Proofs of Soundness and Completeness of Type Inference ... - CiteSeerX

Proofs of Soundness and Completeness of Type Inference for HM(X) Martin Sulzmann Yale University Department of Computer Science New Haven, CT 06520-8285 [email protected]

revised report: 26 March 1997

1 Introduction In this technical report one can nd full proofs of soundness and completeness of type inference for the HM(X) type system [SOW97]. In Section 2 we introduce the notion of constraint systems. The HM(X) framework is described in Section 3 where we also show that HM(X) type systems satisfy a type preservation property. Type inference is considered in Section 4.

2 Constraint systems We present a characterization of constraint systems along the lines of Henkin [HMT71] and Saraswat [Sar93]. De nition 1 (Simple Constraint System) A simple constraint system is a structure ( ; `e ) where is a non{empty set of tokens or (primitive) constraints 1 . The relation `e  p  is a decidable entailment relation where p is the set of nite subsets of . We call C 2 p a constraint set or simply a constraint. A constraint system ( ; `e ) must satisfy for all constraints C; D 2 p : C1 C `e P whenever P 2 C and C2 C `e Q whenever C `e P for all P 2 D and D `e Q We extend `e to be a relation on p  p by: C `e D i C `e P for every P 2 D. Furthermore, we de ne C =e D i C `e D and D `e C . The term `e C is an abbreviation for ; `e C and true = f P j ; `e P g represents the true element. By the following lemma we can identify the minimal constraint ; as a representation for true.  Supported 1

by Yale University Fellowship We also refer to such constraints as predicates.

Lemma 1 Given a simple constraint system constraint ( ; `e ). Then true =e ;. Remark 1 For simplicity, we omit set notation for constraints. We connect constraints by ^ instead of the union operator [. Also, we omit to enclose simple constraints P in opening and closing braces. That means, P ^ Q is an abbreviation for fP g [ fQg. Furthermore, `e C is an abbreviation for true `e C . De nition 2 (Cylindric Constraint System) A cylindric constraint system is a structure CCS = ( ; `e ; Var; f9 j  2 Varg) such that:  ( ; `e ) is a simple constraint system,  Var is an in nite set of variables,  For each variable  2 Var, 9 : p ! p is an operation satisfying:

E1 C `e 9:C E2 C `e D implies 9:C `e 9:D E3 9:(C ^ 9:D) =e 9:C ^ 9:D E4 9:9 =e 9 :9:C The next de nition de nes the free type variables fv(C ) of a constraint C . De nition 3 (Free Variables) Let C be a constraint. Then fv(C ) = f j 9:C 6 =e C g. We now de ne satis ability of a constraint. De nition 4 (Satis ability) Let C be a constraint. Then C is satis able i `e 9fv(C ):C . The next lemma states that the projection operator does not in uence the satis ability of a constraint. Lemma 2 Let C be a constraint. Then C is satis able i 9:C is satis able.

We now introduce a much more expressive constraint system. We want to deal with types and substitutions. De nition 5 (Types) A type is a member of T =Term() where Term() is the term algebra T built up from a signature  = (Var, Cons). Var is a set of variables and Cons is a set of type constructors containing at least the function constructor ! of arity 2. De nition 6 (Substitutions) A substitution  is an idempotent mapping from a set of variables Var to the term algebra Term(). Let id be the identity substitution. De nition 7 (Term Constraint System) A term constraint system T CST = ( ; `e ; Var; f9 j  2 Varg) over a term algebra T is a cylindric constraint system with tokens of the form p(1 ; : : : ; n )

(i 2 T )

such that the following holds:  For each pair of types ;  0 there is an equality predicate ( =  0 ) in T CST , which satis es:

D1 D2 D3 D4 D5

S1 S  T CST S2 Each C 2 S is satis able S3 If C 2 S and C `e ( =  0 ) then `e ( =  0 ) S4 If C 2 S then 9:C 2 S Remark 3 Condition S3 prohibits equality predicates in S . Equality predicate should be resolved in S by a kind of uni cation. Condition S4 enforces that S is closed under projection.

Some basic lemmas follow.

Lemma 3 (Normal Form) Let C be a constraint and  = [ =] be a substitution. Then C =e 9:C ^ (1 = 1 ) ^ : : : ^ (n = n ). Lemma 4 (Substitution) Let C; D be constraints and  be a substitution such that C `e D. Then C `e D.

3 The HM(X) framework This section describes a general extension HM(X) of the Hindley/Milner type system with a term constraint system X over a term algebra T . We denote the set of solved constraints in X by S . In our type system we only admit constraints in S . Our development is similar to the original presentation [DM82]. We work with the following syntactic domains.

`e ( = ) ( = ) `e ( = ) ( = ) ^ ( = ) `e ( = ) ( = ) ^ 9:C ^ ( = ) `e C ( =  0 ) `e (T [ ] = T [ 0 ]) where T [] is a type with a hole

Values Expressions Types Type schemes

 For each predicate P , D6 [=]P =e 9:P ^ ( =  ) where  62 fv( )

Remark 2 Conditions D1 { D4 are the conditions imposed on a cylindric constraint system with diagonal elements, which is usually taken as the foundation of constraint programming languages. D4 says that equals can be substituted for equals; it is in eect the Leibniz principle. D5 states that (=) is a congruence. D6 connects the syntactic operation of a substitution over predicates with the semantic concepts of projection and equality. Substitution is extended to arbitrary constraints in the canonical way:

v e  

::= ::= :: ::=

x j x:e v j ee j let e = x in e  j  !  j T   j 8:C ) 

This generalizes the formulation in [DM82] in two respects. First, types are now members of an arbitrary term algebra T , hence there might be other constructors besides !, with possibly non{trivial equality relations. Second, type schemes 8:C )  now include a constraint component C 2 S , which restricts the types that can be substituted for the type variable . On the other hand, the language of terms is exactly as in [DM82]. That is, we assume that any language constructs that make use of type constraints are expressible as prede ned values, whose names and types are recorded in the initial type environment ?0 . We often use vector notation for type variables in type schemes. The term 8:D )  is an abbreviation for 81 :true ) : : : 8n:D )  and 9 :D for 91 : : : : 9n :D. The typing rules can be found in Figure 1. The most interesting rules are the (8 Intro) rule and the (8 Elim) rule. By rule (8 Intro) we quantify some type

[=](P1 ^ : : : ^ Pn ) = [=]P1 ^ : : : ^ [=]Pn : The intention of a term constraint system T CST is to express uni cation problems through the equality predicate (=). A term constraint system T CST is a very powerful constraint system. In the latter we distinguish a speci c subset of constraints in T CST . We denote this set by S . We say the constraints in S are in solved form. We put in general the following conditions on S : 2

(Var) (Equ)

C; ?

` x :  (x :  2 ?)

C; ?

` e :  `e ( =  0 ) C; ? ` e :  0

C; ?x :x :  ` e :  0 C; ?x ` x:e :  !  0

(Abs) C; ?

(App)

` e1 : 1 ! 2 C; ? ` e2 : 1 C; ? ` e1e2 : 2

C; ?x

(Let)

` e :  C; ?x :x :  ` e0 :  0 C; ?x ` let x = e in e0 :  0

C ^ D; ? ` e :  C ^ 9:D; ?

(8 Intro)

`

 62 fv(C ) [ fv(?) e : 8:D ) 

0 C `e [ =]D (8 Elim) C; ? ` e : 8:D )  C; ? ` e : [ =] 0

Figure 1: Logical type system variables. We often use vector notation for type variables in type schemes. The term 8:D )  is an abbreviation for 81:true ) : : : 8n :D )  and 9 :D for 91 : : : : 9n :D. Rule (Equ) is important if there are type constructors in the term algebra T with non{trivial equality relations.

We start with a syntactic based approach to type soundness [WF91]. We have the following two reductions: ( ) (x:e)v ?! [v=x]e (LET) let x = v in e ?! [v=x]e Then, we can state the following lemma. Lemma 5 (Subject Reduction Property) Let C; ? ` e :  be typing judgement and e ?! e0 . Then C; ? ` e0 : . We now extend the relation ?! to evaluation contexts E . We de ne E [e] 7?! E [e0 ] i e ?! e0 where E ::= [] j Ee j vE j let x = E in e: Let 7?! be the re exive and transitive closure of 7?!. The partial function eval evaluates an expression e: eval(e) = v i e 7?! v We write e * if e diverges. Now, we have everything at hand to state syntactic soundness of our type system. Theorem 9 (Syntactic Soundness) Let C; ? ` e :  be a typing judgement. Then e * or eval(e) = v.

De nition 8 (Typing Judgements) Let C be a constraint in pS , ? a type environment and  a type scheme. Then C; ? ` e :  is a typing judgement i C; ? ` e :  can be derived by application of the typing rules.

Example 1 The Hindley/Milner system is an instance of our type system. Let 1 = ( ; `e ; Var; f9 j  2 Varg) be the minimal term constraint system. contains only primitive constraints like ( =  0 ) where  and  0 are types. We de ne the set S of constraints in solved form as ftrueg. Then the Hindley/Milner system is equal to HM(1). We now discuss type soundness of our type system. We present two approaches to show type soundness of our type system. The rst one is a syntactic based approach where we show that type systems in HM(X) enjoy the subject reduction property. In the second approach we give an ideal semantic for type systems in HM(X). 3

4 Type inference

Principal normal forms are unique up to variable renaming: Lemma 6 (Uniqueness) Let (C; ) and (C 0 ; 0) be principal normal forms of (D; ). Then there is a variable renaming 0 such that C 0 = 0 C and 0 = 0  . Proof: Given two principal normal forms (C; ) and (C 0 ; 0 ) of (D; ). Because of the minimality condition of principal normal forms we get there exists ; 0 such that  = 0 C 0 `e 0 C and 0  0 = C `e C 0 We get that

Type inference in HM(X) is performed in two steps. First, a typing problem is translated into a constraint D in the term constraint system X . Then that constraint D is normalized. Normalizing means computing a substitution and a residual constraint C in X such that C entails D where C is a constraint in the set S of constraints in solved form. To ensure that a typing problem has a most general solution, we require that constraints in X have most general normalizers.

4.1 Normalization

In this section we study normalization of contraints in a term constraint system. Below we give an axiomatic description of normalization. First, we introduce some preliminary de nitions. Preliminaries: Assume U is a nite set of type variables that are of interest in the situation at hand. We need a handle to compare two substitutions. De nition 10 Let , 0 and be substitutions. Then 0  U  i (0  )jU = jU .

  0 

0

=

0

0    =

which tells us that 0   is a variable renaming. Furthermore, it holds C `e C 0 = 0 C 0

C 0 `e

0C

= C

An easy observation tells us that C = C 0 C 0 = C 0   0 C 0 = C 0

We write   if 90 : 0 . Sometimes, we omit the set U . Note that this makes the \more general" substitution the smaller element in the pre{order U . This choice, which reverses the usual convention in treatments of uni cation (e.g. [LMM87]), was made to stay in line with the semantic notion of type instances. We make U a partial order by identifying substitutions that are equal up to variable renaming, or equivalently, by de ning =U  i U  and  U . It follows from [LMM87] that U is a complete lower semi{lattice where least upper bounds, if they exist, correspond to uni cations and greatest lower bounds correspond to anti{uni cations. We consider now the task of normalization. Actually, a typing problem is translated in a constraint in the term constraint system X attached with a substitution. Normalization means then computation of a principal normal form of a constraint D from a term constraint system and a substitution .

We can then conclude that C 0 `e (0  )C `e (0    0 )C 0 = C 0

and we are done. That means computation of the principal normal form of (D; ) is unique. Given (D; ) we can de ne a function normalize by: normalize(D; ) = (C; ) if (C; ) principal normal form of (D; ) = fail otherwise

Actually, a constraint problem consists of a constraint attached with a substitution. Sometimes, it is more convenient to think of a constraint problem simply as a constraint. Both views are consistent if we want to compute the principal normal form of a constraint problem. Lemma 7 Given a constraint D 2 X and a substitition . Then (C; ) = normalize(D; id) i (C;  ) = normalize(D; ) where C 2 S and a substitution. Proof: This follows directly from the de nition of principal normal forms.

De nition 11 (Principal Normal Form) Let X be a term constraint system over a term algebra T and S be the set of solved constraints in X. Let C 2 S and D 2 X be constraints and let , be substitutions. Then (C; ) is a normal form of (D; ) i   , C `e D and C =C (C; ) is principal if for all normal forms (C 0 ; 0 ) of (D; ) we have that  0 and C 0 `e 0 C .

We now extend the property of having a principal normal form to constraint systems. 4

`e ( =  0 ) `i   

(Ref)

i 0  62 tv() [ tv(C ) ( 8) C ^ D `  i  C `   8:D ) 0

(8 )

C `i [=]  0 C `e [=]D i C ` 8:D )   0

Figure 2: Instance rules

De nition 12 (Principal Constraint Property) Given a term constraint system X over a term algebra T and a set of solved constraints S in X. The term constraint system X has the principal constraint property if for every constraint D 2 X and substitution , either (D; )

relation `i2 . All instance rules are the same except for the (8 ) rule: i2 0 (8 2 ) C ` [=i]2  

C

does not have a normal form or (D; ) has a principal normal form.

`

C `e [=]D : 8:D )    0

The next lemma states that `i and `i2 are equivalent. Lemma 8 (Equivalence) Let C be a constraint and ; 0 be type schemes. Then C `i   0 i C `i2   0 . Proof: That `i2  `i holds is not dicult to see.. In order to prove `i  `i2 we show that we can always switch the order of consecutive ( 8), (8 ) steps. Assume we have the following derivation

We also say that the HM(X) type system has the principal constraint property if X has the principal constraint property. In case of the Hindley/Milner type system (or HM(1) in terms of our notation), normalization means simply computation of the most general uni er. We have in this case: normalize((1 = 2 ); ) = (true; mgu(1 ; 2 )  ) if 1 ; 2 are uni able = fail otherwise

C ^ D0 `i [=]  0 62 tv([=]) [ tv(C ) i 0 C ` [=]  8 :D ) 0 C `e [=]D C `i 8:D )   8 :D0 ) 0

This is easy to see. Assume rst that 1 and 2 are uni able and let = mgu(1 ; 2 ). Then

Starting from C ^ D0 `i [=]  0

true `e (  )(1 = 2 )

we can perform a (8 ) step and get

and (true;  ) is minimal because is a most general uni er of (1 ; 2 ). On the other hand, if there is no solution to (1 = 2 ), no uni er exists at all. That means, normalization fails.

C ^ D0 `i 8:D )   0

We can observe that 62 fv(8:D ) ). That means, we can perform a ( 8) step and obtain

4.2 The instance relation

C `i 8:D )   8 :D0 ) 0

We have shown now that we always can delay ( 8) steps. By a straightforward induction it can be shown that `i  `i2 which concludes the proof.

In order to state the main results we need a handle to compare two type schemes  and 0 with respect to a constraint C . This relation is expressed by the term C `i   0 , see Figure 2. Note, in the (Ref) the fact is represented that there might be type constructors in the term algebra T with non{trivial equality relations. It is possible to enforce that all (8 ) steps are performed before ( 8) steps. We simply have the following new

Also, the (Ref-), (Weaken) and (Trans) rule are derivable. Lemma 9 The following inference rules are derivable from those in Figure 2. 5

De nition 13 Given a constraint C and a type context ?. Then a substitution  is called consistent with respect  ) 2?2 to C and ? i C 2 S and for each x : 8 :D D 2 S where we assume that there are no name clashes

C `i    D `e C C `i    0 i D `   0 C `i 1  2 C ` i 2   3 C `i 1  3

(Ref-) (Weaken) (Trans)

between  and .

De nition 14 (Typing Con gurations) Given a type environment ?. Let C be a constraint in S ,  be a

type scheme and be a substitution such that C = C ,  =  and is consistent in ?. Then (C; ; ) is a typing con guration with respect to ?. For simplicitly, we omit sometimes the phrase \with respect to ?". Let (C; ; ) and (C 0 ; 0 ; 0 ) be typing con gurations and ? be a type environment. Then (C; ; ) is0 more general than (C 0 ; 0 ; 0 ) with respect to ? i fv(?) , C 0 `e 0 C and C 0 `i 0   0 . We write (C; ; ) ? (C 0 ; 0 ; ).

Proof: We only proof the (Trans) rule. W.l.o.g.

1 = 8:D1 ) 1 ; 2 = 8 :D2 ) 2 and 3 = 8 :D3 ) 3

where ; and are distinct and new. W.l.o.g. C `i 1  2

is derived from

The next lemma expresses the relationship between typing jugdements and con gurations. Lemma 10 Let (C; ; ) and (C 0 ; 0 ; 0) be typing con gurations where (C; ; ) ? (C 0 ; 0 ; 0 ), ? be a type environment and C; ? ` e :  be a typing judgement. Then we can derive the typing judgement C 0 ; ? ` e : 0 . Proof: This lemma can be proven by a straightforward induction on the derivation ` with the help of Lemmas 13 and 14. They can be found in Section 5.

C ^ D2 `i 1 1  2 C ^ D2 `e 1 D1

where 1 = [=] and C `i 2  3

is derived from C ^ D3 `i 2 2  3 C ^ D3 `e 2 D2

where 2 = [ 0 = ]: It holds that 1 C =e C and 2 C =e C:

Because `i and

4.3 Type inference algorithm

`e are closed under substitution it

We now give a generic type inference algorithm for a HM(X) type system. The algorithm can be found in Figure 3. The following de nition is a generalization of C ^ 2 D2 `e 2  1 D1 C ^ 2 D2 `i 2  1 1  2 2 : the (8 Intro) rule. Also, De nition 15 Let C be a constraint, ? be a type enviC ^ D3 `e C ^ 2 D2 ronment,  be a type scheme and  = (fv()[fv(C ))nfv(?). Then gen(C; ?; ) = (9:C; 8 :C ) ). holds. Then we can follow that In the algorithm we treat a type  as 8:true )  where C ^ D3 `e 2  1 D1 C ^ D3 `i 2  1 1  3  62 fv( ) to avoid a special treatment of types in the (Var) rule. The algorithm is formulated as a deduction and this yields system over clauses of the form ; C; ? `W e :  with i C ` 1  3 : type environment ?, expression e as input values and substitution , constraint C , type  as output values. For each syntactic construct of expressions e we have The output of a typing problem is a triple consisting one clause. In an operational reading of the type inferof a type scheme , a substitution, and a constraint C . ence algorithm, it constructs a bottom{up derivation of We call such a triple a typing con guration. `W clauses. follows that

2

W.l.o.g. we can assume that each type scheme  is of the form

8 :D )  .

6

(Var)

x : (8:D )  ) 2 ?  new  ]) (C; ) = normalize(D; [ = W x:  jfv(?) ; C; ? `

(Abs)

; C; ?x :x :  `W e :   new W x:e :  !  nfg ; C; ?x ` 1 ; C1 ; ? `W e1 : 1

(App)

2 ; C 2 ; ? ` W e2 :  2 0 = 1t 2 D = C1 ^ C1 ^ (1 = 2 ! )  new

(C; ) = normalize(D; 0 ) W e1 e2 :  jfv(?) ; C; ? `

1 ; C1 ; ? x

(Let)

`W e : 

(C2 ; ) = gen(C1 ; 1 ?;  ) 2 ; C3 ; ?x :x :  `W e0 :  0 0= D = C 2 ^ C3 1t 2 (C; ) = normalize(D; 0 ) W let x = e in e0 :  0 jfv(?x ) ; C; ?x ` Figure 3: Type inference

Type inference in HM(X) is performed in two steps. First, the results of the typing problems of the premises are combined. This step is trivial in case of the (Abs) rule. The (Var) represents the base case. An initial result is generated. In case of the (App) a uni cation problem is added to the combined constraints. In all cases, we get a tuple consisting of a constraint and a substitution. A normalization step is performed which results in a tuple consisting of a constraint in solved form and a substitution. This normalization is not necessary in case of the (Abs) rule. As a result, the algorithm reports a triple consisting of a constraint, a type and a substitution. We can state that the result triple of the type inference algorithm `W always forms a typing con guration. Lemma 11 Given a type environment ? and a term e. If ; C; ? `W e :  then (C; ; ) is a typing con guration. Proof: Follows directly from the fact that in each type inference rule we do normalization. In the (Abs) rule we do not perform normalization but by induction we can assume that from the previous step we get a typing con guration.

type environment. Theorem 16 (Soundness) Given a term e and a type environment ?. If ; C; ? `W e :  then C; ? ` e :  , C = C and  =  . Proof: A proof can be found in Section 5. To obtain a completeness result for type inference, we assume that we have an HM(X) type system which ful lls the principal constraint property. Furthermore, we consider only those typing judgements C; ? ` e :  where the type environment and the constraint on the left hand side of the turnstyle are realizable, i.e. have a type instance. De nition 17 Let C 0 be a constraint and ?0 be a type environment. Then ?0 is realizable in C 0 i for every x :  2 ?0 there is a  such that C 0 `i    Now, we present our completeness result. Informally speaking, we want to have the following. Given a derivation C 0 ; ? ` e : 0 , our type inference algorithm should report a constraint that is at least as small as C 0 and a type that is at least as general as 0 . Theorem 18 (Completeness) Let C 0 ; ? ` e : 0 be a typing judgement and ? is realizable in C 0 . Then ; C; ? `W e : 

Furthermore, this typing con guration always represents a vaild typing of the given term under the given 7

Proof: Assume normalize(D1 ^ D2; 1 t 2) = (C; ), normalize(D1 ; 1 ) = (C1 ; 1 ), normalize(C1 ^ D2 ; 1 t 2 ) = (C 0 ; 0 ). Then we know that

for some substitution , constraint C , type  , such that gen(C; ?;  ) = (Co ; o ) (Co ; o ; ) ? (C 0 ; 0 ; )

1 t 2 

Proof: A proof can be found in Section 6.

and

Let us brie y comment the completeness result. We assume that we have a typing con guration (C 0 ; 0 ; ) such that C 0 ; ? ` e : 0 . Then if we generalize the results of the type inference algorithm, we get a more general typing con guration. A sketch of the proofs of soundness and completeness of type inference can be found in the appendix. The completeness theorem can be simpli ed for top{ level programs to the following corollary, which states that our type inference algorithm computes principal types.

and

C1 ` e 1 D1

(2)

C 0 `e

(3)

1  1 1 t 2



0

0

(C1 ^ D2 )

1 t  2  1 t  2 

0

and also C 0 `e

0

(C1 ^ D2 ) `e

0

(D1 ^ D2 )

which shows that (C 0 ; 0 ) is a normal form of (D1 ^ D2 ; 1 t 2 ). From 7 we know that (C; ) is a normal form of (D1 ; 1 ). We get that

constraint C , such that

gen(C; ?;  ) = (true; o )

1

:



C ` e C1

Furthermore, we can conclude that

Our type inference algorithm interleaves constraint generation and normalization. Each inference rule combines the constraint problems of the premises and performs then a normalization step. This treatment is due to the (Let) rule. We only admit constraints in solved form in a type scheme. Therefore, we have to perform normalization before we do generalization of a type. But it is possible to generate all constraint problems rst and perform normalization only right before we reach a (Let) clause or the root clause. The following lemma states that we can delay normalization and perform normalization in any order and we always get the same result.

1 t 2



C `e (C1 ^ D2 )

which shows that (C; ) is a normal form of (C1 ^ D2 ; 1 t 2 ). But this allows us to conclude that normalize(D1 ^ D2 ; 1 t 2 ) = normalize(C1 ^ D2 ; 1 t 2 )

The other cases can be proven in a similar style. Hence, if our type inference algorithm only applies clauses (Var), (Abs), (App) it is equivalent to accumulate all typing problems rst and perform normalization at the end. This can be proven by a simple induction on the number of inference steps and with the help of Lemma 12.

Lemma 12 Given constraints D1; D2 in X and substitutions 1 ; 2 . Then the principal normal form of (D1 ^ D2 ; 1 t 2 ) exists i the principal normal form of (C1 ^ D2 ; 1 t 2 ) exists with (C1 ; 1 ) principal normal form of (D1 ; 1 ) i the principal normal form of (C1 ^ C2 ; 1 t 2 ) exists with (C2 ; 2 ) principal normal form of (D2 ; 2 ) . Especially,

5 Proof of Theorem 16 One thing about which we have to be aware is when we apply a substitution to a typing judgement C; ? ` e : . Because we only allow constraints in solved form (constraints in S ) in our type system, we have to be sure that a substitution does not cause any inconsistencies. In the type inference algorithm normalization ensures that there are no inconsistencies. The following two lemmas can both be proven by a straightforward induction on the derivation ` .

normalize(D1 ^ D2 ; 1 t 2 ) = normalize(C1 ^ D2 ; 1 t 2 ) = normalize(C1 ^ C2 ; 1 t 2 ) where

(1)

We get from 1,2 and 3 that

Corollary 1 (Principal Types) Let true; ? ` e : 0 be a closed typing judgement such that ? is realizable in true. Then ; C; ? `W e :  for some substitution , `i o 

C `e (D1 ^ D2 )

normalize(D1 ; 1 ) = (C1 ; 1 ) normalize(D2 ; 2 ) = (C2 ; 2 )

8

6 Proof of Theorem 18

Lemma 13 Given C; ? ` e :  and a substitution  such that  is consistent with respect to C and ?. Then C; ? ` e : . Lemma 14 Given C; ? ` e :  and a constraint D 2 S such that D `e C . Then D; ? ` e : .

In order to prove completeness we have to do a little more work. The idea is to introduce two intermediate derivations. But the last derivation looks much more like a type inference algorithm. We then show that all derivations have the same expressive power. First, we introduce some basic lemmas. The next two Lemmas state some useful properties about substitutions.

We restate Theorem 16 in the following lemma.

Lemma 15 (Soundness of `W ) Given a type context ? and a term e. If ; C; ? `W e :  then C; ? ` e :  , C = C and  =  .

Lemma 16 Let ,

and 2 be substitutions. if = 1 t 2 then codom( )  codom( 1 ) [ codom( 2 )

Proof: We apply induction on the derivation `W . We only consider one case. The other cases can be proven in a similar style.

1

Proof: Simple observation of the uni cation algo-

Case (App)

rithm.

1 ; C 1 ; ? ` W e1 :  1

2 ; C2 ; ? `W e2 : 2 0= 1t 2 D = C1 ^ C1 ^ (1 = 2 ! )  new

Lemma 17 Let ; 0 and be substitutions. 0 if dom() 

(C; ) = normalize(D; 0 ) W e1 e2 :  jfv(?) ; C; ? `

then (0  )jdom() = 

We apply the induction hypothesis to the left and right premise and get C1 ; 1 ?

` e1 :  1

1 C1 = C 1

1 1 = 1

C2 ; 2 ?

` e2 :  2

2 C2 = C 2

2 2 = 2

Proof: We assume that  2 dom(). Then we can deduce that

0  () = 0  0  () = 0  () = ():

and

The next lemma states that we can lift entailment between two constraints to the generalized constraints. Lemma 18 Given a type context ?, constraints C; C~, types ;  0 and0 substitutions ; 0 ; such that C `e 0 C~ and fv(?) . Then Co `e 0 C~o where Co = ~ ?;  ). gen2 (C; ?;  0 ) and C~o = gen2 (C; Proof: W.l.o.g. we assume Co = 9:C and C~o = 9 : C~ . We show that  62 fv(0 C~o ). Assume the contrary. W.l.o.g.  62 fv(?) [ fv(C~o ) [ codom() (4)

With Lemma 14 we can conclude that C; 1 ?

` e1 : 1 C; 2 ? ` e2 : 2

W.l.o.g. we can assume that all identi er in ? are contained in e1 and e2 and not more. This fact and normalization ensures that is consistent in C and ?. Then we can apply Lemma 13 and obtain

` e1 : 1 C; ? ` e2 : 2 We also now that `e ( 2 = 1 ! ()) because the constraint (1 = 2 ! ) has been resolved by normalC; ?

ization. Hence, we can rst apply the (Equ) rule and then the (App) rule and get C; ?

because we can always rename bound variables and during type inference always new type variables have been introduced. That means there is a 2 fv(C~o ) such that  2 fv(0 ( )). Further it holds that 62 fv( ?). Assume 2 fv( ?) then there is a  2 fv(?) such that  2 fv( ( )). We know that () = 0  () and that means  2 codom() which is a contradiction to 4. We get 62 fv( ?) and 2 fv(C~o ). But this is

` e1 e2 : ()

9

again a contradiction because C~o is a generalized constraint. Our starting assumption was false and we get that  62 fv(0 C~o ). Now, we can conclude that C~ `e C~o . Then it follows that 0 C~ `e 0 C~o . From that we get that C `e 0 C~o . Finally, we get Co `e 9:0 C~o and because  62 fv(0 C~o ) that we means we get Co `e 0 C~o as desired.

Then we can deduce that

This lemma is similar to the previous one. It is simply formulated for types. Lemma 19 Given a type context ?, constraints C; C~, types ;  0 and substitutions ;0 0 ; such that C `e 0 C~ , C `i 0    0 and fv(?) . Then `i 0 ~o  ~ ?;  ). o where o = gen1 (C; ?;  0 ) and ~o = gen1 (C;

The next Lemma is similar to the previous one but it is stated for the `i relation.

0  C1 = 0  1 C1 = 01 C1 :

From C 0 `e 01 C1 we get as desired that C 0 `e (0  )C1 :

Lemma 21 Given a constraint C 0, type schemes ~; 00

and substitutions ; 1 ; : : : ; n ; ; 1 such that 0 1 ~ = ~ , C 0 `i 01 ~  00 , = 1 t : : : t n , fv(?) , 0   00 . 1 fv1 (?) . Then C 0 `i (0  )~

By the next Lemma we lift some properties about constraints and substitution to the same constraints but extended substitution.

Now, we introduce the intermediate derivations. We start with derivation ` in gure 1. We combine the (Var) and (8 Elim) rule in the following new (8 Elim) rule:

Lemma 20 Given constraints C1; C 0 and substitutions ; 1 ; : : : ; n ; ; 1 such that 1 C1 = C1 ,0 C 0 `e 01 C1 , 0 = 1 t : : : t n , fv(?) , 1 fv1 (?) . Then C 0 `e (0  )C1 . Proof: From the assumption we can follow that there

(8 Elim) C; ? `2 x :  (x :  2 ? C `i    ) All other rules stay unchanged. We get a new derivation `2 . The idea of derivation `2 is simply to enforce (8 Elim) steps as early as possible. Next, we consider a syntax directed derivation `d . We also want to get rid of the (8 Intro) rule. This rule is combined with the (Let) rule and the rest of the rules remain unchanged:

is a 1 such that

= 1 

1

then we get that  = (0  )jfv(?) = (0  1  1 )jfv(?) = (01  1 )jfv(?) :

We can deduce that (0  1 )jcodom(

1

)[fv(?) = 01 jcodom( 1)[fv(?) :

W.l.o.g. we can assume that dom(01 )  codom( 1 ) [ fv(?) and dom(0  1 )  codom( 1 ) [ codom( ) [ fv(?) and

(codom( i ) \ fv(C1 ))nfv(?) = ; 8i 2 f2; : : : ; ng

(Var) C; ? `d x :  (x :  2 ? C `i    ) (Abs)

C; ?x :x :  `d e :  0 C; ?x `d x:e :  !  0

(App)

C; ? `d e1 : 1 ! 2 C; ? `d e2 : 1 C; ? `d e1 e2 : 2

(Let)

C; ?x `d e :  (C 0 ; ) = gen(C; ?x ;  ) C 00 ; ?x :x :  `d e0 :  0 C 0 ^ C 00 ; ?x `d let x = e in e0 :  0

Note, in the (Let) we implicitly state that the constraint

because type inference only introduces fresh type variables. With the help of Lemma 16 we get that

C 0 ^ C 00 is in solved form. Remember that the set of

constraints of solved forms is not necessarily closed under ^ in general. That means, when we apply the (Let) we always have to ensure that C 0 ^ C 00 is in solved form. How these derivations are connected is stated in the next lemmas. The rst two lemmas can both be proven by a straightforward induction on the derivation relation.

dom(0  1 )  codom( 1 ) [ : : : [ codom( n ) [ fv(?):

We get that dom(0  1 ) \ fv(C1 )  codom( 1 ) [ fv(?):

10

Lemma 22 (Equivalence of ` and `2 ) Given a type context ?, a constraint C , a term e and a type scheme . Then C; ? ` e :  i C; ? `2 e : . Lemma 23 (Soundness of `d ) Given C; ? `d e :  . Then C; ? ` e :  . We now show that `d is complete with respect to 2 ` and `W is complete with respect to `2 . In order to

Case (App) We have the following situation: C 0 ; ?0 `2 e1 : 1 ! 2 C 0 ; ?0 `2 e2 : 1 C 0 ; ?0 `2 e1 e2 : 2

We can apply the induction hypothesis to the left and right premise and get C1 ; ? `d e1 : 1 ! 2 and C2 ; ? `d e2 : 1 where C 0 `e C1 and C 0 `e C2 . Because `d is closed under strengthening the constraint we get C1 ^ C2 ; ? `d e1 : 1 ! 2 and C1 ^ C2 ; ? `d e2 : 1 . It is important to note that C1 ^ C2 is in solved form because both constraints are entailed by C 0 . Application of the (App) yields C1 ^ C2 ; ? `d e1 e2 : 2 and it also holds C 0 `e C1 ^ C2 which also ensures that C1 ^ C2 is in solved form.

prove it we have to strengthen the assumption about the given type context. This is due to the (Let) rule where the two premises use dierent type contexts. Therefore, we introduce the following de nition.

De nition 19 Let C be a constraint and ? and ?0 be type contexts such that ? = fe1 : 1 ; : : : ; en : n g and ?0 = fe1 : 10 ; : : : ; en : n0 g. Then C `i ?0  ? i C `i i0  i 8i 2 f1; : : : ; ng. Lemma 24 (Completeness of `d ) Given C 0; ?0 `2 e : 0 , C 0 `i ?  ?0 and ?0 is realizable in C 0 . Then (a) 0 =  : C; ? `d e :  C 0 `e C (b) otherwise : C; ? `d e :  (o ; Co ) = gen(C; ?;  ) C 0 ` e Co C 0 ` i  o   Proof: We use induction on the derivation `d . Case (Var) We know that C 0 ; ?0 `2 e : 0 ; C 0 `i ?  ?0 and x : 0 2 ?0 . That means there is x :  2 ?. We consider two cases. If 0 =  then it is quite obvious that C 0 ; ? `d e :  and that is it. Otherwise, w.l.o.g. we can assume that  = 8:D )  ]D and  = [ =  ] 0 where  are  0 . We set C = [ = fresh type variables. Then we get C; ? `d e :  and (o ; Co ) = gen(C; ?;  ). Because ?0 is realizable in C 0 we can conclude C 0 `i o  0 and C 0 `e Co .

Case (Let) We have the following situation: C 0 ; ?0x `2 e :  C 0 ; ?0x :x :  `2 e0 :  0 C 0 ; ?0x `2 let x = e in e0 :  0

First, we consider the case if  is a type  . We apply the induction hypothesis to left premise and get C1 ; ?x `d e :  and C 0 `e C1 . We set (o ; Co ) = gen(C1 ; ?x ;  ). It is an easy observation that C 0 `i o   holds. Now, we apply the induction hypothesis to the right premise. This yields C2 ; ?x :x : o `d e0 :  0 and C 0 `e C2 . We know that C 0 `e Co ^ C2 which ensures that Co ^ C2 is in solved form. We can apply the (Let) rule and obtain Co ^ C2 ; ?x `d let x = e in e0 :  0 . Now, let us consider the case if  is a type scheme. Application of the induction hypothesis to the left premise yields: C1 ; ?x `d e :  (o ; Co ) = gen(C1 ; ?x ;  ) C 0 `i o   C 0 `e Co :

We can conclude that ?0 :x :  is realizable in C 0 because C 0 ; ?0 `i2 e : . Then we can apply the induction hypothesis to the right and get C2 ; ?x:x : o `d e :  0 C 0 `e C2 : We can conclude that C 0 `e Co ^ C2 which ensures that Co ^ C2 is in solved form. We can apply the (Let) rule and get Co ^ C2 ; ?x `d let x = e in e0 :  0

Case (Equ) We have the following situation: C 0 ; ?0

` e :  `e ( =  0 ) C; ? ` e :  0

This case can be reduced to the (Var) case. Because `i    0 we get that C 0 ; ? `d e :  0 . Case (Abs) We have the following situation:

Case (8 Intro) We have the following situation:

C 0 ; ?0x :x :  0 `2 e :  0 C 0 ; ?0x `2 x:e :  0 !  00

C 0 ^ D; ?0 `2 e :   62 fv(C 0 ) [ fv(?0 ) C 0 ^ 9:D; ?0 `2 e : 8:D ) 

Application of the induction hypothesis yields C; ?x :x : `d e :  00 and C 0 `e C . Then we can apply the (Abs) rule and get C; ?x `d x:e :  0 !  00 . 0

W.l.o.g. we can assume that  62 fv(?). Application of the induction hypothesis yields C; ? `d e :  and C 0 ^ 11

D `e C . We de ne (o ; Co ) = gen(C; ?;  ). It holds that  62 fv(o ) [ fv(Co ) because  62 fv(?). Therefore, we can deduce that C 0 ^9:D `e Co and C 0 ^9:D `i o  8:D )  .

where o0 = gen1 (C 0 ; ?0x;  0 !  00 ) o = gen1 (C; ?x ; () !  )

We know that 0  () = ~() =  0 . First, we introduce a transformation function trans which takes as input a type and a type scheme and reports a type scheme. It follows the de nition: trans(;  0 ) =  ! 0 0  )  !  0 trans(; 8:D )  ) = 8 :D  ] introduces where  = [ = new type variables:

Case (8 Elim) We have the following situation: C; ? `2 x :  (x :  2 ? C `i    )

We know there is a x :  2 ? such that C 0 `i    . Then we can deduce that C 0 ; ? `d e :  .

Lemma 25 (Completeness of `W ) Given e :  0 and `i ?  ?0 . Then ; C; ? `W e : 

C 0 ; ?0

`d

Now, we can deduce that 0 trans( (); ) = trans(0  (); ) = trans( 0 ; ):

From 5 we know that `i 0   0 . Then we get that

for some substitution , constraint C and type  such that,

`i 0 trans( (); )  trans( 0 ; 0 ):

0

fv(?)  C 0 `e 0 C `i 0   0 where

0

= gen1 (

?

C 0; 0;  0

Also, it is an easy observation that Lemma 19 holds also for type schemes. Then we obtain that

) and  = gen1 (C; ?;  ).

`i 0 gen1 (C; ?x ; trans( (); )) 

Proof: We use induction on the derivation `d .

gen1 (C 0 ; ?0x ; trans( 0 ; 0 )):

Case (Var) Holds trivially.

The only thing we must show is that

Case (Abs) We have the following situation:

`i gen1 (C; ?x ; trans( (); ))  o `i gen1 (C 0 ; ?0x ; trans( 0 ; 0 ))  o0 where  is the symmetric closure of . But this is quite

C 0 ; ?0x:x :  0 `d e :  00 C 0 ; ?0x `d x:e :  0 !  00

We extend the substitution  and de ne ~ =   [ 0 =] where  is new. Obviously, it holds that `i ~(?:x : )  ?0 :x :  0 :

obvious because

Application of the induction hypothesis yields

Case (App) We have the following situation:

 )  )  (8; :C )  ) (8C: ) 8 :C holds.

0 ; C; ?x :x :  `W e :  fv(?)[fg ~ 0 = gen1 (C 0 ; ?0x :x :  0 ;  00 )  = gen1 (C; (?x :x : );  ) 0 e 0 i 0 0

C

` C ` 

Obviously, it holds that

(5)

C 0 ; ?0 `d e1 : 10 ! 20 C 0 ; ?0 `d e2 : 10 C 0 ; ?0 `d e1 e2 : 10

Application of the induction hypothesis yields 0 1 ; C1 ; ? `W e1 : 1 1 fv1 (?)  C 0 `e 01 C1 `i 01 1  10 0 1 = gen1 (C 0 ; ?0 ; 10 ! 20 ) 1 = gen1 (C1 ; 1 ?; 1 )

0 nfg fv(?) :

Then, we apply the (Abs) rule and get

(6)

and

W x:e : () ! : nfg ; C; ?x `

0 2 ; C2 ; ? `W e2 : 2 2 fv2 (?)  C 0 `e 02 C2 `i 02 2  20 0 2 = gen1 (C 0 ; ?0 ; 10 ) 2 = gen1 (C2 ; 2 ?; 2 )

It remains to show that

`i 0 o  o0 12

 i ) i . We want to W.l.o.g. we assume i = 8 :C rename all bound type variables, we de ne a renaming substition  = [ = ]. We now deal with the type scheme 8 :Ci ) i . From 6 we know that

`i 01 1  10

We have already seen that (  0  0  )() = 20 . Because of the choice of the substitution  it holds also that (  0  0 )() = 20 . And from 7 we get (  )() = 20 . That means, we know that C 0 `e C C 0 `i (  )()  20

`i 02 2  20

Now we can apply Lemma 19 and get `i o  o0 as desired. Finally, we apply the (App) rule and get W e1 e2 : (). jfv(?) ; C; ? `

We have already convinced us in Lemma 8 that we can use `i2 instead. Then it is not dicult to follow that both above statement must have been derived from C 0 `e (1  01  )C1 C 0 `i (1  01  )1  10 ! 20 C 0 `e 2  02  C2 C 0 `i (2  02  )2  10

Case (Let) We have the following situation: C1 ; ?0x `d e :  (; C2 ) = gen(C1 ; ?0x ;  ) C2 ; ?0x:x :  `d e0 :  0 C2 ^ C3 ; ?0x `d let x = e in e0 :  0

where i 's are solution to the bound type variables. 0 We set 0 = 1 t 2 then we get that 0 fv(?) . We de ne 3 = [20 =] and  = 1 t 2 t 3 . We set D = C1 ^ C2 ^ (1 = 2 ! ). We now apply Lemmas 20 and 21. In this case we additionally deal with substitutions ; 1 ; 2 ; 3 . Simply think that 0 is now attached with . The same holds for 01 and 1 and also 02 and 2 . This does not cause any trouble because i 's operate only on bound type variables. We get that

Induction hypothesis applied to the left part yields 0 1 ; C~1 ; ?x `W e : 1 1 fv1 (?x )  (8) (1 ; C~2 ) = gen(C~1 ; 1 ?x ; 1 ) e 0 i 0 C1 ` 1 C~1 ` 1 1  : We can apply Lemma 18 and get (9) C2 `e 01 C~2 : We de ne the substitution ~ = 01  . Then it holds that `i ~(?x :x : 1 )  ?0x :x :  because ~1 = (01  )1 = (01  (01  1 )jfv(?) )1 = 01 1

C 0 `e (  0  0  )C1 C 0 `e (  0  0  )C2 0 e C ` (  0  0  )1  10 ! 20 C 0 `e (  0  0  )2  10 :

We can conclude that C 0 `e (  0 

 )1  (  0  0  )2 ! 20 : By de nition it holds that (  0  0  )() = 20 and 0

then we get that

C0

`e (  0 

0

and with Lemma 17 we get that ~jfv(?x ) = :

 )D:

(10) Now, we are able to apply the induction hypothesis to the right part and get 0 2 fv2 (?x )[fv(1 ) ~ 2 ; C~3 ; ?x :x : 1 `W e0 : 10 20 = gen1 (C3 ; ?0x :x : ;  0 ) 2 = gen1 (C~3 ; ?x:x : 1 ; 10 ) C3 `e 02 C~3 `i 02 2  20 : (11) From 8 we can deduce that 0 (12) 1 fv1 (?x )[fv(1 ) ~

But that means (C 0 ;   0  0 ) is a normal form of (D;   0  0 ). Because HM(X) satis es the principal constraint property we know that there exist a principal normal form of (D;   0  0 ). That means we get normalize(D;   0  0 ) = (C; ) where

   0  0   C 0 `e C:

(7)

Then we can deduce that (  )jfv(?) = (  0  0 )jfv(?) =  Hence, we get that

because of 8 and 10 it holds that (01  1 )jfv(?x ) =  = ~jfv(?x ) and if  2 fv(1 ) we can assume that  62 fv(?x ) then we know that () =  1 () = :

fv(?)  It remains to show that `i o  o0 where o0 = gen1 (C 0 ; ?0 ; 20 ) and o = gen1 (C; ?; ()):

13

Proof: First, we apply Lemma 22 in order to get a derivation in `2 . Then, we can apply Lemma 24 (completeness of `d ) and get (a) 0 =  : C; ? `d e :  C 0 `e C (b) otherwise : C; ? `d e :  (o ; Co ) = gen(C; ?;  ) C 0 `e Co C 0 `i o  0 (14) After that we apply Lemma 25 (completeness of `W )

We can deduce that 01  1 () = 01 () = ~():

Then from 11 and 12 we get that 0

=

1t 2

exists where

0

fv0 (?x )[fv() :

With 10 and from 13 we get that 0

(13)

and get

fv0 (?x ) :

~ ? `W e : ~ fv(?)  ; C; ~ ?; ~) (~o ; C~o ) = gen(C; e 0 i ~ C `  C ` 0 ~o  o : 0

From 11 we know that `i 01 2  20 . By a similar treatment as in the (App) rule we conclude that C3 `e (  02  )C~3 and C3 `i (  02  )10   where  is a renaming substitution and  is a solution to the bound type variables. W.l.o.g. we can assume that  and  do not in uence the type variables of C~2 . From 9 we can deduce that C2 `e (  01  )C~2 . We set D = C~2 ^ C~3 . We get by a similar treatment as in the (App) rule C2 ^ C3 `e (  0  0  )D and C2 ^ C3 `i (  0  0  )10   . It is important to note that by assumption the constraint C2 ^ C3 is in solved form. Because HM(X) satis es the principal constraint property we now that there exists a principal normal form of (D; 0 ). That means there must be a minimal normalization normalize(D; 0 ) = (C; ) such that    0  0   and C2 ^ C3 `e C . Now, we can apply the (Let) rule and get jfv(?) ; C;

It remains to show 1. C 0 `i 0 ~o  0 2. C 0 `e 0 C~o . We know that C `e 0 C~ with Lemma 18 we get that Co `e 0 C~o . From 14 we know that C 0 `e Co and because `e is transitive we get that C 0 `e 0 C~o . Also, we know that C 0 `i o  0 and because `i is transitive and closed under strengthening the constraint we get C 0 `i 0 ~o  0 . Then we get Theorem 18 as a corollary from Theorem 20.

?x `W let x = e in e0 : 10 :

Acknowledgements

Also, we know that (    )jfv(?x ) = . Hence, fv(?x) . It remains to show that `i ~o  o where ~o = gen1 (C; ?x ; 10 ) and o = gen1 (C2 [ C3 ; ?0x;  0 ). This holds because we know that C2 ^ C3 `e C and C2 ^ C3 `i (  )10   0 and application of Lemma 19 yields the desired result. 0

0

I am grateful to Martin Odersky and Martin Wehr for their helpful discussions and remarks.

References [DM82] Luis Damas and Robin Milner. Principal type schemes for functional programs. January 1982. [HMT71] L. Henkin, J.D. Monk, and A. Tarski. Cylindric Algebra. North-Holland Publishing Company, 1971. [LMM87] J. Lassez, M. Maher, and K. Marriott. Uni cation revisited. In J. Minker, editor, Foundations of Deductive Databases and Logic Programming. Morgan Kauman, 1987. [Sar93] Vijay A. Saraswat. Concurrent Constraint Programming. Logic Programming Series, ACM Doctoral Dissertation Award Series. MIT Press, Cambridge, Massachusetts, 1993.

Now we have everything at hand to prove completeness of type inference.

Theorem 20 Given C 0 ; ?0 ` e : 0 , C 0 `i ?  ?0

and ?0 is realizable in C 0 . Then

; C; ? `W e : 

for some substitution , constraint C and type  such that,

fv(?)  C 0 `e 0 Co C 0 `i 0 o  0 0

where (o ; Co ) = gen(C; ?;  ).

14

[SOW97] Martin Sulzmann, Martin Odersky, and Martin Wehr. Type inference with constrained types. In FOOL4: 4th. Int. Workshop on Foundations of Object-oriented programming Languages, January 1997. [WF91] Andrew K. Wright and Matthias Felleisen. A syntactic approach to type soundness. Technical Report Rice COMP TR91-160, Rice University, Houston, Texas, 1991.

15