Generic Programming in a Dependently Typed Language Generic proofs - - PowerPoint PPT Presentation

Generic Programming in a Dependently Typed Language

Generic proofs for generic programs

Peter Morris

pwm@cs.nott.ac.uk

University of Nottingham

Generic Programming in a Dependently Typed Language – p. 1/12

This talk

• We introduce a more interesting type for equality testing
• We return evidence of inequality or inequality
• this provides proof that the program is correct
• and allows a more sensible flow of control

Generic Programming in a Dependently Typed Language – p. 2/12

This talk

• We introduce a more interesting type for equality testing
• We return evidence of inequality or inequality
• this provides proof that the program is correct
• and allows a more sensible flow of control
• We show how to program with universes for generic

programming

• we introduce the type of regular types
• and the the type of elements for those types
• so we can write generic programs

Generic Programming in a Dependently Typed Language – p. 2/12

This talk

• We introduce a more interesting type for equality testing
• We return evidence of inequality or inequality
• this provides proof that the program is correct
• and allows a more sensible flow of control
• We show how to program with universes for generic

programming

• we introduce the type of regular types
• and the the type of elements for those types
• so we can write generic programs
• We then combine the two ideas

Generic Programming in a Dependently Typed Language – p. 2/12

Nat Equality

• We are used to equality being defined like this:

let m, n : Nat eqN m n : Bool eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ true eqN zero (suc n) ⇒ false eqN (suc m) zero ⇒ false eqN (suc m) (suc n) ⇒ eqN m n }

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• We are used to equality being defined like this:

let m, n : Nat eqN m n : Bool eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ true eqN zero (suc n) ⇒ false eqN (suc m) zero ⇒ false eqN (suc m) (suc n) ⇒ eqN m n }

• But can we do any better with that type?

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒??? eqN zero (suc n) ⇒??? eqN (suc m) zero ⇒??? eqN (suc m) (suc n) ⇒ eqN m n??? } data a : A ; b : B a = b : ⋆ where T refl : a = a

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ left refl eqN zero (suc n) ⇒ right ??? eqN (suc m) zero ⇒ right ??? eqN (suc m) (suc n) ⇒ eqN m n??? }

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ left refl eqN zero (suc n) ⇒ right (λp ⇐ case p) eqN (suc m) zero ⇒ right (λq ⇐ case q) eqN (suc m) (suc n) ⇒ eqN m n??? } p : (zero = suc n) There are no elements

• f this type so we don’t

have to define this func- tion!

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ left refl eqN zero (suc n) ⇒ right (λp ⇐ case p) eqN (suc m) zero ⇒ right (λq ⇐ case q) eqN (suc m) (suc n) ⇒ eqN m n??? } No! this has the type: (m = n) + ((m = n) → ∅) we need: (suc m = suc n)+ ((suc m = suc n) → ∅) so we have to do a bit more work

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ left refl eqN zero (suc n) ⇒ right (λp ⇐ case p) eqN (suc m) zero ⇒ right (λq ⇐ case q) eqN (suc m) (suc n) || eqN m n { eqN (suc m) (suc m) | left refl ⇒??? eqN (suc m) (suc n) | right p ⇒??? } }

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ left refl eqN zero (suc n) ⇒ right (λp ⇐ case p) eqN (suc m) zero ⇒ right (λq ⇐ case q) eqN (suc m) (suc n) || eqN m n { eqN (suc m) (suc m) | left refl ⇒ left refl eqN (suc m) (suc n) | right p ⇒ right ??? } }

Generic Programming in a Dependently Typed Language – p. 3/12

Nat Equality

• ...wouldn’t THIS be better:

let m, n : Nat eqN m n : (m = n) + ((m = n) → ∅) eqN m n ⇐ rec n, case m, case n { eqN zero zero ⇒ left refl eqN zero (suc n) ⇒ right (λp ⇐ case p) eqN (suc m) zero ⇒ right (λq ⇐ case q) eqN (suc m) (suc n) || eqN m n { eqN (suc m) (suc m) | left refl ⇒ left refl eqN (suc m) (suc n) | right p ⇒ (λrefl ⇒ p refl) } } The argument to this function has type: suc m = suc n if there is such a proof m and n MUST be the same

Generic Programming in a Dependently Typed Language – p. 3/12

So what?

• why would we want to do it this way?

Generic Programming in a Dependently Typed Language – p. 4/12

So what?

• why would we want to do it this way?
• we don’t just have a program, we have a proof that the program

is correct

Generic Programming in a Dependently Typed Language – p. 4/12

So what?

• why would we want to do it this way?
• we don’t just have a program, we have a proof that the program

is correct

• say we had defined matrix multiplication:

let x : Matrix l m ; y : Matrix m n matmult x y : Matrix l n

but were given two matrices with dimensions l × mand n × o?

Generic Programming in a Dependently Typed Language – p. 4/12

So what?

• why would we want to do it this way?
• we don’t just have a program, we have a proof that the program

is correct

• say we had defined matrix multiplication:

let x : Matrix l m ; y : Matrix m n matmult x y : Matrix l n

but were given two matrices with dimensions l × mand n × o?

• a proof that ((n = zero) → ∅) is exactly what we need to write

m ‘div‘ n by structural recursion

Generic Programming in a Dependently Typed Language – p. 4/12

So what?

• why would we want to do it this way?
• we don’t just have a program, we have a proof that the program

is correct

• say we had defined matrix multiplication:

let x : Matrix l m ; y : Matrix m n matmult x y : Matrix l n

but were given two matrices with dimensions l × mand n × o?

• a proof that ((n = zero) → ∅) is exactly what we need to write

m ‘div‘ n by structural recursion

• shift your view of programming - obviously correct, elegant

programs

Generic Programming in a Dependently Typed Language – p. 4/12

Generic Programming

• In generic programming we try and define programs that work

for a range of data types, to prevent reproduction of code

Generic Programming in a Dependently Typed Language – p. 5/12

Generic Programming

• In generic programming we try and define programs that work

for a range of data types, to prevent reproduction of code

• One class of types is the Regular Data types which are defined

using:

µ, +, ×, 1 and 0

Generic Programming in a Dependently Typed Language – p. 5/12

Generic Programming

• In generic programming we try and define programs that work

for a range of data types, to prevent reproduction of code

• One class of types is the Regular Data types which are defined

using:

µ, +, ×, 1 and 0

• For instance:

Nat = µX.1 + X List A = µZ.1 + (A × Z) BTree B = µY.B + (Y × Y )

Generic Programming in a Dependently Typed Language – p. 5/12

...in Epigram

• We can define the Epigram type of Regular Types in n variables

(we use debruijn indicies instead of the names above)

Generic Programming in a Dependently Typed Language – p. 6/12

...in Epigram

• We can define the Epigram type of Regular Types in n variables

(we use debruijn indicies instead of the names above)

• data

n : Nat RegType n : ⋆ where T Zero : RegType n ; T One : RegType n l, r : RegType n Union l r : RegType n ; x, y : RegType n Product x y : RegType n t : RegType (suc n) rts t : RegType n ; T rtz : RegType (suc n) ; t : RegType (suc n) Mu t : RegType n

Generic Programming in a Dependently Typed Language – p. 6/12

Elem

• We can then define the type of elements of a given closed Regular

Type:

Generic Programming in a Dependently Typed Language – p. 7/12

Elem

• We can then define the type of elements of a given closed Regular

Type:

• data

rt : RegType zero Elem rt : ⋆ where T unit : Elem One ; ea : Elem rta ; eb : Elem rtb pair ea eb : Elem (Product rta rtb) ea : Elem rta inl ea : Elem (Union rta rtb) ; eb : Elem rtb inr eb : Elem (Union rta rtb) e : Elem′ (ε, (Mu f)) f in e : Elem (Mu f)

Generic Programming in a Dependently Typed Language – p. 7/12

Elem

• We can then define the type of elements of a given closed Regular

Type:

• data

rt : RegType zero Elem rt : ⋆ where T unit : Elem One ; ea : Elem rta ; eb : Elem rtb pair ea eb : Elem (Product rta rtb) ea : Elem rta inl ea : Elem (Union rta rtb) ; eb : Elem rtb inr eb : Elem (Union rta rtb) e : Elem′ (ε, (Mu f)) f in e : Elem (Mu f)

• We actually need the more general Elem′ over RegTypes of a

given context (see the Mu case!).

Generic Programming in a Dependently Typed Language – p. 7/12

Reflection

• What can we do with this? Well, we reflect real Epigram types

into our representation. So for instance the judgment: suc (suc zero) : N

Generic Programming in a Dependently Typed Language – p. 8/12

Reflection

• What can we do with this? Well, we reflect real Epigram types

into our representation. So for instance the judgment: suc (suc zero) : N

• can be reflected in to the judgment:

in (inr (last (in (inr (last (in (inl (unit)))))))) : Elem (Mu (Union One rtz)) T

Generic Programming in a Dependently Typed Language – p. 8/12

Reflection

• What can we do with this? Well, we reflect real Epigram types

into our representation. So for instance the judgment: suc (suc zero) : N

• can be reflected in to the judgment:

in (inr (last (in (inr (last (in (inl (unit)))))))) : Elem (Mu (Union One rtz)) T

• Define programs that are generic over their type by providing it’s

representation as an argument. For instance Generic Equality: T let rt : RegType zero ; x, y : Elem rt eqG x y : Bool

Generic Programming in a Dependently Typed Language – p. 8/12

Generic Equality

• Here is the code for the general case over n variables:

eqG Γ x y ⇐ rec x, case x, case y { eqG Γ unit unit ⇒ true { eqG Γ (pair xa xb) (pair ya yb) ⇒ eqG Γ xa ya ∧ eqG Γ xb yb eqG Γ (inl xa) (inl ya) ⇒ eqG Γ xa ya eqG Γ (inl xa) (inr yb) ⇒ false eqG Γ (inr xb) (inl ya) ⇒ false eqG Γ (inr xb) (inr yb) ⇒ eqG Γ xb yb eqG(Mu f) Γ (in x) (in y) ⇒ eqG (Γ, (Mu f)) x y eqG (Γ, rt′) (wk x) (wk y) ⇒ eqG Γ x y eqG (Γ, rt) (last x) (last y) ⇒ eqG Γ x y } }

Generic Programming in a Dependently Typed Language – p. 9/12

Generic Equality

• Here is the code for the general case over n variables:

eqG Γ x y ⇐ rec x, case x, case y { eqG Γ unit unit ⇒ true { eqG Γ (pair xa xb) (pair ya yb) ⇒ eqG Γ xa ya ∧ eqG Γ xb yb eqG Γ (inl xa) (inl ya) ⇒ eqG Γ xa ya eqG Γ (inl xa) (inr yb) ⇒ false eqG Γ (inr xb) (inl ya) ⇒ false eqG Γ (inr xb) (inr yb) ⇒ eqG Γ xb yb eqG(Mu f) Γ (in x) (in y) ⇒ eqG (Γ, (Mu f)) x y eqG (Γ, rt′) (wk x) (wk y) ⇒ eqG Γ x y eqG (Γ, rt) (last x) (last y) ⇒ eqG Γ x y } }

• But can we do any better with the type?

Generic Programming in a Dependently Typed Language – p. 9/12

Generic Proofs

• Yes! We have a generic equality test with this type:

let rt : RegType zero ; x, y : Elem rt eqG rt x y : (x = y) + ((x = y) → ∅)

Generic Programming in a Dependently Typed Language – p. 10/12

Generic Proofs

• Yes! We have a generic equality test with this type:

let rt : RegType zero ; x, y : Elem rt eqG rt x y : (x = y) + ((x = y) → ∅)

• That is we have an equality test that

Generic Programming in a Dependently Typed Language – p. 10/12

Generic Proofs

• Yes! We have a generic equality test with this type:

let rt : RegType zero ; x, y : Elem rt eqG rt x y : (x = y) + ((x = y) → ∅)

• That is we have an equality test that
• is generic over all regular types

Generic Programming in a Dependently Typed Language – p. 10/12

Generic Proofs

• Yes! We have a generic equality test with this type:

let rt : RegType zero ; x, y : Elem rt eqG rt x y : (x = y) + ((x = y) → ∅)

• That is we have an equality test that
• is generic over all regular types
• provides generic evidence of equality or inequality

Generic Programming in a Dependently Typed Language – p. 10/12

Generic Proofs

• Yes! We have a generic equality test with this type:

let rt : RegType zero ; x, y : Elem rt eqG rt x y : (x = y) + ((x = y) → ∅)

• That is we have an equality test that
• is generic over all regular types
• provides generic evidence of equality or inequality
• and is its own proofs of correctness

Generic Programming in a Dependently Typed Language – p. 10/12

Generic Proofs

• Yes! We have a generic equality test with this type:

let rt : RegType zero ; x, y : Elem rt eqG rt x y : (x = y) + ((x = y) → ∅)

• That is we have an equality test that
• is generic over all regular types
• provides generic evidence of equality or inequality
• and is its own proofs of correctness
• it’s also a proof of the decidability of equivalence for regular

types!

Generic Programming in a Dependently Typed Language – p. 10/12

Next Step

• We could extend our universe to include all strictly positive types:

µ, ν, +, ×, K →

Generic Programming in a Dependently Typed Language – p. 11/12

Next Step

• We could extend our universe to include all strictly positive types:

µ, ν, +, ×, K →

• But then we lose the ability to write our equality function...

Generic Programming in a Dependently Typed Language – p. 11/12

Next Step

• We could extend our universe to include all strictly positive types:

µ, ν, +, ×, K →

• But then we lose the ability to write our equality function...
• We need a number of universes, one for each class of types,

regular types and strictly positive types being just two

Generic Programming in a Dependently Typed Language – p. 11/12

Next Step

• We could extend our universe to include all strictly positive types:

µ, ν, +, ×, K →

• But then we lose the ability to write our equality function...
• We need a number of universes, one for each class of types,

regular types and strictly positive types being just two

• Of course each regular type is strictly positive and so on

Generic Programming in a Dependently Typed Language – p. 11/12

The future

• Write more generic programs
• Ordering for regular types
• Derivatives of types

Generic Programming in a Dependently Typed Language – p. 12/12

The future

• Write more generic programs
• Ordering for regular types
• Derivatives of types
• Build more universes
• Ultimate goal: reflect all⋆ Epigram types in Epigram

Generic Programming in a Dependently Typed Language – p. 12/12

The future

• Write more generic programs
• Ordering for regular types
• Derivatives of types
• Build more universes
• Ultimate goal: reflect all⋆ Epigram types in Epigram
• Investigate connection to Containers
• To provide a categorical theory

Generic Programming in a Dependently Typed Language – p. 12/12

The future

• Write more generic programs
• Ordering for regular types
• Derivatives of types
• Build more universes
• Ultimate goal: reflect all⋆ Epigram types in Epigram
• Investigate connection to Containers
• To provide a categorical theory
• Thank you for listening

Generic Programming in a Dependently Typed Language – p. 12/12