Substitution and Inversion

As usual, the preservation proof relies on substitution and inversion lemmas. As we saw in Chapter 3 with λθ, the substitution lemma is restricted to values due to the value restrictions in the type system:

Lemma 4.2.3 (Substitution). If Γ1,x :θ 0 B,Γ2 `θ a : A and Γ1 `θ 0 v : B, then Γ1,[v/x]Γ2 `θ [v/x]a : [v/x]A.

Preservation requires inversion lemmas for most term forms. Due to our collapsed syntax and the fact that our typing rules have been designed to maintain regularity, inversion lemmas for term forms often require corresponding inversion lemmas for type forms. The inversion lemmas for types have the expected statements, and their proofs are relatively straightforward. We show two examples:

Lemma 4.2.4 (Inversion for sum types). If Γ `θ _A

1 +A2 : B then Γ `L A1 : ?,

Γ`L _A

2 :?, and B =?.

Lemma 4.2.5 (Inversion for pair types). If Γ `θ _{Σx :A}

1.A2 : B then Mob(A1),

B =?,Γ`θ _A

1 :?, and Γ,x :θ A1 `θ A2 :?.

As in Chapter 3, the inversion lemmas for terms in LFθ will be somewhat more complicated than usual to cope with the unmarked introduction and eliminations of @-types. There is an additional twist related to the unmarked eliminations of equalities that is new to LFθ. Consider inversion for terms of the form inla. In λθ_,

we generalized the inversion lemma to handle the fact thatinla may have an @-type as follows:

Lemma (Inversion for inl). Suppose Γ`θ _{inla :A. Then either}

• A=B1 +B2 for some B1 and B2 such that Γ`θ a :B1,

• or A= (...((B1+B2)@θ1)...)@θn for some B1, B2 and θ1,...,θn such that Γ`θ1 a :

B1.

An attempt to prove this lemma for LFθ by induction on the typing derivation will fall apart when we reach the case for _TConv:

Γ`L<sub>b :b</sub> 1 =b2 Γ`θ a : [b1/x]A Γ`θ <sub>[b</sub> 2/x]A:? Γ`θ _{a : [b} 2/x]A TConv

Here, the IH will give us that [b1/x]A has one of the desired forms, but this tells us

nothing about [b2/x]A. The solution is to weaken the lemma so that it only claims

the type given to inla is provably equal to one of the desired forms, as opposed to syntactically identical. The actual inversion lemma forinl is:

Lemma 4.2.6 (Inversion forinl). Suppose Γ`θ _{inla :A. Then either:}

• Γ`L _{p :A=B}

1+B2 for some p,B1,and B2 such that Γ`θ b :B1,

• or, Γ `L _{p : A = (...((B}

1 +B2)@θ1)...)@θn for some p, B1, B2, and θ1,...θn such that Γ`θ1 _{a :B}

In the special case where A is known to have the form B1+B2, we can show that

the first case of the previous lemma applies. The proof of this makes convenient use of two unusual rules from our type system, _TContra and _TSumInv1, so we show it in detail.

Lemma 4.2.7 (Inversion for inl at sum types). Suppose Γ `θ _{inla : B}

1+B2. Then

Γ`θ _{a :B}

1.

Proof. By Lemma 4.2.6, one of two cases applies. We consider each individually: • In the first case, we have some p, B0₁ and B₂0 such that there are derivations

D1 :: Γ`L p : (B1+B2) = (B10+B

0

2)and D2 :: Γ`θ b :B10. But by ruleTSumInv1

and D1, we may show Γ `L p :B1 = B10. And, thus, by rule TConv and D2, we

have Γ`θ _{a :B}

1 as desired.

• In the second case, we have a proof ofΓ`L_{p: (B}

1+B2) = (...((B01+B

0

2)@θ1)...)@θn for some p, B0₁, B₂0, and θ1,...θn, and we know Γ `θ1 a : B10. But the two sides of

this equality have different head forms, so the desired result Γ`θ _{a :B}

1 will follow

by _TContraif we can prove that rule’s well-formedness hypotheses Γ`θ1 _B0

1 :?

and Γ `θ _B

1 : ?. These follow from regularity and the inversion lemmas for sum

and @ types.

Note that here we have used rule _TContra explicitly to change the fragment in which a term checks rather than its type. The proof would be stuck without this use of _TContra. It might be possible to continue without _TContraby improving Lemma 4.2.6 to provide an explicit connection between θ and θ1 in the second case,

but it is not immediately obvious what that connection would be. In particular, any of the four combinations of θ and θ1 is possible, so such a connection would need to

include other information as well.

We can prove similar inversion lemmas for most of the other term forms in the language. The specialized versions when we know the term has a type of the expected form are useful in our proof of preservation and resemble the standard lemmas from systems without unmarked introduction forms.

The specialized versions of the inversion lemmas for functions and sigma types have a slightly different form than the one we saw forinl. In particular, they explicitly mention a substitution or value restriction, corresponding to the equality inversion typing rules for these forms.

Consider lambdas as an example. The inversion lemma itself has the same form as the corresponding lemma for inl.

Lemma 4.2.8 (Inversion forλ-expressions). Suppose Γ`θ _{λx.b :A. Then either:}

• Γ`L _{p :A= (x:B}

• or, Γ `L _{p : A = (...(((x : B}

1) → B2)@θ1)...)@θn for some p, B1, B2, and θ1,...θn such that Γ,x :θ1 _B

1 `θ1 b :B2.

When we specialize the lemma to the case where we know the type is an arrow type, we mention an explicit substitution into the body of the function, rather than leaving a hole for the argument:

Lemma 4.2.9 (Inversion for λ-expressions at arrow types). Suppose Γ`θ _{λx.b : (x:}

B1)→B2 and Γ`θ v :B1. ThenΓ`θ [v/x]b : [v/x]B2.

The inversion lemmas for the other function forms and pairs are similar. The explicit substitution of a value for the argument to the function makes the lemma substantially easier to prove and is sufficient for preservation.