In general, in the following we will use primed metavariables for fully-elaborated core language environments and terms.
This lemma states that the elaboration algorithm produces output that type checks according to the core language and differs from the input only in the erasable parts of the term.
Lemma74(Soundness w.r.t. fully annotated typing).
1. If`Γ0andΓ0 a⇒a0:A0, thenΓ0`a0:A0and|a|=|a0|.
2. If`Γ0andΓ0`A0:TypeandΓ0 a⇐A0;a0, thenΓ0`a0:A0and|a|=|a0|. 3. If Γ;Γ0, then`Γ0and|Γ|=|Γ0|
Proof. Induction on the assumed typing derivations. The cases forΓ b⇒b0:Bare:
EITYPETrivial.
EIVAR Trivial.
EIPI By ih.Γ0 ` A0 : Typeand |A| = |A0|. Γ0,x : A0 ` B0 : Type and|B| = |B0|. Thus Γ0 ` (x :A0) → B0 : Type and |(x:A)→ B|=|(x:A0)→ B0|.
EIIPI Similar to EIIPI.
EIDAPP Γ a⇒a0:A1 Γ A1=?(x :A)→B;v1 Γ v⇐A;v0 Γ injrng(x:A)→ Bforv0 Γ a v⇒a0 .v1v0:{v0/x}B EIDAPP
By ih we have Γ0 ` a0 : A1 where |a| = |a0|. By assumption 19 we haveΓ0 ` v1 : A1 = ((x :A) → B). By several inversions (lemma 15) of this judgement, we can concludeΓ0 ` (x :A) → B : TypeandΓ0 ` A : Type. Therefore by casting, Γ0 ` a0.v1 : (x :A) → B. Also by induction we haveΓ
0 ` v0 : Aand |v| = |v0|. ThereforeΓ0 ` a0.v1 v 0 : {v0/x}B and |a0.v1v 0 |=|a v|.
EIAPPand EIDIAPPSimilar to EIDAPP.
EIEQ Directly by induction.
EIJJOINC By induction|a =b|=|a0 =b0|andΓ0 ` a0 =b0 :Type. Therefore, we know that the terms have the same erasure (i.e. |a|=|a0|and|b|=|b0|) so the same premises can used in rule TJOINC.
EIJOINPSimilar to EIJOINC.
EIANNOT By induction.
The cases forΓ a⇐A;a0are:
ECREC By assumption 19 we haveΓ0`v1 :A= ((x:A1)→ A2). By inversions of this judgement (lemma 15),Γ0`(x:A1)→ A2: TypeandΓ0,x :A1`A2:Type. By core language weakeningΓ0,f : (x:A1)→ A2,x :A1`A2:Type, so the induction hypothesis applies. ThereforeΓ0,f : (x:A1)→ A2,x :A1`a0:A2and|a|=|a0|. By TREC, we haveΓ0`recf(x:A1)→Ax.a
0
: (x:A1)→ A, and by TCAST, we haveΓ0`(recf(x:A1)→A2x.a
0 ).symmv
1:A. Furthermore the erasures are equal. ECIREC Similar to ECREC.
ECREFL By assumption (analogous to 19) we haveΓ0`v1:A= (a=b). By inversion,Γ0`a=b:Type. By assumption 20, we also haveΓ0`v:a=b, and that|v|=join. Therefore by TCASTwe conclude thatΓ0`v.symmv1 :Aand that|v.symmv1|=|join•|.
ECINF We know thatΓ0`B:Type. By induction we have thatΓ0`a0:Awhere|a|=|a0|. That means|a0.v1|=|a|By assumption 20,
we haveΓ0`v1:A=B, therefore we can use TCASTto concludeΓ0`a0.v1 :B.
The cases for Γ;Γ0are:
EGNIL Trivial.
EGVAR By the IH we know`Γ0. So by the mutual IH forΓ0 A⇐Type;A0we knowΓ0 `A0 :Type, and therefore` Γ0,x :A0. Similarly,|Γ,x :A|=|Γ0,x :A0|.
G.1 Checking is closed under CC
This next lemma says that the input type of the elaboration judgement can be replaced with an equivalent type (according to congruence closure) and elaboration will still succeed, producing a result that differs only in typing annotations.
Lemma75(Admissibility of CCASTin elaboration).
IfΓ0 a⇐A0;a0andΓ0A0=B0, thenΓ0 a⇐B0;a00for somea00such that|a00|=|a0|.
Proof. Case analysis onΓ0 a⇐A0 ;a0. Cases ECREC, ECIREC, ECREFL, ECSUBST, ECDCON, and ECCASEare all very similar, so
we show just ECRECin detail.
Here, the assumed typing derivation looks like
Γ A=?(x :A1)→A2;v1 Γ,f : (x:A1)→ A2,x :A1 a⇐A2;a0 Γ,f : (x:A1)→ A2,x :A1 injrng(x:A1)→ A2forx Γ,f : (x:A1)→ A2 (x:A1)→ A2⇐Type;A0 Γ recf x.a⇐A;(recf(x:A1)→A2x.a 0) .symmv1 ECREC
By assumption 18 we haveΓ B =? (x:A1)→ A2. Then apply ECRECagain. The elaborated term only differs in the proof used by the cast,symmv1, and this difference gets erased.
The rule ECINFinstead relies on transitivity of. We haveΓ0 A=? B;v1as a premise of the rule andΓ0A0=Aas an assumption, soΓ0A0=B, and henceΓ0 A0=? B;v2for somev2. Then apply ECINFagain; again the elaborated term only differs by the proof of the cast.
G.2 Context conversion for elaboration
Lemma76(Context conversion for elaboration).Supposeσ: Γ = Γ0. Then,
1.Γ a⇒a0:AimpliesΓ0 a⇒a00:A0for someA0such thatΓ0A0=σAand somea00such that|a00|=|a0|. 2.Γ`A:TypeandΓ a⇐A;a0impliesΓ0 a⇐σA;a00for somea00such that|a00|=|a0|.
Proof. Induction on the assumed derivations. The cases forΓ b⇒b0:Bare:
EITYPEPickA0:=Type.
EIVAR By the variable lookup lemma (lemma 62) we havex :A0∈ΓwithΓ0A0=σA, as required. The elaborated term is stillx, so it is equal up to erasure as required.
EIPI By the mutual IHs we haveΓ0 A⇐Type ;A00andΓ0 B ⇐ Type;B00. Then re-apply EIPI. By IH the subterms of the elaborated term are equal up to erasure, so the entire elaborated term is also equal up to erasure.
EIIPI Similar to EIIPI.
EIAPP By the IH for the first premise we knowΓ0 a⇒a00:A01for some typeA01such thatΓ0A01=σA1.
From the premiseΓ A1 =? (x :A) →B ;v1and context conversion (lemma 66) we getΓ0 σA1 = (x:σA) → σB. So by transitivity,Γ0 A01 = (x :σA) → σB. So the searchΓ
0
A01 = ?
(x : A0) → B0 ;v10 will succeed for some arrow type (x:A0)→ B0and proofv10, since these exists at least one such arrow type.
Now note that by TCCTRANSand TCCINJDOM, we haveΓ0 A0 =σA. From the IH forb we knowΓ0 b ⇐σA ;b00. So by casting the return type (lemma 75) we getΓ0 b⇐A0;b000.
Now apply EIAPPto getΓ0 a b⇒a00b000:B0. By TCCINJRNGwe haveΓ0B0=σBas required.
EIDAPP By the IH for the first premise, we knowΓ0 a⇒a00:A01for some typeA 0
1such thatΓ 0
A01=σA1.
From the premiseΓ A1 =? (x :A) →B ;v1and context conversion (lemma 66) we getΓ0 σA1 = (x:σA) → σB. So by transitivity,Γ0 A01 = (x :σA) → σB. So the searchΓ0 A01 =? (x : A0) → B0 ;v10 will succeed for some arrow type (x:A0)→ B0and proofv10, since these exists at least one such arrow type.
Now note that by TCCTRANSand TCCINJDOM, we haveΓ0 A0 =σA. From the IH forv we knowΓ0 v ⇐σA;v00. So by casting the return type (lemma 75) we getΓ0 v ⇐A0;v000.
By context conversion for injrng (lemma 70) we getΓ0 injrng(x:σA)→σBforσv0. Now by correctness of elaboration (lemma 74) we knowΓ0 `v000 :A0and also|v|=|v000|. The latter also implies|v000|=|σv0|, so since injrng respects type equality and erasure (lemmas 71, 72) we then haveΓ0 injrng(x:A0)→ B0forv000
Then apply EIDAPPagain, to getΓ0 a v ⇒a0.v10 v
000
:{v000/x}B0.
FromΓ0 injrng(x :A0) → B0forv000 we getΓ0 {v000/x}B0 = {σv0/x}σB. Since we can pick the bound variable so that x ∈/FV(B), that is the same asΓ0 {v000/x}B0=σ{v0/x}B, as required. Also as required,|a0v0|=|a00v000|since the subterms are equal up to erasure.
ottdrulenameEIdiappSimilar to EIDAPP.
EIEQ By the IHs we getΓ0 a⇒a00:A0andΓ0 b⇒b00:B0, then apply EIEQagain.
EIJJOINC By the mutual IH we getΓ0 a =b⇐Type;a00=b00. Sincea0anda00erase to the same thing we know|a|;i
cbvc(and
similarly forb00), so applying EIJOINCagain we getΓ0 join;cbvi j:a=b⇒join;cbvi j:a00=b00:a 00
=b00.
By soundness (lemma 74) and regularity (lemma 17) we knowa00=b00is well-typed, so by TCCERASUREwe haveΓ0 (a0 =b0) = (a00=b00)as required.
EIJOINPSimilar to EIJOINC.
EIANNOT By the mutual IH we getΓ0 A⇐Type;A00andΓ0A00=σA0. Again by mutual IH we haveΓ0 a⇐σA0;a00. So by casting (lemma 75) we haveΓ a⇐A00;a000.
Then apply EIANNOTagain, to getΓ aA⇒a000:A00. We have|a000|=|a00|=|a0|as required.
The cases forΓ a⇐A;a0are:
ECREC By context conversion for CC (lemma 66) we knowΓ0σA= (x:σA1)→ σA2. So the searchΓ0 A=?(x :A01)→A02; v10will succeed for some arrow type(x:A
0
1)→ A02and proofv 0
1, since there exists at least one such arrow type.
By regularity of CC (lemma 24) and inversion for type well-formedness we know Γ,x : A1 ` A2 : Type, and so by weakening (lemma 13)Γ,f : (x:A1)→ A2,x :A1`A2:Type. So the induction hypothesis for theapremise is available.
By TCCTRANS and TCCINJDOM, we have Γ0 (x : A01) → A02 = (x : σA1) → σA2 and Γ0 A01 = σA1. So σ0 : Γ,f : (x :A1) → A2,x :A1 = Γ0,f : (x :A1)0 → A02,x : A
0
1, whereσ 0
is the substitutionσsuitably extended. So by IH,Γ0,f : (x:A01)→ A2,x :A01 a⇐σ
0
A2;a00.
Because injrng respects context conversion (Lemma 70) we have Γ0,f : (x :σA1) → σA2,x : σA1 injrng(x :σA1) → σA2forσx. Since it respects CC (lemma 71) that impliesΓ0,f : (x :σA1) → σA2,x : σA1 injrng(x :A01) → A
0 2forσx. Also, using the CC judgements we proved above, we can construct a ρsuch that ρ : Γ0,f : (x :σA1) → σA2,x : σA1 = Γ0,f : (x : A01) → A
0 2,x : A
0
1. So by lemma 70 again, we have Γ0,f : (x :A01) → A 0 2,x : A 0 1 injrng(x : ρA 0 1) → ρA02forρ σx. The variables f and xwere bound, so we can pick them to not appear in the arrow type, so this is the same as Γ0,f : (x:A01)→ A 0 2,x :A 0 1 injrng(x:A 0 1)→ A 0
2forρ σx. Finally, since injrng respects erasure (lemma 72) we can conclude that Γ0,f : (x:A01)→ A 0 2,x :A 0 1 injrng(x:A 0 1)→ A 0 2forx. By weakening of CC (lemma 23) we haveΓ0,f : (x:A01)→ A
0 2,x :A 0 1 (x:A 0 1) → A 0 2 = (x:σA1) → σA2. So by the injrng assumption we know thatΓ0,f : (x:A01)→ A
0 2,x:A 0 1A 0 2=σA2. So by casting (lemma 75) we haveΓ0,f : (x:A01)→ A
0 2,x :A 0 1 a⇐A 0 2;a 000 . Now apply ECRECto getΓ0 recf x.a⇐σA;(recf x.a000).symmv0
1as required. ECIREC Similar to ECREC.
ECREFL By context conversion for CC (lemma 66) we knowΓ0 σA = σ(a =b). Therefore,Γ0 σA =? (a1 =b1) ;v10 will succeed for somea1=b1such thatΓ0σ(a=b) = (a1=b1). By TCCINJEQ, that impliesΓ0σa=a1andΓ0σb =b1. We knowΓ0(σa) = (σb)by context conversion for CC.
So by transitivity (TCCTRANS) we haveΓ0a1=b1.SoΓ0 a1 ?
=b1;v0will also succeed. Then apply ECREFLagain. By assumption 18 we know|v.symmv1|=|v
0 .symmv0
1|=join, so the elaborated terms are equal up to erasure
as required.
ECINF By the mutual IH we haveΓ0 a ⇒ a00 : A0withΓ0 σA = A0. And by context conversion for CC (lemma 66) we have Γ0σA=σB. By transitivity,Γ0A0=σB, soΓ0 A0=? σB;v10succeeds for somev1. Then apply ECINF0 again.
G.3 Completeness of elaboration
Note: in the following lemma statement and proof we use the convention that metavariables with primes (A0, B0. . . ) are expressions in the fully annotated language, and metavariables without primes are in the surface language.
The first completeness lemma says that if the surface language CC judgement is derivable, then the target CC judgement is also derivable after elaborating the context and terms.
Lemma77(Completeness of CC).IfΓ∃
a=band Γ;Γ0andΓ0 a⇒a0:A0andΓ0 b⇒b0:B0thenΓ0a0=b0
Proof. The proof follows from the fact that typing annotations don’t matter to congruence closure (Lemma 44). By inversion ofΓ∃
a=b we have someΓ01,a10 andb
0
1such thatΓ 0 1a
0
=b0and|Γ01|=|Γ|,|a1|0 =|a|, and|b1|0 =|b|. By translation soundness (Lemma 74), we also have|Γ0|
=|Γ|,|a0|=|a|, and|b0|=|b|, withΓ0`a0:A0andΓ0`b0:B0. This is all that we need to use the lemma.
Likewise, we need to know that the surface language injrng judgement also describes when the corresponding fully annotated version is derivable.
Lemma78(Completeness of injrng).IfΓ∃
injrng(x:A)→ Bforv and Γ;Γ0andΓ0 (x:A)→ B ⇐Type;(x:A0)→ B0 andΓ0 v⇐A0;v0thenΓ0 injrng(x:A0)→ B0forv0.
Proof. ConsiderA1,B1such thatΓ0(x:A0)→ B0= (x:A1)→ B2with the proof termΓ0`v0: ((x:A0)→ B0) = ((x:A1)→B2). We must showΓ0{v0/x}B0={v0.v0/x}B1.
By inversion and substitution, we know thatΓ0` {v0/x}B0:TypeandΓ0` {v0.v0/x}B1:Type. Now instantiation the assumptionΓ∃
injrng(x:A)→ BforvwithA1andB1. We haveΓ∃{vA/x}B={vA1/x}B1. That is, there
are someΓ00,a00andb00such that|Γ00|
=|Γ|and|a00|=|{vA/x}B|and|b00|=|{vA1/x}B1|andΓ00a00=b00.
Since elaboration produced terms which are equal up to erasure, we also have|Γ00| =|Γ0|
and|a00|=|{v/x}B0|and|b00|=|{v.v0/x}B1|.
We next prove the completeness of the entire system using mutual induction on the three judgements of the surface language. For convenience, we use an alternative (“regularized”) version of the typing rules, writtenΓ`rega ⇒A, that adds additional regularity assumptions to the typing judgement. For example, in the RIDAPPrule we add the premiseΓ`(x:A)→ B ⇐Type. The typing rules for that system are shown in Figure 19.
To justify the addition of these premises, we show the following regularity lemma about the inference judgement.
Lemma79.IfΓ`a⇒AthenΓ`A⇐Type.
Proof. Proof is by case analysis ofΓ`a⇒A.
ITYPEHolds by ITYPEand CINF.
IVAR Holds by premise of the rule.
IPI Holds by ITYPEand CINF.
IDAPP Holds by premise of the rule.
IIDAPP Holds by premise of the rule.
IAPP Holds by premise of the rule.
IEQ Holds by ITYPEand CINF.
IJOINC Holds by premise of the rule.
IJOINP Holds by premise of the rule.
IANNOT Holds by premise of the rule.
ICASTHolds by premise of the rule.
Lemma80(Completeness, with strengthened invariants). 1. If`regΓ⇐then Γ;Γ0.
2. IfΓ`rega⇒Aand`regΓ⇐and Γ;Γ0andΓ0 A⇐Type;A0, thenΓ0 a⇒a0:A00andΓ0A0=A00 3. IfΓ`rega⇐Aand`regΓ⇐and Γ;Γ0andΓ0 A⇐Type;A0, thenΓ0 a⇐A0;a0.
Proof. Mutual induction on the derivations. The cases forΓ`rega⇒Aare:
ITYPEPickA0:=Type.
IVAR By soundness of elaboration (lemma 74) applied to the assumption Γ ; Γ0, there is somex :A00 ∈ Γ0with|A00| =|A|and Γ0`A00:Type. By soundness of elaboration applied to the assumptionΓ0 A⇐Type;A0, we knowΓ0`A0:Type.
Now by EIVARwe haveΓ0 x ⇒x :A00, and by TCCERASUREΓ0A0=A00as required.
IPI We knowΓ0 Type⇐Type;Type. So by the mutual IH for theApremise,Γ0 A⇐Type;A0.
Then by GVARwe have` Γ,x :A ⇐, and by GFVARwe have Γ,x : A ;Γ0,x : A0. So by the mutual IH for theBpremise, Γ0,x :A0 B⇐Type;B0.
Now apply EIPIto getΓ0 (x:A)→B⇒(x:A0)→ B0:Type.
IIPI Similar to IPI.
IDAPP The given typing derivation looks like
Γ`reg(x:A)→ B⇐Type Γ`rega⇒(x:A)→ B Γ`regv ⇐A Γ∃ injrng(x:A)→ Bforv Γ`reg{vA/x}B⇐Type Γ`rega v ⇒ {vA/x}B RIDAPP
In the regularized type system, we haveΓ` (x:A)→ B ⇐Typeas a premise to the given rule. So by IH,Γ0 (x:A) → B ⇐ Type;B10 for some typeB
0
1, whereΓ 0
(x:A)→ B=B1. In fact there is only one rule for elaborating arrow types, so by inversion0 of that judgement, we getΓ0 (x:A)→ B ⇐Type;(x:A0)→ B0, whereB10 is(x:A
0
)→ B0andΓ0 A⇐Type;A0and Γ0,x :A0 B⇐Type;B0. By soundness, this also means that|(x:A)→ B|=|(x:A0)→ B0|.
Γ`rega⇒A Γ`rega⇐A Γ`rega⇒A Γ∃ A=B Γ`regA⇐Type Γ`regB⇐Type Γ`rega⇒B RICAST Γ`rega⇐A ΓA=B Γ`regB⇐Type Γ`rega⇐B RCCAST Γ`regA⇐Type Γ`rega⇐A Γ`regaA⇒A RIANNOT Γ`rega⇒A Γ`rega⇐A RCINF Γ`regA⇐Type Γ`regB⇐Type Γ`rega⇒A Γ`regb⇒B Γ`rega=b⇒TypeRIEQ Γ∃ a=b
Γ`regjoin⇐a=bRCREFL
Γ`rega1=a2⇐Type |a1|;i pb |a2|;jpb Γ`regjoin;pi j:a1=a2⇒a1=a2 RIJOINP Γ,f : (x:A1)→ A2,x :A1`rega⇐A2 Γ,f : (x:A1)→ A2`regA1⇐Type Γ,f : (x:A1)→ A2,x :A1`regA2⇐Type Γ,f : (x:A1)→ A2,x :A1∃ injrng(x:A1)→ A2forx Γ`regrecf x.a⇐(x:A1)→ A2 RCREC Γ`rega1=a2⇐Type |a1|;i cbvb |a2|; j cbvb Γ`regjoin; cbvi j:a1=a2⇒a1=a2 RIJOINC
Γ`regType⇒TypeRITYPE `regΓ⇐ x :A∈Γ Γ`regA⇐Type
Γ`regx ⇒A RIVAR Γ`regA⇐Type Γ,x :A`regB⇐Type Γ`reg(x:A)→ B⇒TypeRIPI Γ`regB⇐Type Γ`regA→B⇐Type Γ`rega⇒A→B Γ`regb⇐A Γ`rega b⇒B RIAPP Γ`reg(x:A)→ B⇐Type Γ`rega⇒(x:A)→ B Γ`regv ⇐A Γ∃ injrng(x:A)→ Bforv Γ`reg{vA/x}B⇐Type Γ`rega v⇒ {vA/x}B RIDAPP ∀A0B0.((Γ∃ ((x:A)→ B) = ((x:A0)→ B0))impliesΓ∃ {v/x}B={v/x}B0) Γ∃ injrng(x:A)→ Bforv EIRPI
Γ`regA⇐Type Γ,x :A`regB⇐Type Γ`reg•(x:A)→ B⇒TypeRIIPI
Γ,f :•(x:A1)→ A2,x :A1`a⇐A2 x ∈/FV(|a|) Γ,f :•(x:A1)→ A2,x :A1∃ injrng •(x:A1)→ A2forx Γ,f :•(x:A1)→ A2` •(x:A1)→ A2⇐Type Γ`recf •.a⇐ •(x:A1)→ A2 CIREC