Subtyping. Preciseness of Subtyping on Intersection and Union Types. Subtyping. Silvia Ghilezan. Joint work with Mariangiola Dezani-Ciancaglini

Transcription

1 Subtyping Preciseness of Subtyping on Intersection and Union Types Silvia Ghilezan University of Novi Sad Serbia Université Paris Diderot, 21 April 2016 Joint work with Mariangiola Dezani-Ciancaglini M. Dezani-Ciancaglini and SG. Preciseness of subtyping on intersection and union types. In RTA-TLCA 2014, volume 8560 of LNCS, pages (2014). 1/27 2/27 Subtyping Subtyping is a binary relation apple (preorder) on the set of Types apple Subsumption rule in the type inference system M : apple M : -calculi, concurrent calculi programming languages 3/27 4/27

2 Preciseness of subtyping Preciseness Soundness Completeness Two aspects: Denotational preciseness Operational preciseness 5/27 6/27 Denotational Preciseness of Subtyping [[ ]] is a set interpreting type denotational soundness: apple implies [[ ]] [[ ]] denotational completeness: [[ ]] [[ ]] implies denotational preciseness: apple iff [[ ]] [[ ]] apple H. Barendregt, M. Coppo, and M. Dezani-Ciancaglini. A Filter Lambda Model and the Completeness of Type Assignment. Journal of Symbolic Logic, 48(4): , J. Vouillon. Subtyping Union Types. In CSL, volume 3210 of LNCS, pages , Operational Soundness of Subtyping If apple, then each context that is safe when filled with a term of type is also safe when filled with a term of type 8C[ ](8M : C[M] 6! error =) 8N : C[N] 6! error) Example. nat apple int C[ Subsumption rule in the type system 5] converges, then C[2] converges M : M : apple Operational soundness of subtyping follows from subject reduction of the type system 7/27 8/27

3 Operational Completeness of Subtyping Converse: If each context that is safe when filled with a term of type is also safe when filled with a term of type, then apple Instead: If 6apple, then there is a context that is safe when filled with an arbitrary term of type, and gives an error when filled with a suitable term of type 9C 0 [](8M :. C 0 [M] 6! error V 9N 0 :.C 0 [N 0 ]! error) Operational Preciseness of Subtyping apple iff for each context soundness and completeness that is safe when filled with a term of type is also safe when filled with a term of type 8C[ ](8M :. C[M] 6! error =) 8N :. C[N] 6! error) apple iff there is no context that is safe when filled with an arbitrary term of type and gives an error when filled with a suitable term of type 9C 0 [](8M :. C 0 [M] 6! error V 9N 0 : C 0 [M 0 ]! error ) J. Blackburn, I. Hernandez, J. Ligatti, and M. Nachtigal. Completely subtyping iso-recursive types. Technical Report, University of South Florida, /27 10/27 Concurrent -calculus - Syntax M. Dezani-Ciancaglini, U. de Liguoro, and A. Piperno. A Filter Model for Concurrent Lambda-Calculus. SIAM Journal on Computing 27(5): , M ::= x v ( x.m) ( v.m) (MM) (M + M) (MkM) 1 call-by-name and call-by-value variables 2 internal choice 3 parallel operator W ::= v x.m v.m W kw TVal total values: V ::= W V km MkV Val values 11/27 12/27

4 w ' y ' Reduction rules (+ L ) M + N! M (+ R ) M + N! N (k app )(MkN)L! MLkNL (k s ) M! M0 N! N 0 MkN! M 0 kn 0 (k a ) M! M 0 W 2TVal MkW! M 0 kw, W km! W km 0 ( )( x.m)n! M[N/x] ( v ) W 2 TVal ( v.m)w! M[W /v] V! V 0 V 2 Val ( v k) ( v.m)v! M[V /v]k( v.m)v 0 N! N 0 N 62 Val (µ v ) ( v.m)n! ( v.m)n 0 ( ) M! S M0 M 62 Val Par MN! M 0 N TVal total values: W ::= v x.m v.m W kw Val values V ::= W V km MkV Par = {MkN} 13/27 Types and Subtyping Convergence reduction tree P = x.(x + I) Q =( x.p(xx))( x.p(xx)) Bar is a subset of nodes of the reduction tree such that each maximal path intersects the bar at exactly one node a term converges if there is a bar of values in its reduction tree IIk Ik... Typing Rules IIk + Kk Kk Kk... YP Q PQ Q + I y " Q I PQ Q + I YP 14/27 Type: ::=!! ^ _ apple is the smallest pre-order on types such that A basis maps 1 call-by-name variables to types (! by default) and 2 call-by-value variables to coprime types (!!! by default) 1 htype, applei is a distributive lattice, in which ^ is the meet, _ is the join and! is the top; 2 the arrow satisfies 1!! apple!!!; 2 (! ) ^ (! ) apple! ^ ; 3 0, apple 0 )! apple 0! 0. (! I v ) (Ax) ` : ( ) (!)! (! I n ), x : ` x.m :!, v : i = W i2i i i 2 CType i 2 I ` v.m :! CType: a type is coprime if apple _ implies apple or apple (! E)! ` N : ` MN : Each type is equal to an union of coprime types. (^ I) ^ (apple) apple 15/27 (+ I) ` M + N : ` N : _ (k I) ` MkN : ` N : ^ 16/27

5 Characterisation of Convergence Each type is either a subtype of!!! or it is equivalent to!. Theorem (Type preservation) The type system enjoys subject reduction. Theorem A closed term is convergent iff it has type!!!. Corollary A closed term is divergent iff it has only types equivalent to!. Unsoundness of (! ) ^ (! ) apple _! =!!! =!!! =!!! ` x.xi k x.x I :(! )! (! ) and ` K + O : _ ` ( x.xi k x.x I)(K + O) : (=!!!) ( x.xi k x. I)(K + O)! (K + O)I k(k + O) I)! OI kk I! k k diverges 6` k :!!! subject reduction fails! 17/27 18/27 Preciseness for the Concurrent -calculus The subtyping apple is denotationally precise when apple if and only if [[ ]] [[ ]] The subtyping apple is operationally precise when apple if and only if there is no closed terms M 0 such that M 0 P converges for all closed terms P : and for some N 0 : the term M 0 N 0 diverges 9M 0 [](8P :. M 0 P conveges ^ 9N 0 :. M 0 N 0 diverges ) 19/27 20/27

6 Operational preciseness for the Concurrent key terms -calculus Theorem The subtyping apple is denotationally precise for the concurrent -calculus. R! = ; T! = xy.y; R! = x.(t x) R ; T! = v.t (v R ); R ^ = R k R ; T ^ = x.(t x + T x); R _ = R + R. T _ = v.(t v k T v) where _ 6=!. [[ ]] = {M } Theorem The subtyping apple is operationally precise for the concurrent -calculus. R characteristic term is the worst (with respect to convergence) term of type R has type iff apple test term T M (M closed) converges (to I) iff M has type T has type!! iff apple 21/27 22/27 Preciseness for Pure -Calculus Operational completeness requires that all empty (i.e. not inhabited) types are less than all inhabited types Inhabitation is undecidable for polymorphic types and for intersection types A complete subtyping on polymorphic types or on intersection types for the pure -calculus must be undecidable This makes unfeasible an operationally complete subtyping for the pure -calculus, both in case of polymorphic types and intersection and union types The terms of the concurrent -calculus inhabit all types Open problem: to study the extensions of -calculus enjoying operational preciseness for the decidable subtyping between polymorphic types 23/27 24/27

7 Related work J. Blackburn, I. Hernandez, J. Ligatti, and M. Nachtigal. Completely subtyping iso-recursive types. Technical Report, University of South Florida, T. Chen, M. Dezani-Ciancaglini, and N. Yoshida. On the Preciseness of Subtyping in Session Types. In PPDP 2014, , M. Dezani-Ciancaglini, SG, S. Jaksic, J. Pantovic and N. Yoshida. Precise subtyping for synchronous multiparty sessions. In PLACES 2015, EPTCS 203:29 43, TYPES 2016, May 23-27, 2016, Novi Sad TYPES nd International Conference on Types for Proofs and Programs Affiliated events: CLA 2016, EUTYPES 2016 Novi Sad, Serbia May 23-27, M. Dezani-Ciancaglini, SG, S. Jaksic, J. Pantovic and N. Yoshida. Denotational and Operational Preciseness of Subtyping: A Roadmap. In Theory and Practice of Formal Methods 2016, LNCS 9660: , /27 26/27 Thanks 27/27