With (s t ) = s t, we have s = (s t); G!. Then from U (s t); G! we have = V 2 G! with V 2 U s t for some V 2. So we obtain: G? p V 2 G! G? p U (s t); G! G? p ; id G CS Lemma 2 V 2 U s t Next suppose c = c 1 c 2, then c 1 c 2 is already a value. From U s and c CS = t we have c U s t by rule (ii). Suppose c = (c 1; c 2). We have t = c 1 CS c 2 CS. We obtain the following with two uses of the the inner induction hypothesis. c 1; c 2 U s t c 1 c 2 IH V 2 c 2 IH V 3 U s c 1 CS c 2 CS Suppose c = p A B. Then t = p A B and (s t ) = p B, but (s t ) = s t so we have a contradiction. V = U g; G!. Considering M U g; G!, only rule (ii) applies. Subcase (ii): IH IH M 1 U s c CS = t M 1 c U s t By the induction hypothesis, we have M 1 C and U s. We proceed by nested induction on c. Suppose c = id. id U s id CS U s Lemma 2 Suppose c = H!. Then we have H! U s H! CS. Suppose c = H? p. Then t = H? p CS = H? p ; id H CS. But that contradicts (s t) = (g; G!). Suppose c = c 1 c 2. Then t = c 1 c 2 CS = c 1 CS c 2 CS. But that contradicts (s t) = (g; G!).

Suppose c = (c 1; c 2). We use the same reasoning as for the corresponding case in V = U s t, that is, we obtain the following with two uses of the the inner induction hypothesis. c 1; c 2 c 1 c 2 IH V 2 c 2 IH V 3 U s t U s c 1 CS c 2 CS Suppose c = p A B. Then t = p A B and (s t ) = p B, but (s t ) = (g; G!) so we have a contradiction. Part 5 and 6. blame p blame p IH IH

C. Translation is bisimilar Here we sketch the proof of Proposition 17. Proposition 17. M M CS. Proof. (Sketch). By induction on M. The only non-trivial case is for M c where we need to apply rules (i) and (ii) to establish. In all other cases, the congruence rules are sufficient.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback