Guarded monoidal traces, Hoare logic and the Grothendieck - - PowerPoint PPT Presentation

Guarded monoidal traces, Hoare logic and the Grothendieck construction

Sergey Goncharov Oberseminar, TCS, FAU, Erlangen, 27.06.2017

Salvador Dal´ ı, Portrait of Gala with two lamb chops balanced on her shoulder, 1933

“They immediately asked me if it was true that I had just painted a portrait of my wife with a pair of fried chops balanced on her shoulder [...] But why the chops together with your wife? I answered that I liked my wife, and that I liked chops, and that I saw no reason why I should not paint them together.” —Salvador Dal´ ı

Overture

Symmetric Monoidal Categories

In categories, we have sequentially composable boxes and wiers: idX : X Ñ X X

f

Ý Ñ Y

g

Ý Ñ Z In symmetric monoidal categories, we can additionally tensor boxes: X b Y

f bg

Ý Ý Ñ X 1 b Y 1 arrange wires in (possibly empty) bunches, and cross them (due to symmetry!)

co-Cartesian Categories

A category is co-Cartesian if we can initiate and merge wires: ∅

!X

Ý Ñ X X ` X

∇

Ý Ñ X and equivalently transform diagrams by a bunch of laws, most notably the commutative co-monoid laws: We obtain Cartesian categories by horizontally flipping the diagrams

Adding Effects

Generic effects can be viewed as branching connectors “the opposite way around”: For example, binary nondeterminism is captured by the monoid laws:

Adding Effects

... and the laws of interaction with the monoidal structure, like the Hopf identity: The binary effect X Ñ X ` X can be though of as fair coin tossing. E.g. the law states that nondeterminism is idempotent

Monads

A monad on a category C consists of a transformation on objects T : |C| Ñ |C|, such that morphisms of the form X Ñ TY again form a category, CT, called Kleisli category under ηX : X Ñ TX and ˛ Thus we can lift every f : X Ñ TY to f ‹ “ f ˛ id : TX Ñ TY If C is co-Cartesian then so is CT with ∇1 “ η∇ : X ` X Ñ TX, !1

TX “ !TX : ∅ Ñ TX

But CT has effects! E,g. toss : X Ñ TpX ` Xq We use shaded boxes to indicate pure morphisms of CT, i.e. the ones coming from C

Monoidal Traces

A monoidal category is called traced if we additionally allow for feedback loops: In the conventional one-dimensional speech, we postulate a trace operator tr : HompX b Y , Z b Y q Ñ HompX, Zq satisfying a bunch of geometrically feasible laws Coherence for traced monoidal categories is the property of these laws saying that two expressions are equivalent if they correspond to the same diagram modulo rearrangement of boxes and wires

Iteration and Recursion

Iteration and recursion are obtained by adding co-Cartesian and Cartesian structure correspondingly Iteration Recursion X Ñ Y ` X f : : X Ñ Y Y ˆ X Ñ X f: : Y Ñ X

Trace in Bi-Cartesian Categories

What if we have both Cartesian and co-Cartesian structure?

Trace in Bi-Cartesian Categories

What if we have both Cartesian and co-Cartesian structure? Then we obtain Kleene iteration (v.s. Elgot iteration): X Ñ X f : X Ñ X This one: a “ 1 ` a ` aa ` . . .

Uniformity and Elgot Monads

Trace axioms are incomplete w.r.t. standard models of iteration, e.g. they do not imply squaring identity:

=

Solution: postulate more powerful quasi-equational principle, uniformity: Defintion: a monad T over co-Cartesian C is an Elgot monad if its Kleisli category possesses a uniform trace

Guarded Traces

Generalized Coalgebraic Monad Transform

Given an Elgot monad T, the generalized coalgebraic transform of it is an Elgot monad TΣ freely obtained from T by adjoining new uninterpreted effects from a signature Σ Formally: TΣX “ νγ. TpX ` Σγq For example, by combining T “ Pω (finite powerset) and ΣX “ A ˆ X we obtain as TΣX possibly infinite nondeterministic processes with actions in A and (eventual) final results in X under strong bisimilarity The diagrammatic language becomes extended by adding for each a P A

Guarded v.s. Unguarded

Using the fact that T is Elgot we can solve both guarded and unguarded definitions over T: Equation Canonical solution Further solutions Guarded X “ a.X aω “ a.a . . . — Unguarded X “ a.X ` X aω “ a.a . . . aω ` a‹x, for all x If T is not Elgot (e.g. nonempty powerset) we can no longer compute solutions of unguarded definitions, but we still can compute solutions of guarded ones More generally, guardedness does not guarantee uniqueness, e.g. under infinite trace equivalence X “ a.X has both aω and aω ` a‹ as solutions

Guardedness for TΣ

Let σ : A1 A be a summand of A, i.e. A is a coproduct of A1 and some A2. This determines a complement ¯ σ : A2 A of σ We define σ-guarded Kleisli morphisms f : X Ñσ TΣA as follows f : X Ñσ TΣA iff D g : X Ñ TpA2 ` ΣTΣAq. out ˝f “ Tp¯ σ ` idq ˝ g (where out is the isomorphism TΣZ Ñ TpZ ` ΣTΣZq) That is, f factors through g which preclude potential unguarded calls via A1

Guarded Monoidal Categories

The relations X Ñσ Y were axiomatized in the previous work; the axioms are robust and enjoy many nice properties Problem: the axioms are not sufficiently lucid, neither symmetric, hence a generalization to monoidal categories was unclear Solution: instead of X Ñσ Y we specify X Ñθ,σ Y defined as follows f : X Ñθ,σ Y iff f ¯ θ : X 1 Ñσ Y This directly leads to the desired axiomatization Definition: A symmetric monoidal category C is guarded if it is equipped with distinguished subsets Hom‚pA b B, C b Dq Ď HompA b B, C b Dq satisfying following axioms

Weakening

α-1

A,B,C P Hom‚pA b pB b Cq, pA b Bq b Cq

Stability

f b g P Hom‚pA b B, C b Dq for all f : A Ñ C, g : B Ñ D

Sequencing

g P Hom‚pA b B, C b Dq and f P Hom‚pC b D, E b Fq imply that g ˝ f P Hom‚pA b B, E b Fq

Tensoring

(Text version omitted)

Results

• Coherence (conjecture): f P Hom‚pX 2 ` X, Y 2 ` Y 1q is derivable

from the axioms iff in the corresponding diagram, every wire from X 2 to Y 1 runs through at least one guarded output gate

• For co-Cartesian categories f : X 2 ` X 1 Ñinr,inr Y 2 ` Y 1 iff

f P Hom‚pX 2 ` X 1, Y 2 ` Y 1q

• The category of complete metric spaces and non-expansive maps is

guarded monoidal with b “ ˆ and f P Hom‚pA ˆ B, C ˆ Dq iff pr2 ˝ f is contracting in A

Guarded Traced Monoidal Categories

We call a guarded monoidal category C traced if it is equipped with a trace operator f P Hom‚ppX b Aq b B, C b pD b Xqq trpf q P Hom‚pA b B, C b Dq satisfying the laws of traced monoidal categories For example, Valid Invalid

Fibrations and the Grothendieck Construction

Localizing Guardedness

We stick to the case b “ ` in some CT from now on The judgments f : A Ñθ,σ TB formalize a transition-based idea of guardedness. Can we formulate it as a state-based one? By writing f : pA, θq Ñ pB, σq instead of f : A Ñθ,σ B we obtain something very similar to the Grothendieck construction

Fibrations: Type-Theoretic Intuition

Given a type-family pAiqiPI, we can think of it in two ways:

• 1. as a map sending each i P I to the corresponding type Ai, hence

drawing on a higher universe hosting all the Ai

• 2. as a map f : A Ñ I where A is the total space of pAiqiPI, i.e. the

sum ř

i Ai; the types Ai are identified as fibers f -1piq

Categorically, (1) corresponds to the 2-category FuncpCop, Catq of pseudofunctors Cop Ñ Cat, which embeds to the slice category Cat{C corresponding to (2). The essential image of this embedding is the category of Grothendieck fibrations over C: ΓpCq : FuncpCop, Catq

–

Ý Ý Ñ FibpCq looooooooooooooooomooooooooooooooooon

Grothendieck construction

Ý Ñ Cat{C

Fibrations: Set-Theoretic Intuition

Let C “ Set. By associating to each X P |Set| the category PredpXq of predicates and injections, we obtain the subobject fibration:

• Objects are pairs pX, X 1 Ď Xq
• Morphisms from pX, X 1 Ď Xq to pY , Y 1 Ď Y q are those maps

f : X Ñ Y for which X 1 Ď f -1rY 1s In general, pPredpXqqXP|C| is replaced by an arbitrary family of categories pFXqXP|C|, and f -1 by a base change functor; the morphisms from pX, X 1 P |FX|q to pY , Y 1 P |FY |q are pairs pf : X Ñ Y , g : X 1 Ñ Fpf qpY 1qq

Some Problems

The standard idea is to use pullbacks for defining the base change functor. We could consider summands σ : X 1 X as fibers over the corresponding objects of CT, but

• 1. Pullbacks of summands are not necessarily summands, but just some

monics

• 2. This would be a wrong anyway, because what we really should pull

back are the maximal subobjects of TA, through which all σ-guarded morphisms factor Recall, it was TpA2 ` ΣTΣAq for TΣA and σ : A1 A

Some Solutions

We develop the following technology

• We postulate an object Aσ, such that

HompX, Aσq – HomσpX, TAq naturally in X, i.e. witnessing that the functor X ÞÑ HompX, Aσq is representable

• Aσ becomes a subalgebra of TA under suitable ισ : Aσ Ñ TA
• The pullback of ισ : Aσ Ñ TA along any f ‹ : TB Ñ TA is a

subalgebra f İpAσq of TB

• Then: f : B Ñθ,σ TA iff ιθ Ď βσ in CT{TB:

f İpAσq Aσ Bθ TB TA

βσ ισ ιθ f ‹

Sub-Free Algebra Fibration

We thus discovered “sub-free algebra fibration”:

SubFreepC, Tq CT

where the objects of SubFreepC, Tq are subalgebras of free algebras Of course, this is too crude. Further work: search for more specific classes of subalgebras closed under pullback along free algebra morphisms

Comparison to Hoare Logic

This developed perspective is a reminiscent of Hoare logic: precondition program postcondition φ : Aθ ã Ñ TA f : A Ñ TB ψ : Bσ ã Ñ TB In fact, a fibration underlying Hoare logic is identified in [Hasuo, 2015]: precondition program postcondition φ : A Ñ Ω f : A Ñ TB ψ : B Ñ Ω

• T is order-enriched
• pΩ, ♥ : TΩ Ñ Ωq is a T-algebra
• Change of base is the weakest precondition

f İpψ : Y Ñ Ωq “ ♥ ˝ pTψq ˝ f : X Ñ Ω

• tφu f tψu iff φ ď f İpψq

Further Work

• Prove that guarded traced categories are well defined
• Prove missing coherence theorems
• Refine the sub-free algebra fibration and/or interpret the fibers that

are not of the form Aσ ã Ñ TA (check when Aσ are stable under pullbacks?)

• Instantiate guardedness to the topos of trees [Birkedal,

Møgelberg, Schwinghammer, and Støvring, 2012]

• Rock!

References I

References

Lars Birkedal, Rasmus Ejlers Møgelberg, Jan Schwinghammer, and Kristian Støvring. First steps in synthetic guarded domain theory: step-indexing in the topos of trees. Logical Methods in Computer Science, 8(4), 2012. URL https://doi.org/10.2168/LMCS-8(4:1)2012. Ichiro Hasuo. Generic weakest precondition semantics from monads enriched with order. Theoretical Computer Science, 604:2 – 29, 2015.