refinement types for lf - cs.cmu.eduwlovas/papers/proposal-slides.pdf · automating reason better...
TRANSCRIPT
![Page 1: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/1.jpg)
Refinement Types for LFWilliam Lovas
![Page 2: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/2.jpg)
Automating reason
Better representations ⇒ better automation
We can look at the current field of problem solving by computers as a series of ideas about how to present a problem. If a problem can be cast into one of these representations in a natural way, then it is possible to manipulate it and stand
some chance of solving it.
2
(Allen Newell, 1965)
![Page 3: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/3.jpg)
Thesis
Refinement types are a useful and practical addition to the logical framework LF.
3
![Page 4: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/4.jpg)
Thesis
Refinement types are a useful and practical addition to the logical framework LF.
‣ in particular, lead to better representations
3
![Page 5: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/5.jpg)
LF: a logical framework
Harper, Honsell, and Plotkin, 1987, 1993
Dependently-typed lambda-calculus
Encode deductive systems and metatheory, uniformly, and machine-checkably‣ e.g. a programming language and its type safety theorem
4
![Page 6: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/6.jpg)
LF: a logical framework
Harper, Honsell, and Plotkin, 1987, 1993
Dependently-typed lambda-calculus
Encode deductive systems and metatheory, uniformly, and machine-checkably‣ e.g. a programming language and its type safety theorem
Guiding principle: “judgements as types”
4
![Page 7: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/7.jpg)
Judgements as types
5
On paper In LF
Syntax‣ e::=…τ::=…
Simple type‣ exp:type.tp:type.
Judgement‣ Γ⊢e:τ
Type family‣ of:exp→tp→type.
Derivation‣ D::Γ⊢e:τ
Well-typed term‣ M:ofET
Proof checking Type checking
![Page 8: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/8.jpg)
Refinement types
More precise layer of classification beyond -- but correlated with -- the usual types
“Inclusion” or “implication” as subtyping, e.g.:‣ all values are expressions‣ all odd natural numbers are positive
6
![Page 9: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/9.jpg)
Refinement types
More precise layer of classification beyond -- but correlated with -- the usual types
“Inclusion” or “implication” as subtyping, e.g.:‣ all values are expressions‣ all odd natural numbers are positive
More interesting types means more interesting judgements!
6
![Page 10: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/10.jpg)
Refinement types
More precise layer of classification beyond -- but correlated with -- the usual types
“Inclusion” or “implication” as subtyping, e.g.:‣ all values are expressions‣ all odd natural numbers are positive
More interesting types means more interesting judgements!‣ … and better representations!
6
![Page 11: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/11.jpg)
exp:type.lam:(exp→exp)→exp.app:exp→exp→exp.
Teaser Example: λ-calculus
7
![Page 12: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/12.jpg)
exp:type.lam:(exp→exp)→exp.app:exp→exp→exp.
eval:exp→exp→type.ev‐lam:eval(lamλx.Ex)(lamλx.Ex)ev‐app:eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
Teaser Example: λ-calculus
7
![Page 13: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/13.jpg)
exp:type.cmp⊏exp.val⊏exp.lam::(val→cmp)→val.val≤cmp.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex)ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
Teaser Example: λ-calculus
7
![Page 14: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/14.jpg)
exp:type.cmp⊏exp.val⊏exp.lam::(val→cmp)→val.val≤cmp.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex)ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
Teaser Example: λ-calculus
7
![Page 15: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/15.jpg)
Example: natural numbers
8
![Page 16: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/16.jpg)
Example: natural numbers
8
nat:type.z:nat.s:nat→nat.
![Page 17: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/17.jpg)
Example: natural numbers
8
nat:type.z:nat.s:nat→nat.
double:nat→nat→type.dbl‐z:doublezz.dbl‐s:double(sN)(s(s(N2)) ←doubleNN2.
![Page 18: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/18.jpg)
Example: natural numbers
8
nat:type.z:nat.s:nat→nat.
double:nat→nat→type.dbl‐z:doublezz.dbl‐s:double(sN)(s(s(N2)) ←doubleNN2.
always even!
![Page 19: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/19.jpg)
Option 1: explicit proofs
Represent evenness and oddness as judgements on natural numbers.
9
![Page 20: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/20.jpg)
Option 1: explicit proofs
Represent evenness and oddness as judgements on natural numbers.
Cumbersome: definitions must be “proof-carrying”, manipulate witnesses.
9
![Page 21: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/21.jpg)
Option 1: explicit proofs
10
![Page 22: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/22.jpg)
Option 1: explicit proofs
10
even:nat→type.odd:nat→type.ev‐z:evenz.ev‐s:even(sN)←oddN.od‐s:odd(sN)←evenN.
![Page 23: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/23.jpg)
Option 1: explicit proofs
10
even:nat→type.odd:nat→type.ev‐z:evenz.ev‐s:even(sN)←oddN.od‐s:odd(sN)←evenN.
double:nat→ΠN2:nat.evenN2→type.dbl‐z:doublezzev‐z.dbl‐s:doubleN(s(sN2))(ev‐s(od‐sDeven)) ←doubleNN2Deven.
![Page 24: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/24.jpg)
Option 2: implicit proofs
Represent even and odd as new types, distinct from the natural numbers.
11
![Page 25: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/25.jpg)
Option 2: implicit proofs
Represent even and odd as new types, distinct from the natural numbers.
Heavyweight: need conversions between various types.
11
![Page 26: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/26.jpg)
Option 2: implicit proofs
12
![Page 27: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/27.jpg)
Option 2: implicit proofs
12
even:type.odd:type.ze:even.se:odd→even.so:even→odd.
![Page 28: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/28.jpg)
Option 2: implicit proofs
12
even:type.odd:type.ze:even.se:odd→even.so:even→odd.
double:nat→even→type.dbl‐z:doublezze.dbl‐s:doubleN(se(soN2)) ←doubleNN2.
![Page 29: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/29.jpg)
Option 2: intrinsic proofs
13
But… need erasures from even and odd to nat
![Page 30: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/30.jpg)
Option 2: intrinsic proofs
13
even2nat:even→nat→type.odd2nat:odd→nat→type.e2n‐ze:even2natzez.e2n‐se:even2nat(seO)(sN) ←odd2natON.o2n‐so:odd2nat(soE)(sN) ←even2natEN.
But… need erasures from even and odd to nat
![Page 31: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/31.jpg)
Option 3: metatheorem
Represent evenness and oddness as judgements (as in Option 1 above).
Prove a Twelf metatheorem: for every doubling derivation, there’s an evenness derivation.
14
![Page 32: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/32.jpg)
Option 3: metatheorem
Represent evenness and oddness as judgements (as in Option 1 above).
Prove a Twelf metatheorem: for every doubling derivation, there’s an evenness derivation.
Problem: less direct, and metatheorem checking is complex.
14
![Page 33: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/33.jpg)
Option 3: metatheorem
15
![Page 34: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/34.jpg)
Option 3: metatheorem
15
even:nat→type.odd:nat→type.%…evz,evs,ods…
![Page 35: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/35.jpg)
Option 3: metatheorem
15
even:nat→type.odd:nat→type.%…evz,evs,ods…
double‐even:doubleNN2→evenN2→type.%modedouble‐even+Ddbl‐Deven‐:double‐evendbl‐zeven‐z‐:double‐even(dbl‐sDdbl)(ev‐s(od‐sDeven)) ←double‐evenDdblDeven.%worlds()(double‐evenDdblDeven).%totalDdbl(double‐evenDdblDeven).
![Page 36: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/36.jpg)
Better option: refinements
Represent evenness and oddness as refinements of the type of natural numbers.
16
![Page 37: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/37.jpg)
Better option: refinements
Represent evenness and oddness as refinements of the type of natural numbers.
Simple: doubling judgement doesn’t change.
16
![Page 38: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/38.jpg)
Better option: refinements
Represent evenness and oddness as refinements of the type of natural numbers.
Simple: doubling judgement doesn’t change.
Lightweight: constructors remain the same.
16
![Page 39: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/39.jpg)
Better option: refinements
Represent evenness and oddness as refinements of the type of natural numbers.
Simple: doubling judgement doesn’t change.
Lightweight: constructors remain the same.
Direct: strong typing guarantee on derivations.
16
![Page 40: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/40.jpg)
Better option: refinements
17
even⊏nat.odd⊏nat.z::even.s::even→odd∧odd→even.
![Page 41: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/41.jpg)
Better option: refinements
17
even⊏nat.odd⊏nat.z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(s(N2)) ←doubleNN2.
![Page 42: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/42.jpg)
Better option: refinements
17
even⊏nat.odd⊏nat.z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(s(N2)) ←doubleNN2.
![Page 43: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/43.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 44: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/44.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 45: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/45.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 46: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/46.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 47: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/47.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 48: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/48.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 49: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/49.jpg)
Better option: refinements
18
z::even.s::even→odd∧odd→even.double::nat→even→type.dbl‐z::doublezz.dbl‐s::double(sN)(s(sN2) ←doubleNN2.
![Page 50: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/50.jpg)
Outline
✓Introduction: MotivationCompleted work‣ LFR type theory and metatheory‣ Higher-sort subsorting
Proposed work‣ Unification‣ Type reconstruction‣ Coverage checkingSummary
19
![Page 51: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/51.jpg)
Adequacy
Does my encoding mean anything?
Strategy: exhibit a compositional bijection between mathematical objects and canonical forms following judgements as types.
‣ “Canonical forms” are β-normal and η-long.
20
![Page 52: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/52.jpg)
Canonical forms method
Represent only the canonical forms:
‣ β-normal syntactically
‣ η-long through typing
‣ hereditary substitutions contract redexes
Simplifies metatheory, emphasizes adequacy
Concurrent LF (Watkins, et al, 2003)
21
![Page 53: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/53.jpg)
LF typing
Bidirectional typing
Synthesis: Γ ⊢ R ⇒ A
‣ elims: R ::= x | c | R N
Checking: Γ ⊢ N ⇐ A
‣ intros: N ::= R | λx. N
22
![Page 54: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/54.jpg)
Checking
Key rule:
23
Γ ⊢ R ⇒ P’ P’ = PΓ ⊢ R ⇐ P
Γ ⊢ N ⇐ A
![Page 55: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/55.jpg)
Checking
Key rule:
‣ base type, so atoms fully applied
23
Γ ⊢ R ⇒ P’ P’ = PΓ ⊢ R ⇐ P
Γ ⊢ N ⇐ A
![Page 56: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/56.jpg)
Checking
Key rule:
‣ base type, so atoms fully applied
‣ the only appeal to type equality
23
Γ ⊢ R ⇒ P’ P’ = PΓ ⊢ R ⇐ P
Γ ⊢ N ⇐ A
![Page 57: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/57.jpg)
Checking with subtyping
Key change:
‣ equality becomes subtyping
‣ subtyping… only at base type?
24
Γ ⊢ R ⇒ P’ P’ ≤ PΓ ⊢ R ⇐ P
Γ ⊢ N ⇐ A
![Page 58: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/58.jpg)
Checking with subtyping
Key change:
‣ equality becomes subtyping
‣ subtyping… only at base type?
24
Γ ⊢ R ⇒ P’ P’ ≤ PΓ ⊢ R ⇐ P
Γ ⊢ N ⇐ A
![Page 59: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/59.jpg)
Intersections
Similar to product types, but no proof term
25
Γ ⊢ N ⇐ A1 Γ ⊢ N ⇐ A2
Γ ⊢ N ⇐ A1 ∧ A2 Γ ⊢ N ⇐ ⊤
Γ ⊢ R ⇒ A1 ∧ A2
Γ ⊢ R ⇒ A1
Γ ⊢ R ⇒ A1 ∧ A2
Γ ⊢ R ⇒ A2
![Page 60: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/60.jpg)
(Refinement restriction)
Sorts: more precise classifiers than types.
‣ subsorting, intersection sorts
Refinement relation: Γ ⊢ S ⊏ A
Only sort-check well-typed terms:
‣ e.g. Γ ⊢ N ⇐ S only sensible if Γ ⊢ N ⇐ Afor some A such that Γ ⊢ S ⊏ A
26
![Page 61: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/61.jpg)
Important principles
Substitution: if Γ, x:A ⊢ N ⇐ B and Γ ⊢ M ⇐ A, then Γ ⊢ [M/x]A N ⇐ B.
Identity: for all A: Γ, x:A ⊢ ηA(x) ⇐ A.
27
![Page 62: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/62.jpg)
Key rule:
‣ Bidirectional: subtyping only at mode switch
‣ Canonical: mode switch only at base type
Γ ⊢ R ⇒ P’ P’ ≤ PΓ ⊢ R ⇐ P
Subtyping
28
Γ ⊢ N ⇐ A
![Page 63: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/63.jpg)
Subtyping at higher types?
Structural rules? e.g.
Distributivity?
29
A2 ≤ A1 B1 ≤ B2 A1 → B1 ≤ A2 → B2
A → (B1 ∧ B2) ≤ (A → B1) ∧ (A → B2)
![Page 64: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/64.jpg)
Subtyping at higher types!
Intrinsic subtyping: if A ≤ B and Γ ⊢ N ⇐ A, then Γ ⊢ N ⇐ B.
30
![Page 65: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/65.jpg)
Subtyping at higher types!
Intrinsic subtyping: if A ≤ B and Γ ⊢ N ⇐ A, then Γ ⊢ N ⇐ B.
Equivalently: if A ≤ B, then Γ, x:A ⊢ ηA(x) ⇐ B.
30
![Page 66: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/66.jpg)
Subtyping at higher types!
Intrinsic subtyping: if A ≤ B and Γ ⊢ N ⇐ A, then Γ ⊢ N ⇐ B.
Equivalently: if A ≤ B, then Γ, x:A ⊢ ηA(x) ⇐ B.
‣ just like the Identity principle!
30
![Page 67: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/67.jpg)
Subtyping at higher types!
Intrinsic subtyping: if A ≤ B and Γ ⊢ N ⇐ A, then Γ ⊢ N ⇐ B.
Equivalently: if A ≤ B, then Γ, x:A ⊢ ηA(x) ⇐ B.
‣ just like the Identity principle!‣… also the Substitution principle …
30
![Page 68: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/68.jpg)
Subtyping at higher types!
Intrinsic subtyping: if A ≤ B and Γ ⊢ N ⇐ A, then Γ ⊢ N ⇐ B.
Equivalently: if A ≤ B, then Γ, x:A ⊢ ηA(x) ⇐ B.
‣ just like the Identity principle!‣… also the Substitution principle …
Usual rules all sound in this sense.
30
![Page 69: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/69.jpg)
Subtyping at higher types‽
… and also complete!
Theorem: if Γ, x:A ⊢ ηA(x) ⇐ B, then A ≤ B.
Or: if Γ ⊢ N ⇐ A implies Γ ⊢ N ⇐ B, then A ≤ B.
31
![Page 70: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/70.jpg)
Subtyping at higher types‽
… and also complete!
Theorem: if Γ, x:A ⊢ ηA(x) ⇐ B, then A ≤ B.
Or: if Γ ⊢ N ⇐ A implies Γ ⊢ N ⇐ B, then A ≤ B.
There are no new subtyping principles.
31
![Page 71: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/71.jpg)
Outline
✓Introduction: Motivation✓Completed work‣ LFR type theory and metatheory‣ Higher-sort subsorting
Proposed work‣ Unification‣ Type reconstruction‣ Coverage checkingSummary
32
![Page 72: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/72.jpg)
Proposed work
Want: a usable framework!
33
![Page 73: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/73.jpg)
Proposed work
Want: a usable framework!
Need: type reconstruction…
33
![Page 74: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/74.jpg)
Proposed work
Want: a usable framework!
Need: type reconstruction…
Depends on: unification…
33
![Page 75: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/75.jpg)
Proposed work
Want: a usable framework!
Need: type reconstruction…
Depends on: unification…
Useful for: coverage checking…
33
![Page 76: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/76.jpg)
Unification
34
bool:type.t⊏bool.f⊏bool.
true::t.false::f.and::t→t→t ∧t→f→f ∧f→t→f ∧f→f→f.
![Page 77: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/77.jpg)
Unification
Suppose X::f
34
bool:type.t⊏bool.f⊏bool.
true::t.false::f.and::t→t→t ∧t→f→f ∧f→t→f ∧f→f→f.
![Page 78: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/78.jpg)
Unification
Suppose X::f
X≐andMN?
34
bool:type.t⊏bool.f⊏bool.
true::t.false::f.and::t→t→t ∧t→f→f ∧f→t→f ∧f→f→f.
![Page 79: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/79.jpg)
Unification
Suppose X::f
X≐andMN?
‣ X:=andX1X2
34
bool:type.t⊏bool.f⊏bool.
true::t.false::f.and::t→t→t ∧t→f→f ∧f→t→f ∧f→f→f.
≐≐
![Page 80: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/80.jpg)
Unification
Suppose X::f
X≐andMN?
‣ X:=andX1X2
‣ but X1::?,X2::?… three incomparable possibilities!
34
bool:type.t⊏bool.f⊏bool.
true::t.false::f.and::t→t→t ∧t→f→f ∧f→t→f ∧f→f→f.
≐≐
![Page 81: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/81.jpg)
Unification
Solution? unify as usual, but maintain typing constraints.
‣Kohlhase and Pfenning (1993) usedsubtyping constraints.
35
![Page 82: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/82.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
![Page 83: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/83.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
![Page 84: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/84.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
![Page 85: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/85.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
X::evenX::odd
![Page 86: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/86.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
X::evenX::odd
![Page 87: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/87.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
X::evenX::odd
Y::evenY::odd
![Page 88: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/88.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
X::evenX::odd
Y::evenY::odd
![Page 89: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/89.jpg)
Type reconstruction
36
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::smart‐eqXY→dumb‐eqXY.
X::evenX::odd
Y::evenY::odd
![Page 90: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/90.jpg)
eq:nat→nat→type.smart‐eq⊏eq::even→even→sort ∧odd→odd→sort.dumb‐eq⊏eq::⊤→⊤→sort.
coerce::ΠX::even.ΠY::even. smart‐eqXY→dumb‐eqXY ∧ΠX::odd.ΠY::odd. smart‐eqXY→dumb‐eqXY.
Type reconstruction
36
![Page 91: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/91.jpg)
Type reconstruction
Typical strategy: consider all possibilities, prune along the way.
Does this always work?
37
![Page 92: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/92.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
![Page 93: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/93.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 94: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/94.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 95: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/95.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 96: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/96.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 97: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/97.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 98: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/98.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 99: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/99.jpg)
Coverage checking
38
exp:type.cmp⊏exp.val⊏exp.val≤cmp.lam::(val→cmp)→val.app::cmp→cmp→cmp.
eval::cmp→val→sort.ev‐lam::eval(lamλx.Ex)(lamλx.Ex).ev‐app::eval(appE1E2)V ←evalE1(lamλx.E1’x) ←evalE2V2 ←eval(E1’V2)V.
![Page 100: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/100.jpg)
Coverage checking
Key idea: leverage precise sort information.
Interesting interactions with type reconstruction…
39
![Page 101: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/101.jpg)
Summary
Completed:‣ LFR type theory and metatheory‣ Interpretations of higher-type subtyping
Proposed:‣ Make a usable framework by specifying
unification and type reconstruction.‣ Head start on metatheorem proving with
coverage checking.40
![Page 102: Refinement Types for LF - cs.cmu.eduwlovas/papers/proposal-slides.pdf · Automating reason Better representations 㱺 better automation We can look at the current field of problem](https://reader031.vdocuments.mx/reader031/viewer/2022011923/605ca7d83ddd5419f8198e73/html5/thumbnails/102.jpg)
Summary
Thesis: Refinement types are a useful and practical addition to the logical framework LF.
Better representations will make LF a better tool.
41
(brilliant!)