A Recursive Path Ordering for Higher-Order Terms in ... - CiteSeerX

A Recursive Path Ordering for Higher-Order Terms in -Long -Normal Form? Jean-Pierre Jouannaudy ?? and Albert Rubioz LRI, Bat. 490, CNRS/Universite de Paris Sud, 91405 Orsay, FRANCE Email: [email protected] z Technical University of Catalonia, Pau Gargallo 5, 08028 Barcelona, SPAIN Email: [email protected] y

Abstract: This paper extends the termination proof techniques based on rewrite orderings to a higher-order setting, by de ning a recursive path ordering for simply typed higher-order terms in -long -normal form. This ordering is powerful enough to show termination of several complex examples.

1 Introduction Higher-order rewrite rules are used in various programming languages and logical systems with two dierent meanings. Some functional languages like ML or type theories like the calculus of inductive constructions use higher-order rewrite rules to de ne functions or recursors by rst-order pattern matching. In this setting termination is known to be satis ed when all rules follow a generalized form of a primitive recursive schema of higher type [9, 1, 10]. In functional languages like Elf, or theorem provers like Isabelle, higher-order rewrite rules de ne functions by higher-order pattern matching. Higher-order rewriting in this sense enjoys a theory which parallels the usual theory of rst-order rewriting. In particular, the main property of rst-order rewriting, the critical pair lemma, still holds for some restricted cases [16]. On the negative side, this framework lacks adequate termination proof methods. The only results that we know of [13, 14, 4] are far from meeting the practical needs. Computer systems like RRL [11], Saturate [17] or CiME [15] make available semi-automated techniques for proving termination of rst-order rewrite rules by comparing their left and right hand sides in some reduction ordering, of which the most popular one is the recursive path ordering [5]. Its principle is to generate recursively an ordering on terms from a user-de ned ordering on function symbols called a precedence. This work was partly supported by the ESPRIT Basic Research Action CCL and the EU Human Capital and Mobility Network Console. A preliminary version is published in the proceedings of the 7th International Conference on Rewriting Techniques and Applications, Lecture Notes In Computer Science 1103, Springer Verlag. ?? This work results from a stay of the author at the Technical University of Catalonia. ?

Our goal is to develop similar techniques for the higher-order case, thus further closing the gap between the practical needs and the existing results [13, 14, 4]. These orderings will of course need to be compatible with the underlying typed -calculus. Since higher-order pattern matching is used, compatibility with -conversion implies that the ordering operates on -equivalence classes of terms. This can be achieved by de ning an ordering on canonical representatives, like terms in -normal -long form. Our contribution is precisely the de nition of a recursive path ordering for higher-order terms operating on terms in -normal -long form. This ordering extends, on one hand a precedence on the function symbols, on the other hand a well-founded ordering on the type structure compatible with the signature, that is, such that the output type of any function symbol should be bigger than or equal to its arguments type. Terms are compared by type rst, then by head function symbol, before the comparison can proceed recursively. In practice, the ordering on types can itself be a recursive path ordering generated by an arbitrary precedence between the basic types and the arrow, or by interpreting a type expression by its maximal basic type. Several examples are carried out. This idea of extending a recursive path ordering to higher-order terms in long -normal form was rst explored in [13]. The authors restricted their study to patterns in the sense of Miller, and this restriction survived in subsequent work [12, 14]. We were able to get rid of this super ous assumption by proving the properties of our ordering for ground terms. For instance, we prove that (a rst approximation of) our ordering enjoys the subterm property for ground terms. This does not contradict the fact that a term X (a) is not greater than a under our ordering on terms in -long -normal form. The point is that the term X (a) has ground instances whose -long -normal form is not a superterm of a. A similar phenomenon occurs regarding the monotonicity property. Finally these properties on ground terms together with stability under ground substitutions and well-foundedness for ground terms ensure the correctness of the ordering as a termination proof method. Our ordering is no panacea, unfortunately. There are many important examples such as the apply function or Godels recursors that cannot be oriented with our current de nition. A careful analysis points at a potential remedy, an original, powerful notion of higher-order subterm discussed in [12]. We believe that its use in our de nition would overcome the limitations of our current proposal. Our framework is described in section 2 and the ordering in section 3. Section 4 is devoted to compatible orderings on types and examples of application. A comparison with previous work is given in section 5 and conclusions and future work in section 6. We expect the reader to be familiar with the basic concepts and notations of term rewriting systems [6] and typed lambda calculi [2, 3]. 2

2 Algebraic -Terms To introduce the language we are going to investigate, we de ne successively types, terms, typing rules, and computation rules. For simplicity, we consider only one type operator, namely !, although our results accommodate other type operators as well, e.g., product types and sum types.

2.1 Types

We are rst given a set S of sorts. The set TS of types is generated from the set of sorts (or basic types) by the constructor ! for functional types: TS := S j (TS ! TS ) In the following, we use ;  and  to denote types. Type declarations are expressions of the form 1  : : :  n ! , where 1 ; : : : ; n ;  are types. Types occurring before the arrow are called input types, while the type occurring after the arrow is called the output type. The latter is assumed to be a sort. Type declarations are not types, although they are used for typing purposes.

2.2 Signature We are given a set of function symbols which are meant to be algebraic operators, equipped with a xed number n of arguments (called the arity) of respective types 1 ; : : : ; n , and an output type (thereafter assumed to be a sort) :

F=

[

1 ;:::;n ;

F1 :::n !

We will assume that there are nitely many symbols of a given output type .

2.3 Terms

The set of untyped terms is generated from a denumerable set X of variables according to the grammar: T := X j (X :T ) j T (T ) j F (T ; : : : ; T ) u(v) denotes the application of u to v. We write u(v1 ; : : : ; vn ) for u(v1 ) : : : (vn ), and may sometimes identify the rst order variable x with x(). We use V ar(t) for the set of free variables of t, and BV ar(t) for its set of bound variables. We may assume for convenience (and without furthet notice) that bound variables in a term are all dierent, and are dierent from the free ones. Terms are identi ed with nite labelled trees by considering x:, for each variable x, as a unary function symbol x. Positions are strings of positive integers.  and
denote respectively the empty string (root position) and the concatenation of strings. The latter may sometimes be omitted. The subterm of 3

t at position p is denoted by tjp , and we write t  tjp . The result of replacing tjp at position p in t by u is denoted by t[u]p . We use t[u] to indicate that u is a subterm of t. Substitutions are written as in fx1 7! t1 ; : : : ; xn 7! tn g where ti is assumed dierent from xi . We use the letter for substitutions and post x notation for their application. Remember that substitutions behave as endomorphisms de ned on free variables (avoiding captures). We will also use the notation s to denote a list of terms s1 ; : : : ; sn .

2.4 Typing Rules Typing rules restrict the set of terms by constraining them to follow a precise discipline. Environments are sets of pairs of the form x : , where x is a variable and  is a type. Our typing judgements are written as ? ` M :  if the term M can be proved to have the type  in the environment ? :

X:2? ? ` X: Functions: F : 1  : : :  n !? `2FF(t ;?: : :`; t t)1 :: 1 : : : ? ` tn : n 1 n

Variables:

Abstraction:

? [ fx : g ` M :  ? ` (x : :M ) :  ! 

Application:

? [ fx : g ` M :  !  ? ` M (N ) :  ? ` N :

A term M has type  in the environment ? if ? ` M :  is provable in the above inference system. A term M is typable in the environment ? if there exists a (necessarily unique) type  such that M has type  in the environment ? . A term M is typable if it is typable in some environment ? .

2.5 -Long -Normal Forms Two particular equations originate from the -calculus, - and -equality: (x:v)(u) = ufx 7! vg

x:u(x) = u

We use ! for the congruence generated by these two equations. The rst is easily oriented to give the -reduction rule below. For the second, there is a choice, either from left to right yielding -reduction, or from right to left yielding -expansion. The second choice has well-known advantages [7], but -expansion must be restricted so as to ensure termination, and, as a result, it is not a 4

congruence. This is why we need to spell out in which context an -expansion applies: (x:v)(u) ?! ufx 7! vg

8u :  !  >< ar(u) C [u]p ?! C [x:u(x)]p if > xu 62is Vnot : C [u]jq isannotabstraction an application in case p = q
1

The simply typed -calculus is con uent and terminating with respect to reductions, and with respect to -reductions and -expansions as well. We write s# for the unique -normal form of a term, and u l or simply s# for its unique normal form with respect to -reductions and -expansions, also called -long normal form. We will say that s is normalized when s = s#. Since the two rules are con uent, -long -normal forms can be obtained by -normalization followed by -expansion. As a consequence, these normal forms satisfy the following property, which justi es the terminology: Lemma 1. -Long -normal forms are of the form x1 : : : xm :F (u1 ; : : : ; un), for some m  0, F 2 F [ X and terms u1; : : : ; un in -long -normal form themselves, such that F (u1 ; : : : ; un ) is of basic type. Corollary 2. Let s; t be two normalized terms such that sjp and t have the same type. Then s[t]p is in -long -normal form. The use of the extensionality rule as an expansion, and the assumption that the output type of each algebraic symbol is a basic type allows us to hide applications except when F 2 X . Abstraction-free normalized terms will be called algebraic. Algebraic terms are rst-order when they do not contain higher-order variables. One advantage of -expansions is that higher-order algebraic terms look and sometimes behave as rst-order ones.

2.6 Higher-Order Rewrite Rules

A (possibly higher-order) term rewriting system is a set of rewrite rules R = f?i : li ! ri gi , where li and ri are normalized terms such that li and ri have the same type i in the environment ?i . Given a term rewriting system R, a normalized term s rewritesp to a term t at position p with the rule l ! r and the substitution , written s ?! t, or simply s !R t, if sjp !  l and t = s[r #]p . l!r By corollary 2 t is normalized since s is. Such a term s is called reducible (with respect to R). l is a redex in s, and t is the reduct of s. Irreducible terms are said to be in R-normal form. A substitution is in R-normal form if x is in R-normal form for all x. We denote by !R the re exive, transitive closure of the rewrite relation !R , and by !R its re exive, symmetric, transitive closure. A rewrite relation ! is terminating (or strongly normalizing) if all terms are strongly normalizable, in which case it is called a reduction. It is con uent if s ?! u and s ?! v implies that u ?! t and v ?! t for some t. 5

2.7 Example 1 : Sorting The following example presents a set of rewrite rules de ning the insertion algorithm for the (ascending or descending) sort of a list of natural numbers. Note that the left and right hand sides of each rule are normalized terms. S = fNat; Listg; FList = fnilg; FNatNat!Nat = fmax; ming; FNatList!List = fconsg; FNatList(NatNat!Nat)(NatNat!Nat)!List = finsertg; FList(NatNat!Nat)(NatNat!Nat)!List = fsortg; FList!List = fascending sort; descending sortg; XNatNat!Nat = fX; Y g:

max(0; x) ! x max(x; 0) ! x max(s(x); s(y)) ! s(max(x; y))

min(0; x) ! 0 min(x; 0) ! 0 min(s(x); s(y)) ! s(min(x; y))

insert(n; nil; xy:X (x; y); xy:Y (x; y)) ! cons(x; nil) insert(n; cons(m; l); xy:X (x; y); xy:Y (x; y)) ! cons(X (n; m); insert(Y (n; m); l; xy:X (x; y); xy:Y (x; y))) sort(nil; xy:X (x; y); xy:Y (x; y)) ! nil sort(cons(n; l); xy:X (x; y); xy:Y (x; y)) ! insert(n; sort(l; xy:X (x; y); xy:Y (x; y)); xy:X (x; y); xy:Y (x; y)) ascending sort(l) ! sort(l; xy:min(x; y); xy:max(x; y)) descending sort(l) ! sort(l; xy:max(x; y); xy:min(x; y))

2.8 Rewrite Orderings We will make intensive use of well-founded monotonic (possibly total) orderings for proving strong normalization properties. We will use the vocabulary of rewrite systems for orderings: rewrite orderings are monotonic orderings, and reduction orderings are in addition well-founded. Monotonicity of > is de ned as u > v implies s[u ]p > s[v ]p for all terms s, positions p and substitutions for which this makes sense. A quasi reduction ordering is made of a reduction ordering for its strict part, and a congruence for its equivalence. Totality means that any two terms are comparable. (Quasi-) reduction orderings are used to prove termination of rewrite systems by simply comparing the left and right hand sides of rules. The following results will play a key role, see [6]: Assume !1 and !2 are orderings on sets S1 ; S2 , whose strict part are wellfounded. Then (!1 ; !2 )lex is an ordering on S1  S2 whose strict part is wellfounded. Assume !1 and !2 are orderings on sets S1 ; S2 whose strict part is wellfounded. Then (s1 ; s2 )(!1 ; !2 )mon (t1 ; t2 ) i s1 !1 t1 and s2 !2 t2 is an ordering on S1  S2 whose strict part is well-founded. Assume > is an ordering on a set S whose strict part is well-founded. Then >mul is an ordering on the set of multisets of elements of S whose strict part is 6

well-founded. It is de ned as the transitive closure of the following relation on multisets (using [ for multiset union): M [ fsg >> M [ ft1 ; : : : ; tn g if s > ti 8i 2 [1::n] Finally, we will also make use of simpli cation orderings, that is rewrite orderings that have the so-called subterm property: any term is strictly bigger than any of its proper subterms. Simpli cation orderings contain the embedding relation de ned as the rewrite ordering generated by subterm, that is by the projection rules f (x) ! xi for all f 2 F and i 2 [1::arity(f )]. Kruskal proved that embedding is a well-order of the set of terms, see [6]. This property is the key to prove that simpli cation orderings are well-founded [5]. The most popular simpli cation is the recursive path ordering of Dershowitz [5]: Assume >F is a well-founded ordering on F = Mul ] Lex. Then the following ordering on terms, called recursive path ordering, is a reduction ordering: s = f (s) :  rpo t = g(t) :  i 1. si rpo t for some i 2. f >F g and s rpo ti for all i 3. f = g 2 Lex and s(rpo )lex t and s rpo ti for all i 4. f = g 2 Mul and s(rpo )mul t where s rpo t i s rpo t and t 6rpo s. rpo de nes a congruence on terms =Mul obtained by permuting equivalent arguments below multiset symbols. This congruence of permutations is generated by all axioms of the form f (x1 ; : : : ; xn ) = f (x(1) ; : : : ; x(n) ), for all f 2 Mul, and all  in the symmetric group of order n.

3 Recursive Path Ordering for Algebraic -Terms Our path ordering is de ned in two steps. First, we de ne an original extension of the recursive path ordering for algebraic terms. This extension makes an essential use of the type structure. The obtained ordering is shown to be well-founded via a simple extension of Kruskal's theorem to typed structures. Then, we de ne an interpretation of normalized terms into the set of purely algebraic terms, before applying the previous technique. In this second part, the main diculty is to prove that the induced ordering is closed under appropriate instantiation.

3.1 Typed Recursive Path Ordering Given a well-founded ordering on types, any reduction ordering on terms can be easily transformed into a reduction ordering on typed terms by comparing lexicographically their types rst and then the terms themselves in the original ordering. We go beyong this rst idea, by using the recursive path ordering as our starting ordering on terms. This allows us to apply the same idea recursively when comparing subterms. 7

Our typed recursive path ordering operates on algebraic terms. It uses three basic ingredients: a quasi-ordering on types, a precedence, and a status. The quasi-ordering on types T satis es the following properties: 1. its strict part >T is well-founded 2. T is compatible with the term structure: for all ground normalized terms s :  and t :  , s  t implies  T  . In the context of algebraic terms, it is easy to see that the compatibility property of the type ordering with the term structure is actually equivalent to its compatibility with the signature de ned as: 8F : 1  : : :  n !  2 F ; 8i 2 [1::n]  T i provided there is a ground term for each type. There are many compatible orderings, including the recursive path ordering generated by a precedence on the set of sorts (and the type operators such as the arrow). Compatibility is discussed in length in section 4. The quasi-ordering on function symbols F compares symbols of the same output type only. Its strict part >F must be well-founded. The function symbols enjoy a multiset or lexicographic status. We allow for more complex statuses like right-to-left lexicographic status for our examples. See [8] for a general notion of status combining lexicographic and multiset arities in a given function symbol. As usual, a free variable x :  is considered as a status-free function symbol which is not comparable to any other function symbol. We can now de ne the typed recursive path ordering: s :  = F (s)  t :  = G(t) i 1.  >T  , or 2.  =T  , and (a) F 62 X and si  t for some si , or (b) F >F G and s  ti for all i, or (c) F = G 2 Mul and s mul t, or (d) F = G 2 Lex and s lex t and s  ti for all i where s  t i s  t and t 6 s. Note that the condition F 62 X prevents us to prove that X (c)  c. While it is not at all necessary in the context of algebraic terms, it becomes crucial in the next subsection, in which higher-order variables can be instantiated by abstractions. Note also that it is impossible to prove that X (a)  X (b) in case a  b. Again, this will be crucial in the next subsection, and we will come back on this second question later. Finally, it is clear (and well known for rpo), that, in case 2d, it enough to check s  ti for those ti which have not been reached in the comparison s lex t. We will freely use this remark in our examples. The proofs below are similar to the usual proofs for the recursive path ordering. There are however dierences aiming at obtaining shorter proofs. Lemma 3. Assume that s  t and t = g(t1 ; : : : ; tn ). Then, 8i 2 [1::n], s  ti . S

S

S

S

S

S

S

8

Proof. Let s : ; t :  and ti : i . By de nition of ,  T  and by compatibility property,  T i for all i 2 [1::n]. We prove that s  ti for all i 2 [1::n] by induction on the sum of the sizes of s and t, and discuss according to the proof that s  t. 1. If  >T  or  >T i , then  >T i and we are done. 2. If s  t by case 2a, then sj  t for some sj , and we conclude by induction that sj  ti , hence s  ti by case 2a. Assume that ti  s. Then ti  sj by induction hypothesis again, resulting in a contradiction. Hence s  ti . 3. If s  t by case 2c, then there must exist some sj such that sj  ti . Hence s  ti by case 2a. Assume now that ti  s. Then ti  sj by induction hypothesis, resulting in a contradiction. Hence s  ti . 4. If s  t by case 2d, then s  ti by de nition of the ordering. ut Corollary 4.  has the (strict) subterm property. Corollary 5. Assume that s  t by case 2a or 2b. Then s  t. Proof. We reason by contradiction, assuming that t  s, hence t  si for all immediate subterms si of s by lemma 3. If s  t by case 2a, that is sj  t for some sj , we have a contradiction. If s  t by case 2b, then the only possibility to have t  s is by case 2a, hence t  s by the previous argument, contradicting s  t. ut Lemma 6. s  t and t  s i s =Mul t. Proof. Note rst that s  t if s =Mul t. The proof of the converse is by induction on the size of s. Note rst that s and t must have the same type if s  t  s, and that the proofs that s  t and t  s cannot be by case 2a or 2b by corollary 5. s and t are therefore headed by the same function symbol, and we can easily conclude by induction. ut Corollary 7.  is re exive. Lemma 8.  is transitive. Proof. Assume that s = f (s)  t = g(t)  u = h(u). The proof is by induction on the sum of the sizes of the terms s; t; u, and by case according to the proof that s  t and t  u. Comparisons involving case 1 are straightforward, using transitivity of the type ordering. Others follow the same pattern as in the corresponding proof for rpo. We write (x; y) to indicate that s  t by case x, and t  u by case y. 1. case ( 2a; 2). Then si  t  u for some si . By induction hypothesis, si  u, hence s  u by case 2a. 2. case (2; 2a). Then ti  u. By lemma 3, s  ti , and by induction hypothesis, s  u. 3. case ( 2b or 2d or 2a, 2b). Then f T g >T h and t  ui for all ui . By induction hypothesis s  ui for all ui and s  t by case 2b. S

S

S

S

S

S

9

S

4. case ( 2b, 2d or 2c). Then t  ui for all ui by lemma 3. By induction hypothesis, s  ui for all ui . Assume that ui  s. Then ui  t by induction hypothesis, contradicting t  ui . Hence s  ui and s  u by case 2b. 5. If both comparisons are by case 2d or by case 2c, we proceed easily by induction. ut Lemma 9. Assume that the type ordering T is total and the precedence F is total on function symbols of the signature F which have the same output type. Then  is a total ordering on ground algebraic terms. Proof. Assume s = f (s); t = g(t) is the minimal pair of ground algebraic terms such that s and t are incomparable. Then s and t must have the same type. By minimality assumption, the pairs (s; tj ); (si ; t); (si ; tj ) are comparable for all si 2 s and tj 2 t. If tj  s for some tj 2 t, then t  s, a contradiction. Hence s  tj for all tj 2 t. By argument of symmetry, t  si for all si 2 s. There are now several cases: 1. f >F g. Then t  s by case 2b, a contradiction. 2. g >F f is a symmetric case. 3. f = g 2 Mul. Since all pairs (si ; tj ) are comparable, either s mul t, in which case s  t. or t mul s, in which case t  s, yielding a contradiction in both cases. 4. f = g 2 Lex. Again, s mul t, in which s  t since s  tj for all tj 2 t, or t mul s, in which t  s since t  si for all si 2 s, yielding a contradiction in both cases again. ut As a consequence of lemmas 9 and 6, the strict part of the ordering orients any two ground algebraic terms which are not in the same equivalence class for =Mul , when the type ordering T is total and the precedence F is total on function symbols of the extended signature F which have the same output type. Lemma 10.  is stable under ground context for equal type terms. Proof. Assume that s and t are terms of the same type  such that s  t, and let C [ ]p be a ground context. We then show easily by induction on the length of p that C [s]  C [t]. The base case is obtained for p = , hence is trivial. For the general case, say p = i
q with i 2 IN, we use rst induction with the context (C ji )[ ]q , and then discuss by case 2d or 2c according to the status of the root of C [ ]p . ut Lemma 11.  is stable under ground substitutions. Proof. We prove that s  t implies s  t , for all ground substitution by induction on jsj + jtj. Let s :  = F (s1 ; : : : ; sn ) and t :  = G(t1 ; : : : ; tm ). We distinguish ves cases, according to the proof that s  t: 1.  >T  . Since types are preserved under substitution, we still have s  t by comparing their types. S

S

S

10

2. si  t for some i. By induction hypothesis, si  t , and hence s  t by case 2a of the de nition of the ordering. 3. F >F G and s  ti for all i. By induction, s  ti , and therefore s  t by case 2b of the de nition of the ordering. 4. F = G 2 Mul and s mul t. By induction, s mul t , which proves this case by case 2c of the de nition of the ordering. 5. F = G 2 Lex, s lex t and s  ti for all i. By induction, s lex t and s  ti , which proves this case as well. ut We are left with the proof of well-foundedness, which follows the usual pattern. To overcome the diculty that the signature may be in nite, we will use our hypothesis that there are nitely many symbols for a given output type .

Lemma 12. Let fsi gi2IN be an in nite sequence of ground terms of the same type . Then, there exist two indices i < j such that si is embedded in sj .

Proof. The proof is by contradiction. If there is a counterexample sequence

fsi : gi , there must be one of minimal type with respect to the well-founded

type ordering >T . Among such sequences of minimal type , we choose a minimal one (in the usual sense, by comparing the size of the corresponding terms in the sequence). Since the sequence is of type , terms are all headed by function symbols of output type , and since there are nitely many of them, we can extract an in nite subsequence of terms fF (uj )gj2IN , all headed by some function symbol F 2 F1 :::n ! such that  T k for all k 2 [1::n] by compatibility property of the type ordering with the term structure. We now proceed to show that, for each k 2 [1::n], in nite sequences of type k built up from the set IS = fujk gk2[1::n];j2IN of immediate subterms of terms in the extracted sequence satisfy the lemma. If  >T k , this results from our assumption that  is minimal. Otherwise k =T , and this results from the usual minimality argument. We then show as usual that n-tuples of type 1 ; : : : ; n of terms in IS satisfy the lemma with respect to the product ordering generated by the embedding. We can therefore nd indices i < j such that for all k 2 [1::n], the term uik is embedded in the term ujk . Then F (ui ) is embedded in F (uj ) contradicting our assumption that there was a counterexample sequence. ut S

S

S

S

Theorem 13.  is a simpli cation ordering on ground algebraic terms whose strict part is well-founded, and which is total when the type ordering T is total and the precedence F is total on function symbols of the extended signature F which have the same output type. S

Proof. We are left to show that  is well-founded. Assuming an in nite decreasing sequence, all terms must have the same type from some point on in the sequence, since the ordering on types is well-founded by assumption. We use then as usual the previous lemma together with the fact that simpli cation orderings contain the embedding relation. ut

11

Although we have assumed that there are nitely many symbols of the same output type , this is not necessary. We know that Kruskal's theorem holds for any embedding relation generated by a well-order on the set of function symbols. Since rpo generated by a given precedence contains the associated embedding relation, we can then conclude by an easy modi cation of our argument.

3.2 Recursive Path Ordering for Normalized Terms

The ordering for normalized terms works by comparing interpretations of normalized terms in the typed recursive path ordering we have just de ned. Because bound variables cannot be substituted, they will be considered as new (nonvariable) symbols ? of their respective type . Abstractions are considered as operators of some input type  (the type of the body) and output type  !  ( is the type of the abstracted variable). Finally, we will index all symbols by their output type, thus making the type of a term easily readable on its head. This results in the following extended signature: XT = fx j x :  2 Xg FT = fF j F 2 F[1 :::n ! g[ F = XT [ F [ f? g [ f! g 2T

S

; 2T

S

Note that we have a single symbol ? for each type  and a single ! operator for each arrow type  !  . Therefore if F has a nite set of function symbols for each output type then F has a nite set of function symbols for each type. Note also that we would have more exibility in practice to deal with arbitrary overloaded function symbols if they were indexed by their input and output types, instead of by their output type only. On the other hand, this would complicate our notations a little bit. The interpretation function maps normalized terms to typed algebraic terms over the new signature: [jx : j] = x [j(x:u) :  !  j] = ! ([juj]fx 7! ? g) [jF (: : : ; ui ; : : :) : j] = F (: : : ; [jui j]; : : :) Before we can introduce our ordering, we need to de ne the precedence on the new signature. It will simply extend the precedence over the former signature, by adding new pairs for taking care of the ? and ! operators. In practice, it is wise to have ? minimal among the function symbols of output type . Being unary operators, abstractions may have any status. Finally, the compatibility property for the abstraction operators requires that  !  T  . Compatibility is investigated thoroughly in section 4. Assuming that s and t are two normalized terms such that no variable is both free and bound nor bound twice in the pair (s; t), we de ne: S

s horpo t i [jsj]  [jtj] 12

Lemma 14. horpo is a well-founded ordering on ground normalized terms, which is total on ground terms when the the type ordering T is total and the precedence F is total on function symbols of the extended signature F S

which have the same output type.

Proof. The property is inherited from the previous ordering.

ut

Lemma 15. If s horpo t then u[s] horpo u[t] for all contexts u and terms s :  and t :  such that u[s] and u[t] are ground normalized terms. Proof. Since s and t have the same type  , u[s] and u[t] have the same type. We prove that F (: : : ; s; : : :) horpo F (: : : ; t; : : :) for all possible F . Since the context must be ground, F cannot be a variable, resulting in two cases:

1. If F is an algebraic function symbol, then F (: : : ; s; : : :) horpo F (: : : ; t; : : :) i [jF (: : : ; s; : : :)j]  [jF (: : : ; t; : : :)j], that is F (: : : ; [jsj]; : : :)  F (: : : ; [jtj]; : : :), where  is the output type of F . Since [jsj]  [jtj] holds by assumption that s horpo t and de nition of horpo, the result holds by monotonicity of  with respect to ground contexts. 2. Otherwise, let F be x, for some x of type . Since s horpo t i [jsj]  [jtj], then [jsj]fx 7! ? g  [jtj]fx 7! ? g by lemma 11. By de nition, x:s horpo x:t i [jx:sj]  [jx:tj] i ! ([jsj]fx 7! ? g)  ! ([jtj]fx 7! ? g). We therefore conclude by stability of  under ground contexts.

ut

Lemma 16. horpo is stable under ground normalized substitutions. Proof. Assuming that s :  and t :  are normalized, we need to show that s horpo t implies s #horpo t # for all ground normalized substitutions . This amounts to show that s0 = [jsj]  [jtj] = t0 implies [js # j]  [jt # j]. This cannot be proved directly due to the replacement of bound variables by new function symbols (the ? ) in the interpretation. We will therefore prove a more general statement, namely [jsj] 1  [jtj] 2 implies [js # j] 1 S[jt # j] 2 , where 1 and 2 are (well-typed) substitutions taking their value in 2T f? g, and such that if X 2 Dom( 1 ) [Dom( 2 ) (for some type 0 ) then X 62 Dom( ). We proceed by induction on js0 j + jt0 j. The statement holds if  >T  , since types are preserved under substitution, normalization and interpretation. Otherwise, let s0 = F (s01 ; : : : ; s0n ) and t0 = G (t01 ; : : : ; t0m ). We distinguish ve cases: S

0

S

1. s0 1  t0 2 by case 2a, that is s0i 1  t0 2 for some subterm s0i of s0 . Since the head symbol of s0 1 cannot be a variable by de nition of the ordering, there are two possibilities: (i) s = F (s1 ; : : : ; sn ), where F 2 F or F 2 X and F 1 = ? ; or else (ii) s is an abstraction x:s1 , with x : 0 . 13

i. In the rst case, we have s0 1 = F 1 (s01 1 ; : : : ; s0n 1 ), where s0i = [jsi j]. By induction hypothesis, s0i 1  t0 implies [jsi # j] 1  [jt # j] 2 . Since [jF (s1 ; : : : ; sn ) # j] 1 = F 1 ([js1 # j] 1 ; : : : ; [jsn # j] 1 ), the result holds. ii. In the second case, s0 1 =  (s01 1 ), where s01 = [js1 j]fx 7! bot g. Then s01 1 can be written as [js1 j] 10 , with 10 = fx 7! ? g [ 1 . Note that x cannot appear in the domain of since it is bound in s. Likewise, x cannot appear in the domain of 1 . Therefore, by induction hypothesis, s01 1 = [js1 j] 10  t0 2 implies [js1 # j] 10  [jt # j] 2 . The expected result follows, since [j(x:s1 ) # j] 1 =  (([js1 # j]fx 7! bot g) 1 ) =  ([js1 # j] 10 ). F 1 >F G 2 and s0 1  t0i 2 for all i. There are again two cases. i. If G 6=  , then, by induction, [js # j] 1  [jti # j] 2 . Since [jG(t1 ; : : : ; tm ) # j] 2 = G 2 ([jt1 # j] 2 ; : : : ; [jtm # j] 2 ), the result follows. ii. If G =  then, t0 2 =  (t01 2 ), where t01 = [jt1 j]fx 7! ? g for some x : 0 . Since t01 2 can be written as [jt1 j] 20 (with 20 = fx 7! ? g [ 2 ), by induction hypothesis, [js # j] 1  [jt1 # j] 20 , and since [j(x:t1 ) # j] 2 =  ([jt1 # j] 20 ), the result holds. F = G =  and s01 1  t01 2 . Then s0 1 =  (s01 1 ), where s01 = [js1 j]fx 7! ? g for some x : 0 , and t0 2 =  (t01 2 ), where t01 = [jt1 j]fy 7! ? g for some y : 0 . Since s01 1 can be written as [js1 j] 10 (with 10 = fx 7! ? g[ 1 ) and t01 2 can be written as [jt1 j] 20 (with 20 = fy 7! ? g[ 2 ), by induction hypothesis, [js1 # j] 10  [jt1 # j] 20 . Since [j(x:s1 ) # j] 1 =  ([js1 # j] 10 ) and [j(y:t1 ) # j] 2 =  ([jt1 # j] 20 ), the result holds. F 1 = G 2 2 Mul and s0 1 mul t0 2 . By induction, the result holds. F 1 = G 2 2 Lex and s0 1 lex t0 2 and s0 1  t0i 2 for all i. By induction, the result follows similarly. 0

0

0

0

0

0

2.

0

0

0

0

0

3.

0

0

0

0

0

0

0

4. 5.

0

Note that the cases in which the head symbol may change, namely when the head symbol is a higher-order variable, are always solved by type, therefore avoiding potential problems. ut

Theorem 17. If l  r for all rules l ! r in R then R is terminating. Proof. First, terms in a derivation can always be considered as ground, therefore p allowing us to use the previous properties. Assume now that s ?! t, where s and l!r t are ground normalized terms. Then, sjp =  l , and t = s[r #]p . Since ?!  is con uent, and s is normalized, then sjp = l #. By assumption, l horpo r, hence l #horpo r # by lemma 16, and s = s[l #]p horpo s[r #]p = t by lemma 15. Since horpo is well-founded, R is therefore terminating. ut

The above theorem is aimed at proving termination of higher-order rewrite rules operating on normalized terms via higher-order pattern matching. The use of rst-order pattern matching would not change the situation very much, as long as rewriting operates on normalized terms. 14

4 Compatible Type Orderings The goal of this section is to provide a sucient condition ensuring the compatibility property of the type ordering with the term structure, that is s :   t :  implies  T  for all ground normalized terms s and t. We will then exhibit two actual orderings which satisfy these conditions and hence can be used as a component of our ordering on higher-order terms. S

De nition 18. The quasi-ordering on types T is compatible with the type structure if (i) 8f : 1  : : :  n !  2 F ; 8i 2 [1::n];  T i , (ii)  !  T  , (iii)  !  T . S

S

S

S

Note that conditions (i) and (ii) are indeed necessary to obtain an ordering compatible with the term structure, assuming there are grounbd terms for each type. For (ii), consider the example x : :a, in which a is a constant of type  . Condition (iii) is needed when there is a (ground) normalized term t[a] of type  !  such that its (ground) normalized subterm a has type . The existence of such a term is not gaeranteed, it actually depends on the signature itself.

Lemma 19. Let T be a quasi-ordering on types compatible with the type struc-

ture. Then, for every ground normalized term s :  and for every ground normalized subterm t :  , we have  T  . S

S

Proof. We prove the more general property that  T  for every normalized term s :  and every subterm t :  not below a free variable (free variables may not satisfy the compatibility property). We proceed by induction on the size of the term. The property trivially holds if t is a constant or is headed by a free variable. Otherwise, there are two possible cases: S

1. s = F (s1 ; : : : ; sn ), with si : i . By compatibility of the type ordering with the type structure,  T i . By induction hypothesis, for every subterm t :  (not headed by a free variable) of some si : i , we have i T  , and hence  T  . Note that we have considered all possible subterms (not headed by a free variable) of s. 2. s = x:u, with  =  ! . By compatibility  T  and  T . By induction hypothesis for every subterm t :  of u : not below a free variable, T  and hence  T  . The only new free variable of u (wrt. s) is x. Therefore, we need to ensure that for all subterms t :  below some occurrence of x, we also have  T  . Let  be 1 ! : : : n ! n+1 , with n  0. Assume there is a subterm of u of the form x(u1 ; : : : ; un). By compatibility,  T  T i for all i and by induction hypothesis for every subterm t :  (not below a free variable) of some ui i T  and ut hence  T  . S

S

S

S

S

S

S

S

S

S

S

S

15

There is a tradeo between the granularity and the compatibility of the ordering on types. This is why we provide with two dierent orderings satisfying the compatibility properties. The rst is a recursive path ordering on type expressions. This is a ne grain ordering, thus compatibility may therefore be hard to achieve. The second ordering identi es many types, allowing us to ensure compatibility easily, but its strict part compares fewer types.

4.1 Recursive Path Ordering on Types As already noticed in the context of algebraic terms, the recursive path ordering itself is a good candidate for the type ordering. Conditions (ii) and (iii) are always satis ed (the comparison is strict), and condition (i) is easily checked when the signature F is nite. The signature to be considered for the type ordering is the set of basic types plus the arrow operator. Usually, it is better to take ! smaller than any basic type, although there is no obligation. The only requirement is to provide a precedence S on S [f!g, and a status for !. The obtained ordering is quite powerful, hence it will allow us to compare many terms by type.

Example 1 : Sorting

We use the following precedences: List >T Nat; fmax; ming >F f0; sg; insert >F cons; sort >F fnil; insertg; fascending sort; descending sortg >F sort; insert 2 Lex (right to left) and sort 2 Mul. We will check only two rules: sort(cons(n; l); xy:X (x; y); xy:Y (x; y)) horpo insert(n; sort(l; xy:X (x; y); xy:Y (x; y)); xy:X (x; y); xy:Y (x; y)) and insert(n; cons(m; l); xy:X (x; y); xy:Y (x; y)) horpo cons(X (n; m); insert(Y (n; m); l; xy:X (x; y); xy:Y (x; y))) leaving the others to the reader. For the rst rule, since sort >F insert, we need to check recursively sort(cons(n; l); xy:X (x; y); xy:Y (x; y)) horpo n, sort(cons(n; l); xy:X (x; y); xy:Y (x; y)) horpo sort(l; xy:X (x; y); xy:Y (x; y)), sort(cons(n; l); xy:X (x; y); xy:Y (x; y)) horpo xy:X (x; y), and sort(cons(n; l); xy:X (x; y); xy:Y (x; y)) horpo xy:Y (x; y). The rst comparison succeeds by case 1, the second by case 2c, using the fact that cons(n; l)  n, and the last two by case 2a. For the second rule, since insert >F cons, we need to check recursively insert(n; cons(m; l); xy:X (x; y); xy:Y (x; y)) horpo X (n; m); and insert(n; cons(m; l); xy:X (x; y); xy:Y (x; y)) horpo insert(Y (n; m); l; xy:X (x; y); xy:Y (x; y))). S

16

The rst comparison is by case 1; for the second, since insert has a right-toleft lexicographic status, the comparison cons(m; l) horpo l succeeds, and we are left with insert(n; cons(m; l); xy:X (x; y); xy:Y (x; y)) horpo Y (n; m), which works by case 1 again.

Example 2 : Mapcar S = fNat; Listg; FList = fnilg; FNatList!List = fconsg; F Nat!Nat List!List = fmapg; XNat!Nat = fX g; XList = flg; XNat = fng map(x:X (x); nil) ! nil map(x:X (x); cons(n; l)) ! cons(X (n); map(x:X (x); l)) (

)

The termination proof may use the following precedences: List >S Nat; List >S !; map >F cons; map 2 Mul:

Example 3 : Maplist S = fNat; Listg; FList = fnilg; FNatList!List = fconsg; F Nat!Nat List!List = ffconsg; FListNat!List = ffmapg; XNat!Nat = fX g; XList = fLg; XNat = fng fmap(nil; n) ! nil fmap(fcons(x:X (x); L); n) ! cons(X (n); fmap(L; n)) (

)

The termination proof may use the following precedences: List >S Nat; List >S !; fmap >F cons;

fmap 2 Mul:

4.2 Sort Ordering

The second ordering is again generated by a precedence S on the set of basic types. It compares type expressions according to the maximal basic type occurring in them, that is  T  i max() S max( ) where max() is the maximal (wrt. S ) basic type occuring in . S

Example 4 : Maplist to list S = fNat; Listg; FList = fnilg; FNatList!List = fconsg; F List!Nat List!List = ffconsg; FListNat!List = ffmaplistg: XNat!Nat = fX g; XList = fL; lg: fmaplist(nil; l) ! nil fmaplist(fcons(x:X (x); L); l) ! cons(X (l); fmaplist(L; l)) (

)

The termination proof may use the following precedences: List >S fNat; !g; fmaplist >F cons; fmaplist 2 Mul Note that since List ! Nat is necessarily strictly bigger than List for a recursive path ordering, fcons would not ful l the compatibility property with respect to any recursive path ordering on types. 17

5 Discussion Three recent papers and a PhD thesis discuss termination of higher-order rewrite rules, among which two give methods based on orderings for higher-order terms. In [14], the user is responsible for proving the monotonicity property of the ordering used, in the form of proof obligations that he or she has to verify. Besides, the resulting ordering is still weak, assuming in particular that left-hand sides are patterns in the sense of Miller. The method described in [4] is much more powerful, since it allows to prove termination of cut-elimination calculi, to the price of loosing control on the amount of veri cations to be performed. On the other hand, [13] describes a computable ordering in the same spirit as ours, based on a rst-order interpretation of terms in -long -normal form, but a counter example to its well-foundedness is given in [14]. [12] introduces a powerful notion of higher-order subterm3, allowing to state that v(x; u) is a subterm of rec(S (x); u; yz:v). However, this notion of subterm is not enough to deal with the following example of primitive recursion of higher type over the natural numbers in Peano notation: rec(0; u; yz:v(y; z )) ! u rec(S (x); u; yz:v(y; z )) ! v(x; rec(x; u; yz:v(y; z ))) Indeed, our ordering cannot deal with this example either, because our notion of compatibility is de ned in terms of the rst-order notion of subterm: given a type , the higher-order variable v has type Nat  ! , and Godel's recursor rec has type Nat   (Nat  ! ) ! . Since cannot be bigger than Nat  ! in the ordering on types, compatibility requires all types to be equal, and the variable v cannot be made smaller by type comparison. The very reason of this failure is that we implicitely consider yz:v(x; y) as a subterm of rec(x; u; yz:v(y; z )). Applying yz:v(x; y) to inputs of the appropriate type results in a term of type , and compatibility becomes satis ed. This is actually the essence of Loria-Saenz's de nition of higher-order subterm [12]. Using this idea should result in a sharper notion of compatibility of an operator f in terms of the output type (instead of the type itself) of each of its inputs. On the other hand, our ordering is already powerful enough to treat a variety of examples, as we have shown in section 4. For all these examples, the use of type information was essential. As a matter of fact, even the rst example, sorting, cannot be proved terminating by using the orderings of [13, 12], which fail to check the second insert rule. Finally, we can come back on the question of variables, and the example that X (a) and X (b) are incomparable even if a and b are comparable. Assume variables have a monotonic status. To compare terms headed by higher-order variables with such a status does not ensure stability by instantiation (instantiating X by, e.g., x:c for some constant c), but we conjecture that it ensures a weak form of stability: s mon t implies that s mon t for all ground substitutions 3 The idea of higher-order subterm discussed by the author is very appealing per se,

but we do not think that the author came up with the right technical de nition.

18

in normal form. Assuming this weaker property, we can de ne an improved version of horpo by allowing such comparisons each time the non-strict ordering is used in a recursive call, that is, in cases 2a, 2d and 2c. We believe that the obtained ordering has again all desired properties. However, the limited bene t obtained with this improvement does not seem to justify struggling with the resulting complications4.

6 Conclusion We have described an ordering for higher-order terms in -long -normal form, which enables us to automatically prove termination properties of higher-order rewrite rules in this setting. This ordering extends two distinct orderings to typed terms, an ordering on function symbols and an ordering on types. As a result of this structure similar to that of the recursive path ordering for rst-order terms, the ordering is easy to implement and to use in practice, and indeed, we have demonstrated its applicability by giving several practical examples. Improving over previous attempts, the ordering does not assume that left-hand sides of rules are patterns. It requires instead that the ordering on types is compatible with the signature, a quite restrictive property indeed. For future work, we plan to incorporate a notion of higher-order subterm to our ordering, therefore opening the way to a theory of higher-order simpli cation orderings. For this, we need to show that the embedding relation de ned by an appropriate subterm ordering for higher-order terms is a well-order: this would allow us to generalize the present work quite smoothly. We are currently progressing in this direction which should yield what we think should be the true generalization of the recursive path ordering to this higher-order setting.

References 1. F. Barbanera, M. Fernandez, and H. Geuvers. Modularity of strong normalization and con uence in the -algebraic-cube. In Proc. 9th IEEE Symp. Logic in Computer Science, Paris, 1993. 2. Henk Barendregt. Handbook of Theoretical Computer Science, volume B, chapter Functional Programming and Lambda Calculus, pages 321{364. North-Holland, 1990. J. van Leeuwen ed. 3. Henk Barendregt. Handbook of Logic in Computer Science, chapter Typed lambda calculi. Oxford Univ. Press, 1993. eds. Abramsky et al. 4. Jaco Van de Pol and Helmut Schwichtenberg. Strict functional for termination proofs. In Proceedings of the International Conference on Typed Lambda Calculi and Applications, Edinburgh, Great Britain, 1995. 5. Nachum Dershowitz. Orderings for term rewriting systems. Theoretical Computer Science, 17(3):279{301, March 1982. 6. Nachum Dershowitz and Jean-Pierre Jouannaud. Rewrite systems. In J. van Leeuwen, editor, Handbook of Theoretical Computer Science, volume B, pages 243{ 309. North-Holland, 1990. 4 This suggestion resulted from a discussion with Jean Goubault

19

7. Roberto di Cosmo. Isomorphisms of Types: from -calculus to information retrieval and language design, chapter Con uence Results. Birkhauser, Boston, 1995. 8. Maribel Fernandez and Jean-Pierre Jouannaud. Modular termination of term rewriting systems revisited. In Egidio Astesiano, Gianni Reggio, and Andrzej Tarlecki, editors, Recent Trends in Data Type Speci cation, volume 906 of Lecture Notes in Computer Science. Springer-Verlag, 1995. Refereed selection of papers presented at ADT'94. 9. Jean-Pierre Jouannaud and Mitsuhiro Okada. Abstract data type systems. Research Report 975, Universite de Paris Sud, June 1995. To appear in TCS. 10. Jean-Pierre Jouannaud and Mitsuhiro Okada. Inductive data type systems. Technical report, Universite de Paris Sud, 1996. submitted. 11. Deepak Kapur and H. Zhang. An overview of the rewrite rule laboratory (RRL). In Proc. 3rd Rewriting Techniques and Applications, Chapel Hill, LNCS 355, pages 559{563. Springer-Verlag, 1989. 12. C. Lora-Saenz. A Theoretical Framework for Reasoning about Program Construction based on Extensions of Rewrite Systems. PhD thesis, Fachbereich Informatik der Universitat Kaiserslautern, 1993. 13. C. Lora-Saenz and J. Steinbach. Termination of combined (rewrite and calculus) systems. In Proc. 3rd Int. Workshop on Conditional Term Rewriting Systems, Pont-a-Mousson, LNCS 656, volume 656 of Lecture Notes in Computer Science, pages 143{147. Springer-Verlag, 1992. 14. Olav Lysne and Javier Piris. A termination ordering for higher order rewrite systems. In Proc. 6th Rewriting Techniques and Applications, Kaiserslautern, LNCS 914, Kaiserslautern, Germany, 1995. 15. Claude Marche. Normalised rewriting and normalised completion. In Proceedings of the Ninth Annual IEEE Symposium on Logic in Computer Science, Paris, France, July 1994. IEEE Comp. Soc. Press. 16. T. Nipkow. Higher order critical pairs. In Proc. IEEE Symp. on Logic in Comp. Science, Amsterdam, 1991. 17. Pilar Nivela and Robert Nieuwenhuis. Practical results on the saturation of full rst-order clauses: Experiments with the saturate system. (system description). In C. Kirchner, editor, 5th International Conference on Rewriting Techniques and Applications, LNCS 690, Montreal, Canada, June 16{18, 1993. Springer-Verlag.

This article was processed using the LATEX macro package with LLNCS style

20