<center> 

<h1 style="text-align:center"> Simply Typed Lambda Calculus </h1>
<h2 style="text-align:center"> CS3100 Fall 2019 </h2>
</center>

## Review

### Previously

* Lambda calculus encodings
  + Booleans, Arithmetic, Pairs, Recursion, Lists

### Today

* Simply Typed Lambda Calculus

## Need for typing

* Consider the untyped lambda calculus
  + false = `λx.λy.y`
  + 0 = `λx.λy.y`
* Since everything is encoded as a function...
  + We can easily misuse terms…
    * false 0 → λy.y
    * if 0 then ...
  + …because everything evaluates to some function
* The same thing happens in assembly language
  + Everything is a machine word (a bunch of bits)
  + All operations take machine words to machine words

## How to fix these errors?

<center>

<h1 style="text-align:center"> <i> Typed </i> Lambda Calculus </h1>
</center>

$\newcommand{\stlc}{\lambda^{\rightarrow}}$

* Lambda Calculus + Types $\rightarrow$ Simply Typed Lambda Calculus ($\stlc$)

## Simple Types

\\[
\begin{array}{rcll}
A,B & ≔ & \mathcal{B} & \text{(base type)} \\
    & \mid & A \rightarrow B & \text{(functions)} \\
    & \mid & A \times B & \text{(products)} \\
    & \mid & 1 & \text{(unit)} \\
\end{array}
\\]

* $\mathcal{B}$ is base types like int, bool, float, string, etc.
* $\times$ binds stronger than $\rightarrow$
  + $A \times B \rightarrow C~$ is $~(A \times B) \rightarrow C$
* $\rightarrow$ is right associative.
  + $A \rightarrow B \rightarrow C~$ is $~A \rightarrow (B \rightarrow C)$
  + Same as OCaml
  
* If we include neither base types nor $1$, the system is degenerate. Why?
  + Degenerate = No inhabitant. 

## Raw Terms

$
\require{color}
\newcommand{\cr}[1]{{\color{\red}{#1}}}
\newcommand{\pair}[2]{\langle #1, #2 \rangle}
\newcommand{\fst}[1]{{\sf fst} ~#1}
\newcommand{\snd}[1]{{\sf snd} ~#1}
\newcommand{\inl}[2]{{\sf inl} ~[#1] ~#2}
\newcommand{\inr}[2]{{\sf inr} ~[#1] ~#2}
\newcommand{\case}[5]{{\sf case} ~#1~ {\sf of} ~{\sf inl}~#2 \Rightarrow #3 ~|~ {\sf inr}~#4 \Rightarrow #5}
\newcommand{\unitv}{{\tt (~)}}
\newcommand{\inferrule}[3]{\displaystyle{\frac{#1}{#2}~~{\small #3}}}
\newcommand{\infrl}[3]{\displaystyle{\frac{#1}{#2}}}
$

\\[
\begin{array}{rcll}
M,N & ≔ & x & \text{(variable)} \\
    & \mid & M~N & \text{(application)} \\
    & \mid & \lambda x:A.M & \text{(abstraction)}\\
    & \mid & \pair{M}{N} & \text{(pair)}\\
    & \mid & \fst{M} & \text{(project-1)}\\
    & \mid & \snd{M} & \text{(project-2)} \\
    & \mid & \unitv & \text{(unit)}
\end{array}
\\]

## Typing Judgements

* $M : A$ means that the term $M$ has type $A$.
* Typing rules are expressed in terms of **typing judgements**.
  + An expression of form $x_1:A_1,x_2:A_2,\ldots,x_n:A_n \vdash M : A$
  + Under the assumption $x_1:A_1,x_2:A_2,\ldots,x_n:A_n$, $M$ has type $A$. 
  + Assumptions are usually types for free variables in $M$.
* Use $\Gamma$ for assumptions.
  + $\Gamma \vdash M : A$
* Assume no repetitions in assumptions.
  + alpha-convert to remove duplicate names.

## Quiz 

Given $\Gamma,x:A,y:B \vdash M:C$, which of the following is true? 

1. $M:C$ holds
2. $x \in \Gamma$
3. $y \notin \Gamma$
4. $A$ and $B$ may be the same type
5. $x$ and $y$ may be the same variable 

## Quiz 

Given $\Gamma,x:A,y:B \vdash M:C$ Which of the following is true? 

1. $M:C$ holds ❌ ($M$ may not be a closed term) 
2. $x \in \Gamma$ ❌ ($\Gamma$ has no duplicates)
3. $y \notin \Gamma$ ✅ ($\Gamma$ has no duplicates)
4. $A$ and $B$ may be the same type ✅ ($A$ and $B$ are type variables)
5. $x$ and $y$ may be the same variable ❌($\Gamma$ has no duplicates)

## Typing rules for $\stlc$

\\[
\begin{array}{cc}
\inferrule{}{\Gamma,x:A \vdash x:A}{(var)} &
\inferrule{}{\Gamma \vdash \unitv : 1}{(unit)} \\ \\
\inferrule{\Gamma \vdash M : A \rightarrow B \quad \Gamma \vdash N : A}{\Gamma \vdash M~N : B}{(\rightarrow elim)} &
\inferrule{\Gamma,x:A \vdash M : B}{\Gamma \vdash \lambda x:A.M : A \rightarrow B}{(\rightarrow intro)} \\ \\
\inferrule{\Gamma \vdash M : A \times B}{\Gamma \vdash \fst{M} : A}{(\times ~elim1)} &
\inferrule{\Gamma \vdash M : A \times B}{\Gamma \vdash \snd{M} : B}{(\times ~elim2)} \\ \\
\end{array}
\\]

\\[
\inferrule{\Gamma \vdash M : A \quad \Gamma \vdash N : B}{\Gamma \vdash \pair{M}{N} : A \times B}{(\times ~intro)}
\\]

## Typing derivation

<div style="font-size:16px">

\\[
\inferrule{
  \inferrule{
    \inferrule{
      \inferrule{}{x:A \rightarrow A, y : A \vdash x: A \rightarrow A}{(var)}
      \quad
      \inferrule{
        \inferrule{}{x:A \rightarrow A, y : A \vdash x: A \rightarrow A}{(var)}
        \quad
        \inferrule{}{x:A \rightarrow A, y : A \vdash y: A}{(var)}
      }{x:A \rightarrow A, y : A \vdash (x~y) : A}{(\rightarrow elim)}
    }
    {x:A \rightarrow A, y : A \vdash x~(x~y) : A}{(\rightarrow elim)}
  }
  {x:A \rightarrow A \vdash (\lambda y:A. x~(x~y)) : A \rightarrow A}{(\rightarrow intro)}
}
{\vdash (\lambda x: A \rightarrow A. \lambda y:A. x ~(x ~y)) : (A \rightarrow A) \rightarrow A \rightarrow A}{(\rightarrow intro)}
\\]

</div>

## Typing derivation

* For each lambda term, there is exactly one type rule that applies.
  + Unique rule to lookup during typing derivation.

## Typability

* Not all $\stlc$ terms can be assigned a type. For example,

1. $\fst{(\lambda x.M)}$
2. $\pair{M}{N}~P$

* Surprisingly, we cannot assign a type for $\lambda x.x~x$ in $\stlc$ (or OCaml)
  + $x$ is applied to itself. So its argument type should the type of $x$!

## On fst and snd

In OCaml, we can define `fst` and `snd` as:

In [1]:
let fst (a,b) = a
let snd (a,b) = b

val fst : 'a * 'b -> 'a = <fun>


val snd : 'a * 'b -> 'b = <fun>


* Observe that the types are polymorphic. 
* But no polymorphism in $\stlc$
  + `fst` and `snd` are **keywords** in $\stlc$
* For a given type $A \times B$, we can define 
  + $(\lambda p:A \times B.~\fst{p}):A$
  + $(\lambda p:A \times B.~\snd{p}):B$

## Reductions in $\stlc$

\\[
\begin{array}{rrcl}
(\beta_{\rightarrow}) & (\lambda x:A.M) ~N & \rightarrow & M[N/x] \\
(\eta_{\rightarrow}) & \lambda x:A.M ~x & \rightarrow & M & \text{if } x \notin FV(M) \\
(\beta_{\times,1}) & \fst{\pair{M}{N}} & \rightarrow & M \\
(\beta_{\times,2}) & \snd{\pair{M}{N}} & \rightarrow & N \\
(\eta_{\times}) & \pair{\fst{M}}{\snd{M}} & \rightarrow & M
\end{array}
\\]

\\[
\begin{array}{cccc}
(cong1) & \displaystyle{\frac{M \rightarrow M'}{M~N \rightarrow M'~N}} &
(cong2) & \displaystyle{\frac{N \rightarrow N'}{M~N \rightarrow M~N'}}
\end{array}
\\]

\\[
\begin{array}{cc}
(\xi) & \displaystyle{\frac{M \rightarrow M'}{\lambda x:A.M \rightarrow \lambda x:A.M'}}
\end{array}
\\]

## Type Soundness

* Well-typed programs do not get **stuck**.
  + stuck = not a value & no reduction rule applies.
  + $\fst{(\lambda x.x)}$ is stuck.
  + $\unitv ~\unitv$ is stuck.
* In practice, well-typed programs do not have runtime errors.

**Theorem** (Type Soundness). If $\vdash M : A$ and $M \rightarrow M'$, then either $M'$ is a value or there exists an $M''$ such that $M' \rightarrow M''$.

Proved using two lemmas **progress** and **preservation**.

## Preservation

If a term $M$ is well-typed, and $M$ can take a step to $M'$
then $M$ is well-typed. 

**Lemma** (Preservation). If $\vdash M : A$ and $M \rightarrow M'$, then $\vdash M' : A$.

Proof is by induction on the reduction relation $M \rightarrow M'$.

## Preservation : Case $\beta_{\rightarrow}$

**Lemma** (Preservation). If $\vdash M : A$ and $M \rightarrow M'$, then $\vdash M' : A$.

Recall, $(\beta_{\rightarrow})$ rule is $(\lambda x:A.M_1) ~N \rightarrow M_1[N/x]$.

----

Assume $\vdash M : A$. Here $M = (\lambda x:B.M_1) ~N$ and $M' = M_1[N/x]$.

We know $M$ is well-typed. And from the typing derivation know that $x:B \vdash M_1 : A$ and $\vdash N : B$. 

**Lemma** (substitution). If $x:B \vdash M : A$ and $\vdash N : B$, then $\vdash M[N/x] : A$.

By substitution lemma, $\vdash M_1[N/x] : A$. Therefore, preservation holds.

## Progress

Progress says that if a term $M$ is well-typed, then either $M$ is a value, or there is an $M'$ such that $M$ can take a step to $M'$.

**Lemma** (Progress). If $ \vdash M : A$ then either $M$ is a value or there exists an $M'$ such that $M \rightarrow M'$.

Proof is by induction on the derivation of $\vdash M : A$.

* Case $var$ does not apply
* Cases $unit$, $\times ~intro$ and $\rightarrow intro$ are trivial; they are values.
* Reduction is possible in other cases as $M$ is well-typed. 

<h1 style="text-align:center"> Type Safety = Progress + Preservation </h1>

## Expressive power of $\stlc$

* Clearly, not all untyped lambda terms are well-typed.
  + Any term that gets stuck is ill-typed.
* Are there terms that are ill-typed but do not get stuck?

* Unfortunately, the answer is yes!
  + Consider $\lambda x.x$. In $\stlc$, we must assign type for $x$
  + Pick a concrete type for $x$
    * $\lambda x:1.x$.
  + $(\lambda x:1.x) ~\pair{\unitv}{\unitv}$ is ill-typed, but does not get stuck.

## Expressive power of $\stlc$

* As mentioned earlier, we can no longer write recursive function. 
  + $(\lambda x. x ~x) ~(\lambda x.x ~x)$
* Every well-typed $\stlc$ term terminates!
  + $\stlc$ is strongly normalising. 

## Connections to propositional logic

Consider the following types

\\[
\begin{array}{ll}
(1) & (A \times B) \rightarrow A \\
(2) & A \rightarrow B \rightarrow (A \times B) \\
(3) & (A \rightarrow B) \rightarrow (B \rightarrow C) \rightarrow (A \rightarrow C) \\
(4) & A \rightarrow A \rightarrow A \\
(5) & ((A \rightarrow A) \rightarrow B) \rightarrow B \\
(6) & A \rightarrow (A \times B) \\
(7) & (A \rightarrow C) \rightarrow C 
\end{array}
\\]

Can you find closed terms of these types?

## Connections to propositional logic

\\[
\begin{array}{lll}
(1) & (A \times B) \rightarrow A 
    & \lambda x:A \times B. \fst{x}\\
(2) & A \rightarrow B \rightarrow (A \times B) 
    & \lambda x:A.\lambda y:B.\pair{x}{y}\\
(3) & (A \rightarrow B) \rightarrow (B \rightarrow C) \rightarrow (A \rightarrow C) 
    & \lambda x:A\rightarrow B.\lambda y:B \rightarrow C.\lambda z:A.y ~(x ~z) \\
(4) & A \rightarrow A \rightarrow A
    & \lambda x:A.\lambda y:A.x \\
(5) & ((A \rightarrow A) \rightarrow B) \rightarrow B 
    & \lambda x:(A \rightarrow A) \rightarrow B.x ~(\lambda y:A.y)\\
(6) & A \rightarrow (A \times B) 
    & \text{can't find a closed term} \\
(7) & (A \rightarrow C) \rightarrow C 
    & \text{can't find a closed term} \\
\end{array}
\\]

## A different question

* Given a type, whether there exists a closed term for it?
* Replace $\rightarrow$ with $\implies$ and $\times$ with $\wedge$.

\\[
\begin{array}{ll}
(1) & (A \wedge B) \implies A \\
(2) & A \implies B \implies (A \wedge B) \\
(3) & (A \implies B) \implies (B \implies C) \implies (A \implies C) \\
(4) & A \implies A \implies A \\
(5) & ((A \implies A) \implies B) \implies B \\
(6) & A \implies (A \wedge B) \\
(7) & (A \implies C) \implies C 
\end{array}
\\]

What can we say about the validity of these logical formulae?

## A different question

\\[
\begin{array}{ll}
(1) & (A \wedge B) \implies A \\
(2) & A \implies B \implies (A \wedge B) \\
(3) & (A \implies B) \implies (B \implies C) \implies (A \implies C) \\
(4) & A \implies A \implies A \\
(5) & ((A \implies A) \implies B) \implies B \\
(6) & A \implies (A \wedge B) \\
(7) & (A \implies C) \implies C 
\end{array}
\\]

$(1) - (5)$ are valid, $(6)$ and $(7)$ are not!

## Proving a propositional logic formula

* How to prove $(A \wedge B) \implies A$?
  + Assume $A \wedge B$ holds. By the first conjunct, $A$ holds. Hence, the proof. 
* Consider the program $\lambda x:A \times B. \fst{x}$. 
  + Observe the close correspondence of this **program** to the **proof**. 
* What is the type of this program? $(A \times B) \rightarrow A$.
  + Observe the close correspondence of this **type** to the **proposition**.
* Curry-Howard correspondence between $\stlc$ and propositional logic.

## Curry-Howard Correspondence

* Proposition:Proof :: Type:Program
* Intuitionistic/constructive logic and not classical logic
  + Law of excluded middle ($A \vee \neg A$) does not hold for an arbitrary $A$.
    * Can't prove by contradiction
  + In order to prove, *construct* the proof object!

## Propositional Intuitionistic Logic

\\[
\text{Formulas:} A,B ::= \alpha \mid A \rightarrow B \mid A \wedge B\mid \top
\\]

where $\alpha$ is atomic formulae.

A derivation is

\\[
x_1:A_1,x_2:A_2,\ldots,x_n:A_n \vdash A
\\]

where $A_1,A_2,\ldots$ are assumptions, $x_1,x_2,\ldots$ are names for those assumptions and $A$ is the formula derived from those assumptions.


## Derivations through natural deduction


\\[
\begin{array}{cc}
\inferrule{}{\Gamma,x:A \vdash x:A}{(axiom)} &
\inferrule{}{\Gamma \vdash \top}{(\top ~intro)} \\ \\
\inferrule{\Gamma \vdash A \implies B \quad \Gamma \vdash A}{\Gamma \vdash B}{(\implies elim)} &
\inferrule{\Gamma, x:A \vdash B}{\Gamma \vdash A \implies B}{(\implies intro)} \\ \\
\inferrule{\Gamma \vdash A \wedge B}{\Gamma \vdash A}{(\wedge ~elim1)} &
\inferrule{\Gamma \vdash A \wedge B}{\Gamma \vdash B}{(\wedge ~elim2)} \\ \\
\end{array}
\\]

\\[
\inferrule{\Gamma \vdash A \quad \Gamma \vdash B}{\Gamma \vdash A \wedge B}{(\wedge ~intro)}
\\]

## Curry Howard Isomorphism

* Allows one to switch between type-theoretic and proof-theoretic views of the world at will.
  + used by theorem provers and proof assistants such as coq, HOL/Isabelle, etc.
* Reductions of $\stlc$ terms corresponds to proof simplification.

## Curry Howard Isomorphism

\\[
\begin{array}{|c|c|}
\hline
\stlc & \text{Propositional Intuitionistic Logic} \\
\hline
\text{Types} & \text{Propositions} \\
1 & \top \\
\times & \wedge \\
\rightarrow & \implies \\
\text{Programs} & \text{Proofs} \\
\text{Reduction} & \text{Proof Simplification} \\
\hline
\end{array}
\\]

What about $\vee$?

## Disjunction

Extend the logic with:

\\[
\text{Formulas: } A,B ::= \ldots \mid A \vee B \mid \bot
\\]

\\[
\begin{array}{cc}
\inferrule{\Gamma \vdash A}{\Gamma \vdash A \vee B}{(\vee ~intro1)} &
\inferrule{\Gamma \vdash B}{\Gamma \vdash A \vee B}{(\vee ~intro2)} \\ \\
\inferrule{\Gamma \vdash \bot}{\Gamma \vdash C}{(\bot ~elim)} &
\inferrule{\Gamma \vdash A \vee B \quad \Gamma, x:A \vdash C \quad \Gamma, y:B \vdash C}{\Gamma \vdash C}{(\vee ~elim)}
\end{array}
\\]

## Sum Types

Extend $\stlc$ with:

\\[
\begin{array}{rrcl}
\text{Simple Types: } & A,B & ::= & \ldots \mid A + B \mid 0 \\
\text{Raw Terms: } & M,N,P & ::=  & \ldots \mid \case{M}{x:A}{N}{y:B}{P} \\
                   &       & \mid & \inl{B}{M} \mid \inr{A}{M} \mid \square_{A} ~M
\end{array}
\\]

The OCaml equivalent of this sum type is:

```ocaml
type ('a,'b) either = Inl of 'a | Inr of 'b
```

* Similar to `fst` and `snd`, there is no polymorphism in $\stlc$. 
  + Hence, `inl` and `inr` are keywords.

## Explicit Type Annotation for `inl` and `inr`

\\[
\begin{array}{rrcl}
\text{Raw Terms: } & M,N,P & ::=  & \ldots \mid \case{M}{x:A}{N}{y:B}{P} \\
                   &       & \mid & \inl{B}{M} \mid \inr{A}{M} \mid \square_{A} ~M
\end{array}
\\]

* Observe that the term for ${\sf inl}$ and ${\sf inr}$ require explicit type annotation.
* Given any $\stlc$ term $M$, we should be able to *infer* a **unique** simple type $A$.
* Without annotation, what is the type of $\text{inl}~()$?
  + $1 + 1, 1 + (1 \rightarrow 1), 1 + \text{int}, \ldots$ are all equally valid.
* Explicit type annotation, makes the inferred type unique.

## Sum Types : Contradiction

Extend $\stlc$ with:

\\[
\begin{array}{rrcl}
\text{Simple Types: } & A,B & ::= & \ldots \mid A + B \mid 0 \\
\text{Raw Terms: } & M,N,P & ::=  & \ldots \mid \case{M}{x:A}{N}{y:B}{P} \\
                   &       & \mid & \inl{B}{M} \mid \inr{A}{M} \mid \square_{A} ~M
\end{array}
\\]

* The type $0$ is an **uninhabited** type
  + There are no values of this type.
* The OCaml equivalent is an empty variant type:

```ocaml
type zero = |
```

## Sum Types : Static Semantics

Extend $\stlc$ with:

\\[
\begin{array}{cc}
\inferrule{\Gamma \vdash M : A}{\Gamma \vdash \inl{B}{M} : A + B}{(+ ~intro1)} &
\inferrule{\Gamma \vdash M : B}{\Gamma \vdash \inr{A}{M} : A + B}{(+ ~intro2)} \\ \\
\end{array}
\\]

\\[
\inferrule{\Gamma \vdash M : A + B \quad \Gamma, x:A \vdash N : C \quad \Gamma, y:B \vdash P : C}
          {\Gamma \vdash \case{M}{x:A}{N}{y:B}{P} ~: C}{(+ ~elim)} \\
\\]

\\[
\inferrule{\Gamma \vdash M : 0}{\Gamma \vdash \square_{A} M : A}{(\square)}          
\\]

## Casting and type soundness

* Recall, Type soundness => well-typed programs do not get stuck
  + Preservation: $\vdash M : A$ and $M \rightarrow M'$, then $\vdash M' : A$
* But $\square_{A}$ $\cr{\text{changes the type of the expression}}$
  + Is type soundness lost?
* Consider $\lambda x:0.(\square_{1 \rightarrow 1} ~x) ~\unitv$
  + This term is well-typed.
  + $x$ is not a function.
  + If we are able to call this function, the program would get $\cr{stuck}$.

* There is no way to call this function since the type $0$ is uninhabited!
  + Type Soundness is preserved.

## Sum Types : Dynamic Semantics

Extend $\rightarrow$ with:

\\[
\begin{array}{c}
\displaystyle{\frac{M \rightarrow M'}
             {\case{M}{x_1:A}{N_1}{x_2:B}{N_2} \rightarrow \\
              \case{M'}{x_1:A}{N_1}{x_2:B}{N_2}}}\\ \\
\displaystyle{\frac{M = \inl{B}{M'}}
             {\case{M}{x_1:A}{N_1}{x_2:B}{N_2} \rightarrow N_1[M'/x_1]}} \\ \\
             \displaystyle{\frac{M = \inr{A}{M'}}
             {\case{M}{x_1:A}{N_1}{x_2:B}{N_2} \rightarrow N_2[M'/x_2]}}
\end{array}
\\]

## Type Erasure

* Although we carry around type annotations during reduction, we do not examine them.
  + No runtime type checking to see if function is applied to appropriate arguments, etc.
* Most compilers drop the types in the compiled form of the program (**erasure**).

$\newcommand{\erase}[1]{{\sf erase}(#1)}$
\\[
\begin{array}{rcl}
\erase{x} & = & x \\
\erase{M~N} & = & \erase{M}~\erase{N} \\
\erase{\lambda x:A.M} & = & \lambda x.\erase{M} \\
\erase{\inr{A}{M}} & = & \erase{{\sf inr}~\erase{M}}
\end{array}
\\]

etc.

## Type erasure

**Theorem** (Type erasure).

1. If $M \rightarrow M'$ under the $\stlc$ reduction relation, then $\erase{M} \rightarrow \erase{M'}$ under untyped reduction relation.
2. If $\erase{M} \rightarrow N'$ under the untyped reduction relation, then there exists a $\stlc$ term $M'$ such that $M \rightarrow M'$ under $\stlc$ reduction relation and $\erase{M'} = N'$.

## Static vs Dynamic Typing

* OCaml, Haskell, Standard ML are **statically typed languages**.
  + Only well-typed programs are allowed to run.
  + Type soundness holds; well-typed programs do no get stuck.
  + Types can be erased at compilation time.
* What about Python, JavaScript, Clojure, Perl, Lisp, R, etc?
  + **Dynamically typed languages**.
  + No type checking at compile time; anything goes.
    * `x = lambda a : a + 10; x("Hello")` is a runtime error.
  + Allows more programs to run, but types need to be checked at runtime.
    * $\color{purple}{\text{Types cannot be erased!}}$

<center> 

<h1 style="text-align:center"> Fin </h1>
</center>