Skip to content

scaup/fae-gtlc-mu

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

the embedding of STLCmu into GTLCmu is fully abstract (Coq/Iris proof)

This repo contains a Coq/Iris proof of the fact that the embedding of STLCmu (the simply typed lambda calculus with equirecursive types) into GTLCmu (its gradualization) is fully abstract. It accompanies the paper "Fully abstract from Static to Gradual".

How to compile Coq code

Requirements

  • Coq: 8.11.1
  • Coq libraries
    • stdpp: dev.2020-04-03.1.eeef6250
    • IRIS: dev.2020-04-07.7.64bed0ca
    • coq-autosubs: dev.coq86

Getting started quickly with opam

Free disk space

Please note that fetching and compiling the requirements by following the instruction described below calls for roughly 1.4GB of free disk space.

Fetching and compiling requirements

An easy way to get the correct version of Coq and the required libraries is by using opam.

Get opam, by fetching and running the install script. You need curl for this (e.g. apt install curl).

sh <(curl -sL https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh)

Don't forget to add the directory of installation to your path such that you don't have to refer to opam by its full path. Initialize opam.

$ opam init
$ eval $(opam env) # optionally; see output of previous command

Create a new switch with the ocaml-base-compiler.4.09.0. To do this, you need some base dependencies: make m4 cc (e.g. apt install make m4 gcc).

$ opam switch create fae ocaml-base-compiler.4.09.0
$ opam switch # output should be like: → fae

Add coq and iris-dev repositories to this switch. For the iris-dev repo, you need to have git (e.g. apt install git).

$ opam repo add coq-released https://coq.inria.fr/opam/released
$ opam repo add iris-dev https://gitlab.mpi-sws.org/iris/opam.git

Install the correct version of Coq and the required libraries.

$ opam install coq.8.11.1 coq-stdpp.dev.2020-04-03.1.eeef6250 coq-iris.dev.2020-04-07.7.64bed0ca coq-autosubst.dev.coq86

Optionally, you can also install coqide, a GUI to interact with the Coq code.

$ opam install coqide.8.11.1 # will likely ask you to install missing dependencies

Some optional sanity checks

Verify that installation went OK

$ opam list # output should list the required packages with the right versions
$ which coqc # verify that coqc is in your path, if not, run "eval $(opam env)"
$ coqc --version # should return 8.11.1, and "compiled on" should be realistic
$ coqc --config # check the COQLIB=~/.opam/fae/lib/coq/ variable
$ ls ~/.opam/fae/lib/coq/user-contrib # should return the Autosubst, iris, Ltac2 and stdpp directories

Compiling the fae proof

Compile by running make in the root of this folder.

$ make

Run make clean in the root of this folder to remove all but the source files.

Verifying the full abstraction claim

This section describes the files necessary to go through in order to verify that full abstraction is indeed proven for the embedding from STLCmu to GTLCmu.

Verifying definition of the simply typed lambda calculus with iso-recursive types

  • theories/stlc_mu/lang.v starts by defining the expressions and values; for this we use De Bruijn indices, utilizing Autosubst to do so (detailed knowledge is not required). Afterwards, it defines evaluation contexts (of depth 1) and head step reductions. The final language is defined using the EctxiLanguage construct from the Iris library; essentially, it naturally defines the general evaluation contexts and the total reduction relation. Lastly, we define the Halts predicative for expressions.
  • theories/stlc_mu/types.v defines the static types (again using Autosubst).
  • theories/stlc_mu/typing.v defines the typing rules for expressions. We restrict our typing derivations so that they only treat meaningful types; the closed types (types with no free variables) (see theories/prelude.v for the formal definition of closedness).
  • theories/stlc_mu/contexts.v defines general contexts (not evaluation contexts) together with their typing rules.
  • theories/stlc_mu/ctx_equiv.v defines contextual equivalence.

Verifying definition of the cast calculus of GTLCmu

Verifying the embedding from STLCmu into the cast calculus

Verifying full abstraction claim

The file theories/fae.v proves full abstraction of the embedding. Theorem ctx_eq_preservation proves preservation of equivalences, and ctx_eq_reflection proves reflection of equivalences.

Proof structure (where's what?)

Cool, so you're actually interested in the proof itself! This section describes some of the more interesting files that make up the proof, referring to the paper where possible; for a complete listing of all files, one can refer to the commented _CoqProject file.

Defining backtranslation (section 4.2 in paper)

Laying out ground work

Alternative consistency relation (figure 9 in paper) on which the backtranslation for casts will be inductively defined.

Definition of the static Universe type and the backtranslation on types.

Static functions (and proofs of their well-typedness) that will be used later in the backtranslation for casts

Bringing stuff together

Defining logical relations from static to gradual (section 4.3.3)

Proving specification for LR from static to gradual (section 4.3.2 and 4.3.4)

The file theories/refinements/static_gradual/compat_easy.v proves the unexciting compatibility lemmas (fig 12 in the paper).

For the compatibility lemma between casts (lemma 4.7 in paper), we first define the (to-be-proven) proposition named back_cast_ar in theories/refinements/static_gradual/compat_cast/defs.v. The proposition back_cast_ar deviates slightly from lemma 4.7 in the paper, as it is more ergonomic to prove.

The file theories/refinements/static_gradual/compat_cast/all.v actually proves proposition back_cast_ar by induction on the alternative consistency relation. The different inductive cases are proven in all the other files from the same directory: between_rec.v, prod_prod.v, sum_sum.v, arrow_arrow.v, identity.v, tau_star.v, ground_star.v, tau_star.v, star_tau.v, and star_ground.v. Afterwards, the actual compatibility for casts (lemma 4.7) is proven (bin_log_related_back_cast) out of back_cast_ar.

The file theories/refinements/static_gradual/rel_ref_specs.v proves that gradual contexts are related to their backtranslation and that static terms are related to their embeddings (lemma 4.2 in paper); to do this, it basically applies all the aforementioned compatibility lemmas. In theories/refinements/static_gradual/adequacy.v, adequacy of the logical relations are proven (lemma 4.3).

Defining logical relations from gradual to static (mostly analogous and not in the paper)

Proving specification for LR from gradual to static (mostly analogous and mostly absent in paper)

The file theories/refinements/gradual_static/compat_easy.v proves the unexciting compatibility lemmas (not in paper).

For the compatibility lemma between casts (not in paper), we first define the (to-be-proven) proposition named back_cast_ar in theories/refinements/gradual_static/compat_cast/defs.v. The proposition back_cast_ar deviates slightly from the compatibility lemma on casts, as it is more ergonomic to prove.

The file theories/refinements/gradual_static/compat_cast/all.v actually proves proposition back_cast_ar by induction on the alternative consistency relation. The different inductive cases are proven in all the other files from the same directory: between_rec.v, prod_prod.v, sum_sum.v, arrow_arrow.v, identity.v, tau_star.v, ground_star.v, tau_star.v, star_tau.v, and star_ground.v. Afterwards, the actual compatibility for casts is proven (bin_log_related_back_cast) out of back_cast_ar.

The file theories/refinements/gradual_static/rel_ref_specs.v proves that gradual contexts are related to their backtranslation and that static terms are related to their embeddings (lemma 4.4 in paper); to do this, it basically applies all the aforementioned compatibility lemmas. In theories/refinements/gradual_static/adequacy.v, adequacy of the logical relations are proven (lemma 4.5).

Bringing stuff together in theories/fae.v

Both directions of theorem 4.1 from the paper are proven there; left to right is proven by static_ctx_refines_gradual and right to left by gradual_ctx_refines_static. Finally, all is brought together to prove full abstraction.

Credits

Lots of code has its origin in the following; https://gitlab.mpi-sws.org/iris/examples/-/tree/master/theories/logrel/F_mu_ref_conc

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published