Our proof technique draws heavily from previous work on step-indexed logical rela- tions. The idea to approximate models of programming languages up to a number of remaining execution steps originated in the work of Appel and McAllester on foundational proof-carrying code [5]. They observed that the step indices allowed a natural interpretation of recursive types. Subsequently, Ahmed extended this tech- nique to languages involving impredicative polymorphism, mutable state and other features [2, 1].
Hobor, Dockins and Appel have proposed a general theory of indirection which captures many of the common use-cases for step-indexed models [32]. They provide a general framework for applying these approximation techniques to resolve certain types of apparent circularity (similar to the problems with recursive types described above). In a recent draft [25], Dockins and Hobor have used this framework to provide a Hoare logic of total correctness for a small language with function pointers and semantic assertions. This work is closely related to the present development, but with different goals: they prove the soundness of a logic which can reason about termination, while we prove that every term in the logical fragment of our language terminates.
We first introduced the hybrid, partially step-indexed technique in the context of a simply typed language that resembles λθ [15]. In subsequent work, we extended
Chapter 8
Conclusion
Our love is like Jesus, but worse.
Though you seal the cave up where you’ve lain its body, It rises.
It rises.
Going to Marrakesh
The Extra Glenns
This thesis introduces a new dependently typed core language, PCCθ. The goal of PCCθ is to solve two problems with existing dependently typed languages: the requirement of normalization makes programming with recursive functions difficult, and the standard notion of equality is insufficiently expressive and often inconvenient to work with. To solve the first problem, PCCθ directly allows non-termination via general recursion, but identifies a terminating sublanguage, the “logical fragment”. The type system of the logical fragment is consistent and may be used to reason about any PCCθ program, even those that are potentially non-terminating. To solve the second problem, PCCθ includes a new built-in notion of equality. This equality is heterogeneous and its uses are unmarked so they do not clutter expressions. Addi- tionally, PCCθ expressions include no typing annotations, so types do not get in the way of equalities.
At the outset of this project, we believed that most challenging parts of the metatheory of PCCθ would relate to the inclusion of general recursion and the re- lated interacting fragments. To study this, we created the language λθ, a simply
typed variant. To prove normalization for the logical fragment of λθ we developed the technique of “partially step-indexed logical relations”. Having demonstrated that the metatheory of a language with PCCθ-like logical and programmatic fragments is tractable, we added a PCCθ-like notion of equality to λθ to create the depen- dently typed language LFθ. The proof techniques we had previously developed scaled gracefully to this larger system. In both cases, the metatheory has been completely mechanized.
Bridging the gap between LFθ and full PCCθ proved more challenging. In partic- ular, PCCθ includes type-level computation and polymorphism. As we described in Chapter 6, these features interact in surprisingly subtle ways with PCCθ’s unmarked equality, creating substantial metatheoretic complications. Despite this, we were able to prove normalization for PCCθ, which combines our solutions to the problems of non-termination and equality reasoning with dependent types, type-level computa- tion, and polymorphism. We used the techniques developed for λθ and LFθ, along
with some new tricks, to show that terms in the logical fragment of PCCθ normalize and that its type system is consistent.
It is natural to consider the plausibility of using the novel aspects of PCCθ in a practical dependently typed language. Our solution to the problem of incorporating general recursion with dependent types seems like a relatively simple and safe addi- tion to standard systems. Non-termination does introduce some problems for type inference, since comparing expressions becomes undecidable, but in practice this is not substantially different from the problem of comparing expressions when one might take a very long time to terminate. Since the fragments can be used independently, programmers who are satisfied with current dependently typed languages could work strictly in the logical fragment with minimal additional overhead. Additionally, pro- grammers more familiar with languages like Haskell could program strictly in the programmatic fragment, and the ability to reason about their code would be avail- able to them in the same language. Thus, such a system could be an excellent way to introduce more programmers to dependent types gradually.
The adoption of PCCθ’s equality seems trickier. First, extensional equality in- troduces substantial complications for type inference. Since uses of the propositional equality are not marked in terms, the type checker must decide where to insert them. In practice, some kind of annotation regime would likely be necessary. These prob- lems are currently being explored by Vilhelm Sjöberg [51], and will be considered in depth in his upcoming thesis. A second concern is that the metatheory is murkier for a system with PCCθ’s equality that includes standard features like a collapsed syn- tax or a universe hierarchy. In practice, existing systems like Coq and Agda include features whose metatheory has not been studied in combination (or, in the case of Agda, at all), and we are not aware of any problems inTheta, the extended version of PCCθ. Still, we hope to continue studying the theory of Theta itself to gain additional confidence in the consistency of its logical fragment.
We believe that the solutions proposed in this thesis succeed in making depen- dently typed languages more usable. If PCCθ is not precisely the dependently typed core language of the future, it certainly represents a useful step along the way.
Appendix A
Reduction Relations
For readability, we omitted the complete specification of parallel reduction in Chap- ter 4 and of several reduction relations in Chapter 5. Here we provide the missing details.
A.1
Parallel Reduction for LF
θa Vb a Va PRefl a1 Va10 ncasez Z of {Z ⇒a1;S x ⇒a2}V[refl/z]a10 PCaseZ v Vv0 a2 Va20 ncasez S v of {Z ⇒a1;Sx ⇒a2}V[refl/z][v0/x]a20 PCaseS v1 Vv10 v2 Vv20 b Vb 0
pcasez hv1,v2i of {(x, y)⇒b}V[refl/z][v20/y][v
0
1/x]b0
PCasePair
v Vv0 a1 Va10
scasez inlv of {inl x ⇒a1;inr x ⇒a2}V[refl/z][v0/x]a10
PCaseInl
v Vv0 a2 Va20
scasez inrv of {inl x ⇒a1;inr x ⇒a2}V[refl/z][v0/x]a20
v Vv0 a Va0
(recf x.a)v V[v0/x][recf x.a0/f]a0 PFun
v Vv0 a Va0
(λx.a)v V[v0/x]a0 PLam
v Vv0 a Va0
(indf x.a)v V[v0/x][λy.λz.(indf x.a0)y/f]a0 PInd
v Vv0
unroll(rollv)Vv0 PUnroll
a Va0
recf x.a Vrecf x.a0 PFun1
a Va0
λx.a Vλx.a0 PLam1
a Va0
indf x.a Vindf x.a0 PInd1
a Vb S a VSb PSucc1 a Va0 a1 Va10 a2 Va20 ncasez a of {Z ⇒a1;Sx ⇒a2}Vncasez a0 of {Z ⇒a10;S x ⇒a20} PNCase1 a Vb
inla Vinlb PInl1
a Vb
inra Vinrb PInr1
a Va0 b Vb0
ha,biVha0,b0i PPair1
a Va0 a1 Va10 a2 Va20
scasez a of {inl x ⇒a1;inr x ⇒a2}Vscasez a0 of {inl x ⇒a10;inr x ⇒a20}
PSC1
a Va0 b Vb0
pcasez a of {(x, y)⇒b}Vpcasez a0 of {(x, y)⇒b0} PPCase1
a Vb
rolla Vrollb PRoll1
a Vb
unrolla Vunrollb PUnroll1
a Va0 b Vb0
a b Va0 b0 PApp1
AVA0 B VB0
AVA0 A@θ VA0@θ PAt1 AVA0 B VB0 A+B VA0+B0 PSum1 AVA0 B VB0 Σx:A.B VΣx:A0.B0 PSigma1 a Va0 b Vb0 a =b Va0 =b0 PEq1 AVA0 µx.AVµx.A0 PMu1 a V∗ b a V∗ a MPRefl a Vb b V∗ b0 a V∗ b0 MPStep