Formalization of PCF-

We define types, variables, terms, and environments.

Inductive ty :=
| Nat: ty
| Fun: ty -> ty -> ty.
Inductive var :=
| Var: nat -> var.
Inductive ter :=
| O: ter
| S: ter -> ter
| C: ter -> ter -> ter -> ter
| V: var -> ter
| L: var -> ty -> ter -> ter
| A: ter -> ter -> ter
| F: ter -> ter.
Inductive value: ter -> Prop :=
| value_O: value O
| value_S: forall v, value v -> value (S v)
| value_V: forall x, value (V x)
| value_L: forall x tau t, value (L x tau t).

Require Import Arith. (* we need beq_nat to define update *)
Definition beq_var x y := match (x,y) with (Var m, Var n) => beq_nat m n end.

Definition env A := var -> option A.
Definition empty A (x: var) : option A := None.
Definition update A (f: var -> option A) x a y := if beq_var x y then Some a else f y.

Definition of typing relation.

Inductive type: env ty -> ter -> ty -> Prop :=
| type_O : forall g, type g O Nat
| type_S : forall g t, type g t Nat -> type g (S t) Nat
| type_C : forall g t t1 t2 tau,
             type g t Nat -> type g t1 tau -> type g t2 (Fun Nat tau)
             -> type g (C t t1 t2) tau
| type_V : forall g x tau, g x = Some tau -> type g (V x) tau
| type_L : forall g x t tau tau', type (update ty g x tau) t tau'
             -> type g (L x tau t) (Fun tau tau')
| type_A : forall g t t' tau tau', type g t (Fun tau' tau) -> type g t' tau'
             -> type g (A t t') tau
| type_F : forall g t tau tau', type g t (Fun (Fun tau tau') (Fun tau tau'))
             -> type g (F t) (Fun tau tau').

Hint Constructors value.
Hint Constructors type.
Ltac sinv h := (inversion h; clear h; subst). (* a useful tactic *)

Theorem Unique_Type: forall g s tau tau',
type g s tau -> type g s tau' -> tau=tau'.
Proof with eauto.
intros g s; generalize g; clear g.
induction s; intros g tau tau' H1 H2; sinv H1; sinv H2...
(* V *) rewrite H3 in H1. inversion H1...
(* L *) eapply IHs in H6... congruence.
(* A *) eapply IHs1 in H4... inversion H4...
(* F *) eapply IHs in H3... congruence.
Qed.

To define reduction and evaluation, we need substitution. There is an important choice point here: Either we work with capturing substitution and restrict reduction and evaluation to closed terms, or we work with capture-free substitution. In Pierce's online notes capturing substitution is used. In his textbook capture-free substitution is employed, which is obtained from capturing substitution with Barendregt's sweep under the carpet convention.

We choose a third way and just assume we have a substitution operator. Interestingly, only Preservation needs a property of substitution (the so-called substitution lemma). We prove Preservation by explicitly assuming the substitution lemma.

Remark: The substitution lemma does not hold for capturing substitution.

Remark: Even for capturing substitution and closed terms the substitution lemma is hard to show for V and L, see Pierce. The equivalence beq_var x y = true <-> x=y is needed.

Hypothesis subst: var -> ter -> ter -> ter.

Definition of reduction relation.

Inductive step: ter -> ter -> Prop :=
| step_S : forall t t', step t t' -> step (S t) (S t')
| step_C : forall t t' t1 t2, step t t' -> step (C t t1 t2) (C t' t1 t2)
| step_CO: forall t1 t2, step (C O t1 t2) t1
| step_CS: forall v t1 t2, value v -> step (C (S v) t1 t2) (A t2 v)
| step_Al: forall t1 t1' t2, step t1 t1' -> step (A t1 t2) (A t1' t2)
| step_Ar: forall v t t', value v -> step t t' -> step (A v t) (A v t')
| step_A : forall v x tau t, value v -> step (A (L x tau t) v) (subst x v t)
| step_Fd: forall t t', step t t' -> step (F t) (F t')
| step_F : forall x tau t, step (F (L x tau t)) (subst x (F (L x tau t)) t).

Hint Constructors step.

Definition Substitution_Lemma := forall tau tau' g x t t',
type (update ty g x tau') t tau -> type g t' tau' -> type g (subst x t' t) tau.

Theorem Preservation:
Substitution_Lemma ->
forall g s tau t,
type g s tau -> step s t -> type g t tau.
Proof with eauto.
intros HSL g s tau t HT. generalize t; clear t.
induction HT; intros s HR; sinv HR...
(* C *) inversion HT1...
(* A *) eapply HSL... inversion HT1...
(* F *) eapply HSL... inversion HT...
Qed.

Theorem Progress: forall t tau,
type (empty ty) t tau -> value t \/ exists t', step t t'.
Proof with eauto.
intros t tau HT. remember (empty ty) as Gamma. induction HT...
(* S *) intuition. inversion H0...
(* C *) clear HT2 HT3 IHHT2 IHHT3 tau. intuition.
  sinv H0; sinv HT1... inversion H1.
  inversion H0...
(* A *) clear HT2. elim IHHT1; clear IHHT1; try intro Hor...
  sinv Hor; sinv HT1...
    inversion H1.
    elim IHHT2... intro H; elim H...
    elim Hor...
(* F *) intuition.
  sinv H0; sinv HT... inversion H1.
  inversion H0...
Qed.

Proposition Value: forall s t,
step s t -> value s -> False.
Proof.
induction s; intros u HR HV; sinv HR; sinv HV; eauto.
Qed.

Theorem Determinacy: forall s t t',
step s t -> step s t' -> t=t'.
Proof with eauto.
induction s; intros u u' HU HU';
sinv HU; sinv HU'...
(* S *) eapply IHs in H0... congruence.
(* C *) eapply IHs1 in H3... congruence.
inversion H3.
apply Value in H3... inversion H3.
inversion H3.
apply Value in H4... inversion H4.
(* A *) eapply IHs1 in H2... congruence.
apply Value in H4... inversion H4.
apply Value in H2... inversion H2.
inversion H2.
apply Value in H4... inversion H4.
eapply IHs2 in H3... congruence.
apply Value in H3... inversion H3.
inversion H3.
apply Value in H4... inversion H4.
(* F *)
eapply IHs in H0... congruence.
inversion H0.
inversion H0.
Qed.

Definition of evaluation relation

Inductive eval: ter -> ter -> Prop :=
| eval_value : forall v, value v -> eval v v
| eval_S : forall t v, eval t v -> eval (S t) (S v)
| eval_C0 : forall t t1 t2 v, eval t O -> eval t1 v -> eval (C t t1 t2) v
| eval_C1 : forall t t1 t2 u v, eval t (S u) -> eval (A t2 u) v -> eval (C t t1 t2) v
| eval_A : forall t1 t2 x tau t u v, eval t1 (L x tau t) -> eval t2 u -> eval (subst x u t) v -> eval (A t1 t2) v
| eval_F : forall t x tau t' v, eval t (L x tau t') -> eval (subst x (F(L x tau t')) t') v -> eval (F t) v.

Hint Constructors eval.

Proposition Eval_codom: forall t v, eval t v -> value v.
Proof.
intros t v HE. induction HE; eauto.
Qed.

Proposition Eval_expansion: forall s t v,
step s t -> eval t v -> eval s v.
Proof.
intros s t v HS. generalize v.
induction HS; intros u HE; eauto; sinv HE; eauto;
try solve [inversion H ; eauto | inversion H0].
Qed.

Inductive stepstar: ter -> ter -> Prop :=
| stepstar_refl : forall t, stepstar t t
| stepstar_step : forall s t u, step s t -> stepstar t u -> stepstar s u.

Hint Constructors stepstar.

Lemma Step2Eval: forall t v,
value v -> stepstar t v -> eval t v.
Proof with eauto.
intros t v HV HR. induction HR...
eapply Eval_expansion...
Qed.

Lemma stepstar_trans: forall s t u,
stepstar s t -> stepstar t u -> stepstar s u.
Proof.
intros s t u HS. generalize u. induction HS; eauto.
Qed.

Lemma Lifting: forall f,
(forall s t, step s t -> step (f s) (f t)) ->
forall s t, stepstar s t -> stepstar (f s) (f t) .
Proof.
intros. induction H0; eauto.
Qed.

Lemma Eval2Step: forall t v, eval t v -> stepstar t v.
Proof with eauto.
intros t v H. induction H...
(* S *) apply Lifting...
(* C *)
apply stepstar_trans with (t:=C O t1 t2)...
  apply Lifting with (f:=fun t => C t t1 t2)...
apply stepstar_trans with (t:=A t2 u)...
  apply stepstar_trans with (t:=C (S u) t1 t2)...
    apply Lifting with (f:=fun t => C t t1 t2)...
    apply Eval_codom in H. inversion H...
(* A *)
apply stepstar_trans with (t:=subst x u t)...
apply stepstar_trans with (t:=A (L x tau t) u).
   apply stepstar_trans with (t:= A (L x tau t) t2).
      apply Lifting with (f:=fun t => A t t2)...
      apply Lifting...
   apply Eval_codom in H0...
(* F *)
apply stepstar_trans with (t:=subst x (F (L x tau t')) t')...
apply stepstar_trans with (t:=F(L x tau t'))...
apply Lifting...
Qed.

Theorem Coincidence: forall t v, value v ->
(eval t v <-> stepstar t v).
Proof.
intuition. apply Eval2Step. assumption. eapply Step2Eval; assumption.
Qed.

This page has been generated by coqdoc