%%% This is the scribe notes template for CS611 %%% There are several comments preceded by CS611: and boxed in %%%%'s %%% which indicate where macros should be altered to set up the header %%% for the paper. Your Notes should go at the comment SCRIBE NOTES GO HERE!. %%% In the various .sty files that accompany this .tex file you will %%% find LaTeX macros that make it easier to typeset inference rules %%% and programming language constructs. You must make sure that the %%% file proof.sty is in a path searched by LaTeX when you try to %%% use this file. Take a look to see what macros are available--it %%% will save you time and make the notes look better. Feel free to %%% extend the set of macros--post them to the newsgroup and contact %%% the course staff if you come up with some good ones so they can be %%% added to the template. %%% This template includes examples of hyow to use some of the macros %%% to give you an idea of how they work. (Delete the examples when %%% you do your scribing.) \documentclass{article} \usepackage{611-lecture} \usepackage{amsmath,amssymb,amsthm,amsfonts} \renewcommand\emptyset\varnothing \newcommand{\inL}{\ensuremath{\mathsf{inL}}} \newcommand{\inR}{\ensuremath{\mathsf{inR}}} \newcommand\caseof[3]{\mathsf{case}~{#1}~\mathsf{of}~{#2}~|~{#3}} \newtheorem{theorem}{Theorem} \newtheorem{lemma}[theorem]{Lemma} \newtheorem{proposition}[theorem]{Proposition} \newtheorem{corollary}[theorem]{Corollary} \newtheorem{definition}[theorem]{Definition} \newcommand{\Z}{\mathbb{Z}} \newcommand{\group}[1]{\left\langle{#1}\right\rangle} %\theoremstyle{definition} %\newtheorem*{defn}{Definition} \newcommand{\nondet}{\left[\!\kern1pt\right]} \renewcommand\phi\varphi \renewcommand\wp[2]{\mathsf{wp}~{#1}~{#2}} \newcommand\wlp[2]{\mathsf{wlp}~{#1}~{#2}} \renewcommand\({\begin{eqnarray*}} \renewcommand\){\end{eqnarray*}} \newcommand\LOOKUP[2]{\mathrm{LOOKUP}~{#1}~{#2}} \newcommand\UPDATE[3]{\mathrm{UPDATE}~{#1}~{#2}~{#3}} \newcommand\MALLOC[2]{\mathrm{MALLOC}~{#1}~{#2}} \newcommand\EMPTY{\mathrm{EMPTY\mbox{-}STORE}} \renewcommand\dom[1]{\mathrm{dom}\,{#1}} \newcommand\p[2]{\langle{#1},\,{#2}\rangle} \newcommand\bigcdot{\mathrel{\raisebox{1pt}{$\scriptscriptstyle\bullet$}}} \newcommand\holed[1]{[\,#1\,]} \newcommand\hole{\holed\bigcdot} \newcommand\context[1]{E\kern1pt\holed{#1}} \newcommand\contextHole{\context\bigcdot} \newcommand\goesto[2]{\underset{#2}{\overset{#1}\to}} \newcommand\ifthenelse[3]{\mathsf{if\ }#1\mathsf{\ then\ }#2\mathsf{\ else\ }#3} \newcommand\ifpthenelse[3]{\mathsf{ifp\ }#1\mathsf{\ then\ }#2\mathsf{\ else\ }#3} \newcommand\whiledo[2]{\mathsf{while\ }#1\mathsf{\ do\ }#2} \newcommand\letin[3]{\mathsf{let\ }#1 = #2\mathsf{\ in\ }#3} \newcommand\letrec[5]{\mathsf{letrec\ }#1 = #2\mathsf{\ and\ \ldots\ and\ }#3 = #4\mathsf{\ in\ }#5} \newcommand\letrecone[3]{\mathsf{letrec\ }#1 = #2\mathsf{\ in\ }#3} \newcommand\true{\ensuremath{\mathsf{true}}} \newcommand\false{\ensuremath{\mathsf{false}}} \newcommand\error{\ensuremath{\mathsf{error}}} \newcommand\pca[3]{\{#1\}\kern1pt{#2}\kern1pt\{#3\}} \newcommand\states{\Set{St}} \newcommand\rtc{^{\textstyle *}} \newcommand\sat\vDash \newcommand\force\vdash \newcommand\hyphen{\mbox{-}} \newcommand\lookup[2]{\nm{LOOKUP}~#1~\mquote{#2}} \newcommand\update[3]{\nm{UPDATE}~#1~\mquote{#2}~#3} \newcommand\SBk[1]{\SB{#1}k} \newcommand\fix[1]{\mathsf{fix}\,{#1}} \newlength\reasonwidth \setlength\reasonwidth{3cm} \newcommand\reasoning[1]{\def\longest{#1}\settowidth{\reasonwidth}{$\displaystyle\longest$}\addtolength{\reasonwidth}{5mm}} \newcommand\reason[2]{\makebox[\reasonwidth][l]{$\displaystyle{#1}$}\mbox{#2}} \renewcommand\inj[1]{\mathsf{in}_{#1}} \newcommand\proj[1]{\pi_{#1}} \newcommand{\dlt}{\sqsubseteq} \newcommand\floor[1]{\lfloor{#1}\rfloor} \newcommand\cf[1]{[\kern1pt{#1}\kern1pt]} \newcommand\SBpr[1]{\SB{#1}\,\phi\,\rho} \renewcommand\C[3]{\Tr C{#1}\kern1pt{#2}\kern1pt{#3}} \renewcommand\Cr[1]{\C{#1}\Gamma\rho} \newcommand\judge[3]{{#1}\force{#2}:{#3}} \newcommand\Gjudge[2]{\judge\Gamma{#1}{#2}}% \newcommand\forceUSN{\mathrel{\makebox[2pt][l]{$\force$}\raisebox{-3pt}[0pt][0pt]{\tiny{\textit{USN}}}}} \newcommand\judgeUSN[3]{{#1}\forceUSN{#2}:{#3}} \renewcommand\C[3]{\Tr C{#1}\kern1pt{#2}\kern1pt{#3}} \renewcommand\Cr[1]{\C{#1}\Gamma\rho} \newcommand\Irred[1]{\ensuremath{\mathrm{Irred}(#1)}} \newcommand\seq[3]{#1_{#2},\ldots,#1_{#3}} \newenvironment{proofof}[1]{\addtolength{\topsep}{1mm}\begin{trivlist}\item[]\hspace{\parindent}{\em Proof of #1.}}{\qed\end{trivlist}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%% CS611: Please fill in these macros as appropriate: \lecture{26} %% Lecture number \title{Strong Normalization} %% Title of lecture %\author{Jonathan Kaldor, Ian Kash} %% name of scribes \date{1 November 2006} %% Date of lecture, e.g., 1 January 2001 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % See 611.sty for a variety of macros that will be helpful in % typesetting the lecture. Here are a few of particular interest: % % ``x" x in keyword font (e.g., "if", "#t") % _x_ x in italics % \nm{n} n in slanted font (used for abbreviations) % e in angle brackets % \lt less-than sign % \gt greater-than sign % \SB{x} x in semantic brackets % \Tr x{y} x[[y]] with x in calligraphic font % (if x is more than a single character, use \Tr{x}{y}) \begin{document} \maketitle %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%% CS611: SCRIBE NOTES GO HERE! %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \section{Introduction} In Lecture 24, we proved that each term in the simply typed $\lambda$-calculus would never get stuck. Today, we want to show that it will actually terminate. This property is known as _strong normalization_. Formally, we want to prove that if $\judge{}e\tau$, then $e\Downarrow$. We will prove this by induction, but we will need a fairly sophisticated induction hypothesis that takes both the typing and the reduction order into account. We cannot just do induction on the subterm relation. For example, even if $e_1$ and $e_2$ terminate, we cannot conclude that $e_1~e_2$ does: consider $e_1=e_2=\lam x{xx}$. \section{Church vs.~Curry} We will prove this theorem in the pure simply-typed $\lambda$-calculus in Curry style. This differs from Church style in that the binding occurrence of a variable in a $\lambda$-abstraction is not annotated with its type. Let $\alpha,\beta,\ldots$ denote type variables, $x,y,\ldots$ term variables, $\sigma,\tau,\ldots$ types, and $d,e,\ldots$ terms. In the Curry-style simply typed $\lambda$-calculus, terms and types are defined by \( e\ \ ::=\ \ x \bnf e\,d \bnf \lam xe &\qquad& \tau\ \ ::=\ \ \alpha \bnf \sigma\to\tau \) and the typing rules are \( \judge{\Gamma,\,x\ty\tau}x\tau \qquad \frac{\Gjudge e{\sigma\to\tau}\quad\Gjudge d\sigma}{\Gjudge{(e\,d)}\tau} \qquad \frac{\judge{\Gamma,\,x\ty\sigma}e\tau}{\Gjudge{(\lam xe)}{\sigma\to\tau}} \) Note that in Church style, a closed term can have at most one type, but in Curry style, if it has any type at all, then it has infinitely many. For example, $\judge{}{\lam xx}{((\alpha\to\beta)\to\gamma)\to((\alpha\to\beta)\to\gamma)}$. In general, if $\judge{}e\tau$, then also $\judge{}e{\tau'}$, where $\tau'$ is any substitution instance of $\tau$. A term $e$ is _typable_ if there exists a type environment $\Gamma$ and a type $\tau$ such that $\Gjudge e\tau$. One can show by induction that if $\Gjudge e\tau$, then $\FV e\subseteq\dom\Gamma$. \section{Strong Normalization} By the Church--Rosser theorem, normal forms are unique up to $\alpha$-equivalence, so any two reduction strategies starting from the same term that terminate must yield the same result up to $\alpha$-equivalence. However, there may be some strategies that terminate and some that do not. A term is _strongly normalizing_ (SN) if all $\beta$-reduction sequences starting from that term converge to a normal form; equivalently, if there is no infinite $\beta$-reduction sequence starting from that term. Our main theorem is \begin{theorem} \label{thm:SN} All typable terms are strongly normalizing. \end{theorem} \subsection{Ultra-Strong Normalization} We say that a term $e$ is \emph{ultra-strongly normalizing with respect to $\Gamma$ and $\sigma$} and write $\judgeUSN\Gamma e\sigma$ if \begin{enumerate} \renewcommand\labelenumi{(\roman{enumi})} \item $\judge\Gamma e\sigma$ \item for all $n\geq 0$, if $\sigma$ is of the form $\sigma_1\to\sigma_2\to\cdots\to\sigma_n\to\tau$ and $\judgeUSN\Gamma{e_i}{\sigma_i}$, $1\leq i\leq n$, then $e~e_1~e_2~\cdots~e_n$ is SN. \end{enumerate} A term $e$ is \emph{ultra-strongly normalizing} (USN) if it is ultra-strongly normalizing with respect to some $\Gamma$ and $\sigma$. The definition of the relation $\forceUSN$ may seem circular, but it is not: $\judgeUSN\Gamma e\sigma$ is defined in terms of $\judgeUSN\Gamma{e_i}{\sigma_i}$, where the $\sigma_i$ are strict subexpressions of $\sigma$, so it is well-defined by structural induction on types. Almost all the work we need to do is contained in the following lemma: \begin{lemma} \label{lem:SN} Let $\seq x1n$ be distinct variables. If \begin{enumerate} \renewcommand\labelenumi{\emph{(\roman{enumi})}} \item $\judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}e\tau$, \item $\judgeUSN\Gamma{d_i}{\sigma_i}$, $1\leq i\leq n$, and \item $x_j\notin\FV{d_i}$ for $j\gt i$, \end{enumerate} then $\judgeUSN\Gamma{\subst{\subst e{d_1}{x_1}\cdots}{d_n}{x_n}}\tau$. \end{lemma} \begin{proof} Suppose the three premises (i)--(iii) hold. The proof is by induction on the structure of $e$. \paragraph{Case 1} Variable $x$. \paragraph{Case 1A} $x=x_i$ for some $i$. We have $\tau=\sigma_i$ by assumption (i) and $\subst{\subst x{d_1}{x_1}\cdots}{d_n}{x_n}=d_i$ by assumption (iii). The desired conclusion is therefore $\judgeUSN\Gamma{d_i}{\sigma_i}$, which follows from assumption (ii). \paragraph{Case 1B} $x\notin\{\seq x1n\}$. We have $\judge\Gamma x\tau$ by assumption (i), and $\subst{\subst x{d_1}{x_1}\cdots}{d_n}{x_n}=x$. The desired conclusion is therefore $\judgeUSN\Gamma x\tau$. We already have $\judge\Gamma x\tau$, so we need only show that $x~e_1~\cdots~e_m$ is SN for all appropriately typed USN terms $e_i$. But in any infinite $\beta$-reduction sequence starting from $x~e_1~\cdots~e_m$, every reduction must be inside one of the $e_i$, since there are no other $\beta$-redexes; therefore some $e_i$ must contain an infinite subsequence. But this is impossible, since the $e_i$ are USN. \paragraph{Case 2} Application $e_1~e_2$. For some type $\sigma$, \begin{eqnarray} \lefteqn{\judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}{(e_1~e_2)}\tau}\nonumber\\ &\Rightarrow& \judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}{e_1}{\sigma\to\tau}\ \wedge\ \judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}{e_2}\sigma\nonumber\\ &\Rightarrow& \judgeUSN\Gamma{\subst{\subst{e_1}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma\to\tau}\ \wedge\ \judgeUSN\Gamma{\subst{\subst{e_2}{d_1}{x_1}\cdots}{d_n}{x_n}}\sigma\label{eqn:SN0} \end{eqnarray} by the induction hypthesis. By clause (i) in the definition of USN, this implies \( \lefteqn{\judge\Gamma{\subst{\subst{e_1}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma\to\tau}\ \wedge\ \judge\Gamma{\subst{\subst{e_2}{d_1}{x_1}\cdots}{d_n}{x_n}}\sigma}\\ &\Rightarrow& \judge\Gamma{\subst{\subst{(e_1~e_2)}{d_1}{x_1}\cdots}{d_n}{x_n}}\tau\hspace{5cm}. \) This establishes clause (i) in the definition of USN for $e_1~e_2$. For clause (ii), we must show that if $\tau=\tau_3\to\cdots\to\tau_m$ and if $\judgeUSN\Gamma{e_i}{\tau_i}$ for $3\leq i\leq m$, then \begin{eqnarray} \lefteqn{\subst{\subst{(e_1~e_2)}{d_1}{x_1}\cdots}{d_n}{x_n}~e_3~\cdots~e_m}\nonumber\\ &=& (\subst{\subst{e_1}{d_1}{x_1}\cdots}{d_n}{x_n})~(\subst{\subst{e_2}{d_1}{x_1}\cdots}{d_n}{x_n})~e_3~\cdots~e_m\label{eqn:SN1} \end{eqnarray} is SN. But by (\ref{eqn:SN0}), \( && \judgeUSN\Gamma{\subst{\subst{e_1}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma\to\tau_3\to\cdots\to\tau_m}\\ && \judgeUSN\Gamma{\subst{\subst{e_2}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma}\\ && \judgeUSN\Gamma{e_i}{\tau_i},\quad 3\leq i\leq m, \) thus (\ref{eqn:SN1}) is SN. This proves that $\judgeUSN\Gamma{\subst{\subst{(e_1~e_2)}{d_1}{x_1}\cdots}{d_n}{x_n}}\tau$. \paragraph{Case 3} Abstraction $\lam xe$. We can assume without loss of generality that $\lam xe$ has been $\alpha$-converted so that $x\notin\FV{d_i}$ and $x\neq x_i$ for any $i$, $1\leq i\leq n$. Instead of $x$, let us call this bound variable $x_{n+1}$. Then for some $\sigma_{n+1}$, we have \begin{enumerate} \renewcommand\labelenumi{(\roman{enumi})} \item $\judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}{(\lam{x_{n+1}}e)}{\sigma_{n+1}\to\tau}$, \item $\judgeUSN\Gamma{d_i}{\sigma_i}$, $1\leq i\leq n$, and \item $x_j\notin\FV{d_i}$ for $j\gt i$ (including $j=n+1$), \end{enumerate} and we wish to show $\judgeUSN\Gamma{\subst{\subst{(\lam{x_{n+1}}e)}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma_{n+1}\to\tau}$. Starting from assumption (i), we have \( \lefteqn{\judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}{(\lam{x_{n+1}}e)}{\sigma_{n+1}\to\tau}}\\ &\Rightarrow& \judge{\Gamma,\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1,\,x_{n+1}:\sigma_{n+1}}e\tau\\ &\Rightarrow& \judge{\Gamma,\,x_{n+1}:\sigma_{n+1},\,x_n:\sigma_n,\,\ldots,\,x_1:\sigma_1}e\tau. \) If $d_{n+1}$ is any term such that $\judgeUSN\Gamma{d_{n+1}}{\sigma_{n+1}}$, then by the induction hypothesis we have both \begin{eqnarray} && \judgeUSN{\Gamma,\,x_{n+1}:\sigma_{n+1}}{\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n}}\tau\label{eqn:SN2}\\ && \judgeUSN\Gamma{\subst{\subst{e}{d_1}{x_1}\cdots}{d_{n+1}}{x_{n+1}}}\tau.\label{eqn:SN3} \end{eqnarray} For clause (i) in the definition of USN, starting from (\ref{eqn:SN2}), we have \reasoning{\judge\Gamma{\subst{\subst{(\lam{x_{n+1}}e)}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma_{n+1}\to\tau}} \( \lefteqn{\judge{\Gamma,\,x_{n+1}:\sigma_{n+1}}{\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n}}\tau}\\ &\Rightarrow& \judge\Gamma{\lam{x_{n+1}}{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})}}{\sigma_{n+1}\to\tau}\\ &\Rightarrow& \reason{\judge\Gamma{\subst{\subst{(\lam{x_{n+1}}e)}{d_1}{x_1}\cdots}{d_n}{x_n}}{\sigma_{n+1}\to\tau}}{since $x_{n+1}\notin\FV{d_i}$.} \) For clause (ii), we wish to show that if in addition to the assumptions (i)--(iii) above, $\tau=\sigma_{n+2}\to\cdots\to\sigma_m\to\rho$ and $\judgeUSN{\Gamma}{d_i}{\sigma_i}$, $n+1\leq i\leq m$, then \( \lefteqn{\subst{\subst{(\lam{x_{n+1}}e)}{d_1}{x_1}\cdots}{d_n}{x_n}~d_{n+1}~\cdots~d_m}\\ &=& (\lam{x_{n+1}}{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})})~d_{n+1}~\cdots~d_m \) is SN. Consider any infinite reduction sequence starting from this term. We know that $\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n}$ is SN by (\ref{eqn:SN2}), and we know that the $d_i$ are SN by assumption, $n+1\leq i\leq m$. Therefore, eventually a head reduction must be performed: \( \lefteqn{(\lam{x_{n+1}}{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})})~d_{n+1}~\cdots~d_m}\\ &\stackrel*\to& (\lam{x_{n+1}}{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})'})~d_{n+1}'~\cdots~d_m'\\ &\to& \subst{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})'}{d_{n+1}'}{x_{n+1}}~d_{n+2}'~\cdots~d_m'. \) But we could have done the head reduction initially: \( \lefteqn{(\lam{x_{n+1}}{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})})~d_{n+1}~\cdots~d_m}\\ &\to& \subst{\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n}}{d_{n+1}}{x_{n+1}}~d_{n+2}~\cdots~d_m\\ &\stackrel*\to& \subst{(\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n})'}{d_{n+1}'}{x_{n+1}}~d_{n+2}'~\cdots~d_m', \) leading to an infinite reduction sequence from $\subst{\subst{\subst{e}{d_1}{x_1}\cdots}{d_n}{x_n}}{d_{n+1}}{x_{n+1}}~d_{n+2}~\cdots~d_m$. But this contradicts (\ref{eqn:SN3}). \end{proof} \begin{proofof}{Theorem \ref{thm:SN}} Any typable term is USN: take $n=0$ in Lemma \ref{lem:SN}. Any term that is USN is SN: take $n=0$ in the definition of USN. \end{proofof} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \end{document}