michael/csci8980-f21
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

completing merge

Browse source
This commit is contained in:
Philip Wadler 2019-07-22 17:56:39 +01:00
commit de2d4112e3
157 changed files with 26242 additions and 3881 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
.gitignore vendored
View file

@ -1,4 +1,25 @@
## Agda files
*.agdai
.agda-stdlib.sed
.links-*.sed
## Jekyll files
_site/
.sass-cache/
.agda-stdlib.sed
.jekyll-metadata
*.agdai
Gemfile.lock
## LaTeX files
*.aux
*.bbl
*.blg
*.fdb_latexmk
*.fls
*.log
*.pdf
*.spl
*.synctex.gz
## Emacs files
auto/

11
.travis.yml
View file

@ -14,7 +14,6 @@ cache:
- $HOME/.local
- $HOME/agda-$AGDA_VERSION
- $HOME/agda-stdlib-$AGDA_STDLIB_VERSION
- $HOME/agda2html-master
- $HOME/acknowledgements-master
# Ensure necessary system libraries are present
@ -24,6 +23,10 @@ addons:
- libgmp-dev
- libicu-dev
# Ensure we run BASH and not SH
env:
- SH=bash
before_install:
# Download and unpack the stack executable
- mkdir -p ~/.local/bin
@ -33,15 +36,15 @@ before_install:
- make travis-setup
script:
- curl -L https://raw.githubusercontent.com/MestreLion/git-tools/master/git-restore-mtime | python
- agda --version
- agda2html --version
- acknowledgements --version
- make test-offline
- make test-offline # disable to only build cache
before_deploy:
- acknowledgements -i _config.yml >> _config.yml
- make clean
- rm -rf .bundle/ vendor/ hs/ src/ extra/ .gitignore .travis.yml Gemfile Gemfile.lock Makefile
- rm -rf hs/ extra/ depr/ papers/ slides/ .bundle/ vendor/ *.agdai *.agda-lib *.lagda.md Guardfile Gemfile Gemfile.lock Makefile highlight.sh .gitignore .travis.yml
branches:
only:

289
Gemfile.lock
View file

@ -1,289 +0,0 @@
GEM
remote: https://rubygems.org/
specs:
activesupport (4.2.10)
i18n (~> 0.7)
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
addressable (2.5.2)
public_suffix (>= 2.0.2, < 4.0)
coderay (1.1.2)
coffee-script (2.4.1)
coffee-script-source
execjs
coffee-script-source (1.11.1)
colorator (1.1.0)
colorize (0.8.1)
commonmarker (0.17.13)
ruby-enum (~> 0.5)
concurrent-ruby (1.1.3)
dnsruby (1.61.2)
addressable (~> 2.5)
em-websocket (0.5.1)
eventmachine (>= 0.12.9)
http_parser.rb (~> 0.6.0)
ethon (0.11.0)
ffi (>= 1.3.0)
eventmachine (1.2.7)
execjs (2.7.0)
faraday (0.15.4)
multipart-post (>= 1.2, < 3)
ffi (1.9.25)
formatador (0.2.5)
forwardable-extended (2.6.0)
gemoji (3.0.0)
github-pages (193)
activesupport (= 4.2.10)
github-pages-health-check (= 1.8.1)
jekyll (= 3.7.4)
jekyll-avatar (= 0.6.0)
jekyll-coffeescript (= 1.1.1)
jekyll-commonmark-ghpages (= 0.1.5)
jekyll-default-layout (= 0.1.4)
jekyll-feed (= 0.11.0)
jekyll-gist (= 1.5.0)
jekyll-github-metadata (= 2.9.4)
jekyll-mentions (= 1.4.1)
jekyll-optional-front-matter (= 0.3.0)
jekyll-paginate (= 1.1.0)
jekyll-readme-index (= 0.2.0)
jekyll-redirect-from (= 0.14.0)
jekyll-relative-links (= 0.5.3)
jekyll-remote-theme (= 0.3.1)
jekyll-sass-converter (= 1.5.2)
jekyll-seo-tag (= 2.5.0)
jekyll-sitemap (= 1.2.0)
jekyll-swiss (= 0.4.0)
jekyll-theme-architect (= 0.1.1)
jekyll-theme-cayman (= 0.1.1)
jekyll-theme-dinky (= 0.1.1)
jekyll-theme-hacker (= 0.1.1)
jekyll-theme-leap-day (= 0.1.1)
jekyll-theme-merlot (= 0.1.1)
jekyll-theme-midnight (= 0.1.1)
jekyll-theme-minimal (= 0.1.1)
jekyll-theme-modernist (= 0.1.1)
jekyll-theme-primer (= 0.5.3)
jekyll-theme-slate (= 0.1.1)
jekyll-theme-tactile (= 0.1.1)
jekyll-theme-time-machine (= 0.1.1)
jekyll-titles-from-headings (= 0.5.1)
jemoji (= 0.10.1)
kramdown (= 1.17.0)
liquid (= 4.0.0)
listen (= 3.1.5)
mercenary (~> 0.3)
minima (= 2.5.0)
nokogiri (>= 1.8.2, < 2.0)
rouge (= 2.2.1)
terminal-table (~> 1.4)
github-pages-health-check (1.8.1)
addressable (~> 2.3)
dnsruby (~> 1.60)
octokit (~> 4.0)
public_suffix (~> 2.0)
typhoeus (~> 1.3)
guard (2.15.0)
formatador (>= 0.2.4)
listen (>= 2.7, < 4.0)
lumberjack (>= 1.0.12, < 2.0)
nenv (~> 0.1)
notiffany (~> 0.0)
pry (>= 0.9.12)
shellany (~> 0.0)
thor (>= 0.18.1)
guard-compat (1.2.1)
guard-shell (0.7.1)
guard (>= 2.0.0)
guard-compat (~> 1.0)
html-pipeline (2.9.1)
activesupport (>= 2)
nokogiri (>= 1.4)
html-proofer (3.9.3)
activesupport (>= 4.2, < 6.0)
addressable (~> 2.3)
colorize (~> 0.8)
mercenary (~> 0.3.2)
nokogiri (~> 1.8.1)
parallel (~> 1.3)
typhoeus (~> 1.3)
yell (~> 2.0)
http_parser.rb (0.6.0)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jekyll (3.7.4)
addressable (~> 2.4)
colorator (~> 1.0)
em-websocket (~> 0.5)
i18n (~> 0.7)
jekyll-sass-converter (~> 1.0)
jekyll-watch (~> 2.0)
kramdown (~> 1.14)
liquid (~> 4.0)
mercenary (~> 0.3.3)
pathutil (~> 0.9)
rouge (>= 1.7, < 4)
safe_yaml (~> 1.0)
jekyll-avatar (0.6.0)
jekyll (~> 3.0)
jekyll-coffeescript (1.1.1)
coffee-script (~> 2.2)
coffee-script-source (~> 1.11.1)
jekyll-commonmark (1.2.0)
commonmarker (~> 0.14)
jekyll (>= 3.0, < 4.0)
jekyll-commonmark-ghpages (0.1.5)
commonmarker (~> 0.17.6)
jekyll-commonmark (~> 1)
rouge (~> 2)
jekyll-default-layout (0.1.4)
jekyll (~> 3.0)
jekyll-feed (0.11.0)
jekyll (~> 3.3)
jekyll-gist (1.5.0)
octokit (~> 4.2)
jekyll-github-metadata (2.9.4)
jekyll (~> 3.1)
octokit (~> 4.0, != 4.4.0)
jekyll-mentions (1.4.1)
html-pipeline (~> 2.3)
jekyll (~> 3.0)
jekyll-optional-front-matter (0.3.0)
jekyll (~> 3.0)
jekyll-paginate (1.1.0)
jekyll-readme-index (0.2.0)
jekyll (~> 3.0)
jekyll-redirect-from (0.14.0)
jekyll (~> 3.3)
jekyll-relative-links (0.5.3)
jekyll (~> 3.3)
jekyll-remote-theme (0.3.1)
jekyll (~> 3.5)
rubyzip (>= 1.2.1, < 3.0)
jekyll-sass-converter (1.5.2)
sass (~> 3.4)
jekyll-seo-tag (2.5.0)
jekyll (~> 3.3)
jekyll-sitemap (1.2.0)
jekyll (~> 3.3)
jekyll-swiss (0.4.0)
jekyll-theme-architect (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-cayman (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-dinky (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-hacker (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-leap-day (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-merlot (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-midnight (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-minimal (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-modernist (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-primer (0.5.3)
jekyll (~> 3.5)
jekyll-github-metadata (~> 2.9)
jekyll-seo-tag (~> 2.0)
jekyll-theme-slate (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-tactile (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-theme-time-machine (0.1.1)
jekyll (~> 3.5)
jekyll-seo-tag (~> 2.0)
jekyll-titles-from-headings (0.5.1)
jekyll (~> 3.3)
jekyll-watch (2.1.2)
listen (~> 3.0)
jemoji (0.10.1)
gemoji (~> 3.0)
html-pipeline (~> 2.2)
jekyll (~> 3.0)
kramdown (1.17.0)
liquid (4.0.0)
listen (3.1.5)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
ruby_dep (~> 1.2)
lumberjack (1.0.13)
mercenary (0.3.6)
method_source (0.9.2)
mini_portile2 (2.3.0)
minima (2.5.0)
jekyll (~> 3.5)
jekyll-feed (~> 0.9)
jekyll-seo-tag (~> 2.1)
minitest (5.11.3)
multipart-post (2.0.0)
nenv (0.3.0)
nokogiri (1.8.5)
mini_portile2 (~> 2.3.0)
notiffany (0.1.1)
nenv (~> 0.1)
shellany (~> 0.0)
octokit (4.13.0)
sawyer (~> 0.8.0, >= 0.5.3)
parallel (1.12.1)
pathutil (0.16.2)
forwardable-extended (~> 2.6)
pry (0.12.2)
coderay (~> 1.1.0)
method_source (~> 0.9.0)
public_suffix (2.0.5)
rb-fsevent (0.10.3)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
rouge (2.2.1)
ruby-enum (0.7.2)
i18n
ruby_dep (1.5.0)
rubyzip (1.2.2)
safe_yaml (1.0.4)
sass (3.7.2)
sass-listen (~> 4.0.0)
sass-listen (4.0.0)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
sawyer (0.8.1)
addressable (>= 2.3.5, < 2.6)
faraday (~> 0.8, < 1.0)
shellany (0.0.1)
terminal-table (1.8.0)
unicode-display_width (~> 1.1, >= 1.1.1)
thor (0.20.3)
thread_safe (0.3.6)
typhoeus (1.3.1)
ethon (>= 0.9.0)
tzinfo (1.2.5)
thread_safe (~> 0.1)
unicode-display_width (1.4.0)
yell (2.0.7)
PLATFORMS
ruby
DEPENDENCIES
github-pages
guard
guard-shell
html-proofer
BUNDLED WITH
1.16.2

4
Guardfile
View file

@ -1,9 +1,9 @@
require 'fileutils'
guard :shell do
watch(%r{^.+\.(lagda)$}) do |m|
watch(%r{^(.+)\.lagda\.md$}) do |m|
src = m[0]
out = "#{File.dirname(src).sub('src','out')}/#{File.basename(src,'.*')}.md"
out = "#{File.dirname(src).sub('src','out')}/#{File.basename(src,'.lagda.md')}.md"
`make #{out}` unless File.basename(src).start_with?('.#')
end
end

70
Makefile
View file

@ -1,18 +1,32 @@
agda := $(shell find . -type f -and \( -path '*/src/*' -or -path '*/tspl/*' \) -and -name '*.lagda')
agdai := $(shell find . -type f -and \( -path '*/src/*' -or -path '*/tspl/*' \) -and -name '*.agdai')
markdown := $(subst tspl/,out/,$(subst src/,out/,$(subst .lagda,.md,$(agda))))
SHELL := /bin/bash
AGDA := $(shell find . -type f -and \( -path '*/src/*' -or -path '*/courses/*' \) -and -name '*.lagda.md')
AGDAI := $(shell find . -type f -and \( -path '*/src/*' -or -path '*/courses/*' \) -and -name '*.agdai')
MARKDOWN := $(subst courses/,out/,$(subst src/,out/,$(subst .lagda.md,.md,$(AGDA))))
PLFA_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
AGDA2HTML_FLAGS := --verbose --link-to-local-agda-names --use-jekyll=out/
ifeq ($(AGDA_STDLIB_VERSION),)
AGDA_STDLIB_URL := https://agda.github.io/agda-stdlib/
else
AGDA_STDLIB_URL := https://agda.github.io/agda-stdlib/v$(AGDA_STDLIB_VERSION)/
endif
# Build PLFA and test hyperlinks
test: build
ruby -S bundle exec htmlproofer _site
ruby -S bundle exec htmlproofer '_site'
# Build PLFA and test hyperlinks offline
test-offline: build
ruby -S bundle exec htmlproofer _site --disable-external
ruby -S bundle exec htmlproofer '_site' --disable-external
# Build PLFA and test hyperlinks for stable
test-stable-offline: $(MARKDOWN)
ruby -S bundle exec jekyll clean
ruby -S bundle exec jekyll build --destination '_site/stable' --baseurl '/stable'
ruby -S bundle exec htmlproofer '_site' --disable-external
statistics:
@ -23,18 +37,23 @@ out/:
mkdir -p out/
# Build PLFA pages
out/%.md: src/%.lagda | out/
agda2html $(AGDA2HTML_FLAGS) -i $< -o $@ 2>&1 \
| sed '/^Generating.*/d; /^Warning\: HTML.*/d; /^reached from the.*/d; /^\s*$$/d'
@sed -i '1 s|---|---\nsrc : $(<)|' $@
# Convert literal Agda to Markdown
define AGDA_template
in := $(1)
out := $(subst courses/,out/,$(subst src/,out/,$(subst .lagda.md,.md,$(1))))
$$(out) : in = $(1)
$$(out) : out = $(subst courses/,out/,$(subst src/,out/,$(subst .lagda.md,.md,$(1))))
$$(out) : $$(in) | out/
@echo "Processing $$(subst ./,,$$(in))"
ifeq (,$$(findstring courses/,$$(in)))
./highlight.sh $$(subst ./,,$$(in)) --include-path=src/
else
# Fix links to the file itself (out/<filename> to out/<filepath>)
./highlight.sh $$(subst ./,,$$(in)) --include-path=src/ --include-path=$$(subst ./,,$$(dir $$(in)))
endif
endef
# Build TSPL pages
out/%.md: tspl/%.lagda | out/
agda2html $(AGDA2HTML_FLAGS) -i $< -o $@ -- --include-path=$(realpath src) 2>&1 \
| sed '/^Generating.*/d; /^Warning\: HTML.*/d; /^reached from the.*/d; /^\s*$$/d'
@sed -i '1 s|---|---\nsrc : $(<)|' $@
$(foreach agda,$(AGDA),$(eval $(call AGDA_template,$(agda))))
# Start server
@ -53,26 +72,20 @@ server-stop:
# Build website using jekyll
build: AGDA2HTML_FLAGS += --link-to-agda-stdlib
build: $(markdown)
ruby -S bundle exec jekyll build
# Build website using jekyll offline
build-offline: $(markdown)
build: $(MARKDOWN)
ruby -S bundle exec jekyll build
# Build website using jekyll incrementally
build-incremental: AGDA2HTML_FLAGS += --link-to-agda-stdlib
build-incremental: $(markdown)
build-incremental: $(MARKDOWN)
ruby -S bundle exec jekyll build --incremental
# Remove all auxiliary files
clean:
ifneq ($(strip $(agdai)),)
rm $(agdai)
rm -f .agda-stdlib.sed .links-*.sed
ifneq ($(strip $(AGDAI)),)
rm $(AGDAI)
endif
@ -86,7 +99,7 @@ clobber: clean
# List all .lagda files
ls:
@echo $(agda)
@echo $(AGDA)
.phony: ls
@ -105,7 +118,6 @@ macos-setup:
# Travis Setup (install Agda, the Agda standard library, agda2html, acknowledgements, etc.)
travis-setup:\
$(HOME)/.local/bin/agda\
$(HOME)/.local/bin/agda2html\
$(HOME)/.local/bin/acknowledgements\
$(HOME)/agda-stdlib-$(AGDA_STDLIB_VERSION)/src\
$(HOME)/.agda/defaults\

43
README.md
View file

@ -5,17 +5,16 @@ permalink: /GettingStarted/
---
[![Build Status](https://travis-ci.org/plfa/plfa.github.io.svg?branch=dev)](https://travis-ci.org/plfa/plfa.github.io)
[![Agda](https://img.shields.io/badge/agda-2.5.4.2-blue.svg)](https://github.com/agda/agda/releases/tag/v2.5.4.2)
[![agda-stdlib](https://img.shields.io/badge/agda--stdlib-0.17-blue.svg)](https://github.com/agda/agda-stdlib/releases/tag/v0.17)
[![agda2html](https://img.shields.io/badge/agda2html-0.2.3.0-blue.svg)](https://github.com/wenkokke/agda2html/releases/tag/v0.2.3.0)
[![Agda](https://img.shields.io/badge/agda-2.6.0.1-blue.svg)](https://github.com/agda/agda/releases/tag/v2.6.0.1)
[![agda-stdlib](https://img.shields.io/badge/agda--stdlib-1.1-blue.svg)](https://github.com/agda/agda-stdlib/releases/tag/v1.1)
# Getting Started with PLFA
There are several tools you need to work with PLFA:
- [Agda](https://agda.readthedocs.io/en/latest/getting-started/installation.html)
- [Agda standard library](https://github.com/agda/agda-stdlib)
- [Agda](https://agda.readthedocs.io/en/v2.6.0.1/getting-started/installation.html)
- [Agda standard library](https://github.com/agda/agda-stdlib/releases/tag/v1.1)
For most of the tools, you can simply follow their respective build instructions.
We list the versions of our dependencies on the badges above.
@ -27,7 +26,7 @@ or by downloading [the zip archive](https://github.com/plfa/plfa.github.io/archi
git clone https://github.com/plfa/plfa.github.io
Finally, we need to let Agda know where to find the standard library.
For this, you can follow the instructions [here](https://agda.readthedocs.io/en/latest/tools/package-system.html#example-using-the-standard-library).
For this, you can follow the instructions [here](https://agda.readthedocs.io/en/v2.6.0.1/tools/package-system.html#example-using-the-standard-library).
It is possible to set up PLFA as an Agda library as well.
If you are trying to complete the exercises found in the `tspl` folder, or otherwise want to import modules from the book, you need to do this.
@ -38,20 +37,16 @@ To do so, add the path to `plfa.agda-lib` to `~/.agda/libraries` and add `plfa`
To build and host a local copy of the book, there are several tools you need *in addition to those listed above*:
- [agda2html](https://github.com/wenkokke/agda2html)
- [Ruby](https://www.ruby-lang.org/en/documentation/installation/)
- [Bundler](https://bundler.io/#getting-started)
For most of the tools, you can simply follow their respective build instructions.
Most recent versions of Ruby should work.
You install the Ruby dependencies---[Jekyll](https://jekyllrb.com/), [html-proofer](https://github.com/gjtorikian/html-proofer), *etc.*---using Bundler:
We advise installing agda2html using [Stack](https://docs.haskellstack.org/en/stable/README/):
bundle install
git clone https://github.com/wenkokke/agda2html.git
cd agda2html
stack install
Once you have installed these tools, you can build the book from source:
Once you have installed all of the dependencies, you can build a copy of the book by running:
make build
@ -63,7 +58,6 @@ The Makefile offers more than just these options:
make (see make test)
make build (builds lagda->markdown and the website)
make build-offline (builds lagda->markdown and the website offline)
make build-incremental (builds lagda->markdown and the website incrementally)
make test (checks all links are valid)
make test-offline (checks all links are valid offline)
@ -84,27 +78,6 @@ unzip, and from within the directory run
bundle install
bundle exec jekyll serve
## GNU sed and macOS
The version of sed that ships with macOS is not fully compatible with the GNU sed.
Therefore, you may get errors such as:
```
sed: 1: "out/plfa/Bisimulation.md": invalid command code o
```
You can fix this error by installing a GNU compatible version of sed, e.g. using [Homebrew](https://brew.sh/):
```
brew install gnu-sed --with-default-names
```
## Updating `agda2html`
Sometimes we have to update agda2html.
To update your local copy, run the following commands from your clone of the
agda2html repository, or simply follow the installation instructions again:
git pull
stack install
## Unicode characters

10
_config.yml
View file

@ -32,9 +32,15 @@ markdown: kramdown
theme: minima
exclude:
- "hs/"
- "src/"
- "extra/"
- "depr/"
- "papers/"
- "slides/"
- "vendor/"
- "*.lagda"
- "*.agdai"
- "*.agda-lib"
- "*.lagda.md"
- "Guardfile"
- "Gemfile"
- "Gemfile.lock"
- "highlight.sh"

5
_includes/header.html
View file

@ -14,8 +14,11 @@
</span>
<div class="trigger">
<a class="page-link" href="{{ "/" | relative_url }}">Table of Contents</a>
<a class="page-link" href="{{ "/" | relative_url }}">The Book</a>
<a class="page-link" href="{{ "/Announcements/" | relative_url }}">Announcements</a>
<a class="page-link" href="{{ "/GettingStarted/" | relative_url }}">Getting Started</a>
<a class="page-link" href="{{ "/Citing/" | relative_url }}">Citing</a>
<a class="page-link" href="{{ "https://agda-zh.github.io/PLFA-zh/" | relative_url }}">中文</a>
</div>
</nav>

8
_includes/script.html
View file

@ -1,8 +1,14 @@
<!-- Import jQuery -->
<script type="text/javascript" src="{{ "/assets/jquery.js" | prepend: site.baseurl }}"></script>
<!-- Script which allows for foldable code blocks -->
<script type="text/javascript">
// Makes sandwhich menu works
$('.menu-icon').click(function(){
$('.trigger').toggle();
});
// Script which allows for foldable code blocks
$('div.foldable pre').each(function(){
var autoHeight = $(this).height();
var lineHeight = parseFloat($(this).css('line-height'));

31
_layouts/home.html Normal file
View file

@ -0,0 +1,31 @@
---
layout: default
---
<div class="home">
{{ content }}
{%- if site.posts.size > 0 -%}
<h2 class="post-list-heading">{{ page.list_title | default: "Posts" }}</h2>
<ul class="post-list">
{%- for post in site.posts -%}
<li>
{%- assign date_format = site.minima.date_format | default: "%b %-d, %Y" -%}
<span class="post-meta">{{ post.date | date: date_format }}</span>
<h3>
<a class="post-link" href="{{ post.url | relative_url }}">
{{ post.title | escape }}
</a>
</h3>
{%- if site.show_excerpts -%}
{{ post.excerpt }}
{%- endif -%}
</li>
{%- endfor -%}
</ul>
<p class="feed-subscribe"><svg class="svg-icon orange"><use xlink:href="{{ '/assets/minima-social-icons.svg#rss' | relative_url }}"></use></svg><a href="{{ "/feed.xml" | relative_url }}">Subscribe</a></p>
{%- endif -%}
</div>

27
_layouts/post.html Normal file
View file

@ -0,0 +1,27 @@
---
layout: default
---
<article class="post h-entry" itemscope itemtype="http://schema.org/BlogPosting">
<header class="post-header">
<h1 class="post-title p-name" itemprop="name headline">{{ page.title | escape }}</h1>
<p class="post-meta">
<time class="dt-published" datetime="{{ page.date | date_to_xmlschema }}" itemprop="datePublished">
{%- assign date_format = site.minima.date_format | default: "%b %-d, %Y" -%}
{{ page.date | date: date_format }}
</time>
{%- if page.author -%}
<span itemprop="author" itemscope itemtype="http://schema.org/Person"><span class="p-author h-card" itemprop="name">{{ page.author | escape }}</span></span>
{%- endif -%}</p>
</header>
<div class="post-content e-content" itemprop="articleBody">
{{ content }}
</div>
{%- if site.disqus.shortname -%}
{%- include disqus_comments.html -%}
{%- endif -%}
<a class="u-url" href="{{ page.url | relative_url }}" hidden></a>
</article>

16
_posts/2019-07-12-changes-to-plfa.md Normal file
View file

@ -0,0 +1,16 @@
---
layout : post
title : "Changes to PLFA Migration to Agda 2.6"
---
Today, we made several major changes to the PLFA infrastructure!
We upgraded to [Agda 2.6.0.1](https://github.com/agda/agda/releases/tag/v2.6.0.1) and [version 1.1 of the standard library](https://github.com/agda/agda-stdlib/releases/tag/v1.1). If you want to continue working with the book, you'll have to update your versions locally. Please follow the instructions in [Getting Started]({{ site.baseurl }}/GettingStarted/) to reinstall Agda and the standard library.
We deprecated [agda2html](https://github.com/wenkokke/agda2html). In version 2.6, Agda has added support for the `--html-highlight` flag. Using this command, Agda will highlight only the code in a file, and leave the rest untouched:
```bash
agda --html --html-highlight=code FILE.lagda.md
```
Of course, [agda2html](https://github.com/wenkokke/agda2html) offered support for more than just inline highlighting of code in Markdown files. We have written a bash script, [`highlight.sh`](https://github.com/plfa/plfa.github.io/blob/dev/highlight.sh), which supports much of the same functionality. In particular, it uses sed to redirect links to the standard library to [the online version](https://agda.github.io/agda-stdlib/README.html). For the time being, we dropped support for module references, e.g., linking to the chapter on Naturals by writing `[Naturals][plfa.Naturals]`, and removed all module references from the text.
Lastly, to use Agda 2.6 with Markdown, we updated all literal Agda files. We replaced LaTeX code fences, i.e., `\begin{code}` and `\end{code}`, with Markdown backtick fences ```` ``` ````, and changed the file extensions `.lagda` to `.lagda.md`. As a consequence, when you open up a literate Agda file in Emacs, it will open the file in Markdown mode -- if you have it installed -- or in fundamental mode. To switch to Agda mode, you will have to invoke `M-x agda2-mode`.

55
_sass/agda.scss
View file

@ -1,53 +1,22 @@
// Define variables for code formatting
@font-face {
font-family: "FreeMono";
src: url("fonts/FreeMono.woff");
font-weight: 400;
font-family: 'DejaVu Sans Mono';
src: url('fonts/DejaVuSansMono.woff2') format('woff2'),
url('fonts/DejaVuSansMono.woff') format('woff');
font-weight: normal;
font-style: normal;
}
@font-face {
font-family: 'FreeMono';
src: url('fonts/FreeMono.woff') format('woff');
font-stretch: normal;
font-style: normal;
unicode-range: U+20-7E, U+A0-220, U+224-233, U+237,
U+250-36F, U+374-375, U+37A, U+37E,
U+384-38A, U+38C, U+38E-3A1, U+3A3-3CE,
U+3D0-3D6, U+3DA-3DD, U+3F0-3F1, U+3F4-3F5,
U+400-47F, U+483-487, U+48A-4FF, U+510-513,
U+51A-51F, U+524-527, U+531-556, U+559-55F,
U+561-587, U+589-58A, U+58F, U+5B0-5C7,
U+5D0-5EA, U+5F0-5F4, U+606-60F, U+61B,
U+61E-657, U+659-6D5, U+6EE-6FF, U+10D0-10F5,
U+10F9, U+10FB-10FC, U+13A0-13F4, U+16A0-16F0,
U+1E00-1E9B, U+1EA0-1EF9, U+1F00-1F15, U+1F18-1F1D,
U+1F20-1F45, U+1F48-1F4D, U+1F50-1F57, U+1F59,
U+1F5B, U+1F5D, U+1F5F-1F7D, U+1F80-1FB4,
U+1FB6-1FC4, U+1FC6-1FD3, U+1FD6-1FDB, U+1FDD-1FEF,
U+1FF2-1FF4, U+1FF6-1FFE, U+2000-2064,
U+20A1-20B5, U+20B8-20B9,
U+20D0-20D2, U+20D6-20D7, U+20DB-20E3, U+20E5-20E6,
U+20E8, U+20EA-20EF, U+2100-2109, U+210D-211A,
U+211C-211E, U+2120-2122, U+2124, U+2126-2127,
U+2129-212B, U+212E, U+2132, U+2135-213B,
U+2141-2144, U+214B, U+214D-214E, U+2153-217F,
U+2190-21D5, U+21DC-21DD, U+21E6-21E9, U+21F3,
U+2200-22F1, U+2300, U+2302-2306, U+2308-2310,
U+2312, U+2314-2315, U+2318-2319, U+231C-2327,
U+2329-232C, U+2336-237A, U+237C-23B7, U+23BA-23CF,
U+23DA-23DB, U+23DE-23DF, U+23E2-23E6, U+2400-2426,
U+2440-244A, U+2460-2469, U+2500-2609, U+2610-2614,
U+261A-261F, U+2626-2629, U+262E-2653, U+2660-2667,
U+2669-266F, U+2680-2685, U+27C0-27CA, U+27CC,
U+27D0-27D7, U+27E4-27EB, U+27F2-27F3, U+27F5-27FC,
U+2800-28FF, U+2A00-2A06, U+2A1D, U+2A3F,
U+2B00-2B0D, U+2B12-2B19, U+2B1B-2B2B, U+2B53-2B54,
U+2E16-2E18, U+2E1A-2E1B, U+2E1E-2E1F, U+2E28-2E2E,
U+2E30, U+A788-A78C, U+A900-A92F, U+FB00-FB05,
U+FB1D-FB36, U+FB38-FB3C, U+FB3E, U+FB40-FB41,
U+FB43-FB44, U+FB46-FBBE, U+FBC0-FBC1, U+FBD3-FBE9,
U+FBFC-FBFF, U+FE70-FE74, U+FE76-FEFC, U+FEFF,
U+FFF9-FFFD;
unicode-range: U+20-7E, U+A0-220, U+224-233, U+237, U+250-36F, U+374-375, U+37A, U+37E, U+384-38A, U+38C, U+38E-3A1, U+3A3-3CE, U+3D0-3D6, U+3DA-3DD, U+3F0-3F1, U+3F4-3F5, U+400-47F, U+483-487, U+48A-4FF, U+510-513, U+51A-51F, U+524-527, U+531-556, U+559-55F, U+561-587, U+589-58A, U+58F, U+5B0-5C7, U+5D0-5EA, U+5F0-5F4, U+606-60F, U+61B, U+61E-657, U+659-6D5, U+6EE-6FF, U+10D0-10F5, U+10F9, U+10FB-10FC, U+13A0-13F4, U+16A0-16F0, U+1E00-1E9B, U+1EA0-1EF9, U+1F00-1F15, U+1F18-1F1D, U+1F20-1F45, U+1F48-1F4D, U+1F50-1F57, U+1F59, U+1F5B, U+1F5D, U+1F5F-1F7D, U+1F80-1FB4, U+1FB6-1FC4, U+1FC6-1FD3, U+1FD6-1FDB, U+1FDD-1FEF, U+1FF2-1FF4, U+1FF6-1FFE, U+2000-2064, U+20A1-20B5, U+20B8-20B9, U+20D0-20D2, U+20D6-20D7, U+20DB-20E3, U+20E5-20E6, U+20E8, U+20EA-20EF, U+2100-2109, U+210D-211A, U+211C-211E, U+2120-2122, U+2124, U+2126-2127, U+2129-212B, U+212E, U+2132, U+2135-213B, U+2141-2144, U+214B, U+214D-214E, U+2153-217F, U+2190-21D5, U+21DC-21DD, U+21E6-21E9, U+21F3, U+2200-22F1, U+2300, U+2302-2306, U+2308-2310, U+2312, U+2314-2315, U+2318-2319, U+231C-2327, U+2329-232C, U+2336-237A, U+237C-23B7, U+23BA-23CF, U+23DA-23DB, U+23DE-23DF, U+23E2-23E6, U+2400-2426, U+2440-244A, U+2460-2469, U+2500-2609, U+2610-2614, U+261A-261F, U+2626-2629, U+262E-2653, U+2660-2667, U+2669-266F, U+2680-2685, U+27C0-27CA, U+27CC, U+27D0-27D7, U+27E4-27EB, U+27F2-27F3, U+27F5-27FC, U+2800-28FF, U+2A00-2A06, U+2A1D, U+2A3F, U+2B00-2B0D, U+2B12-2B19, U+2B1B-2B2B, U+2B53-2B54, U+2E16-2E18, U+2E1A-2E1B, U+2E1E-2E1F, U+2E28-2E2E, U+2E30, U+A788-A78C, U+A900-A92F, U+FB00-FB05, U+FB1D-FB36, U+FB38-FB3C, U+FB3E, U+FB40-FB41, U+FB43-FB44, U+FB46-FBBE, U+FBC0-FBC1, U+FBD3-FBE9, U+FBFC-FBFF, U+FE70-FE74, U+FE76-FEFC, U+FEFF, U+FFF9-FFFD;
}
@mixin code-font {
font-family: 'FreeMono', 'Courier New', 'Monaco', 'Menlo', 'Source Code Pro', 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', monospace, serif;
font-family: 'DejaVu Sans Mono', 'Source Code Pro', 'Bitstream Vera Sans Mono', 'FreeMono', 'Courier New', 'Monaco', 'Menlo', monospace, serif;
font-size: .85em;
}
@mixin code-container {

BIN
assets/fonts/DejaVuSansMono.woff Executable file
View file

Binary file not shown.

BIN
assets/fonts/DejaVuSansMono.woff2 Executable file
View file

Binary file not shown.

8
assets/main.scss
View file

@ -4,3 +4,11 @@
@import "katex";
@import "minima";
@import "agda";
$on-medium: 600px !default;
.trigger { display: none; }
@media screen and (min-width: $on-medium) {
.trigger { display: block; }
}

44
courses/padova/2019/padova2019.md Normal file
View file

@ -0,0 +1,44 @@
---
title : "Padova: Course notes"
layout : page
permalink : /Padova/2019/
---
## Staff
* **Instructor**
[Philip Wadler](https://homepages.inf.ed.ac.uk/wadler)
* **Host**
[Maria Emilia Maietti](https://www.math.unipd.it/~maietti/)
## Schedule
* 12.30--15.30, Wed 28 May 2019, Lecture and lab
* 12.30--15.30, Thu 29 May 2019, Lecture and lab
<table>
<tr>
<td><b>Wed 28 May</b></td>
<td><a href="{{ site.baseurl }}/Naturals/">Naturals</a>,
<a href="{{ site.baseurl }}/Induction/">Induction</a> &amp; <a href="{{ site.baseurl }}/Relations/">Relations</a></td>
</tr>
<tr>
<td><b>Thu 29 May</b></td>
<td><a href="{{ site.baseurl }}/Lambda/">Lambda</a> &amp;
<a href="{{ site.baseurl }}/Properties/">Properties</a></td>
</tr>
</table>
## Assignments
For instructions on how to set up Agda for PLFA see [Getting Started]({{ site.baseurl }}/GettingStarted/).
* Wed 28 May
- Naturals (`_^_`)
- Induction (`+-swap`, `*-distrib-+`)
- Relations (`<-trans`)
* Wed 29 May
- Lambda (`mul`, `mul-type`)
- Properties (`mul-eval`)

311
courses/puc/2019/Assignment1.lagda.md Normal file
View file

@ -0,0 +1,311 @@
---
title : "Assignment1: PUC Assignment 1"
layout : page
permalink : /PUC/2019/Assignment1/
---
```
module Assignment1 where
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
You must do _all_ the exercises labelled "(recommended)".
Exercises labelled "(stretch)" are there to provide an extra challenge.
You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Please ensure your files execute correctly under Agda!
## Imports
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong; sym)
open Eq.≡-Reasoning using (begin_; _≡⟨⟩_; _≡⟨_⟩_; _∎)
open import Data.Nat using (; zero; suc; _+_; _*_; _∸_; _≤_; z≤n; s≤s)
open import Data.Nat.Properties using (+-assoc; +-identityʳ; +-suc; +-comm;
≤-refl; ≤-trans; ≤-antisym; ≤-total; +-monoʳ-≤; +-monoˡ-≤; +-mono-≤)
open import plfa.Relations using (_<_; z<s; s<s; zero; suc; even; odd)
```
## Naturals
#### Exercise `seven` {#seven}
Write out `7` in longhand.
#### Exercise `+-example` {#plus-example}
Compute `3 + 4`, writing out your reasoning as a chain of equations.
#### Exercise `*-example` {#times-example}
Compute `3 * 4`, writing out your reasoning as a chain of equations.
#### Exercise `_^_` (recommended) {#power}
Define exponentiation, which is given by the following equations.
n ^ 0 = 1
n ^ (1 + m) = n * (n ^ m)
Check that `3 ^ 4` is `81`.
#### Exercise `∸-examples` (recommended) {#monus-examples}
Compute `5 ∸ 3` and `3 ∸ 5`, writing out your reasoning as a chain of equations.
#### Exercise `Bin` (stretch) {#Bin}
A more efficient representation of natural numbers uses a binary
rather than a unary system. We represent a number as a bitstring.
```
data Bin : Set where
nil : Bin
x0_ : Bin → Bin
x1_ : Bin → Bin
```
For instance, the bitstring
1011
standing for the number eleven is encoded, right to left, as
x1 x1 x0 x1 nil
Representations are not unique due to leading zeros.
Hence, eleven is also represented by `001011`, encoded as
x1 x1 x0 x1 x0 x0 nil
Define a function
inc : Bin → Bin
that converts a bitstring to the bitstring for the next higher
number. For example, since `1100` encodes twelve, we should have
inc (x1 x1 x0 x1 nil) ≡ x0 x0 x1 x1 nil
Confirm that this gives the correct answer for the bitstrings
encoding zero through four.
Using the above, define a pair of functions to convert
between the two representations.
to : → Bin
from : Bin →
For the former, choose the bitstring to have no leading zeros if it
represents a positive natural, and represent zero by `x0 nil`.
Confirm that these both give the correct answer for zero through four.
## Induction
#### Exercise `operators` {#operators}
Give another example of a pair of operators that have an identity
and are associative, commutative, and distribute over one another.
Give an example of an operator that has an identity and is
associative but is not commutative.
#### Exercise `finite-|-assoc` (stretch) {#finite-plus-assoc}
Write out what is known about associativity of addition on each of the first four
days using a finite story of creation, as
[earlier][plfa.Naturals#finite-creation]
#### Exercise `+-swap` (recommended) {#plus-swap}
Show
m + (n + p) ≡ n + (m + p)
for all naturals `m`, `n`, and `p`. No induction is needed,
just apply the previous results which show addition
is associative and commutative. You may need to use
the following function from the standard library:
sym : ∀ {m n : } → m ≡ n → n ≡ m
#### Exercise `*-distrib-+` (recommended) {#times-distrib-plus}
Show multiplication distributes over addition, that is,
(m + n) * p ≡ m * p + n * p
for all naturals `m`, `n`, and `p`.
#### Exercise `*-assoc` (recommended) {#times-assoc}
Show multiplication is associative, that is,
(m * n) * p ≡ m * (n * p)
for all naturals `m`, `n`, and `p`.
#### Exercise `*-comm` {#times-comm}
Show multiplication is commutative, that is,
m * n ≡ n * m
for all naturals `m` and `n`. As with commutativity of addition,
you will need to formulate and prove suitable lemmas.
#### Exercise `0∸n≡0` {#zero-monus}
Show
zero ∸ n ≡ zero
for all naturals `n`. Did your proof require induction?
#### Exercise `∸-|-assoc` {#monus-plus-assoc}
Show that monus associates with addition, that is,
m ∸ n ∸ p ≡ m ∸ (n + p)
for all naturals `m`, `n`, and `p`.
#### Exercise `Bin-laws` (stretch) {#Bin-laws}
Recall that
Exercise [Bin][plfa.Naturals#Bin]
defines a datatype `Bin` of bitstrings representing natural numbers
and asks you to define functions
inc : Bin → Bin
to : → Bin
from : Bin →
Consider the following laws, where `n` ranges over naturals and `x`
over bitstrings.
from (inc x) ≡ suc (from x)
to (from n) ≡ n
from (to x) ≡ x
For each law: if it holds, prove; if not, give a counterexample.
## Relations
#### Exercise `orderings` {#orderings}
Give an example of a preorder that is not a partial order.
Give an example of a partial order that is not a preorder.
#### Exercise `≤-antisym-cases` {#leq-antisym-cases}
The above proof omits cases where one argument is `z≤n` and one
argument is `s≤s`. Why is it ok to omit them?
#### Exercise `*-mono-≤` (stretch)
Show that multiplication is monotonic with regard to inequality.
#### Exercise `<-trans` (recommended) {#less-trans}
Show that strict inequality is transitive.
#### Exercise `trichotomy` {#trichotomy}
Show that strict inequality satisfies a weak version of trichotomy, in
the sense that for any `m` and `n` that one of the following holds:
* `m < n`,
* `m ≡ n`, or
* `m > n`
Define `m > n` to be the same as `n < m`.
You will need a suitable data declaration,
similar to that used for totality.
(We will show that the three cases are exclusive after we introduce
[negation][plfa.Negation].)
#### Exercise `+-mono-<` {#plus-mono-less}
Show that addition is monotonic with respect to strict inequality.
As with inequality, some additional definitions may be required.
#### Exercise `≤-iff-<` (recommended) {#leq-iff-less}
Show that `suc m ≤ n` implies `m < n`, and conversely.
#### Exercise `<-trans-revisited` {#less-trans-revisited}
Give an alternative proof that strict inequality is transitive,
using the relating between strict inequality and inequality and
the fact that inequality is transitive.
#### Exercise `o+o≡e` (stretch) {#odd-plus-odd}
Show that the sum of two odd numbers is even.
#### Exercise `Bin-predicates` (stretch) {#Bin-predicates}
Recall that
Exercise [Bin][plfa.Naturals#Bin]
defines a datatype `Bin` of bitstrings representing natural numbers.
Representations are not unique due to leading zeros.
Hence, eleven may be represented by both of the following
x1 x1 x0 x1 nil
x1 x1 x0 x1 x0 x0 nil
Define a predicate
Can : Bin → Set
over all bitstrings that holds if the bitstring is canonical, meaning
it has no leading zeros; the first representation of eleven above is
canonical, and the second is not. To define it, you will need an
auxiliary predicate
One : Bin → Set
that holds only if the bistring has a leading one. A bitstring is
canonical if it has a leading one (representing a positive number) or
if it consists of a single zero (representing zero).
Show that increment preserves canonical bitstrings.
Can x
------------
Can (inc x)
Show that converting a natural to a bitstring always yields a
canonical bitstring.
----------
Can (to n)
Show that converting a canonical bitstring to a natural
and back is the identity.
Can x
---------------
to (from x) ≡ x
(Hint: For each of these, you may first need to prove related
properties of `One`.)

557
courses/puc/2019/Assignment2.lagda.md Normal file
View file

@ -0,0 +1,557 @@
---
title : "Assignment2: PUC Assignment 2"
layout : page
permalink : /PUC/2019/Assignment2/
---
```
module Assignment2 where
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
You must do _all_ the exercises labelled "(recommended)".
Exercises labelled "(stretch)" are there to provide an extra challenge.
You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Please ensure your files execute correctly under Agda!
## Imports
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong; sym)
open Eq.≡-Reasoning using (begin_; _≡⟨⟩_; _≡⟨_⟩_; _∎)
open import Data.Nat using (; zero; suc; _+_; _*_; _∸_; _≤_; z≤n; s≤s)
open import Data.Nat.Properties using (+-assoc; +-identityʳ; +-suc; +-comm;
≤-refl; ≤-trans; ≤-antisym; ≤-total; +-monoʳ-≤; +-monoˡ-≤; +-mono-≤)
open import plfa.Relations using (_<_; z<s; s<s)
open import Data.Product using (_×_; proj₁; proj₂) renaming (_,_ to ⟨_,_⟩)
open import Data.Product using (Σ; ∃; Σ-syntax; ∃-syntax)
open import Data.Unit using (; tt)
open import Data.Sum using (_⊎_; inj₁; inj₂) renaming ([_,_] to case-⊎)
open import Data.Empty using (⊥; ⊥-elim)
open import Data.Bool.Base using (Bool; true; false; T; _∧_; __; not)
open import Relation.Nullary using (¬_; Dec; yes; no)
open import Relation.Nullary.Decidable using (⌊_⌋; toWitness; fromWitness)
open import Relation.Nullary.Negation using (¬?)
open import Relation.Nullary.Product using (_×-dec_)
open import Relation.Nullary.Sum using (_⊎-dec_)
open import Relation.Nullary.Negation using (contraposition)
open import Relation.Unary using (Decidable)
open import Function using (_∘_)
open import Level using (Level)
open import plfa.Relations using (_<_; z<s; s<s)
open import plfa.Isomorphism using (_≃_; ≃-sym; ≃-trans; _≲_; extensionality)
open plfa.Isomorphism.≃-Reasoning
open import plfa.Lists using (List; []; _∷_; [_]; [_,_]; [_,_,_]; [_,_,_,_];
_++_; reverse; map; foldr; sum; All; Any; here; there; _∈_)
```
## Equality
#### Exercise `≤-reasoning` (stretch)
The proof of monotonicity from
Chapter [Relations][plfa.Relations]
can be written in a more readable form by using an analogue of our
notation for `≡-reasoning`. Define `≤-reasoning` analogously, and use
it to write out an alternative proof that addition is monotonic with
regard to inequality. Rewrite both `+-monoˡ-≤` and `+-mono-≤`.
## Isomorphism
#### Exercise `≃-implies-≲`
Show that every isomorphism implies an embedding.
```
postulate
≃-implies-≲ : ∀ {A B : Set}
→ A ≃ B
-----
→ A ≲ B
```
#### Exercise `_⇔_` (recommended) {#iff}
Define equivalence of propositions (also known as "if and only if") as follows.
```
record _⇔_ (A B : Set) : Set where
field
to : A → B
from : B → A
open _⇔_
```
Show that equivalence is reflexive, symmetric, and transitive.
#### Exercise `Bin-embedding` (stretch) {#Bin-embedding}
Recall that Exercises
[Bin][plfa.Naturals#Bin] and
[Bin-laws][plfa.Induction#Bin-laws]
define a datatype of bitstrings representing natural numbers.
```
data Bin : Set where
nil : Bin
x0_ : Bin → Bin
x1_ : Bin → Bin
```
And ask you to define the following functions:
to : → Bin
from : Bin →
which satisfy the following property:
from (to n) ≡ n
Using the above, establish that there is an embedding of `` into `Bin`.
Why is there not an isomorphism?
## Connectives
#### Exercise `⇔≃×` (recommended)
Show that `A ⇔ B` as defined [earlier][plfa.Isomorphism#iff]
is isomorphic to `(A → B) × (B → A)`.
#### Exercise `⊎-comm` (recommended)
Show sum is commutative up to isomorphism.
#### Exercise `⊎-assoc`
Show sum is associative up to isomorphism.
#### Exercise `⊥-identityˡ` (recommended)
Show zero is the left identity of addition.
#### Exercise `⊥-identityʳ`
Show zero is the right identity of addition.
#### Exercise `⊎-weak-×` (recommended)
Show that the following property holds.
```
postulate
⊎-weak-× : ∀ {A B C : Set} → (A ⊎ B) × C → A ⊎ (B × C)
```
This is called a _weak distributive law_. Give the corresponding
distributive law, and explain how it relates to the weak version.
#### Exercise `⊎×-implies-×⊎`
Show that a disjunct of conjuncts implies a conjunct of disjuncts.
```
postulate
⊎×-implies-×⊎ : ∀ {A B C D : Set} → (A × B) ⊎ (C × D) → (A ⊎ C) × (B ⊎ D)
```
Does the converse hold? If so, prove; if not, give a counterexample.
## Negation
#### Exercise `<-irreflexive` (recommended)
Using negation, show that
[strict inequality][plfa.Relations#strict-inequality]
is irreflexive, that is, `n < n` holds for no `n`.
#### Exercise `trichotomy`
Show that strict inequality satisfies
[trichotomy][plfa.Relations#trichotomy],
that is, for any naturals `m` and `n` exactly one of the following holds:
* `m < n`
* `m ≡ n`
* `m > n`
Here "exactly one" means that one of the three must hold, and each implies the
negation of the other two.
#### Exercise `⊎-dual-×` (recommended)
Show that conjunction, disjunction, and negation are related by a
version of De Morgan's Law.
¬ (A ⊎ B) ≃ (¬ A) × (¬ B)
This result is an easy consequence of something we've proved previously.
Do we also have the following?
¬ (A × B) ≃ (¬ A) ⊎ (¬ B)
If so, prove; if not, give a variant that does hold.
#### Exercise `Classical` (stretch)
Consider the following principles.
* Excluded Middle: `A ⊎ ¬ A`, for all `A`
* Double Negation Elimination: `¬ ¬ A → A`, for all `A`
* Peirce's Law: `((A → B) → A) → A`, for all `A` and `B`.
* Implication as disjunction: `(A → B) → ¬ A ⊎ B`, for all `A` and `B`.
* De Morgan: `¬ (¬ A × ¬ B) → A ⊎ B`, for all `A` and `B`.
Show that each of these implies all the others.
#### Exercise `Stable` (stretch)
Say that a formula is _stable_ if double negation elimination holds for it.
```
Stable : Set → Set
Stable A = ¬ ¬ A → A
```
Show that any negated formula is stable, and that the conjunction
of two stable formulas is stable.
## Quantifiers
#### Exercise `∀-distrib-×` (recommended)
Show that universals distribute over conjunction.
```
postulate
∀-distrib-× : ∀ {A : Set} {B C : A → Set} →
(∀ (x : A) → B x × C x) ≃ (∀ (x : A) → B x) × (∀ (x : A) → C x)
```
Compare this with the result (`→-distrib-×`) in
Chapter [Connectives][plfa.Connectives].
#### Exercise `⊎∀-implies-∀⊎`
Show that a disjunction of universals implies a universal of disjunctions.
```
postulate
⊎∀-implies-∀⊎ : ∀ {A : Set} { B C : A → Set } →
(∀ (x : A) → B x) ⊎ (∀ (x : A) → C x) → ∀ (x : A) → B x ⊎ C x
```
Does the converse hold? If so, prove; if not, explain why.
#### Exercise `∃-distrib-⊎` (recommended)
Show that existentials distribute over disjunction.
```
postulate
∃-distrib-⊎ : ∀ {A : Set} {B C : A → Set} →
∃[ x ] (B x ⊎ C x) ≃ (∃[ x ] B x) ⊎ (∃[ x ] C x)
```
#### Exercise `∃×-implies-×∃`
Show that an existential of conjunctions implies a conjunction of existentials.
```
postulate
∃×-implies-×∃ : ∀ {A : Set} { B C : A → Set } →
∃[ x ] (B x × C x) → (∃[ x ] B x) × (∃[ x ] C x)
```
Does the converse hold? If so, prove; if not, explain why.
#### Exercise `∃-even-odd`
How do the proofs become more difficult if we replace `m * 2` and `1 + m * 2`
by `2 * m` and `2 * m + 1`? Rewrite the proofs of `∃-even` and `∃-odd` when
restated in this way.
#### Exercise `∃-|-≤`
Show that `y ≤ z` holds if and only if there exists a `x` such that
`x + y ≡ z`.
#### Exercise `∃¬-implies-¬∀` (recommended)
Show that existential of a negation implies negation of a universal.
```
postulate
∃¬-implies-¬∀ : ∀ {A : Set} {B : A → Set}
→ ∃[ x ] (¬ B x)
--------------
→ ¬ (∀ x → B x)
```
Does the converse hold? If so, prove; if not, explain why.
#### Exercise `Bin-isomorphism` (stretch) {#Bin-isomorphism}
Recall that Exercises
[Bin][plfa.Naturals#Bin],
[Bin-laws][plfa.Induction#Bin-laws], and
[Bin-predicates][plfa.Relations#Bin-predicates]
define a datatype of bitstrings representing natural numbers.
data Bin : Set where
nil : Bin
x0_ : Bin → Bin
x1_ : Bin → Bin
And ask you to define the following functions and predicates.
to : → Bin
from : Bin →
Can : Bin → Set
And to establish the following properties.
from (to n) ≡ n
----------
Can (to n)
Can x
---------------
to (from x) ≡ x
Using the above, establish that there is an isomorphism between `` and
`∃[ x ](Can x)`.
## Decidable
#### Exercise `_<?_` (recommended)
Analogous to the function above, define a function to decide strict inequality.
```
postulate
_<?_ : ∀ (m n : ) → Dec (m < n)
```
#### Exercise `_≡?_`
Define a function to decide whether two naturals are equal.
```
postulate
_≡?_ : ∀ (m n : ) → Dec (m ≡ n)
```
#### Exercise `erasure`
Show that erasure relates corresponding boolean and decidable operations.
```
postulate
∧-× : ∀ {A B : Set} (x : Dec A) (y : Dec B) → ⌊ x ⌋ ∧ ⌊ y ⌋ ≡ ⌊ x ×-dec y ⌋
-× : ∀ {A B : Set} (x : Dec A) (y : Dec B) → ⌊ x ⌋ ⌊ y ⌋ ≡ ⌊ x ⊎-dec y ⌋
not-¬ : ∀ {A : Set} (x : Dec A) → not ⌊ x ⌋ ≡ ⌊ ¬? x ⌋
```
#### Exercise `iff-erasure` (recommended)
Give analogues of the `_⇔_` operation from
Chapter [Isomorphism][plfa.Isomorphism#iff],
operation on booleans and decidables, and also show the corresponding erasure.
```
postulate
_iff_ : Bool → Bool → Bool
_⇔-dec_ : ∀ {A B : Set} → Dec A → Dec B → Dec (A ⇔ B)
iff-⇔ : ∀ {A B : Set} (x : Dec A) (y : Dec B) → ⌊ x ⌋ iff ⌊ y ⌋ ≡ ⌊ x ⇔-dec y ⌋
```
## Lists
#### Exercise `reverse-++-commute` (recommended)
Show that the reverse of one list appended to another is the
reverse of the second appended to the reverse of the first.
```
postulate
reverse-++-commute : ∀ {A : Set} {xs ys : List A}
→ reverse (xs ++ ys) ≡ reverse ys ++ reverse xs
```
#### Exercise `reverse-involutive` (recommended)
A function is an _involution_ if when applied twice it acts
as the identity function. Show that reverse is an involution.
```
postulate
reverse-involutive : ∀ {A : Set} {xs : List A}
→ reverse (reverse xs) ≡ xs
```
#### Exercise `map-compose`
Prove that the map of a composition is equal to the composition of two maps.
```
postulate
map-compose : ∀ {A B C : Set} {f : A → B} {g : B → C}
→ map (g ∘ f) ≡ map g ∘ map f
```
The last step of the proof requires extensionality.
#### Exercise `map-++-commute`
Prove the following relationship between map and append.
```
postulate
map-++-commute : ∀ {A B : Set} {f : A → B} {xs ys : List A}
→ map f (xs ++ ys) ≡ map f xs ++ map f ys
```
#### Exercise `map-Tree`
Define a type of trees with leaves of type `A` and internal
nodes of type `B`.
```
data Tree (A B : Set) : Set where
leaf : A → Tree A B
node : Tree A B → B → Tree A B → Tree A B
```
Define a suitable map operator over trees.
```
postulate
map-Tree : ∀ {A B C D : Set}
→ (A → C) → (B → D) → Tree A B → Tree C D
```
#### Exercise `product` (recommended)
Use fold to define a function to find the product of a list of numbers.
For example,
product [ 1 , 2 , 3 , 4 ] ≡ 24
#### Exercise `foldr-++` (recommended)
Show that fold and append are related as follows.
```
postulate
foldr-++ : ∀ {A B : Set} (_⊗_ : A → B → B) (e : B) (xs ys : List A) →
foldr _⊗_ e (xs ++ ys) ≡ foldr _⊗_ (foldr _⊗_ e ys) xs
```
#### Exercise `map-is-foldr`
Show that map can be defined using fold.
```
postulate
map-is-foldr : ∀ {A B : Set} {f : A → B} →
map f ≡ foldr (λ x xs → f x ∷ xs) []
```
This requires extensionality.
#### Exercise `fold-Tree`
Define a suitable fold function for the type of trees given earlier.
```
postulate
fold-Tree : ∀ {A B C : Set}
→ (A → C) → (C → B → C → C) → Tree A B → C
```
#### Exercise `map-is-fold-Tree`
Demonstrate an analogue of `map-is-foldr` for the type of trees.
#### Exercise `sum-downFrom` (stretch)
Define a function that counts down as follows.
```
downFrom : → List
downFrom zero = []
downFrom (suc n) = n ∷ downFrom n
```
For example,
```
_ : downFrom 3 ≡ [ 2 , 1 , 0 ]
_ = refl
```
Prove that the sum of the numbers `(n - 1) + ⋯ + 0` is
equal to `n * (n ∸ 1) / 2`.
```
postulate
sum-downFrom : ∀ (n : )
→ sum (downFrom n) * 2 ≡ n * (n ∸ 1)
```
#### Exercise `foldl`
Define a function `foldl` which is analogous to `foldr`, but where
operations associate to the left rather than the right. For example,
foldr _⊗_ e [ x , y , z ] = x ⊗ (y ⊗ (z ⊗ e))
foldl _⊗_ e [ x , y , z ] = ((e ⊗ x) ⊗ y) ⊗ z
#### Exercise `foldr-monoid-foldl`
Show that if `_⊕_` and `e` form a monoid, then `foldr _⊗_ e` and
`foldl _⊗_ e` always compute the same result.
#### Exercise `Any-++-⇔` (recommended)
Prove a result similar to `All-++-⇔`, but with `Any` in place of `All`, and a suitable
replacement for `_×_`. As a consequence, demonstrate an equivalence relating
`_∈_` and `_++_`.
#### Exercise `All-++-≃` (stretch)
Show that the equivalence `All-++-⇔` can be extended to an isomorphism.
#### Exercise `¬Any≃All¬` (stretch)
First generalise composition to arbitrary levels, using
[universe polymorphism][plfa.Equality#unipoly].
```
_∘_ : ∀ {ℓ₁ ℓ₂ ℓ₃ : Level} {A : Set ℓ₁} {B : Set ℓ₂} {C : Set ℓ₃}
→ (B → C) → (A → B) → A → C
(g ∘′ f) x = g (f x)
```
Show that `Any` and `All` satisfy a version of De Morgan's Law.
```
postulate
¬Any≃All¬ : ∀ {A : Set} (P : A → Set) (xs : List A)
→ (¬_ ∘′ Any P) xs ≃ All (¬_ ∘′ P) xs
```
Do we also have the following?
```
postulate
¬All≃Any¬ : ∀ {A : Set} (P : A → Set) (xs : List A)
→ (¬_ ∘′ All P) xs ≃ Any (¬_ ∘′ P) xs
```
If so, prove; if not, explain why.
#### Exercise `any?` (stretch)
Just as `All` has analogues `all` and `all?` which determine whether a
predicate holds for every element of a list, so does `Any` have
analogues `any` and `any?` which determine whether a predicates holds
for some element of a list. Give their definitions.
#### Exercise `filter?` (stretch)
Define the following variant of the traditional `filter` function on lists,
which given a list and a decidable predicate returns all elements of the
list satisfying the predicate.
```
postulate
filter? : ∀ {A : Set} {P : A → Set}
→ (P? : Decidable P) → List A → ∃[ ys ]( All P ys )
```

181
courses/puc/2019/Assignment3.lagda.md Normal file
View file

@ -0,0 +1,181 @@
---
title : "Assignment3: PUC Assignment 3"
layout : page
permalink : /PUC/2019/Assignment3/
---
```
module Assignment3 where
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
You must do _all_ the exercises labelled "(recommended)".
Exercises labelled "(stretch)" are there to provide an extra challenge.
You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Please ensure your files execute correctly under Agda!
## Imports
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong; sym)
open Eq.≡-Reasoning using (begin_; _≡⟨⟩_; _≡⟨_⟩_; _∎)
open import Data.Bool.Base using (Bool; true; false; T; _∧_; __; not)
open import Data.Nat using (; zero; suc; _+_; _*_; _∸_; _≤_; s≤s; z≤n)
open import Data.Nat.Properties using
(+-assoc; +-identityˡ; +-identityʳ; *-assoc; *-identityˡ; *-identityʳ)
open import Relation.Nullary using (¬_; Dec; yes; no)
open import Data.Product using (_×_; ∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
open import Data.Empty using (⊥; ⊥-elim)
open import Function using (_∘_)
open import Algebra.Structures using (IsMonoid)
open import Level using (Level)
open import Relation.Unary using (Decidable)
open import plfa.Relations using (_<_; z<s; s<s)
open import plfa.Isomorphism using (_≃_; ≃-sym; ≃-trans; _≲_; extensionality)
open plfa.Isomorphism.≃-Reasoning
open import plfa.Lists using (List; []; _∷_; [_]; [_,_]; [_,_,_]; [_,_,_,_];
_++_; reverse; map; foldr; sum; All; Any; here; there; _∈_)
open import plfa.Lambda hiding (ƛ_⇒_; case_[zero⇒_|suc_⇒_]; μ_⇒_; plus)
open import plfa.Properties hiding (value?; unstuck; preserves; wttdgs)
```
## Lambda
#### Exercise `mul` (recommended)
Write out the definition of a lambda term that multiplies
two natural numbers.
#### Exercise `primed` (stretch)
We can make examples with lambda terms slightly easier to write
by adding the following definitions.
```
ƛ_⇒_ : Term → Term → Term
ƛ′ (` x) ⇒ N = ƛ x ⇒ N
ƛ′ _ ⇒ _ = ⊥-elim impossible
where postulate impossible : ⊥
case_[zero⇒_|suc_⇒_] : Term → Term → Term → Term → Term
case L [zero⇒ M |suc (` x) ⇒ N ] = case L [zero⇒ M |suc x ⇒ N ]
case _ [zero⇒ _ |suc _ ⇒ _ ] = ⊥-elim impossible
where postulate impossible : ⊥
μ_⇒_ : Term → Term → Term
μ′ (` x) ⇒ N = μ x ⇒ N
μ′ _ ⇒ _ = ⊥-elim impossible
where postulate impossible : ⊥
```
The definition of `plus` can now be written as follows.
```
plus : Term
plus = μ′ + ⇒ ƛ′ m ⇒ ƛ′ n ⇒
case m
[zero⇒ n
|suc m ⇒ `suc (+ · m · n) ]
where
+ = ` "+"
m = ` "m"
n = ` "n"
```
Write out the definition of multiplication in the same style.
#### Exercise `_[_:=_]` (stretch)
The definition of substitution above has three clauses (`ƛ`, `case`,
and `μ`) that invoke a with clause to deal with bound variables.
Rewrite the definition to factor the common part of these three
clauses into a single function, defined by mutual recursion with
substitution.
#### Exercise `—↠≲—↠′`
Show that the first notion of reflexive and transitive closure
above embeds into the second. Why are they not isomorphic?
#### Exercise `plus-example`
Write out the reduction sequence demonstrating that one plus one is two.
#### Exercise `mul-type` (recommended)
Using the term `mul` you defined earlier, write out the derivation
showing that it is well-typed.
## Properties
#### Exercise `Progress-≃`
Show that `Progress M` is isomorphic to `Value M ⊎ ∃[ N ](M —→ N)`.
#### Exercise `progress`
Write out the proof of `progress` in full, and compare it to the
proof of `progress` above.
#### Exercise `value?`
Combine `progress` and `—→¬V` to write a program that decides
whether a well-typed term is a value.
```
postulate
value? : ∀ {A M} → ∅ ⊢ M ⦂ A → Dec (Value M)
```
#### Exercise `subst` (stretch)
Rewrite `subst` to work with the modified definition `_[_:=_]`
from the exercise in the previous chapter. As before, this
should factor dealing with bound variables into a single function,
defined by mutual recursion with the proof that substitution
preserves types.
#### Exercise `mul-example` (recommended)
Using the evaluator, confirm that two times two is four.
#### Exercise: `progress-preservation`
Without peeking at their statements above, write down the progress
and preservation theorems for the simply typed lambda-calculus.
#### Exercise `subject-expansion`
We say that `M` _reduces_ to `N` if `M —→ N`,
and conversely that `M` _expands_ to `N` if `N —→ M`.
The preservation property is sometimes called _subject reduction_.
Its opposite is _subject expansion_, which holds if
`M —→ N` and `∅ ⊢ N ⦂ A` imply `∅ ⊢ M ⦂ A`.
Find two counter-examples to subject expansion, one
with case expressions and one not involving case expressions.
#### Exercise `stuck`
Give an example of an ill-typed term that does get stuck.
#### Exercise `unstuck` (recommended)
Provide proofs of the three postulates, `unstuck`, `preserves`, and `wttdgs` above.

739
courses/puc/2019/Assignment4.lagda.md Normal file
View file

@ -0,0 +1,739 @@
---
title : "Assignment4: PUC Assignment 4"
layout : page
permalink : /PUC/2019/Assignment4/
---
```
module Assignment4 where
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
You must do _all_ the exercises labelled "(recommended)".
Exercises labelled "(stretch)" are there to provide an extra challenge.
You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Please ensure your files execute correctly under Agda!
**IMPORTANT** For ease of marking, when modifying the given code please write
-- begin
-- end
before and after code you add, to indicate your changes.
## Imports
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; sym; trans; cong; cong₂; _≢_)
open import Data.Empty using (⊥; ⊥-elim)
open import Data.Nat using (; zero; suc; _+_; _*_)
open import Data.Product using (_×_; ∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
open import Data.String using (String; _≟_)
open import Relation.Nullary using (¬_; Dec; yes; no)
```
## DeBruijn
```
module DeBruijn where
```
Remember to indent all code by two spaces.
```
open import plfa.DeBruijn
```
#### Exercise (`mul`) (recommended)
Write out the definition of a lambda term that multiplies
two natural numbers, now adapted to the inherently typed
DeBruijn representation.
#### Exercise `V¬—→`
Following the previous development, show values do
not reduce, and its corollary, terms that reduce are not
values.
#### Exercise `mul-example` (recommended)
Using the evaluator, confirm that two times two is four.
## More
```
module More where
```
Remember to indent all code by two spaces.
### Syntax
```
infix 4 _⊢_
infix 4 _∋_
infixl 5 _,_
infixr 7 _⇒_
infixr 8 _`⊎_
infixr 9 _`×_
infix 5 ƛ_
infix 5 μ_
infixl 7 _·_
infixl 8 _`*_
infix 8 `suc_
infix 9 `_
infix 9 S_
infix 9 #_
```
### Types
```
data Type : Set where
` : Type
_⇒_ : Type → Type → Type
Nat : Type
_`×_ : Type → Type → Type
_`⊎_ : Type → Type → Type
` : Type
`⊥ : Type
`List : Type → Type
```
### Contexts
```
data Context : Set where
∅ : Context
_,_ : Context → Type → Context
```
### Variables and the lookup judgment
```
data _∋_ : Context → Type → Set where
Z : ∀ {Γ A}
---------
→ Γ , A ∋ A
S_ : ∀ {Γ A B}
→ Γ ∋ B
---------
→ Γ , A ∋ B
```
### Terms and the typing judgment
```
data _⊢_ : Context → Type → Set where
-- variables
`_ : ∀ {Γ A}
→ Γ ∋ A
-----
→ Γ ⊢ A
-- functions
ƛ_ : ∀ {Γ A B}
→ Γ , A ⊢ B
---------
→ Γ ⊢ A ⇒ B
_·_ : ∀ {Γ A B}
→ Γ ⊢ A ⇒ B
→ Γ ⊢ A
---------
→ Γ ⊢ B
-- naturals
`zero : ∀ {Γ}
------
→ Γ ⊢ `
`suc_ : ∀ {Γ}
→ Γ ⊢ `
------
→ Γ ⊢ `
case : ∀ {Γ A}
→ Γ ⊢ `
→ Γ ⊢ A
→ Γ , ` ⊢ A
-----
→ Γ ⊢ A
-- fixpoint
μ_ : ∀ {Γ A}
→ Γ , A ⊢ A
----------
→ Γ ⊢ A
-- primitive numbers
con : ∀ {Γ}
-------
→ Γ ⊢ Nat
_`*_ : ∀ {Γ}
→ Γ ⊢ Nat
→ Γ ⊢ Nat
-------
→ Γ ⊢ Nat
-- let
`let : ∀ {Γ A B}
→ Γ ⊢ A
→ Γ , A ⊢ B
----------
→ Γ ⊢ B
-- products
`⟨_,_⟩ : ∀ {Γ A B}
→ Γ ⊢ A
→ Γ ⊢ B
-----------
→ Γ ⊢ A `× B
`proj₁ : ∀ {Γ A B}
→ Γ ⊢ A `× B
-----------
→ Γ ⊢ A
`proj₂ : ∀ {Γ A B}
→ Γ ⊢ A `× B
-----------
→ Γ ⊢ B
-- alternative formulation of products
case× : ∀ {Γ A B C}
→ Γ ⊢ A `× B
→ Γ , A , B ⊢ C
--------------
→ Γ ⊢ C
```
### Abbreviating de Bruijn indices
```
lookup : Context → → Type
lookup (Γ , A) zero = A
lookup (Γ , _) (suc n) = lookup Γ n
lookup ∅ _ = ⊥-elim impossible
where postulate impossible : ⊥
count : ∀ {Γ} → (n : ) → Γ ∋ lookup Γ n
count {Γ , _} zero = Z
count {Γ , _} (suc n) = S (count n)
count {∅} _ = ⊥-elim impossible
where postulate impossible : ⊥
#_ : ∀ {Γ} → (n : ) → Γ ⊢ lookup Γ n
# n = ` count n
```
## Renaming
```
ext : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ∋ A) → (∀ {A B} → Γ , A ∋ B → Δ , A ∋ B)
ext ρ Z = Z
ext ρ (S x) = S (ρ x)
rename : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ∋ A) → (∀ {A} → Γ ⊢ A → Δ ⊢ A)
rename ρ (` x) = ` (ρ x)
rename ρ (ƛ N) = ƛ (rename (ext ρ) N)
rename ρ (L · M) = (rename ρ L) · (rename ρ M)
rename ρ (`zero) = `zero
rename ρ (`suc M) = `suc (rename ρ M)
rename ρ (case L M N) = case (rename ρ L) (rename ρ M) (rename (ext ρ) N)
rename ρ (μ N) = μ (rename (ext ρ) N)
rename ρ (con n) = con n
rename ρ (M `* N) = rename ρ M `* rename ρ N
rename ρ (`let M N) = `let (rename ρ M) (rename (ext ρ) N)
rename ρ `⟨ M , N ⟩ = `⟨ rename ρ M , rename ρ N ⟩
rename ρ (`proj₁ L) = `proj₁ (rename ρ L)
rename ρ (`proj₂ L) = `proj₂ (rename ρ L)
rename ρ (case× L M) = case× (rename ρ L) (rename (ext (ext ρ)) M)
```
## Simultaneous Substitution
```
exts : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ⊢ A) → (∀ {A B} → Γ , A ∋ B → Δ , A ⊢ B)
exts σ Z = ` Z
exts σ (S x) = rename S_ (σ x)
subst : ∀ {Γ Δ} → (∀ {C} → Γ ∋ C → Δ ⊢ C) → (∀ {C} → Γ ⊢ C → Δ ⊢ C)
subst σ (` k) = σ k
subst σ (ƛ N) = ƛ (subst (exts σ) N)
subst σ (L · M) = (subst σ L) · (subst σ M)
subst σ (`zero) = `zero
subst σ (`suc M) = `suc (subst σ M)
subst σ (case L M N) = case (subst σ L) (subst σ M) (subst (exts σ) N)
subst σ (μ N) = μ (subst (exts σ) N)
subst σ (con n) = con n
subst σ (M `* N) = subst σ M `* subst σ N
subst σ (`let M N) = `let (subst σ M) (subst (exts σ) N)
subst σ `⟨ M , N ⟩ = `⟨ subst σ M , subst σ N ⟩
subst σ (`proj₁ L) = `proj₁ (subst σ L)
subst σ (`proj₂ L) = `proj₂ (subst σ L)
subst σ (case× L M) = case× (subst σ L) (subst (exts (exts σ)) M)
```
## Single and double substitution
```
_[_] : ∀ {Γ A B}
→ Γ , A ⊢ B
→ Γ ⊢ A
------------
→ Γ ⊢ B
_[_] {Γ} {A} N V = subst {Γ , A} {Γ} σ N
where
σ : ∀ {B} → Γ , A ∋ B → Γ ⊢ B
σ Z = V
σ (S x) = ` x
_[_][_] : ∀ {Γ A B C}
→ Γ , A , B ⊢ C
→ Γ ⊢ A
→ Γ ⊢ B
---------------
→ Γ ⊢ C
_[_][_] {Γ} {A} {B} N V W = subst {Γ , A , B} {Γ} σ N
where
σ : ∀ {C} → Γ , A , B ∋ C → Γ ⊢ C
σ Z = W
σ (S Z) = V
σ (S (S x)) = ` x
```
## Values
```
data Value : ∀ {Γ A} → Γ ⊢ A → Set where
-- functions
V-ƛ : ∀ {Γ A B} {N : Γ , A ⊢ B}
---------------------------
→ Value (ƛ N)
-- naturals
V-zero : ∀ {Γ} →
-----------------
Value (`zero {Γ})
V-suc_ : ∀ {Γ} {V : Γ ⊢ `}
→ Value V
--------------
→ Value (`suc V)
-- primitives
V-con : ∀ {Γ n}
---------------------
→ Value {Γ = Γ} (con n)
-- products
V-⟨_,_⟩ : ∀ {Γ A B} {V : Γ ⊢ A} {W : Γ ⊢ B}
→ Value V
→ Value W
----------------
→ Value `⟨ V , W ⟩
```
Implicit arguments need to be supplied when they are
not fixed by the given arguments.
## Reduction
```
infix 2 _—→_
data _—→_ : ∀ {Γ A} → (Γ ⊢ A) → (Γ ⊢ A) → Set where
-- functions
ξ-·₁ : ∀ {Γ A B} {L L : Γ ⊢ A ⇒ B} {M : Γ ⊢ A}
→ L —→ L
---------------
→ L · M —→ L · M
ξ-·₂ : ∀ {Γ A B} {V : Γ ⊢ A ⇒ B} {M M : Γ ⊢ A}
→ Value V
→ M —→ M
---------------
→ V · M —→ V · M
β-ƛ : ∀ {Γ A B} {N : Γ , A ⊢ B} {V : Γ ⊢ A}
→ Value V
--------------------
→ (ƛ N) · V —→ N [ V ]
-- naturals
ξ-suc : ∀ {Γ} {M M : Γ ⊢ `}
→ M —→ M
-----------------
`suc M —→ `suc M
ξ-case : ∀ {Γ A} {L L : Γ ⊢ `} {M : Γ ⊢ A} {N : Γ , ` ⊢ A}
→ L —→ L
-------------------------
→ case L M N —→ case L M N
β-zero : ∀ {Γ A} {M : Γ ⊢ A} {N : Γ , ` ⊢ A}
-------------------
→ case `zero M N —→ M
β-suc : ∀ {Γ A} {V : Γ ⊢ `} {M : Γ ⊢ A} {N : Γ , ` ⊢ A}
→ Value V
----------------------------
→ case (`suc V) M N —→ N [ V ]
-- fixpoint
β-μ : ∀ {Γ A} {N : Γ , A ⊢ A}
----------------
→ μ N —→ N [ μ N ]
-- primitive numbers
ξ-*₁ : ∀ {Γ} {L L M : Γ ⊢ Nat}
→ L —→ L
-----------------
→ L `* M —→ L `* M
ξ-*₂ : ∀ {Γ} {V M M : Γ ⊢ Nat}
→ Value V
→ M —→ M
-----------------
→ V `* M —→ V `* M
δ-* : ∀ {Γ c d}
-------------------------------------
→ con {Γ = Γ} c `* con d —→ con (c * d)
-- let
ξ-let : ∀ {Γ A B} {M M : Γ ⊢ A} {N : Γ , A ⊢ B}
→ M —→ M
---------------------
`let M N —→ `let M N
β-let : ∀ {Γ A B} {V : Γ ⊢ A} {N : Γ , A ⊢ B}
→ Value V
-------------------
→ `let V N —→ N [ V ]
-- products
ξ-⟨,⟩₁ : ∀ {Γ A B} {M M : Γ ⊢ A} {N : Γ ⊢ B}
→ M —→ M
-------------------------
`⟨ M , N ⟩ —→ `⟨ M , N ⟩
ξ-⟨,⟩₂ : ∀ {Γ A B} {V : Γ ⊢ A} {N N : Γ ⊢ B}
→ Value V
→ N —→ N
-------------------------
`⟨ V , N ⟩ —→ `⟨ V , N
ξ-proj₁ : ∀ {Γ A B} {L L : Γ ⊢ A `× B}
→ L —→ L
---------------------
`proj₁ L —→ `proj₁ L
ξ-proj₂ : ∀ {Γ A B} {L L : Γ ⊢ A `× B}
→ L —→ L
---------------------
`proj₂ L —→ `proj₂ L
β-proj₁ : ∀ {Γ A B} {V : Γ ⊢ A} {W : Γ ⊢ B}
→ Value V
→ Value W
----------------------
`proj₁ `⟨ V , W ⟩ —→ V
β-proj₂ : ∀ {Γ A B} {V : Γ ⊢ A} {W : Γ ⊢ B}
→ Value V
→ Value W
----------------------
`proj₂ `⟨ V , W ⟩ —→ W
-- alternative formulation of products
ξ-case× : ∀ {Γ A B C} {L L : Γ ⊢ A `× B} {M : Γ , A , B ⊢ C}
→ L —→ L
-----------------------
→ case× L M —→ case× L M
β-case× : ∀ {Γ A B C} {V : Γ ⊢ A} {W : Γ ⊢ B} {M : Γ , A , B ⊢ C}
→ Value V
→ Value W
----------------------------------
→ case× `⟨ V , W ⟩ M —→ M [ V ][ W ]
```
## Reflexive and transitive closure
```
infix 2 _—↠_
infix 1 begin_
infixr 2 _—→⟨_⟩_
infix 3 _∎
data _—↠_ : ∀ {Γ A} → (Γ ⊢ A) → (Γ ⊢ A) → Set where
_∎ : ∀ {Γ A} (M : Γ ⊢ A)
--------
→ M —↠ M
_—→⟨_⟩_ : ∀ {Γ A} (L : Γ ⊢ A) {M N : Γ ⊢ A}
→ L —→ M
→ M —↠ N
------
→ L —↠ N
begin_ : ∀ {Γ} {A} {M N : Γ ⊢ A}
→ M —↠ N
------
→ M —↠ N
begin M—↠N = M—↠N
```
## Values do not reduce
```
V¬—→ : ∀ {Γ A} {M N : Γ ⊢ A}
→ Value M
----------
→ ¬ (M —→ N)
V¬—→ V-ƛ ()
V¬—→ V-zero ()
V¬—→ (V-suc VM) (ξ-suc M—→M) = V¬—→ VM M—→M
V¬—→ V-con ()
V¬—→ V-⟨ VM , _ ⟩ (ξ-⟨,⟩₁ M—→M) = V¬—→ VM M—→M
V¬—→ V-⟨ _ , VN ⟩ (ξ-⟨,⟩₂ _ N—→N) = V¬—→ VN N—→N
```
## Progress
```
data Progress {A} (M : ∅ ⊢ A) : Set where
step : ∀ {N : ∅ ⊢ A}
→ M —→ N
----------
→ Progress M
done :
Value M
----------
→ Progress M
progress : ∀ {A}
→ (M : ∅ ⊢ A)
-----------
→ Progress M
progress (` ())
progress (ƛ N) = done V-ƛ
progress (L · M) with progress L
... | step L—→L = step (ξ-·₁ L—→L)
... | done V-ƛ with progress M
... | step M—→M = step (ξ-·₂ V-ƛ M—→M)
... | done VM = step (β-ƛ VM)
progress (`zero) = done V-zero
progress (`suc M) with progress M
... | step M—→M = step (ξ-suc M—→M)
... | done VM = done (V-suc VM)
progress (case L M N) with progress L
... | step L—→L = step (ξ-case L—→L)
... | done V-zero = step β-zero
... | done (V-suc VL) = step (β-suc VL)
progress (μ N) = step β-μ
progress (con n) = done V-con
progress (L `* M) with progress L
... | step L—→L = step (ξ-*₁ L—→L)
... | done V-con with progress M
... | step M—→M = step (ξ-*₂ V-con M—→M)
... | done V-con = step δ-*
progress (`let M N) with progress M
... | step M—→M = step (ξ-let M—→M)
... | done VM = step (β-let VM)
progress `⟨ M , N ⟩ with progress M
... | step M—→M = step (ξ-⟨,⟩₁ M—→M)
... | done VM with progress N
... | step N—→N = step (ξ-⟨,⟩₂ VM N—→N)
... | done VN = done (V-⟨ VM , VN ⟩)
progress (`proj₁ L) with progress L
... | step L—→L = step (ξ-proj₁ L—→L)
... | done (V-⟨ VM , VN ⟩) = step (β-proj₁ VM VN)
progress (`proj₂ L) with progress L
... | step L—→L = step (ξ-proj₂ L—→L)
... | done (V-⟨ VM , VN ⟩) = step (β-proj₂ VM VN)
progress (case× L M) with progress L
... | step L—→L = step (ξ-case× L—→L)
... | done (V-⟨ VM , VN ⟩) = step (β-case× VM VN)
```
## Evaluation
```
data Gas : Set where
gas : → Gas
data Finished {Γ A} (N : Γ ⊢ A) : Set where
done :
Value N
----------
→ Finished N
out-of-gas :
----------
Finished N
data Steps : ∀ {A} → ∅ ⊢ A → Set where
steps : ∀ {A} {L N : ∅ ⊢ A}
→ L —↠ N
→ Finished N
----------
→ Steps L
eval : ∀ {A}
→ Gas
→ (L : ∅ ⊢ A)
-----------
→ Steps L
eval (gas zero) L = steps (L ∎) out-of-gas
eval (gas (suc m)) L with progress L
... | done VL = steps (L ∎) (done VL)
... | step {M} L—→M with eval (gas m) M
... | steps M—↠N fin = steps (L —→⟨ L—→M ⟩ M—↠N) fin
```
## Examples
```
cube : ∅ ⊢ Nat ⇒ Nat
cube = ƛ (# 0 `* # 0 `* # 0)
_ : cube · con 2 —↠ con 8
_ =
begin
cube · con 2
—→⟨ β-ƛ V-con ⟩
con 2 `* con 2 `* con 2
—→⟨ ξ-*₁ δ-* ⟩
con 4 `* con 2
—→⟨ δ-* ⟩
con 8
exp10 : ∅ ⊢ Nat ⇒ Nat
exp10 = ƛ (`let (# 0 `* # 0)
(`let (# 0 `* # 0)
(`let (# 0 `* # 2)
(# 0 `* # 0))))
_ : exp10 · con 2 —↠ con 1024
_ =
begin
exp10 · con 2
—→⟨ β-ƛ V-con ⟩
`let (con 2 `* con 2) (`let (# 0 `* # 0) (`let (# 0 `* con 2) (# 0 `* # 0)))
—→⟨ ξ-let δ-* ⟩
`let (con 4) (`let (# 0 `* # 0) (`let (# 0 `* con 2) (# 0 `* # 0)))
—→⟨ β-let V-con ⟩
`let (con 4 `* con 4) (`let (# 0 `* con 2) (# 0 `* # 0))
—→⟨ ξ-let δ-* ⟩
`let (con 16) (`let (# 0 `* con 2) (# 0 `* # 0))
—→⟨ β-let V-con ⟩
`let (con 16 `* con 2) (# 0 `* # 0)
—→⟨ ξ-let δ-* ⟩
`let (con 32) (# 0 `* # 0)
—→⟨ β-let V-con ⟩
con 32 `* con 32
—→⟨ δ-* ⟩
con 1024
swap× : ∀ {A B} → ∅ ⊢ A `× B ⇒ B `× A
swap× = ƛ `⟨ `proj₂ (# 0) , `proj₁ (# 0) ⟩
_ : swap× · `⟨ con 42 , `zero ⟩ —↠ `⟨ `zero , con 42 ⟩
_ =
begin
swap× · `⟨ con 42 , `zero ⟩
—→⟨ β-ƛ V-⟨ V-con , V-zero ⟩ ⟩
`⟨ `proj₂ `⟨ con 42 , `zero ⟩ , `proj₁ `⟨ con 42 , `zero ⟩ ⟩
—→⟨ ξ-⟨,⟩₁ (β-proj₂ V-con V-zero) ⟩
`⟨ `zero , `proj₁ `⟨ con 42 , `zero ⟩ ⟩
—→⟨ ξ-⟨,⟩₂ V-zero (β-proj₁ V-con V-zero) ⟩
`⟨ `zero , con 42 ⟩
swap×-case : ∀ {A B} → ∅ ⊢ A `× B ⇒ B `× A
swap×-case = ƛ case× (# 0) `⟨ # 0 , # 1 ⟩
_ : swap×-case · `⟨ con 42 , `zero ⟩ —↠ `⟨ `zero , con 42 ⟩
_ =
begin
swap×-case · `⟨ con 42 , `zero ⟩
—→⟨ β-ƛ V-⟨ V-con , V-zero ⟩ ⟩
case× `⟨ con 42 , `zero ⟩ `⟨ # 0 , # 1 ⟩
—→⟨ β-case× V-con V-zero ⟩
`⟨ `zero , con 42 ⟩
```
#### Exercise `More` (recommended in part)
Formalise the remaining constructs defined in this chapter.
Evaluate each example, applied to data as needed,
to confirm it returns the expected answer.
* sums (recommended)
* unit type
* an alternative formulation of unit type
* empty type (recommended)
* lists

454
courses/puc/2019/Assignment5.lagda.md Normal file
View file

@ -0,0 +1,454 @@
---
title : "Assignment5: PUC Assignment 5"
layout : page
permalink : /PUC/2019/Assignment5/
---
```
module Assignment5 where
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
You must do _all_ the exercises labelled "(recommended)".
Exercises labelled "(stretch)" are there to provide an extra challenge.
You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Please ensure your files execute correctly under Agda!
**IMPORTANT** For ease of marking, when modifying the given code please write
-- begin
-- end
before and after code you add, to indicate your changes.
## Imports
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; sym; trans; cong; cong₂; _≢_)
open import Data.Empty using (⊥; ⊥-elim)
open import Data.Nat using (; zero; suc; _+_; _*_)
open import Data.Product using (_×_; ∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
open import Data.String using (String; _≟_)
open import Relation.Nullary using (¬_; Dec; yes; no)
```
## Inference
```
module Inference where
```
Remember to indent all code by two spaces.
### Imports
```
import plfa.More as DB
```
### Syntax
```
infix 4 _∋_⦂_
infix 4 _⊢_↑_
infix 4 _⊢_↓_
infixl 5 _,_⦂_
infixr 7 _⇒_
infix 5 ƛ_⇒_
infix 5 μ_⇒_
infix 6 _↑
infix 6 _↓_
infixl 7 _·_
infix 8 `suc_
infix 9 `_
```
### Identifiers, types, and contexts
```
Id : Set
Id = String
data Type : Set where
` : Type
_⇒_ : Type → Type → Type
data Context : Set where
∅ : Context
_,_⦂_ : Context → Id → Type → Context
```
### Terms
```
data Term⁺ : Set
data Term⁻ : Set
data Term⁺ where
`_ : Id → Term⁺
_·_ : Term⁺ → Term⁻ → Term⁺
_↓_ : Term⁻ → Type → Term⁺
data Term⁻ where
ƛ_⇒_ : Id → Term⁻ → Term⁻
`zero : Term⁻
`suc_ : Term⁻ → Term⁻
`case_[zero⇒_|suc_⇒_] : Term⁺ → Term⁻ → Id → Term⁻ → Term⁻
μ_⇒_ : Id → Term⁻ → Term⁻
_↑ : Term⁺ → Term⁻
```
### Sample terms
```
two : Term⁻
two = `suc (`suc `zero)
plus : Term⁺
plus = (μ "p" ⇒ ƛ "m" ⇒ ƛ "n" ⇒
`case (` "m") [zero⇒ ` "n" ↑
|suc "m" ⇒ `suc (` "p" · (` "m" ↑) · (` "n" ↑) ↑) ])
` ⇒ ` ⇒ `
2+2 : Term⁺
2+2 = plus · two · two
```
### Lookup
```
data _∋_⦂_ : Context → Id → Type → Set where
Z : ∀ {Γ x A}
--------------------
→ Γ , x ⦂ A ∋ x ⦂ A
S : ∀ {Γ x y A B}
→ x ≢ y
→ Γ ∋ x ⦂ A
-----------------
→ Γ , y ⦂ B ∋ x ⦂ A
```
### Bidirectional type checking
```
data _⊢_↑_ : Context → Term⁺ → Type → Set
data _⊢_↓_ : Context → Term⁻ → Type → Set
data _⊢_↑_ where
⊢` : ∀ {Γ A x}
→ Γ ∋ x ⦂ A
-----------
→ Γ ⊢ ` x ↑ A
_·_ : ∀ {Γ L M A B}
→ Γ ⊢ L ↑ A ⇒ B
→ Γ ⊢ M ↓ A
-------------
→ Γ ⊢ L · M ↑ B
⊢↓ : ∀ {Γ M A}
→ Γ ⊢ M ↓ A
---------------
→ Γ ⊢ (M ↓ A) ↑ A
data _⊢_↓_ where
⊢ƛ : ∀ {Γ x N A B}
→ Γ , x ⦂ A ⊢ N ↓ B
-------------------
→ Γ ⊢ ƛ x ⇒ N ↓ A ⇒ B
⊢zero : ∀ {Γ}
--------------
→ Γ ⊢ `zero ↓ `
⊢suc : ∀ {Γ M}
→ Γ ⊢ M ↓ `
---------------
→ Γ ⊢ `suc M ↓ `
⊢case : ∀ {Γ L M x N A}
→ Γ ⊢ L ↑ `
→ Γ ⊢ M ↓ A
→ Γ , x ⦂ ` ⊢ N ↓ A
-------------------------------------
→ Γ ⊢ `case L [zero⇒ M |suc x ⇒ N ] ↓ A
⊢μ : ∀ {Γ x N A}
→ Γ , x ⦂ A ⊢ N ↓ A
-----------------
→ Γ ⊢ μ x ⇒ N ↓ A
⊢↑ : ∀ {Γ M A B}
→ Γ ⊢ M ↑ A
→ A ≡ B
-------------
→ Γ ⊢ (M ↑) ↓ B
```
### Type equality
```
_≟Tp_ : (A B : Type) → Dec (A ≡ B)
` ≟Tp ` = yes refl
` ≟Tp (A ⇒ B) = no λ()
(A ⇒ B) ≟Tp ` = no λ()
(A ⇒ B) ≟Tp (A ⇒ B)
with A ≟Tp A | B ≟Tp B
... | no A≢ | _ = no λ{refl → A≢ refl}
... | yes _ | no B≢ = no λ{refl → B≢ refl}
... | yes refl | yes refl = yes refl
```
### Prerequisites
```
dom≡ : ∀ {A A B B} → A ⇒ B ≡ A ⇒ B → A ≡ A
dom≡ refl = refl
rng≡ : ∀ {A A B B} → A ⇒ B ≡ A ⇒ B → B ≡ B
rng≡ refl = refl
ℕ≢⇒ : ∀ {A B} → ` ≢ A ⇒ B
ℕ≢⇒ ()
```
### Unique lookup
```
uniq-∋ : ∀ {Γ x A B} → Γ ∋ x ⦂ A → Γ ∋ x ⦂ B → A ≡ B
uniq-∋ Z Z = refl
uniq-∋ Z (S x≢y _) = ⊥-elim (x≢y refl)
uniq-∋ (S x≢y _) Z = ⊥-elim (x≢y refl)
uniq-∋ (S _ ∋x) (S _ ∋x) = uniq-∋ ∋x ∋x
```
### Unique synthesis
```
uniq-↑ : ∀ {Γ M A B} → Γ ⊢ M ↑ A → Γ ⊢ M ↑ B → A ≡ B
uniq-↑ (⊢` ∋x) (⊢` ∋x) = uniq-∋ ∋x ∋x
uniq-↑ (⊢L · ⊢M) (⊢L · ⊢M) = rng≡ (uniq-↑ ⊢L ⊢L)
uniq-↑ (⊢↓ ⊢M) (⊢↓ ⊢M) = refl
```
## Lookup type of a variable in the context
```
ext∋ : ∀ {Γ B x y}
→ x ≢ y
→ ¬ ∃[ A ]( Γ ∋ x ⦂ A )
-----------------------------
→ ¬ ∃[ A ]( Γ , y ⦂ B ∋ x ⦂ A )
ext∋ x≢y _ ⟨ A , Z ⟩ = x≢y refl
ext∋ _ ¬∃ ⟨ A , S _ ⊢x ⟩ = ¬∃ ⟨ A , ⊢x ⟩
lookup : ∀ (Γ : Context) (x : Id)
-----------------------
→ Dec (∃[ A ](Γ ∋ x ⦂ A))
lookup ∅ x = no (λ ())
lookup (Γ , y ⦂ B) x with x ≟ y
... | yes refl = yes ⟨ B , Z ⟩
... | no x≢y with lookup Γ x
... | no ¬∃ = no (ext∋ x≢y ¬∃)
... | yes ⟨ A , ⊢x ⟩ = yes ⟨ A , S x≢y ⊢x ⟩
```
### Promoting negations
```
¬arg : ∀ {Γ A B L M}
→ Γ ⊢ L ↑ A ⇒ B
→ ¬ Γ ⊢ M ↓ A
-------------------------
→ ¬ ∃[ B ](Γ ⊢ L · M ↑ B)
¬arg ⊢L ¬⊢M ⟨ B , ⊢L · ⊢M ⟩ rewrite dom≡ (uniq-↑ ⊢L ⊢L) = ¬⊢M ⊢M
¬switch : ∀ {Γ M A B}
→ Γ ⊢ M ↑ A
→ A ≢ B
---------------
→ ¬ Γ ⊢ (M ↑) ↓ B
¬switch ⊢M A≢B (⊢↑ ⊢M A≡B) rewrite uniq-↑ ⊢M ⊢M = A≢B A≡B
```
## Synthesize and inherit types
```
synthesize : ∀ (Γ : Context) (M : Term⁺)
-----------------------
→ Dec (∃[ A ](Γ ⊢ M ↑ A))
inherit : ∀ (Γ : Context) (M : Term⁻) (A : Type)
---------------
→ Dec (Γ ⊢ M ↓ A)
synthesize Γ (` x) with lookup Γ x
... | no ¬∃ = no (λ{ ⟨ A , ⊢` ∋x ⟩ → ¬∃ ⟨ A , ∋x ⟩ })
... | yes ⟨ A , ∋x ⟩ = yes ⟨ A , ⊢` ∋x ⟩
synthesize Γ (L · M) with synthesize Γ L
... | no ¬∃ = no (λ{ ⟨ _ , ⊢L · _ ⟩ → ¬∃ ⟨ _ , ⊢L ⟩ })
... | yes ⟨ ` , ⊢L ⟩ = no (λ{ ⟨ _ , ⊢L · _ ⟩ → ℕ≢⇒ (uniq-↑ ⊢L ⊢L) })
... | yes ⟨ A ⇒ B , ⊢L ⟩ with inherit Γ M A
... | no ¬⊢M = no (¬arg ⊢L ¬⊢M)
... | yes ⊢M = yes ⟨ B , ⊢L · ⊢M ⟩
synthesize Γ (M ↓ A) with inherit Γ M A
... | no ¬⊢M = no (λ{ ⟨ _ , ⊢↓ ⊢M ⟩ → ¬⊢M ⊢M })
... | yes ⊢M = yes ⟨ A , ⊢↓ ⊢M ⟩
inherit Γ (ƛ x ⇒ N) ` = no (λ())
inherit Γ (ƛ x ⇒ N) (A ⇒ B) with inherit (Γ , x ⦂ A) N B
... | no ¬⊢N = no (λ{ (⊢ƛ ⊢N) → ¬⊢N ⊢N })
... | yes ⊢N = yes (⊢ƛ ⊢N)
inherit Γ `zero ` = yes ⊢zero
inherit Γ `zero (A ⇒ B) = no (λ())
inherit Γ (`suc M) ` with inherit Γ M `
... | no ¬⊢M = no (λ{ (⊢suc ⊢M) → ¬⊢M ⊢M })
... | yes ⊢M = yes (⊢suc ⊢M)
inherit Γ (`suc M) (A ⇒ B) = no (λ())
inherit Γ (`case L [zero⇒ M |suc x ⇒ N ]) A with synthesize Γ L
... | no ¬∃ = no (λ{ (⊢case ⊢L _ _) → ¬∃ ⟨ ` , ⊢L ⟩})
... | yes ⟨ _ ⇒ _ , ⊢L ⟩ = no (λ{ (⊢case ⊢L _ _) → ℕ≢⇒ (uniq-↑ ⊢L ⊢L) })
... | yes ⟨ ` , ⊢L ⟩ with inherit Γ M A
... | no ¬⊢M = no (λ{ (⊢case _ ⊢M _) → ¬⊢M ⊢M })
... | yes ⊢M with inherit (Γ , x ⦂ `) N A
... | no ¬⊢N = no (λ{ (⊢case _ _ ⊢N) → ¬⊢N ⊢N })
... | yes ⊢N = yes (⊢case ⊢L ⊢M ⊢N)
inherit Γ (μ x ⇒ N) A with inherit (Γ , x ⦂ A) N A
... | no ¬⊢N = no (λ{ (⊢μ ⊢N) → ¬⊢N ⊢N })
... | yes ⊢N = yes (⊢μ ⊢N)
inherit Γ (M ↑) B with synthesize Γ M
... | no ¬∃ = no (λ{ (⊢↑ ⊢M _) → ¬∃ ⟨ _ , ⊢M ⟩ })
... | yes ⟨ A , ⊢M ⟩ with A ≟Tp B
... | no A≢B = no (¬switch ⊢M A≢B)
... | yes A≡B = yes (⊢↑ ⊢M A≡B)
```
### Erasure
```
∥_∥Tp : Type → DB.Type
` ∥Tp = DB.`
∥ A ⇒ B ∥Tp = ∥ A ∥Tp DB.⇒ ∥ B ∥Tp
∥_∥Cx : Context → DB.Context
∥ ∅ ∥Cx = DB.∅
∥ Γ , x ⦂ A ∥Cx = ∥ Γ ∥Cx DB., ∥ A ∥Tp
∥_∥∋ : ∀ {Γ x A} → Γ ∋ x ⦂ A → ∥ Γ ∥Cx DB.∋ ∥ A ∥Tp
∥ Z ∥∋ = DB.Z
∥ S x≢ ⊢x ∥∋ = DB.S ∥ ⊢x ∥∋
∥_∥⁺ : ∀ {Γ M A} → Γ ⊢ M ↑ A → ∥ Γ ∥Cx DB.⊢ ∥ A ∥Tp
∥_∥⁻ : ∀ {Γ M A} → Γ ⊢ M ↓ A → ∥ Γ ∥Cx DB.⊢ ∥ A ∥Tp
∥ ⊢` ⊢x ∥⁺ = DB.` ∥ ⊢x ∥∋
∥ ⊢L · ⊢M ∥⁺ = ∥ ⊢L ∥⁺ DB.· ∥ ⊢M ∥⁻
∥ ⊢↓ ⊢M ∥⁺ = ∥ ⊢M ∥⁻
∥ ⊢ƛ ⊢N ∥⁻ = DB.ƛ ∥ ⊢N ∥⁻
∥ ⊢zero ∥⁻ = DB.`zero
∥ ⊢suc ⊢M ∥⁻ = DB.`suc ∥ ⊢M ∥⁻
∥ ⊢case ⊢L ⊢M ⊢N ∥⁻ = DB.case ∥ ⊢L ∥⁺ ∥ ⊢M ∥⁻ ∥ ⊢N ∥⁻
∥ ⊢μ ⊢M ∥⁻ = DB.μ ∥ ⊢M ∥⁻
∥ ⊢↑ ⊢M refl ∥⁻ = ∥ ⊢M ∥⁺
```
#### Exercise `bidirectional-mul` (recommended) {#bidirectional-mul}
Rewrite your definition of multiplication from
Chapter [Lambda][plfa.Lambda], decorated to support inference.
#### Exercise `bidirectional-products` (recommended) {#bidirectional-products}
Extend the bidirectional type rules to include products from
Chapter [More][plfa.More].
#### Exercise `bidirectional-rest` (stretch)
Extend the bidirectional type rules to include the rest of the constructs from
Chapter [More][plfa.More].
#### Exercise `inference-mul` (recommended)
Using the definition from exercise [bidirectional-mul](#bidirectional-mul),
infer the corresponding inherently typed term.
Show that erasure of the inferred typing yields your definition of
multiplication from Chapter [DeBruijn][plfa.DeBruijn].
#### Exercise `inference-products` (recommended)
Extend bidirectional inference to include products from
Chapter [More][plfa.More].
#### Exercise `inference-rest` (stretch)
Extend bidirectional inference to include the rest of the constructs from
Chapter [More][plfa.More].
## Untyped
#### Exercise (`Type≃`)
Show that `Type` is isomorphic to ``, the unit type.
#### Exercise (`Context≃`)
Show that `Context` is isomorphic to ``.
#### Exercise (`variant-1`)
How would the rules change if we want call-by-value where terms
normalise completely? Assume that `β` should not permit reduction
unless both terms are in normal form.
#### Exercise (`variant-2`)
How would the rules change if we want call-by-value where terms
do not reduce underneath lambda? Assume that `β`
permits reduction when both terms are values (that is, lambda
abstractions). What would `2+2ᶜ` reduce to in this case?
#### Exercise `plus-eval`
Use the evaluator to confirm that `plus · two · two` and `four`
normalise to the same term.
#### Exercise `multiplication-untyped` (recommended)
Use the encodings above to translate your definition of
multiplication from previous chapters with the Scott
representation and the encoding of the fixpoint operator.
Confirm that two times two is four.
#### Exercise `encode-more` (stretch)
Along the lines above, encode all of the constructs of
Chapter [More][plfa.More],
save for primitive numbers, in the untyped lambda calculus.

138
tspl/Exam.lagda → courses/puc/2019/Exam.lagda.md
View file

@ -1,13 +1,13 @@
---
title : "Exam: TSPL Mock Exam file"
layout : page
permalink : /Exam/
permalink : /PUC/2019/Exam/
---
\begin{code}
```
module Exam where
\end{code}
```
**IMPORTANT** For ease of marking, when modifying the given code please write
@ -18,26 +18,25 @@ before and after code you add, to indicate your changes.
## Imports
\begin{code}
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; sym; trans; cong; _≢_)
open import Data.Empty using (⊥; ⊥-elim)
open import Data.Nat using (; zero; suc)
open import Data.List using (List; []; _∷_; _++_)
open import Data.Product using (∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
open import Data.String using (String)
open import Data.String.Unsafe using (_≟_)
open import Data.String using (String; _≟_)
open import Relation.Nullary using (¬_; Dec; yes; no)
open import Relation.Binary using (Decidable)
\end{code}
```
## Problem 1
\begin{code}
```
module Problem1 where
open import Function using (_∘_)
\end{code}
```
Remember to indent all code by two spaces.
@ -52,13 +51,13 @@ Remember to indent all code by two spaces.
Remember to indent all code by two spaces.
\begin{code}
```
module Problem2 where
\end{code}
```
### Infix declarations
\begin{code}
```
infix 4 _⊢_
infix 4 _∋_
infixl 5 _,_
@ -72,11 +71,11 @@ module Problem2 where
infix 9 `_
infix 9 S_
infix 9 #_
\end{code}
```
### Types and contexts
\begin{code}
```
data Type : Set where
_⇒_ : Type → Type → Type
` : Type
@ -84,11 +83,11 @@ module Problem2 where
data Context : Set where
∅ : Context
_,_ : Context → Type → Context
\end{code}
```
### Variables and the lookup judgment
\begin{code}
```
data _∋_ : Context → Type → Set where
Z : ∀ {Γ A}
@ -99,11 +98,11 @@ module Problem2 where
→ Γ ∋ A
---------
→ Γ , B ∋ A
\end{code}
```
### Terms and the typing judgment
\begin{code}
```
data _⊢_ : Context → Type → Set where
`_ : ∀ {Γ} {A}
@ -142,11 +141,11 @@ module Problem2 where
→ Γ , A ⊢ A
----------
→ Γ ⊢ A
\end{code}
```
### Abbreviating de Bruijn indices
\begin{code}
```
lookup : Context → → Type
lookup (Γ , A) zero = A
lookup (Γ , _) (suc n) = lookup Γ n
@ -161,11 +160,11 @@ module Problem2 where
#_ : ∀ {Γ} → (n : ) → Γ ⊢ lookup Γ n
# n = ` count n
\end{code}
```
### Renaming
\begin{code}
```
ext : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ∋ A)
-----------------------------------
→ (∀ {A B} → Γ , B ∋ A → Δ , B ∋ A)
@ -183,11 +182,11 @@ module Problem2 where
rename ρ (`suc M) = `suc (rename ρ M)
rename ρ (case L M N) = case (rename ρ L) (rename ρ M) (rename (ext ρ) N)
rename ρ (μ N) = μ (rename (ext ρ) N)
\end{code}
```
### Simultaneous Substitution
\begin{code}
```
exts : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ⊢ A)
----------------------------------
→ (∀ {A B} → Γ , B ∋ A → Δ , B ⊢ A)
@ -205,11 +204,11 @@ module Problem2 where
subst σ (`suc M) = `suc (subst σ M)
subst σ (case L M N) = case (subst σ L) (subst σ M) (subst (exts σ) N)
subst σ (μ N) = μ (subst (exts σ) N)
\end{code}
```
### Single substitution
\begin{code}
```
_[_] : ∀ {Γ A B}
→ Γ , B ⊢ A
→ Γ ⊢ B
@ -220,11 +219,11 @@ module Problem2 where
σ : ∀ {A} → Γ , B ∋ A → Γ ⊢ A
σ Z = M
σ (S x) = ` x
\end{code}
```
### Values
\begin{code}
```
data Value : ∀ {Γ A} → Γ ⊢ A → Set where
V-ƛ : ∀ {Γ A B} {N : Γ , A ⊢ B}
@ -239,11 +238,11 @@ module Problem2 where
→ Value V
--------------
→ Value (`suc V)
\end{code}
```
### Reduction
\begin{code}
```
infix 2 _—→_
data _—→_ : ∀ {Γ A} → (Γ ⊢ A) → (Γ ⊢ A) → Set where
@ -286,12 +285,12 @@ module Problem2 where
β-μ : ∀ {Γ A} {N : Γ , A ⊢ A}
---------------
→ μ N —→ N [ μ N ]
\end{code}
```
### Reflexive and transitive closure
\begin{code}
```
infix 2 _—↠_
infix 1 begin_
infixr 2 _—→⟨_⟩_
@ -314,12 +313,12 @@ module Problem2 where
------
→ M —↠ N
begin M—↠N = M—↠N
\end{code}
```
### Progress
\begin{code}
```
data Progress {A} (M : ∅ ⊢ A) : Set where
step : ∀ {N : ∅ ⊢ A}
@ -349,11 +348,11 @@ module Problem2 where
... | done V-zero = step (β-zero)
... | done (V-suc VL) = step (β-suc VL)
progress (μ N) = step (β-μ)
\end{code}
```
### Evaluation
\begin{code}
```
data Gas : Set where
gas : → Gas
@ -386,25 +385,25 @@ module Problem2 where
... | done VL = steps (L ∎) (done VL)
... | step {M} L—→M with eval (gas m) M
... | steps M—↠N fin = steps (L —→⟨ L—→M ⟩ M—↠N) fin
\end{code}
```
## Problem 3
Remember to indent all code by two spaces.
\begin{code}
```
module Problem3 where
\end{code}
```
### Imports
\begin{code}
```
import plfa.DeBruijn as DB
\end{code}
```
### Syntax
\begin{code}
```
infix 4 _∋_⦂_
infix 4 _⊢_↑_
infix 4 _⊢_↓_
@ -417,34 +416,34 @@ module Problem3 where
infixl 7 _·_
infix 8 `suc_
infix 9 `_
\end{code}
```
### Types
\begin{code}
```
data Type : Set where
_⇒_ : Type → Type → Type
` : Type
\end{code}
```
### Identifiers
\begin{code}
```
Id : Set
Id = String
\end{code}
```
### Contexts
\begin{code}
```
data Context : Set where
∅ : Context
_,_⦂_ : Context → Id → Type → Context
\end{code}
```
### Terms
\begin{code}
```
data Term⁺ : Set
data Term⁻ : Set
@ -460,11 +459,11 @@ module Problem3 where
`case_[zero⇒_|suc_⇒_] : Term⁺ → Term⁻ → Id → Term⁻ → Term⁻
μ_⇒_ : Id → Term⁻ → Term⁻
_↑ : Term⁺ → Term⁻
\end{code}
```
### Lookup
\begin{code}
```
data _∋_⦂_ : Context → Id → Type → Set where
Z : ∀ {Γ x A}
@ -476,11 +475,11 @@ module Problem3 where
→ Γ ∋ x ⦂ A
-----------------
→ Γ , y ⦂ B ∋ x ⦂ A
\end{code}
```
### Bidirectional type checking
\begin{code}
```
data _⊢_↑_ : Context → Term⁺ → Type → Set
data _⊢_↓_ : Context → Term⁻ → Type → Set
@ -535,12 +534,12 @@ module Problem3 where
→ A ≡ B
-------------
→ Γ ⊢ (M ↑) ↓ B
\end{code}
```
### Type equality
\begin{code}
```
_≟Tp_ : (A B : Type) → Dec (A ≡ B)
` ≟Tp ` = yes refl
` ≟Tp (A ⇒ B) = no λ()
@ -550,11 +549,11 @@ module Problem3 where
... | no A≢ | _ = no λ{refl → A≢ refl}
... | yes _ | no B≢ = no λ{refl → B≢ refl}
... | yes refl | yes refl = yes refl
\end{code}
```
### Prerequisites
\begin{code}
```
dom≡ : ∀ {A A B B} → A ⇒ B ≡ A ⇒ B → A ≡ A
dom≡ refl = refl
@ -563,31 +562,31 @@ module Problem3 where
ℕ≢⇒ : ∀ {A B} → ` ≢ A ⇒ B
ℕ≢⇒ ()
\end{code}
```
### Unique lookup
\begin{code}
```
uniq-∋ : ∀ {Γ x A B} → Γ ∋ x ⦂ A → Γ ∋ x ⦂ B → A ≡ B
uniq-∋ Z Z = refl
uniq-∋ Z (S x≢y _) = ⊥-elim (x≢y refl)
uniq-∋ (S x≢y _) Z = ⊥-elim (x≢y refl)
uniq-∋ (S _ ∋x) (S _ ∋x) = uniq-∋ ∋x ∋x
\end{code}
```
### Unique synthesis
\begin{code}
```
uniq-↑ : ∀ {Γ M A B} → Γ ⊢ M ↑ A → Γ ⊢ M ↑ B → A ≡ B
uniq-↑ (⊢` ∋x) (⊢` ∋x) = uniq-∋ ∋x ∋x
uniq-↑ (⊢L · ⊢M) (⊢L · ⊢M) = rng≡ (uniq-↑ ⊢L ⊢L)
uniq-↑ (⊢↓ ⊢M) (⊢↓ ⊢M) = refl
\end{code}
```
## Lookup type of a variable in the context
\begin{code}
```
ext∋ : ∀ {Γ B x y}
→ x ≢ y
→ ¬ ∃[ A ]( Γ ∋ x ⦂ A )
@ -605,11 +604,11 @@ module Problem3 where
... | no x≢y with lookup Γ x
... | no ¬∃ = no (ext∋ x≢y ¬∃)
... | yes ⟨ A , ⊢x ⟩ = yes ⟨ A , S x≢y ⊢x ⟩
\end{code}
```
### Promoting negations
\begin{code}
```
¬arg : ∀ {Γ A B L M}
→ Γ ⊢ L ↑ A ⇒ B
→ ¬ Γ ⊢ M ↓ A
@ -623,12 +622,12 @@ module Problem3 where
---------------
→ ¬ Γ ⊢ (M ↑) ↓ B
¬switch ⊢M A≢B (⊢↑ ⊢M A≡B) rewrite uniq-↑ ⊢M ⊢M = A≢B A≡B
\end{code}
```
## Synthesize and inherit types
\begin{code}
```
synthesize : ∀ (Γ : Context) (M : Term⁺)
-----------------------
→ Dec (∃[ A ](Γ ⊢ M ↑ A))
@ -676,5 +675,4 @@ module Problem3 where
... | yes ⟨ A , ⊢M ⟩ with A ≟Tp B
... | no A≢B = no (¬switch ⊢M A≢B)
... | yes A≡B = yes (⊢↑ ⊢M A≡B)
\end{code}
```

2
tspl/tspl.agda-lib → courses/puc/2019/puc2019.agda-lib
View file

@ -1,3 +1,3 @@
name: tspl
name: puc2019
depend: standard-library plfa
include: .

107
courses/puc/2019/puc2019.md Normal file
View file

@ -0,0 +1,107 @@
---
title : "PUC-Rio: Course notes"
layout : page
permalink : /PUC/2019/
---
## Staff
* **Instructor**
[Philip Wadler](https://homepages.inf.ed.ac.uk/wadler)
* **Host**
[Roberto Ierusalimschy](http://www.inf.puc-rio.br/~roberto/)
## Schedule
Lectures and tutorials take place Fridays and some Thursdays in 548L.
* **13.00--14.30pm** Lecture
* **14.30--16.00pm** Tutorial
<table>
<tr>
<td><b>Fri 29 Mar</b></td>
<td><a href="{{ site.baseurl }}/Naturals/">Naturals</a></td>
</tr>
<tr>
<td><b>Fri 5 Apr</b></td>
<td><a href="{{ site.baseurl }}/Induction/">Induction</a> &amp; <a href="{{ site.baseurl }}/Relations/">Relations</a></td>
</tr>
<tr>
<td><b>Thu 11 Apr</b></td>
<td><a href="{{ site.baseurl }}/Relations/">Relations</a></td>
</tr>
<tr>
<td><b>Fri 19 Apr</b></td>
<td>(Miami)</td>
</tr>
<tr>
<td><b>Fri 26 Apr</b></td>
<td><a href="{{ site.baseurl }}/Equality/">Equality</a> &amp;
<a href="{{ site.baseurl }}/Isomorphism/">Isomorphism</a> &amp;
<a href="{{ site.baseurl }}/Connectives/">Connectives</a></td>
</tr>
<tr>
<td><b>Fri 3 May</b></td>
<td><a href="{{ site.baseurl }}/Negation/">Negation</a> &amp;
<a href="{{ site.baseurl }}/Quantifiers/">Quantifiers</a> &amp;
<a href="{{ site.baseurl }}/Decidable/">Decidable</a> &amp;
<a href="{{ site.baseurl }}/Lists/">Lists</a></td>
</tr>
<tr>
<td><b>Fri 10 May</b></td>
<td>(Melbourne)</td>
</tr>
<tr>
<td><b>Fri 17 May</b></td>
<td>(Sydney)</td>
</tr>
<tr>
<td><b>Fri 24 May</b></td>
<td><a href="{{ site.baseurl }}/Lambda/">Lambda</a> &amp;
<a href="{{ site.baseurl }}/Properties/">Properties</a></td>
</tr>
<tr>
<td><b>Fri 31 May</b></td>
<td>(Padova)</td>
</tr>
<tr>
<td><b>Fri 7 June</b></td>
<td><a href="{{ site.baseurl }}/DeBruijn/">DeBruijn</a> &amp;
<a href="{{ site.baseurl }}/More/">More</a></td>
</tr>
<tr>
<td><b>Fri 14 June</b></td>
<td>(Buenos Aires)</td>
</tr>
<tr>
<td><b>Fri 21 June</b></td>
<td><a href="{{ site.baseurl }}/Inference/">Inference</a> &amp;
<a href="{{ site.baseurl }}/Untyped/">Untyped</a></td>
</tr>
<tr>
<td><b>Fri 28 June</b></td>
<td>Propositions as Types &amp; mock exam</td>
</tr>
<tr>
<td><b>Fri 5 July</b></td>
<td>exam</td>
</tr>
</table>
## Assignments
For instructions on how to set up Agda for PLFA see [Getting Started]({{ site.baseurl }}/GettingStarted/).
* [PUC Assignment 1]({{ site.baseurl }}/PUC/2019/Assignment1/) due Friday 26 April.
* [PUC Assignment 2]({{ site.baseurl }}/PUC/2019/Assignment2/) due Wednesday 22 May.
* [PUC Assignment 3]({{ site.baseurl }}/PUC/2019/Assignment3/) due Wednesday 5 June.
* [PUC Assignment 4]({{ site.baseurl }}/PUC/2019/Assignment4/) due Wednesday 19 June.
* [PUC Assignment 5]({{ site.baseurl }}/PUC/2019/Assignment5/) due Tuesday 25 June.
* [PUC Assignment 6]({{ site.baseurl }}/courses/tspl/2018/Mock1.pdf) due Tuesday 25 June.
Use file [Exam]({{ site.baseurl }}/PUC/2019/Exam/). Despite the rubric, do **all three questions**.
Submit assignments by email to [wadler@inf.ed.ac.uk](mailto:wadler@inf.ed.ac.uk).
Attach a single file named `Assignment1.lagda.md` or the like. Include
your name and email in the submitted file.

27
tspl/Assignment1.lagda → courses/tspl/2018/Assignment1.lagda.md
View file

@ -1,18 +1,18 @@
---
title : "Assignment1: TSPL Assignment 1"
layout : page
permalink : /Assignment1/
permalink : /TSPL/2018/Assignment1/
---
\begin{code}
```
module Assignment1 where
\end{code}
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
This assignment is due **4pm Thursday 4 October** (Week 3).
<!-- This assignment is due **1pm Friday 26 April**. -->
You must do _all_ the exercises labelled "(recommended)".
@ -22,12 +22,12 @@ You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Submit your homework using the "submit" command.
<!-- Submit your homework using the "submit" command. -->
Please ensure your files execute correctly under Agda!
## Imports
\begin{code}
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong; sym)
open Eq.≡-Reasoning using (begin_; _≡⟨⟩_; _≡⟨_⟩_; _∎)
@ -35,7 +35,7 @@ open import Data.Nat using (; zero; suc; _+_; _*_; _∸_; _≤_; z≤n; s≤s
open import Data.Nat.Properties using (+-assoc; +-identityʳ; +-suc; +-comm;
≤-refl; ≤-trans; ≤-antisym; ≤-total; +-monoʳ-≤; +-monoˡ-≤; +-mono-≤)
open import plfa.Relations using (_<_; z<s; s<s; zero; suc; even; odd)
\end{code}
```
## Naturals
@ -73,12 +73,12 @@ Compute `5 ∸ 3` and `3 ∸ 5`, writing out your reasoning as a chain of equati
A more efficient representation of natural numbers uses a binary
rather than a unary system. We represent a number as a bitstring.
\begin{code}
```
data Bin : Set where
nil : Bin
x0_ : Bin → Bin
x1_ : Bin → Bin
\end{code}
```
For instance, the bitstring
1011
@ -125,7 +125,7 @@ Give an example of an operator that has an identity and is
associative but is not commutative.
#### Exercise `finite-+-assoc` (stretch) {#finite-plus-assoc}
#### Exercise `finite-|-assoc` (stretch) {#finite-plus-assoc}
Write out what is known about associativity of addition on each of the first four
days using a finite story of creation, as
@ -145,10 +145,6 @@ the following function from the standard library:
sym : ∀ {m n : } → m ≡ n → n ≡ m
\begin{code}
swap : ∀ (m n p : ) → m + (n + p) ≡ n + (m + p)
swap m n p rewrite sym (+-assoc m n p) | +-comm m n | +-assoc n m p = {!!}
\end{code}
#### Exercise `*-distrib-+` (recommended) {#times-distrib-plus}
@ -183,7 +179,7 @@ Show
for all naturals `n`. Did your proof require induction?
#### Exercise `∸-+-assoc` {#monus-plus-assoc}
#### Exercise `∸-|-assoc` {#monus-plus-assoc}
Show that monus associates with addition, that is,
@ -314,6 +310,5 @@ and back is the identity.
---------------
to (from x) ≡ x
\end{code}
(Hint: For each of these, you may first need to prove related
properties of `One`.)

75
tspl/Assignment2.lagda → courses/tspl/2018/Assignment2.lagda.md
View file

@ -1,18 +1,18 @@
---
title : "Assignment2: TSPL Assignment 2"
layout : page
permalink : /Assignment2/
permalink : /TSPL/2018/Assignment2/
---
\begin{code}
```
module Assignment2 where
\end{code}
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
This assignment is due **4pm Thursday 18 October** (Week 5).
<!-- This assignment is due **4pm Thursday 18 October** (Week 5). -->
You must do _all_ the exercises labelled "(recommended)".
@ -22,12 +22,12 @@ You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Submit your homework using the "submit" command.
<!-- Submit your homework using the "submit" command. -->
Please ensure your files execute correctly under Agda!
## Imports
\begin{code}
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong; sym)
open Eq.≡-Reasoning using (begin_; _≡⟨⟩_; _≡⟨_⟩_; _∎)
@ -50,7 +50,7 @@ open import Data.Product using (Σ; _,_; ∃; Σ-syntax; ∃-syntax)
open import plfa.Relations using (_<_; z<s; s<s)
open import plfa.Isomorphism using (_≃_; ≃-sym; ≃-trans; _≲_; extensionality)
open plfa.Isomorphism.≃-Reasoning
\end{code}
```
## Equality
@ -70,25 +70,25 @@ regard to inequality. Rewrite both `+-monoˡ-≤` and `+-mono-≤`.
#### Exercise `≃-implies-≲`
Show that every isomorphism implies an embedding.
\begin{code}
```
postulate
≃-implies-≲ : ∀ {A B : Set}
→ A ≃ B
-----
→ A ≲ B
\end{code}
```
#### Exercise `_⇔_` (recommended) {#iff}
Define equivalence of propositions (also known as "if and only if") as follows.
\begin{code}
```
record _⇔_ (A B : Set) : Set where
field
to : A → B
from : B → A
open _⇔_
\end{code}
```
Show that equivalence is reflexive, symmetric, and transitive.
#### Exercise `Bin-embedding` (stretch) {#Bin-embedding}
@ -97,12 +97,12 @@ Recall that Exercises
[Bin][plfa.Naturals#Bin] and
[Bin-laws][plfa.Induction#Bin-laws]
define a datatype of bitstrings representing natural numbers.
\begin{code}
```
data Bin : Set where
nil : Bin
x0_ : Bin → Bin
x1_ : Bin → Bin
\end{code}
```
And ask you to define the following functions:
to : → Bin
@ -142,20 +142,20 @@ Show zero is the right identity of addition.
#### Exercise `⊎-weak-×` (recommended)
Show that the following property holds.
\begin{code}
```
postulate
⊎-weak-× : ∀ {A B C : Set} → (A ⊎ B) × C → A ⊎ (B × C)
\end{code}
```
This is called a _weak distributive law_. Give the corresponding
distributive law, and explain how it relates to the weak version.
#### Exercise `⊎×-implies-×⊎`
Show that a disjunct of conjuncts implies a conjunct of disjuncts.
\begin{code}
```
postulate
⊎×-implies-×⊎ : ∀ {A B C D : Set} → (A × B) ⊎ (C × D) → (A ⊎ C) × (B ⊎ D)
\end{code}
```
Does the converse hold? If so, prove; if not, give a counterexample.
@ -214,10 +214,10 @@ Show that each of these implies all the others.
#### Exercise `Stable` (stretch)
Say that a formula is _stable_ if double negation elimination holds for it.
\begin{code}
```
Stable : Set → Set
Stable A = ¬ ¬ A → A
\end{code}
```
Show that any negated formula is stable, and that the conjunction
of two stable formulas is stable.
@ -227,41 +227,41 @@ of two stable formulas is stable.
#### Exercise `∀-distrib-×` (recommended)
Show that universals distribute over conjunction.
\begin{code}
```
postulate
∀-distrib-× : ∀ {A : Set} {B C : A → Set} →
(∀ (x : A) → B x × C x) ≃ (∀ (x : A) → B x) × (∀ (x : A) → C x)
\end{code}
```
Compare this with the result (`→-distrib-×`) in
Chapter [Connectives][plfa.Connectives].
#### Exercise `⊎∀-implies-∀⊎`
Show that a disjunction of universals implies a universal of disjunctions.
\begin{code}
```
postulate
⊎∀-implies-∀⊎ : ∀ {A : Set} { B C : A → Set } →
(∀ (x : A) → B x) ⊎ (∀ (x : A) → C x) → ∀ (x : A) → B x ⊎ C x
\end{code}
```
Does the converse hold? If so, prove; if not, explain why.
#### Exercise `∃-distrib-⊎` (recommended)
Show that existentials distribute over disjunction.
\begin{code}
```
postulate
∃-distrib-⊎ : ∀ {A : Set} {B C : A → Set} →
∃[ x ] (B x ⊎ C x) ≃ (∃[ x ] B x) ⊎ (∃[ x ] C x)
\end{code}
```
#### Exercise `∃×-implies-×∃`
Show that an existential of conjunctions implies a conjunction of existentials.
\begin{code}
```
postulate
∃×-implies-×∃ : ∀ {A : Set} { B C : A → Set } →
∃[ x ] (B x × C x) → (∃[ x ] B x) × (∃[ x ] C x)
\end{code}
```
Does the converse hold? If so, prove; if not, explain why.
#### Exercise `∃-even-odd`
@ -278,13 +278,13 @@ Show that `y ≤ z` holds if and only if there exists a `x` such that
#### Exercise `∃¬-implies-¬∀` (recommended)
Show that existential of a negation implies negation of a universal.
\begin{code}
```
postulate
∃¬-implies-¬∀ : ∀ {A : Set} {B : A → Set}
→ ∃[ x ] (¬ B x)
--------------
→ ¬ (∀ x → B x)
\end{code}
```
Does the converse hold? If so, prove; if not, explain why.
@ -327,39 +327,38 @@ Using the above, establish that there is an isomorphism between `` and
#### Exercise `_<?_` (recommended)
Analogous to the function above, define a function to decide strict inequality.
\begin{code}
```
postulate
_<?_ : ∀ (m n : ) → Dec (m < n)
\end{code}
```
#### Exercise `_≡?_`
Define a function to decide whether two naturals are equal.
\begin{code}
```
postulate
_≡?_ : ∀ (m n : ) → Dec (m ≡ n)
\end{code}
```
#### Exercise `erasure`
Show that erasure relates corresponding boolean and decidable operations.
\begin{code}
```
postulate
∧-× : ∀ {A B : Set} (x : Dec A) (y : Dec B) → ⌊ x ⌋ ∧ ⌊ y ⌋ ≡ ⌊ x ×-dec y ⌋
-× : ∀ {A B : Set} (x : Dec A) (y : Dec B) → ⌊ x ⌋ ⌊ y ⌋ ≡ ⌊ x ⊎-dec y ⌋
not-¬ : ∀ {A : Set} (x : Dec A) → not ⌊ x ⌋ ≡ ⌊ ¬? x ⌋
\end{code}
```
#### Exercise `iff-erasure` (recommended)
Give analogues of the `_⇔_` operation from
Chapter [Isomorphism][plfa.Isomorphism#iff],
operation on booleans and decidables, and also show the corresponding erasure.
\begin{code}
```
postulate
_iff_ : Bool → Bool → Bool
_⇔-dec_ : ∀ {A B : Set} → Dec A → Dec B → Dec (A ⇔ B)
iff-⇔ : ∀ {A B : Set} (x : Dec A) (y : Dec B) → ⌊ x ⌋ iff ⌊ y ⌋ ≡ ⌊ x ⇔-dec y ⌋
\end{code}
```

106
tspl/Assignment3.lagda → courses/tspl/2018/Assignment3.lagda.md
View file

@ -1,18 +1,18 @@
---
title : "Assignment3: TSPL Assignment 3"
layout : page
permalink : /Assignment3/
permalink : /TSPL/2018/Assignment3/
---
\begin{code}
```
module Assignment3 where
\end{code}
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
This assignment is due **4pm Thursday 1 November** (Week 7).
<!-- This assignment is due **4pm Thursday 1 November** (Week 7). -->
You must do _all_ the exercises labelled "(recommended)".
@ -22,12 +22,12 @@ You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Submit your homework using the "submit" command.
<!-- Submit your homework using the "submit" command. -->
Please ensure your files execute correctly under Agda!
## Imports
\begin{code}
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong; sym)
open Eq.≡-Reasoning using (begin_; _≡⟨⟩_; _≡⟨_⟩_; _∎)
@ -49,62 +49,62 @@ open import plfa.Lists using (List; []; _∷_; [_]; [_,_]; [_,_,_]; [_,_,_,_];
_++_; reverse; map; foldr; sum; All; Any; here; there; _∈_)
open import plfa.Lambda hiding (ƛ_⇒_; case_[zero⇒_|suc_⇒_]; μ_⇒_; plus)
open import plfa.Properties hiding (value?; unstuck; preserves; wttdgs)
\end{code}
```
#### Exercise `reverse-++-commute` (recommended)
Show that the reverse of one list appended to another is the
reverse of the second appended to the reverse of the first.
\begin{code}
```
postulate
reverse-++-commute : ∀ {A : Set} {xs ys : List A}
→ reverse (xs ++ ys) ≡ reverse ys ++ reverse xs
\end{code}
```
#### Exercise `reverse-involutive` (recommended)
A function is an _involution_ if when applied twice it acts
as the identity function. Show that reverse is an involution.
\begin{code}
```
postulate
reverse-involutive : ∀ {A : Set} {xs : List A}
→ reverse (reverse xs) ≡ xs
\end{code}
```
#### Exercise `map-compose`
Prove that the map of a composition is equal to the composition of two maps.
\begin{code}
```
postulate
map-compose : ∀ {A B C : Set} {f : A → B} {g : B → C}
→ map (g ∘ f) ≡ map g ∘ map f
\end{code}
```
The last step of the proof requires extensionality.
#### Exercise `map-++-commute`
Prove the following relationship between map and append.
\begin{code}
```
postulate
map-++-commute : ∀ {A B : Set} {f : A → B} {xs ys : List A}
→ map f (xs ++ ys) ≡ map f xs ++ map f ys
\end{code}
```
#### Exercise `map-Tree`
Define a type of trees with leaves of type `A` and internal
nodes of type `B`.
\begin{code}
```
data Tree (A B : Set) : Set where
leaf : A → Tree A B
node : Tree A B → B → Tree A B → Tree A B
\end{code}
Define a suitabve map operator over trees.
\begin{code}
```
Define a suitable map operator over trees.
```
postulate
map-Tree : ∀ {A B C D : Set}
→ (A → C) → (B → D) → Tree A B → Tree C D
\end{code}
```
#### Exercise `product` (recommended)
@ -116,56 +116,56 @@ For example,
#### Exercise `foldr-++` (recommended)
Show that fold and append are related as follows.
\begin{code}
```
postulate
foldr-++ : ∀ {A B : Set} (_⊗_ : A → B → B) (e : B) (xs ys : List A) →
foldr _⊗_ e (xs ++ ys) ≡ foldr _⊗_ (foldr _⊗_ e ys) xs
\end{code}
```
#### Exercise `map-is-foldr`
Show that map can be defined using fold.
\begin{code}
```
postulate
map-is-foldr : ∀ {A B : Set} {f : A → B} →
map f ≡ foldr (λ x xs → f x ∷ xs) []
\end{code}
```
This requires extensionality.
#### Exercise `fold-Tree`
Define a suitable fold function for the type of trees given earlier.
\begin{code}
```
postulate
fold-Tree : ∀ {A B C : Set}
→ (A → C) → (C → B → C → C) → Tree A B → C
\end{code}
```
#### Exercise `map-is-fold-Tree`
Demonstrate an anologue of `map-is-foldr` for the type of trees.
Demonstrate an analogue of `map-is-foldr` for the type of trees.
#### Exercise `sum-downFrom` (stretch)
Define a function that counts down as follows.
\begin{code}
```
downFrom : → List
downFrom zero = []
downFrom (suc n) = n ∷ downFrom n
\end{code}
```
For example,
\begin{code}
```
_ : downFrom 3 ≡ [ 2 , 1 , 0 ]
_ = refl
\end{code}
```
Prove that the sum of the numbers `(n - 1) + ⋯ + 0` is
equal to `n * (n ∸ 1) / 2`.
\begin{code}
```
postulate
sum-downFrom : ∀ (n : )
→ sum (downFrom n) * 2 ≡ n * (n ∸ 1)
\end{code}
```
#### Exercise `foldl`
@ -199,25 +199,25 @@ Show that the equivalence `All-++-⇔` can be extended to an isomorphism.
First generalise composition to arbitrary levels, using
[universe polymorphism][plfa.Equality#unipoly].
\begin{code}
```
_∘_ : ∀ {ℓ₁ ℓ₂ ℓ₃ : Level} {A : Set ℓ₁} {B : Set ℓ₂} {C : Set ℓ₃}
→ (B → C) → (A → B) → A → C
(g ∘′ f) x = g (f x)
\end{code}
```
Show that `Any` and `All` satisfy a version of De Morgan's Law.
\begin{code}
```
postulate
¬Any≃All¬ : ∀ {A : Set} (P : A → Set) (xs : List A)
→ (¬_ ∘′ Any P) xs ≃ All (¬_ ∘′ P) xs
\end{code}
```
Do we also have the following?
\begin{code}
```
postulate
¬All≃Any¬ : ∀ {A : Set} (P : A → Set) (xs : List A)
→ (¬_ ∘′ All P) xs ≃ Any (¬_ ∘′ P) xs
\end{code}
```
If so, prove; if not, explain why.
@ -234,11 +234,11 @@ for some element of a list. Give their definitions.
Define the following variant of the traditional `filter` function on lists,
which given a list and a decidable predicate returns all elements of the
list satisfying the predicate.
\begin{code}
```
postulate
filter? : ∀ {A : Set} {P : A → Set}
→ (P? : Decidable P) → List A → ∃[ ys ]( All P ys )
\end{code}
```
## Lambda
@ -251,9 +251,9 @@ two natural numbers.
#### Exercise `primed` (stretch)
We can make examples with lambda terms slighly easier to write
We can make examples with lambda terms slightly easier to write
by adding the following definitions.
\begin{code}
```
ƛ_⇒_ : Term → Term → Term
ƛ′ (` x) ⇒ N = ƛ x ⇒ N
ƛ′ _ ⇒ _ = ⊥-elim impossible
@ -268,9 +268,9 @@ case _ [zero⇒ _ |suc _ ⇒ _ ] = ⊥-elim impossible
μ′ (` x) ⇒ N = μ x ⇒ N
μ′ _ ⇒ _ = ⊥-elim impossible
where postulate impossible : ⊥
\end{code}
```
The definition of `plus` can now be written as follows.
\begin{code}
```
plus : Term
plus = μ′ + ⇒ ƛ′ m ⇒ ƛ′ n ⇒
case m
@ -280,7 +280,7 @@ plus = μ′ + ⇒ ƛ′ m ⇒ ƛ′ n ⇒
+ = ` "+"
m = ` "m"
n = ` "n"
\end{code}
```
Write out the definition of multiplication in the same style.
#### Exercise `_[_:=_]` (stretch)
@ -327,10 +327,10 @@ proof of `progress` above.
Combine `progress` and `—→¬V` to write a program that decides
whether a well-typed term is a value.
\begin{code}
```
postulate
value? : ∀ {A M} → ∅ ⊢ M ⦂ A → Dec (Value M)
\end{code}
```
#### Exercise `subst` (stretch)
@ -342,7 +342,7 @@ defined by mutual recursion with the proof that substitution
preserves types.
#### Exercise `mul-example` (recommended)
#### Exercise `mul-eval` (recommended)
Using the evaluator, confirm that two times two is four.
@ -372,11 +372,3 @@ Give an example of an ill-typed term that does get stuck.
#### Exercise `unstuck` (recommended)
Provide proofs of the three postulates, `unstuck`, `preserves`, and `wttdgs` above.

174
tspl/Assignment4.lagda → courses/tspl/2018/Assignment4.lagda.md
View file

@ -1,19 +1,19 @@
---
title : "Assignment4: TSPL Assignment 4"
layout : page
permalink : /Assignment4/
permalink : /TSPL/2018/Assignment4/
---
\begin{code}
```
module Assignment4 where
\end{code}
```
## YOUR NAME AND EMAIL GOES HERE
## Introduction
This assignment is due **4pm Thursday 15 November** (Week 9).
<!-- This assignment is due **4pm Thursday 15 November** (Week 9). -->
You must do _all_ the exercises labelled "(recommended)".
@ -23,10 +23,10 @@ You don't need to do all of these, but should attempt at least a few.
Exercises without a label are optional, and may be done if you want
some extra practice.
Submit your homework using the "submit" command.
<!-- Submit your homework using the "submit" command. -->
Please ensure your files execute correctly under Agda!
_IMPORTANT_ For ease of marking, when modifying the given code please write
**IMPORTANT** For ease of marking, when modifying the given code please write
-- begin
-- end
@ -36,37 +36,36 @@ before and after code you add, to indicate your changes.
## Imports
\begin{code}
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; sym; trans; cong; cong₂; _≢_)
open import Data.Empty using (⊥; ⊥-elim)
open import Data.Nat using (; zero; suc; _+_; _*_)
open import Data.Product using (_×_; ∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
open import Data.String using (String)
open import Data.String.Unsafe using (_≟_)
open import Data.String using (String; _≟_)
open import Relation.Nullary using (¬_; Dec; yes; no)
\end{code}
```
## DeBruijn
\begin{code}
```
module DeBruijn where
\end{code}
```
Remember to indent all code by two spaces.
\begin{code}
```
open import plfa.DeBruijn
\end{code}
```
#### Exercise (`mul`) (recommended)
Write out the definition of a lambda term that multiplies
two natural numbers, now adapted to the inherently typed
DeBruijn represenation.
DeBruijn representation.
#### Exercise `V¬—→`
@ -76,23 +75,23 @@ not reduce, and its corollary, terms that reduce are not
values.
#### Exercise `mul-example` (recommended)
#### Exercise `mul-eval` (recommended)
Using the evaluator, confirm that two times two is four.
## More
\begin{code}
```
module More where
\end{code}
```
Remember to indent all code by two spaces.
### Syntax
\begin{code}
```
infix 4 _⊢_
infix 4 _∋_
infixl 5 _,_
@ -109,11 +108,11 @@ Remember to indent all code by two spaces.
infix 9 `_
infix 9 S_
infix 9 #_
\end{code}
```
### Types
\begin{code}
```
data Type : Set where
` : Type
_⇒_ : Type → Type → Type
@ -123,19 +122,19 @@ Remember to indent all code by two spaces.
` : Type
`⊥ : Type
`List : Type → Type
\end{code}
```
### Contexts
\begin{code}
```
data Context : Set where
∅ : Context
_,_ : Context → Type → Context
\end{code}
```
### Variables and the lookup judgment
\begin{code}
```
data _∋_ : Context → Type → Set where
Z : ∀ {Γ A}
@ -146,11 +145,11 @@ Remember to indent all code by two spaces.
→ Γ ∋ B
---------
→ Γ , A ∋ B
\end{code}
```
### Terms and the typing judgment
\begin{code}
```
data _⊢_ : Context → Type → Set where
-- variables
@ -245,11 +244,11 @@ Remember to indent all code by two spaces.
--------------
→ Γ ⊢ C
\end{code}
```
### Abbreviating de Bruijn indices
\begin{code}
```
lookup : Context → → Type
lookup (Γ , A) zero = A
lookup (Γ , _) (suc n) = lookup Γ n
@ -264,11 +263,11 @@ Remember to indent all code by two spaces.
#_ : ∀ {Γ} → (n : ) → Γ ⊢ lookup Γ n
# n = ` count n
\end{code}
```
## Renaming
\begin{code}
```
ext : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ∋ A) → (∀ {A B} → Γ , A ∋ B → Δ , A ∋ B)
ext ρ Z = Z
ext ρ (S x) = S (ρ x)
@ -288,11 +287,11 @@ Remember to indent all code by two spaces.
rename ρ (`proj₁ L) = `proj₁ (rename ρ L)
rename ρ (`proj₂ L) = `proj₂ (rename ρ L)
rename ρ (case× L M) = case× (rename ρ L) (rename (ext (ext ρ)) M)
\end{code}
```
## Simultaneous Substitution
\begin{code}
```
exts : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ⊢ A) → (∀ {A B} → Γ , A ∋ B → Δ , A ⊢ B)
exts σ Z = ` Z
exts σ (S x) = rename S_ (σ x)
@ -312,11 +311,11 @@ Remember to indent all code by two spaces.
subst σ (`proj₁ L) = `proj₁ (subst σ L)
subst σ (`proj₂ L) = `proj₂ (subst σ L)
subst σ (case× L M) = case× (subst σ L) (subst (exts (exts σ)) M)
\end{code}
```
## Single and double substitution
\begin{code}
```
_[_] : ∀ {Γ A B}
→ Γ , A ⊢ B
→ Γ ⊢ A
@ -340,11 +339,11 @@ Remember to indent all code by two spaces.
σ Z = W
σ (S Z) = V
σ (S (S x)) = ` x
\end{code}
```
## Values
\begin{code}
```
data Value : ∀ {Γ A} → Γ ⊢ A → Set where
-- functions
@ -377,14 +376,14 @@ Remember to indent all code by two spaces.
→ Value W
----------------
→ Value `⟨ V , W ⟩
\end{code}
```
Implicit arguments need to be supplied when they are
not fixed by the given arguments.
## Reduction
\begin{code}
```
infix 2 _—→_
data _—→_ : ∀ {Γ A} → (Γ ⊢ A) → (Γ ⊢ A) → Set where
@ -510,11 +509,11 @@ not fixed by the given arguments.
→ Value W
----------------------------------
→ case× `⟨ V , W ⟩ M —→ M [ V ][ W ]
\end{code}
```
## Reflexive and transitive closure
\begin{code}
```
infix 2 _—↠_
infix 1 begin_
infixr 2 _—→⟨_⟩_
@ -537,12 +536,12 @@ not fixed by the given arguments.
------
→ M —↠ N
begin M—↠N = M—↠N
\end{code}
```
## Values do not reduce
\begin{code}
```
V¬—→ : ∀ {Γ A} {M N : Γ ⊢ A}
→ Value M
----------
@ -553,12 +552,12 @@ not fixed by the given arguments.
V¬—→ V-con ()
V¬—→ V-⟨ VM , _ ⟩ (ξ-⟨,⟩₁ M—→M) = V¬—→ VM M—→M
V¬—→ V-⟨ _ , VN ⟩ (ξ-⟨,⟩₂ _ N—→N) = V¬—→ VN N—→N
\end{code}
```
## Progress
\begin{code}
```
data Progress {A} (M : ∅ ⊢ A) : Set where
step : ∀ {N : ∅ ⊢ A}
@ -614,12 +613,12 @@ not fixed by the given arguments.
progress (case× L M) with progress L
... | step L—→L = step (ξ-case× L—→L)
... | done (V-⟨ VM , VN ⟩) = step (β-case× VM VN)
\end{code}
```
## Evaluation
\begin{code}
```
data Gas : Set where
gas : → Gas
@ -652,11 +651,11 @@ not fixed by the given arguments.
... | done VL = steps (L ∎) (done VL)
... | step {M} L—→M with eval (gas m) M
... | steps M—↠N fin = steps (L —→⟨ L—→M ⟩ M—↠N) fin
\end{code}
```
## Examples
\begin{code}
```
cube : ∅ ⊢ Nat ⇒ Nat
cube = ƛ (# 0 `* # 0 `* # 0)
@ -727,7 +726,7 @@ not fixed by the given arguments.
—→⟨ β-case× V-con V-zero ⟩
`⟨ `zero , con 42 ⟩
\end{code}
```
#### Exercise `More` (recommended in part)
@ -762,21 +761,21 @@ In this case, the simulation is _not_ lock-step.
## Inference
\begin{code}
```
module Inference where
\end{code}
```
Remember to indent all code by two spaces.
### Imports
\begin{code}
```
import plfa.More as DB
\end{code}
```
### Syntax
\begin{code}
```
infix 4 _∋_⦂_
infix 4 _⊢_↑_
infix 4 _⊢_↓_
@ -791,11 +790,11 @@ Remember to indent all code by two spaces.
infixl 7 _·_
infix 8 `suc_
infix 9 `_
\end{code}
```
### Identifiers, types, and contexts
\begin{code}
```
Id : Set
Id = String
@ -806,11 +805,11 @@ Remember to indent all code by two spaces.
data Context : Set where
∅ : Context
_,_⦂_ : Context → Id → Type → Context
\end{code}
```
### Terms
\begin{code}
```
data Term⁺ : Set
data Term⁻ : Set
@ -826,11 +825,11 @@ Remember to indent all code by two spaces.
`case_[zero⇒_|suc_⇒_] : Term⁺ → Term⁻ → Id → Term⁻ → Term⁻
μ_⇒_ : Id → Term⁻ → Term⁻
_↑ : Term⁺ → Term⁻
\end{code}
```
### Sample terms
\begin{code}
```
two : Term⁻
two = `suc (`suc `zero)
@ -839,14 +838,11 @@ Remember to indent all code by two spaces.
`case (` "m") [zero⇒ ` "n" ↑
|suc "m" ⇒ `suc (` "p" · (` "m" ↑) · (` "n" ↑) ↑) ])
` ⇒ ` ⇒ `
2+2 : Term⁺
2+2 = plus · two · two
\end{code}
```
### Lookup
\begin{code}
```
data _∋_⦂_ : Context → Id → Type → Set where
Z : ∀ {Γ x A}
@ -858,11 +854,11 @@ Remember to indent all code by two spaces.
→ Γ ∋ x ⦂ A
-----------------
→ Γ , y ⦂ B ∋ x ⦂ A
\end{code}
```
### Bidirectional type checking
\begin{code}
```
data _⊢_↑_ : Context → Term⁺ → Type → Set
data _⊢_↓_ : Context → Term⁻ → Type → Set
@ -917,12 +913,12 @@ Remember to indent all code by two spaces.
→ A ≡ B
-------------
→ Γ ⊢ (M ↑) ↓ B
\end{code}
```
### Type equality
\begin{code}
```
_≟Tp_ : (A B : Type) → Dec (A ≡ B)
` ≟Tp ` = yes refl
` ≟Tp (A ⇒ B) = no λ()
@ -932,11 +928,11 @@ Remember to indent all code by two spaces.
... | no A≢ | _ = no λ{refl → A≢ refl}
... | yes _ | no B≢ = no λ{refl → B≢ refl}
... | yes refl | yes refl = yes refl
\end{code}
```
### Prerequisites
\begin{code}
```
dom≡ : ∀ {A A B B} → A ⇒ B ≡ A ⇒ B → A ≡ A
dom≡ refl = refl
@ -945,31 +941,31 @@ Remember to indent all code by two spaces.
ℕ≢⇒ : ∀ {A B} → ` ≢ A ⇒ B
ℕ≢⇒ ()
\end{code}
```
### Unique lookup
\begin{code}
```
uniq-∋ : ∀ {Γ x A B} → Γ ∋ x ⦂ A → Γ ∋ x ⦂ B → A ≡ B
uniq-∋ Z Z = refl
uniq-∋ Z (S x≢y _) = ⊥-elim (x≢y refl)
uniq-∋ (S x≢y _) Z = ⊥-elim (x≢y refl)
uniq-∋ (S _ ∋x) (S _ ∋x) = uniq-∋ ∋x ∋x
\end{code}
```
### Unique synthesis
\begin{code}
```
uniq-↑ : ∀ {Γ M A B} → Γ ⊢ M ↑ A → Γ ⊢ M ↑ B → A ≡ B
uniq-↑ (⊢` ∋x) (⊢` ∋x) = uniq-∋ ∋x ∋x
uniq-↑ (⊢L · ⊢M) (⊢L · ⊢M) = rng≡ (uniq-↑ ⊢L ⊢L)
uniq-↑ (⊢↓ ⊢M) (⊢↓ ⊢M) = refl
\end{code}
```
## Lookup type of a variable in the context
\begin{code}
```
ext∋ : ∀ {Γ B x y}
→ x ≢ y
→ ¬ ∃[ A ]( Γ ∋ x ⦂ A )
@ -987,11 +983,11 @@ Remember to indent all code by two spaces.
... | no x≢y with lookup Γ x
... | no ¬∃ = no (ext∋ x≢y ¬∃)
... | yes ⟨ A , ⊢x ⟩ = yes ⟨ A , S x≢y ⊢x ⟩
\end{code}
```
### Promoting negations
\begin{code}
```
¬arg : ∀ {Γ A B L M}
→ Γ ⊢ L ↑ A ⇒ B
→ ¬ Γ ⊢ M ↓ A
@ -1005,12 +1001,12 @@ Remember to indent all code by two spaces.
---------------
→ ¬ Γ ⊢ (M ↑) ↓ B
¬switch ⊢M A≢B (⊢↑ ⊢M A≡B) rewrite uniq-↑ ⊢M ⊢M = A≢B A≡B
\end{code}
```
## Synthesize and inherit types
\begin{code}
```
synthesize : ∀ (Γ : Context) (M : Term⁺)
-----------------------
→ Dec (∃[ A ](Γ ⊢ M ↑ A))
@ -1058,11 +1054,11 @@ Remember to indent all code by two spaces.
... | yes ⟨ A , ⊢M ⟩ with A ≟Tp B
... | no A≢B = no (¬switch ⊢M A≢B)
... | yes A≡B = yes (⊢↑ ⊢M A≡B)
\end{code}
```
### Erasure
\begin{code}
```
∥_∥Tp : Type → DB.Type
` ∥Tp = DB.`
∥ A ⇒ B ∥Tp = ∥ A ∥Tp DB.⇒ ∥ B ∥Tp
@ -1088,7 +1084,7 @@ Remember to indent all code by two spaces.
∥ ⊢case ⊢L ⊢M ⊢N ∥⁻ = DB.case ∥ ⊢L ∥⁺ ∥ ⊢M ∥⁻ ∥ ⊢N ∥⁻
∥ ⊢μ ⊢M ∥⁻ = DB.μ ∥ ⊢M ∥⁻
∥ ⊢↑ ⊢M refl ∥⁻ = ∥ ⊢M ∥⁺
\end{code}
```
#### Exercise `bidirectional-mul` (recommended) {#bidirectional-mul}
@ -1148,12 +1144,12 @@ unless both terms are in normal form.
How would the rules change if we want call-by-value where terms
do not reduce underneath lambda? Assume that `β`
permits reduction when both terms are values (that is, lambda
abstractions). What would `2+2ᶜ` reduce to in this case?
abstractions). What would `plusᶜ · twoᶜ · twoᶜ` reduce to in this case?
#### Exercise `2+2≡four`
#### Exercise `plus-eval`
Use the evaluator to confirm that `2+2` and `four` normalise to
the same term.
Use the evaluator to confirm that `plus · two · two` and `four`
normalise to the same term.
#### Exercise `multiplication-untyped` (recommended)

678
courses/tspl/2018/Exam.lagda.md Normal file
View file

@ -0,0 +1,678 @@
---
title : "Exam: TSPL Mock Exam file"
layout : page
permalink : /TSPL/2018/Exam/
---
```
module Exam where
```
**IMPORTANT** For ease of marking, when modifying the given code please write
-- begin
-- end
before and after code you add, to indicate your changes.
## Imports
```
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; sym; trans; cong; _≢_)
open import Data.Empty using (⊥; ⊥-elim)
open import Data.Nat using (; zero; suc)
open import Data.List using (List; []; _∷_; _++_)
open import Data.Product using (∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
open import Data.String using (String; _≟_)
open import Relation.Nullary using (¬_; Dec; yes; no)
open import Relation.Binary using (Decidable)
```
## Problem 1
```
module Problem1 where
open import Function using (_∘_)
```
Remember to indent all code by two spaces.
### (a)
### (b)
### (c)
## Problem 2
Remember to indent all code by two spaces.
```
module Problem2 where
```
### Infix declarations
```
infix 4 _⊢_
infix 4 _∋_
infixl 5 _,_
infixr 7 _⇒_
infix 5 ƛ_
infix 5 μ_
infixl 7 _·_
infix 8 `suc_
infix 9 `_
infix 9 S_
infix 9 #_
```
### Types and contexts
```
data Type : Set where
_⇒_ : Type → Type → Type
` : Type
data Context : Set where
∅ : Context
_,_ : Context → Type → Context
```
### Variables and the lookup judgment
```
data _∋_ : Context → Type → Set where
Z : ∀ {Γ A}
----------
→ Γ , A ∋ A
S_ : ∀ {Γ A B}
→ Γ ∋ A
---------
→ Γ , B ∋ A
```
### Terms and the typing judgment
```
data _⊢_ : Context → Type → Set where
`_ : ∀ {Γ} {A}
→ Γ ∋ A
------
→ Γ ⊢ A
ƛ_ : ∀ {Γ} {A B}
→ Γ , A ⊢ B
----------
→ Γ ⊢ A ⇒ B
_·_ : ∀ {Γ} {A B}
→ Γ ⊢ A ⇒ B
→ Γ ⊢ A
----------
→ Γ ⊢ B
`zero : ∀ {Γ}
----------
→ Γ ⊢ `
`suc_ : ∀ {Γ}
→ Γ ⊢ `
-------
→ Γ ⊢ `
case : ∀ {Γ A}
→ Γ ⊢ `
→ Γ ⊢ A
→ Γ , ` ⊢ A
-----------
→ Γ ⊢ A
μ_ : ∀ {Γ A}
→ Γ , A ⊢ A
----------
→ Γ ⊢ A
```
### Abbreviating de Bruijn indices
```
lookup : Context → → Type
lookup (Γ , A) zero = A
lookup (Γ , _) (suc n) = lookup Γ n
lookup ∅ _ = ⊥-elim impossible
where postulate impossible : ⊥
count : ∀ {Γ} → (n : ) → Γ ∋ lookup Γ n
count {Γ , _} zero = Z
count {Γ , _} (suc n) = S (count n)
count {∅} _ = ⊥-elim impossible
where postulate impossible : ⊥
#_ : ∀ {Γ} → (n : ) → Γ ⊢ lookup Γ n
# n = ` count n
```
### Renaming
```
ext : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ∋ A)
-----------------------------------
→ (∀ {A B} → Γ , B ∋ A → Δ , B ∋ A)
ext ρ Z = Z
ext ρ (S x) = S (ρ x)
rename : ∀ {Γ Δ}
→ (∀ {A} → Γ ∋ A → Δ ∋ A)
------------------------
→ (∀ {A} → Γ ⊢ A → Δ ⊢ A)
rename ρ (` x) = ` (ρ x)
rename ρ (ƛ N) = ƛ (rename (ext ρ) N)
rename ρ (L · M) = (rename ρ L) · (rename ρ M)
rename ρ (`zero) = `zero
rename ρ (`suc M) = `suc (rename ρ M)
rename ρ (case L M N) = case (rename ρ L) (rename ρ M) (rename (ext ρ) N)
rename ρ (μ N) = μ (rename (ext ρ) N)
```
### Simultaneous Substitution
```
exts : ∀ {Γ Δ} → (∀ {A} → Γ ∋ A → Δ ⊢ A)
----------------------------------
→ (∀ {A B} → Γ , B ∋ A → Δ , B ⊢ A)
exts σ Z = ` Z
exts σ (S x) = rename S_ (σ x)
subst : ∀ {Γ Δ}
→ (∀ {A} → Γ ∋ A → Δ ⊢ A)
------------------------
→ (∀ {A} → Γ ⊢ A → Δ ⊢ A)
subst σ (` k) = σ k
subst σ (ƛ N) = ƛ (subst (exts σ) N)
subst σ (L · M) = (subst σ L) · (subst σ M)
subst σ (`zero) = `zero
subst σ (`suc M) = `suc (subst σ M)
subst σ (case L M N) = case (subst σ L) (subst σ M) (subst (exts σ) N)
subst σ (μ N) = μ (subst (exts σ) N)
```
### Single substitution
```
_[_] : ∀ {Γ A B}
→ Γ , B ⊢ A
→ Γ ⊢ B
---------
→ Γ ⊢ A
_[_] {Γ} {A} {B} N M = subst {Γ , B} {Γ} σ {A} N
where
σ : ∀ {A} → Γ , B ∋ A → Γ ⊢ A
σ Z = M
σ (S x) = ` x
```
### Values
```
data Value : ∀ {Γ A} → Γ ⊢ A → Set where
V-ƛ : ∀ {Γ A B} {N : Γ , A ⊢ B}
---------------------------
→ Value (ƛ N)
V-zero : ∀ {Γ}
-----------------
→ Value (`zero {Γ})
V-suc : ∀ {Γ} {V : Γ ⊢ `}
→ Value V
--------------
→ Value (`suc V)
```
### Reduction
```
infix 2 _—→_
data _—→_ : ∀ {Γ A} → (Γ ⊢ A) → (Γ ⊢ A) → Set where
ξ-·₁ : ∀ {Γ A B} {L L : Γ ⊢ A ⇒ B} {M : Γ ⊢ A}
→ L —→ L
-----------------
→ L · M —→ L · M
ξ-·₂ : ∀ {Γ A B} {V : Γ ⊢ A ⇒ B} {M M : Γ ⊢ A}
→ Value V
→ M —→ M
--------------
→ V · M —→ V · M
β-ƛ : ∀ {Γ A B} {N : Γ , A ⊢ B} {W : Γ ⊢ A}
→ Value W
-------------------
→ (ƛ N) · W —→ N [ W ]
ξ-suc : ∀ {Γ} {M M : Γ ⊢ `}
→ M —→ M
----------------
`suc M —→ `suc M
ξ-case : ∀ {Γ A} {L L : Γ ⊢ `} {M : Γ ⊢ A} {N : Γ , ` ⊢ A}
→ L —→ L
--------------------------
→ case L M N —→ case L M N
β-zero : ∀ {Γ A} {M : Γ ⊢ A} {N : Γ , ` ⊢ A}
-------------------
→ case `zero M N —→ M
β-suc : ∀ {Γ A} {V : Γ ⊢ `} {M : Γ ⊢ A} {N : Γ , ` ⊢ A}
→ Value V
-----------------------------
→ case (`suc V) M N —→ N [ V ]
β-μ : ∀ {Γ A} {N : Γ , A ⊢ A}
---------------
→ μ N —→ N [ μ N ]
```
### Reflexive and transitive closure
```
infix 2 _—↠_
infix 1 begin_
infixr 2 _—→⟨_⟩_
infix 3 _∎
data _—↠_ : ∀ {Γ A} → (Γ ⊢ A) → (Γ ⊢ A) → Set where
_∎ : ∀ {Γ A} (M : Γ ⊢ A)
--------
→ M —↠ M
_—→⟨_⟩_ : ∀ {Γ A} (L : Γ ⊢ A) {M N : Γ ⊢ A}
→ L —→ M
→ M —↠ N
---------
→ L —↠ N
begin_ : ∀ {Γ} {A} {M N : Γ ⊢ A}
→ M —↠ N
------
→ M —↠ N
begin M—↠N = M—↠N
```
### Progress
```
data Progress {A} (M : ∅ ⊢ A) : Set where
step : ∀ {N : ∅ ⊢ A}
→ M —→ N
-------------
→ Progress M
done :
Value M
----------
→ Progress M
progress : ∀ {A} → (M : ∅ ⊢ A) → Progress M
progress (` ())
progress (ƛ N) = done V-ƛ
progress (L · M) with progress L
... | step L—→L = step (ξ-·₁ L—→L)
... | done V-ƛ with progress M
... | step M—→M = step (ξ-·₂ V-ƛ M—→M)
... | done VM = step (β-ƛ VM)
progress (`zero) = done V-zero
progress (`suc M) with progress M
... | step M—→M = step (ξ-suc M—→M)
... | done VM = done (V-suc VM)
progress (case L M N) with progress L
... | step L—→L = step (ξ-case L—→L)
... | done V-zero = step (β-zero)
... | done (V-suc VL) = step (β-suc VL)
progress (μ N) = step (β-μ)
```
### Evaluation
```
data Gas : Set where
gas : → Gas
data Finished {Γ A} (N : Γ ⊢ A) : Set where
done :
Value N
----------
→ Finished N
out-of-gas :
----------
Finished N
data Steps : ∀ {A} → ∅ ⊢ A → Set where
steps : ∀ {A} {L N : ∅ ⊢ A}
→ L —↠ N
→ Finished N
----------
→ Steps L
eval : ∀ {A}
→ Gas
→ (L : ∅ ⊢ A)
-----------
→ Steps L
eval (gas zero) L = steps (L ∎) out-of-gas
eval (gas (suc m)) L with progress L
... | done VL = steps (L ∎) (done VL)
... | step {M} L—→M with eval (gas m) M
... | steps M—↠N fin = steps (L —→⟨ L—→M ⟩ M—↠N) fin
```
## Problem 3
Remember to indent all code by two spaces.
```
module Problem3 where
```
### Imports
```
import plfa.DeBruijn as DB
```
### Syntax
```
infix 4 _∋_⦂_
infix 4 _⊢_↑_
infix 4 _⊢_↓_
infixl 5 _,_⦂_
infix 5 ƛ_⇒_
infix 5 μ_⇒_
infix 6 _↑
infix 6 _↓_
infixl 7 _·_
infix 8 `suc_
infix 9 `_
```
### Types
```
data Type : Set where
_⇒_ : Type → Type → Type
` : Type
```
### Identifiers
```
Id : Set
Id = String
```
### Contexts
```
data Context : Set where
∅ : Context
_,_⦂_ : Context → Id → Type → Context
```
### Terms
```
data Term⁺ : Set
data Term⁻ : Set
data Term⁺ where
`_ : Id → Term⁺
_·_ : Term⁺ → Term⁻ → Term⁺
_↓_ : Term⁻ → Type → Term⁺
data Term⁻ where
ƛ_⇒_ : Id → Term⁻ → Term⁻
`zero : Term⁻
`suc_ : Term⁻ → Term⁻
`case_[zero⇒_|suc_⇒_] : Term⁺ → Term⁻ → Id → Term⁻ → Term⁻
μ_⇒_ : Id → Term⁻ → Term⁻
_↑ : Term⁺ → Term⁻
```
### Lookup
```
data _∋_⦂_ : Context → Id → Type → Set where
Z : ∀ {Γ x A}
--------------------
→ Γ , x ⦂ A ∋ x ⦂ A
S : ∀ {Γ x y A B}
→ x ≢ y
→ Γ ∋ x ⦂ A
-----------------
→ Γ , y ⦂ B ∋ x ⦂ A
```
### Bidirectional type checking
```
data _⊢_↑_ : Context → Term⁺ → Type → Set
data _⊢_↓_ : Context → Term⁻ → Type → Set
data _⊢_↑_ where
⊢` : ∀ {Γ A x}
→ Γ ∋ x ⦂ A
-----------
→ Γ ⊢ ` x ↑ A
_·_ : ∀ {Γ L M A B}
→ Γ ⊢ L ↑ A ⇒ B
→ Γ ⊢ M ↓ A
-------------
→ Γ ⊢ L · M ↑ B
⊢↓ : ∀ {Γ M A}
→ Γ ⊢ M ↓ A
---------------
→ Γ ⊢ (M ↓ A) ↑ A
data _⊢_↓_ where
⊢ƛ : ∀ {Γ x N A B}
→ Γ , x ⦂ A ⊢ N ↓ B
-------------------
→ Γ ⊢ ƛ x ⇒ N ↓ A ⇒ B
⊢zero : ∀ {Γ}
--------------
→ Γ ⊢ `zero ↓ `
⊢suc : ∀ {Γ M}
→ Γ ⊢ M ↓ `
---------------
→ Γ ⊢ `suc M ↓ `
⊢case : ∀ {Γ L M x N A}
→ Γ ⊢ L ↑ `
→ Γ ⊢ M ↓ A
→ Γ , x ⦂ ` ⊢ N ↓ A
-------------------------------------
→ Γ ⊢ `case L [zero⇒ M |suc x ⇒ N ] ↓ A
⊢μ : ∀ {Γ x N A}
→ Γ , x ⦂ A ⊢ N ↓ A
-----------------
→ Γ ⊢ μ x ⇒ N ↓ A
⊢↑ : ∀ {Γ M A B}
→ Γ ⊢ M ↑ A
→ A ≡ B
-------------
→ Γ ⊢ (M ↑) ↓ B
```
### Type equality
```
_≟Tp_ : (A B : Type) → Dec (A ≡ B)
` ≟Tp ` = yes refl
` ≟Tp (A ⇒ B) = no λ()
(A ⇒ B) ≟Tp ` = no λ()
(A ⇒ B) ≟Tp (A ⇒ B)
with A ≟Tp A | B ≟Tp B
... | no A≢ | _ = no λ{refl → A≢ refl}
... | yes _ | no B≢ = no λ{refl → B≢ refl}
... | yes refl | yes refl = yes refl
```
### Prerequisites
```
dom≡ : ∀ {A A B B} → A ⇒ B ≡ A ⇒ B → A ≡ A
dom≡ refl = refl
rng≡ : ∀ {A A B B} → A ⇒ B ≡ A ⇒ B → B ≡ B
rng≡ refl = refl
ℕ≢⇒ : ∀ {A B} → ` ≢ A ⇒ B
ℕ≢⇒ ()
```
### Unique lookup
```
uniq-∋ : ∀ {Γ x A B} → Γ ∋ x ⦂ A → Γ ∋ x ⦂ B → A ≡ B
uniq-∋ Z Z = refl
uniq-∋ Z (S x≢y _) = ⊥-elim (x≢y refl)
uniq-∋ (S x≢y _) Z = ⊥-elim (x≢y refl)
uniq-∋ (S _ ∋x) (S _ ∋x) = uniq-∋ ∋x ∋x
```
### Unique synthesis
```
uniq-↑ : ∀ {Γ M A B} → Γ ⊢ M ↑ A → Γ ⊢ M ↑ B → A ≡ B
uniq-↑ (⊢` ∋x) (⊢` ∋x) = uniq-∋ ∋x ∋x
uniq-↑ (⊢L · ⊢M) (⊢L · ⊢M) = rng≡ (uniq-↑ ⊢L ⊢L)
uniq-↑ (⊢↓ ⊢M) (⊢↓ ⊢M) = refl
```
## Lookup type of a variable in the context
```
ext∋ : ∀ {Γ B x y}
→ x ≢ y
→ ¬ ∃[ A ]( Γ ∋ x ⦂ A )
-----------------------------
→ ¬ ∃[ A ]( Γ , y ⦂ B ∋ x ⦂ A )
ext∋ x≢y _ ⟨ A , Z ⟩ = x≢y refl
ext∋ _ ¬∃ ⟨ A , S _ ⊢x ⟩ = ¬∃ ⟨ A , ⊢x ⟩
lookup : ∀ (Γ : Context) (x : Id)
-----------------------
→ Dec (∃[ A ](Γ ∋ x ⦂ A))
lookup ∅ x = no (λ ())
lookup (Γ , y ⦂ B) x with x ≟ y
... | yes refl = yes ⟨ B , Z ⟩
... | no x≢y with lookup Γ x
... | no ¬∃ = no (ext∋ x≢y ¬∃)
... | yes ⟨ A , ⊢x ⟩ = yes ⟨ A , S x≢y ⊢x ⟩
```
### Promoting negations
```
¬arg : ∀ {Γ A B L M}
→ Γ ⊢ L ↑ A ⇒ B
→ ¬ Γ ⊢ M ↓ A
-------------------------
→ ¬ ∃[ B ](Γ ⊢ L · M ↑ B)
¬arg ⊢L ¬⊢M ⟨ B , ⊢L · ⊢M ⟩ rewrite dom≡ (uniq-↑ ⊢L ⊢L) = ¬⊢M ⊢M
¬switch : ∀ {Γ M A B}
→ Γ ⊢ M ↑ A
→ A ≢ B
---------------
→ ¬ Γ ⊢ (M ↑) ↓ B
¬switch ⊢M A≢B (⊢↑ ⊢M A≡B) rewrite uniq-↑ ⊢M ⊢M = A≢B A≡B
```
## Synthesize and inherit types
```
synthesize : ∀ (Γ : Context) (M : Term⁺)
-----------------------
→ Dec (∃[ A ](Γ ⊢ M ↑ A))
inherit : ∀ (Γ : Context) (M : Term⁻) (A : Type)
---------------
→ Dec (Γ ⊢ M ↓ A)
synthesize Γ (` x) with lookup Γ x
... | no ¬∃ = no (λ{ ⟨ A , ⊢` ∋x ⟩ → ¬∃ ⟨ A , ∋x ⟩ })
... | yes ⟨ A , ∋x ⟩ = yes ⟨ A , ⊢` ∋x ⟩
synthesize Γ (L · M) with synthesize Γ L
... | no ¬∃ = no (λ{ ⟨ _ , ⊢L · _ ⟩ → ¬∃ ⟨ _ , ⊢L ⟩ })
... | yes ⟨ ` , ⊢L ⟩ = no (λ{ ⟨ _ , ⊢L · _ ⟩ → ℕ≢⇒ (uniq-↑ ⊢L ⊢L) })
... | yes ⟨ A ⇒ B , ⊢L ⟩ with inherit Γ M A
... | no ¬⊢M = no (¬arg ⊢L ¬⊢M)
... | yes ⊢M = yes ⟨ B , ⊢L · ⊢M ⟩
synthesize Γ (M ↓ A) with inherit Γ M A
... | no ¬⊢M = no (λ{ ⟨ _ , ⊢↓ ⊢M ⟩ → ¬⊢M ⊢M })
... | yes ⊢M = yes ⟨ A , ⊢↓ ⊢M ⟩
inherit Γ (ƛ x ⇒ N) ` = no (λ())
inherit Γ (ƛ x ⇒ N) (A ⇒ B) with inherit (Γ , x ⦂ A) N B
... | no ¬⊢N = no (λ{ (⊢ƛ ⊢N) → ¬⊢N ⊢N })
... | yes ⊢N = yes (⊢ƛ ⊢N)
inherit Γ `zero ` = yes ⊢zero
inherit Γ `zero (A ⇒ B) = no (λ())
inherit Γ (`suc M) ` with inherit Γ M `
... | no ¬⊢M = no (λ{ (⊢suc ⊢M) → ¬⊢M ⊢M })
... | yes ⊢M = yes (⊢suc ⊢M)
inherit Γ (`suc M) (A ⇒ B) = no (λ())
inherit Γ (`case L [zero⇒ M |suc x ⇒ N ]) A with synthesize Γ L
... | no ¬∃ = no (λ{ (⊢case ⊢L _ _) → ¬∃ ⟨ ` , ⊢L ⟩})
... | yes ⟨ _ ⇒ _ , ⊢L ⟩ = no (λ{ (⊢case ⊢L _ _) → ℕ≢⇒ (uniq-↑ ⊢L ⊢L) })
... | yes ⟨ ` , ⊢L ⟩ with inherit Γ M A
... | no ¬⊢M = no (λ{ (⊢case _ ⊢M _) → ¬⊢M ⊢M })
... | yes ⊢M with inherit (Γ , x ⦂ `) N A
... | no ¬⊢N = no (λ{ (⊢case _ _ ⊢N) → ¬⊢N ⊢N })
... | yes ⊢N = yes (⊢case ⊢L ⊢M ⊢N)
inherit Γ (μ x ⇒ N) A with inherit (Γ , x ⦂ A) N A
... | no ¬⊢N = no (λ{ (⊢μ ⊢N) → ¬⊢N ⊢N })
... | yes ⊢N = yes (⊢μ ⊢N)
inherit Γ (M ↑) B with synthesize Γ M
... | no ¬∃ = no (λ{ (⊢↑ ⊢M _) → ¬∃ ⟨ _ , ⊢M ⟩ })
... | yes ⟨ A , ⊢M ⟩ with A ≟Tp B
... | no A≢B = no (¬switch ⊢M A≢B)
... | yes A≡B = yes (⊢↑ ⊢M A≡B)
```

BIN
tspl/instructions.pdf → courses/tspl/2018/Instructions.pdf
View file

Binary file not shown.

0
tspl/instructions.tex → courses/tspl/2018/Instructions.tex
View file

BIN
tspl/Assignment5.pdf → courses/tspl/2018/Mock1.pdf
View file

Binary file not shown.

1
tspl/Assignment5.tex → courses/tspl/2018/Mock1.tex
View file

@ -419,4 +419,3 @@ Please delimit any code you add as follows.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\end{document}

BIN
tspl/mock.pdf → courses/tspl/2018/Mock2.pdf
View file

Binary file not shown.

0
tspl/mock.tex → courses/tspl/2018/Mock2.tex
View file

2
tspl/examhons2018.cls → courses/tspl/2018/examhons2018.cls
View file

@ -1244,5 +1244,3 @@ THIS EXAMINATION WILL BE MARKED ANONYMOUSLY
\status
}

3
courses/tspl/2018/tspl2018.agda-lib Normal file
View file

@ -0,0 +1,3 @@
name: tspl2018
depend: standard-library plfa
include: .

118
courses/tspl/2018/tspl2018.md Normal file
View file

@ -0,0 +1,118 @@
---
title : "TSPL: Course notes"
layout : page
permalink : /TSPL/2018/
---
## Staff
* **Instructor**
[Philip Wadler](https://homepages.inf.ed.ac.uk/wadler)
* **Teaching assistants**
- [Wen Kokke](mailto:wen.kokke@ed.ac.uk)
- [Chad Nester](mailto:chad.nester@gmail.com)
## Lectures
Lectures take place Monday, Wednesday, and Friday in AT 7.02. (Moved from AT 5.07 and AT 4.12.)
* **9.00--9.50am** Lecture
* **10.00--10.50am** Tutorial
<table>
<tr>
<th>Week</th>
<th>Mon</th>
<th>Wed</th>
<th>Fri</th>
</tr>
<tr>
<td>1</td>
<td><b>17 Sep</b> <a href="{{ site.baseurl }}/Naturals/">Naturals</a></td>
<td><b>19 Sep</b> <a href="{{ site.baseurl }}/Induction/">Induction</a></td>
<td><b>21 Sep</b> <a href="{{ site.baseurl }}/Induction/">Induction</a></td>
</tr>
<tr>
<td>2</td>
<td><b>24 Sep</b> <a href="{{ site.baseurl }}/Relations/">Relations</a> (Chad)</td>
<td><b>26 Sep</b> <a href="{{ site.baseurl }}/Relations/">Relations</a> (Chad)</td>
<td><b>28 Sep</b> (no class)</td>
</tr>
<tr>
<td>3</td>
<td><b>1 Oct</b> <a href="{{ site.baseurl }}/Equality/">Equality</a> &amp; <a href="{{ site.baseurl }}/Isomorphism/">Isomorphism</a></td>
<td><b>3 Oct</b> <a href="{{ site.baseurl }}/Connectives/">Connectives</a></td>
<td><b>5 Oct</b> <a href="{{ site.baseurl }}/Negation/">Negation</a></td>
</tr>
<tr>
<td>4</td>
<td><b>8 Oct</b> <a href="{{ site.baseurl }}/Quantifiers/">Quantifiers</a></td>
<td><b>10 Oct</b> <a href="{{ site.baseurl }}/Decidable/">Decidable</a></td>
<td><b>12 Oct</b> (tutorial only)</td>
</tr>
<tr>
<td>5</td>
<td><b>15 Oct</b> <a href="{{ site.baseurl }}/Lists/">Lists</a></td>
<td><b>17 Oct</b> (tutorial only)</td>
<td><b>19 Oct</b> <a href="{{ site.baseurl }}/Lists/">Lists</a></td>
</tr>
<tr>
<td>6</td>
<td><b>22 Oct</b> <a href="{{ site.baseurl }}/Lambda/">Lambda</a></td>
<td><b>24 Oct</b> (no class)</td>
<td><b>26 Oct</b> <a href="{{ site.baseurl }}/Properties/">Properties</a></td>
</tr>
<tr>
<td>7</td>
<td><b>29 Oct</b> <a href="{{ site.baseurl }}/DeBruijn/">DeBruijn</a></td>
<td><b>31 Oct</b> <a href="{{ site.baseurl }}/More/">More</a></td>
<td><b>2 Nov</b> <a href="{{ site.baseurl }}/Inference/">Inference</a></td>
</tr>
<tr>
<td>8</td>
<td><b>5 Nov</b> (no class)</td>
<td><b>7 Nov</b> (tutorial only)</td>
<td><b>9 Nov</b> <a href="{{ site.baseurl }}/Untyped/">Untyped</a></td>
</tr>
<tr>
<td>9</td>
<td><b>12 Nov</b> (no class)</td>
<td><b>14 Nov</b> (tutorial only)</td>
<td><b>16 Nov</b> (no class)</td>
</tr>
<tr>
<td>10</td>
<td><b>19 Nov</b> (no class)</td>
<td><b>21 Nov</b> Propositions as Types</td>
<td><b>23 Nov</b> (no class)</td>
</tr>
<tr>
<td>11</td>
<td><b>26 Nov</b> (no class)</td>
<td><b>28 Nov</b> Quantitative (Wen)</td>
<td><b>30 Nov</b> (mock exam)</td>
</tr>
</table>
## Assignments
For instructions on how to set up Agda for PLFA see [Getting Started]({{ site.baseurl }}/GettingStarted/).
* [Assignment 1]({{ site.baseurl }}/TSPL/2018/Assignment1/) cw1 due 4pm Thursday 4 October (Week 3)
* [Assignment 2]({{ site.baseurl }}/TSPL/2018/Assignment2/) cw2 due 4pm Thursday 18 October (Week 5)
* [Assignment 3]({{ site.baseurl }}/TSPL/2018/Assignment3/) cw3 due 4pm Thursday 1 November (Week 7)
* [Assignment 4]({{ site.baseurl }}/TSPL/2018/Assignment4/) cw4 due 4pm Thursday 15 November (Week 9)
* [Assignment 5]({{ site.baseurl }}/courses/tspl/2018/Mock1.pdf) cw5 due 4pm Thursday 22 November (Week 10)
<br />
Use file [Exam]({{ site.baseurl }}/TSPL/2018/Exam/). Despite the rubric, do **all three questions**.
Assignments are submitted by running
``` bash
submit tspl cwN AssignmentN.lagda
```
where N is the number of the assignment.
## Mock exam
Here is the text of the [second mock]({{ site.baseurl }}/courses/tspl/2018/Mock2.pdf)
and the exam [instructions]({{ site.baseurl }}/courses/tspl/2018/Instructions.pdf).

101
extra/denotational/DenotTrans.lagda Normal file
View file

@ -0,0 +1,101 @@
---
title : "DenotTrans: Denotational Transitivity"
layout : page
permalink : /DenotTrans/
---
An attempt to reformulate the domain order so that transitivity is
admissible. It doesn't quite work.
\begin{code}
module plfa.DenotTrans where
\end{code}
## Values
\begin{code}
infixr 7 _↦_
infixl 5 _⊔_
data Value : Set where
⊥ : Value
_↦_ : Value → Value → Value
_⊔_ : Value → Value → Value
\end{code}
## Domain order
\begin{code}
infix 4 _⊑_
data _⊑_ : Value → Value → Set where
Bot⊑ : ∀ {v} →
-----
⊥ ⊑ v
ConjL⊑ : ∀ {u v w}
→ u ⊑ w
→ v ⊑ w
-----------
→ (u ⊔ v) ⊑ w
ConjR1⊑ : ∀ {u v w}
→ u ⊑ v
-----------
→ u ⊑ (v ⊔ w)
ConjR2⊑ : ∀ {u v w}
→ u ⊑ w
-----------
→ u ⊑ (v ⊔ w)
Fun⊑ : ∀ {u u v v}
→ u ⊑ u
→ v ⊑ v
-------------------
→ (u ↦ v) ⊑ (u ↦ v)
Dist⊑ : ∀{t u v w}
→ t ↦ u ⊑ w
→ t ↦ v ⊑ w
---------------
→ t ↦ (u ⊔ v) ⊑ w
\end{code}
This relation is reflexive and transitive.
\begin{code}
refl⊑ : ∀ {v} → v ⊑ v
refl⊑ {⊥} = Bot⊑
refl⊑ {v ↦ w} = Fun⊑ refl⊑ refl⊑
refl⊑ {v ⊔ w} = ConjL⊑ (ConjR1⊑ refl⊑) (ConjR2⊑ refl⊑)
trans⊑ : ∀ {u v w}
→ u ⊑ v
→ v ⊑ w
--------
→ u ⊑ w
trans⊑ Bot⊑ vw = Bot⊑
trans⊑ (ConjL⊑ tv uv) vw = ConjL⊑ (trans⊑ tv vw) (trans⊑ uv vw)
trans⊑ (ConjR1⊑ tu) (ConjL⊑ uw vw) = trans⊑ tu uw
trans⊑ (ConjR1⊑ tu) (ConjR1⊑ uvw) = ConjR1⊑ (trans⊑ (ConjR1⊑ tu) uvw)
trans⊑ (ConjR1⊑ tu) (ConjR2⊑ uvw) = ConjR2⊑ (trans⊑ (ConjR1⊑ tu) uvw)
trans⊑ (ConjR2⊑ tv) (ConjL⊑ uw vw) = trans⊑ tv vw
trans⊑ (ConjR2⊑ tv) (ConjR1⊑ uvw) = ConjR1⊑ (trans⊑ (ConjR2⊑ tv) uvw)
trans⊑ (ConjR2⊑ tv) (ConjR2⊑ uvw) = ConjR2⊑ (trans⊑ (ConjR2⊑ tv) uvw)
trans⊑ (Fun⊑ uu vv) (ConjR1⊑ uvw) = ConjR1⊑ (trans⊑ (Fun⊑ uu vv) uvw)
trans⊑ (Fun⊑ uu vv) (ConjR2⊑ uvw) = ConjR2⊑ (trans⊑ (Fun⊑ uu vv) uvw)
trans⊑ (Fun⊑ uu vv) (Fun⊑ u″u vv″) = Fun⊑ (trans⊑ u″u uu) (trans⊑ vv vv″)
trans⊑ (Fun⊑ uu vvv″) (Dist⊑ uvw uv″w) = {!!}
trans⊑ (Dist⊑ tuw tvw) wx = Dist⊑ (trans⊑ tuw wx) (trans⊑ tvw wx)
\end{code}
There is one hole in the proof that I think it may be impossible to fill.
Here is a diagram of the relevant case.
u ⊑ u u ↦ v ⊑ w
v ⊑ v ⊔ v″ u ↦ v″ ⊑ w
---------------------Fun⊑ ----------------Dist⊑
u ↦ v ⊑ u ↦ v ⊔ v″ u ↦ v ⊔ v″ ⊑ w
---------------------------------------------Trans⊑
u ↦ v ⊑ w

2
extra/extra/DecidableExtra.lagda
View file

@ -193,7 +193,7 @@ The forward proof has one more clause than the reverse proof,
precisely because in the forward proof we need clauses corresponding to
the comparison yielding both true and false, while in the reverse proof
we only need clauses corresponding to the case where there is evidence
that the comparision holds. This is exactly why we tend to prefer the
that the comparison holds. This is exactly why we tend to prefer the
evidence formulation to the computation formulation, because it allows
us to do less work: we consider only cases where the relation holds,
and can ignore those where it does not.

4
extra/extra/InferenceOld.lagda
View file

@ -23,7 +23,7 @@ inferred from this. The style of inference used is descended from an
algorithm called _bidirectional_ type inference, which will be
presented in this chapter.
This chapter ties our previous developements together. We begin with
This chapter ties our previous developments together. We begin with
a term with some type annotations, quite close to the raw terms of
Chapter [Lambda]({{ site.baseurl }}{% link out/plfa/Lambda.md %}),
and from it we compute a term with inherent types, in the style of
@ -751,7 +751,7 @@ read directly from the corresponding typing rules.
## Testing the example terms
First, we copy a function introduced ealier that makes it easy to
First, we copy a function introduced earlier that makes it easy to
compute the evidence that two variable names are distinct.
\begin{code}
_≠_ : ∀ (x y : Id) → x ≢ y

6
extra/extra/Lambda-new.lagda
View file

@ -38,7 +38,7 @@ progress and preservation. Following chapters will look at a number
of variants of lambda calculus.
Be aware that the approach we take here is _not_ our recommended
approach to formalisation. Using De Bruijn indices and
approach to formalisation. Using de Bruijn indices and
inherently-typed terms, as we will do in
Chapter [DeBruijn]({{ site.baseurl }}{% link out/plta/DeBruijn.md %}),
leads to a more compact formulation. Nonetheless, we begin with named
@ -460,7 +460,7 @@ we yield `V`, otherwise we yield `x` unchanged.
* For abstractions, we compare `w`, the variable we are substituting for,
with `x`, the variable bound in the abstraction. If they are the same,
we yield the abstraction unchanged, otherwise we subsititute inside the body.
we yield the abstraction unchanged, otherwise we substitute inside the body.
* For application, we recursively substitute in the function
and the argument.
@ -919,7 +919,7 @@ For example
give us the types associated with variables ` "z" ` and ` "s" `, respectively.
The symbol `∋` (pronounced "ni", for "in" backwards) is chosen because
checking that `Γ ∋ x ⦂ A` is anologous to checking whether `x ⦂ A` appears
checking that `Γ ∋ x ⦂ A` is analogous to checking whether `x ⦂ A` appears
in a list corresponding to `Γ`.
If two variables in a context have the same name, then lookup

2
extra/extra/Lists-backup.lagda
View file

@ -284,7 +284,7 @@ length-++ (x ∷ xs) ys =
length (x ∷ xs) + length ys
\end{code}
The proof is by induction on the first arugment. The base case instantiates
The proof is by induction on the first argument. The base case instantiates
to `[]`, and follows by straightforward computation.
As before, Agda cannot infer the implicit type parameter to `length`,
and it must be given explicitly.

2
extra/extra/Logic.lagda
View file

@ -94,7 +94,7 @@ Thus, `m ≤ n × n ≤ p` parses as `(m ≤ n) × (n ≤ p)` and
Given two types `A` and `B`, we refer to `A x B` as the
*product* of `A` and `B`. In set theory, it is also sometimes
called the *cartesian product*, and in computing it corresponds
called the *Cartesian product*, and in computing it corresponds
to a *record* type. Among other reasons for
calling it the product, note that if type `A` has `m`
distinct members, and type `B` has `n` distinct members,

18
extra/extra/PropertiesDec.lagda
View file

@ -46,7 +46,7 @@ reducing one term to another, and well-typed terms.
Ultimately, we would like to show that we can keep reducing a term
until we reach a value. For instance, in the last chapter we showed
that two plust two is four,
that two plus two is four,
plus · two · two —↠ `suc `suc `suc `suc `zero
@ -231,7 +231,7 @@ _Progress_: If `∅ ⊢ M ⦂ A` then either `M` is a value or there is an `N` s
that `M —→ N`.
To formulate this property, we first introduce a relation that
captures what it means for a term `M` to make progess.
captures what it means for a term `M` to make progress.
\begin{code}
data Progress (M : Term) : Set where
@ -327,7 +327,7 @@ have formulated progress using disjunction and existentials:
postulate
progress : ∀ M {A} → ∅ ⊢ M ⦂ A → Value M ⊎ ∃[ N ](M —→ N)
\end{code}
This leads to a less perspicous proof. Instead of the mnemonic `done`
This leads to a less perspicuous proof. Instead of the mnemonic `done`
and `step` we use `inj₁` and `inj₂`, and the term `N` is no longer
implicit and so must be written out in full. In the case for `β-ƛ`
this requires that we match against the lambda expression `L` to
@ -365,7 +365,7 @@ The first step is to show that types are preserved by _renaming_.
_Renaming_:
Let `Γ` and `Δ` be two context such that every variable that
appears in `Γ` also appears with the same type in `Δ`. Then
if a term is typable under `Γ`, it has the same type under `Δ`.
if a term is typeable under `Γ`, it has the same type under `Δ`.
In symbols,
@ -374,7 +374,7 @@ In symbols,
Γ ⊢ M ⦂ A → Δ ∋ M ⦂ A
Three important corollaries follow. The _weaken_ lemma asserts a term
well-typed in the empty context is also well-typed in an arbitary
well-typed in the empty context is also well-typed in an arbitrary
context. The _drop_ lemma asserts a term well-typed in a context where the
same variable appears twice remains well-typed if we drop the shadowed
occurrence. The _swap_ lemma asserts a term well-typed in a context
@ -543,8 +543,8 @@ drop {Γ} {x} {M} {A} {B} {C} ⊢M = rename ρ ⊢M
ρ (S x≢x Z) = ⊥-elim (x≢x refl)
ρ (S z≢x (S _ ∋z)) = S z≢x ∋z
\end{code}
Here map `ρ` can never be invoked on the inner occurence of `x` since
it is masked by the outer occurence. Skipping over the `x` in the
Here map `ρ` can never be invoked on the inner occurrence of `x` since
it is masked by the outer occurrence. Skipping over the `x` in the
first position can only happen if the variable looked for differs from
`x` (the evidence for which is `x≢x` or `z≢x`) but if the variable is
found in the second position, which also contains `x`, this leads to a
@ -857,7 +857,7 @@ Let's unpack the cases for two of the reduction rules.
from which the typing of the right-hand side follows immediately.
The remaining cases are similar. Each `ξ` rule follws by induction,
The remaining cases are similar. Each `ξ` rule follows by induction,
and each `β` rule follows by the substitution lemma.
@ -895,7 +895,7 @@ smart contracts require the miners that maintain the blockchain to
evaluate the program which embodies the contract. For instance,
validating a transaction on Ethereum may require executing a program
for the Ethereum Virtual Machine (EVM). A long-running or
non-terminating program might cause the miner to invest arbitary
non-terminating program might cause the miner to invest arbitrary
effort in validating a contract for little or no return. To avoid
this situation, each transaction is accompanied by an amount of `gas`
available for computation. Each step executed on the EVM is charged

438
extra/extra/Value.agda Normal file
View file

@ -0,0 +1,438 @@
open import Data.Nat using (; suc ; zero; _+_; _≤_; _<_; _<_; _≤_;
z≤n; s≤s; ≤′-refl; ≤′-step; _≟_) renaming (_⊔_ to max)
open import Data.Nat.Properties
using (n≤0⇒n≡0; ≤-refl; ≤-trans; m≤m⊔n; n≤m⊔n; ≤-step; ⊔-mono-≤;
+-mono-≤; +-mono-≤-<; +-mono-<-≤; +-comm; +-assoc; n≤1+n;
≤-pred; m≤m+n; n≤m+n; ≤-reflexive; ≤′⇒≤; ≤⇒≤′; +-suc)
open Data.Nat.Properties.≤-Reasoning using (begin_; _≤⟨_⟩_; _∎)
open import Data.Bool using (Bool) renaming (_≟_ to _=?_)
open import Data.Product using (_×_; Σ; Σ-syntax; ∃; ∃-syntax; proj₁; proj₂)
renaming (_,_ to ⟨_,_⟩)
open import Data.Sum using (_⊎_; inj₁; inj₂)
open import Data.Empty using (⊥-elim) renaming ( to Bot)
open import Data.Unit using (; tt)
open import Data.Maybe
open import Data.List using (List ; _∷_ ; []; _++_)
open import Relation.Nullary using (¬_)
open import Relation.Nullary using (Dec; yes; no)
open import Relation.Nullary.Negation using (contradiction)
open import Relation.Binary.PropositionalEquality using (_≡_; refl; sym; cong)
open Relation.Binary.PropositionalEquality.≡-Reasoning renaming (begin_ to start_; _∎ to _□)
module extra.Value where
data Base : Set where
Nat : Base
𝔹 : Base
data Prim : Set where
base : Base Prim
_⇒_ : Base Prim Prim
base-rep : Base Set
base-rep Nat =
base-rep 𝔹 = Bool
rep : Prim Set
rep (base b) = base-rep b
rep (b p) = base-rep b rep p
base-eq? : (B : Base) (B' : Base) Dec (B B')
base-eq? Nat Nat = yes refl
base-eq? Nat 𝔹 = no (λ ())
base-eq? 𝔹 Nat = no (λ ())
base-eq? 𝔹 𝔹 = yes refl
base-rep-eq? : {B} (k : base-rep B) (k : base-rep B) Dec (k k)
base-rep-eq? {Nat} k k = k k
base-rep-eq? {𝔹} k k = k =? k
infixr 7 _↦_
infixl 6 _⊔_
data Value : Set
data Value where
: Value
const : {b : Base} base-rep b Value
_↦_ : Value Value Value
_⊔_ : (u : Value) (v : Value) Value
infix 5 _∈_
_∈_ : Value Value Set
u = u
u const {B} k = u const {B} k
u v w = u v w
u (v w) = u v u w
infix 5 _⊆_
_⊆_ : Value Value Set
v w = {u} u v u w
AllFun : (u : Value) Set
AllFun = Bot
AllFun (const x) = Bot
AllFun (v w) =
AllFun (u v) = AllFun u × AllFun v
dom : (u : Value) Value
dom =
dom (const k) =
dom (v w) = v
dom (u v) = dom u dom v
cod : (u : Value) Value
cod =
cod (const k) =
cod (v w) = w
cod (u v) = cod u cod v
infix 4 _⊑_
data _⊑_ : Value Value Set where
⊑-⊥ : {v} v
⊑-const : {B}{k} const {B} k const {B} k
⊑-conj-L : {u v w}
v u
w u
-----------
v w u
⊑-conj-R1 : {u v w}
u v
------------------
u v w
⊑-conj-R2 : {u v w}
u w
-----------
u v w
⊑-fun : {u u v w}
u u
AllFun u
dom u v
w cod u
-------------------
v w u
⊑-refl : {v} v v
⊑-refl {} = ⊑-⊥
⊑-refl {const k} = ⊑-const
⊑-refl {v w} = ⊑-fun{v w}{v w} (λ {u} z z) tt (⊑-refl{v}) ⊑-refl
⊑-refl {v₁ v₂} = ⊑-conj-L (⊑-conj-R1 ⊑-refl) (⊑-conj-R2 ⊑-refl)
factor : (u : Value) (u : Value) (v : Value) (w : Value) Set
factor u u v w = AllFun u × u u × dom u v × w cod u
⊑-fun-inv : {u₁ u₂ v w}
u₁ u₂
v w u₁
Σ[ u₃ Value ] factor u₂ u₃ v w
⊑-fun-inv {.} {u₂} {v} {w} ⊑-⊥ ()
⊑-fun-inv {.(const _)} {.(const _)} {v} {w} ⊑-const ()
⊑-fun-inv {u11 u12} {u₂} {v} {w} (⊑-conj-L u₁⊑u₂ u₁⊑u₃) (inj₁ x) =
⊑-fun-inv u₁⊑u₂ x
⊑-fun-inv {u11 u12} {u₂} {v} {w} (⊑-conj-L u₁⊑u₂ u₁⊑u₃) (inj₂ y) =
⊑-fun-inv u₁⊑u₃ y
⊑-fun-inv {u₁} {u21 u22} {v} {w} (⊑-conj-R1 u₁⊑u₂) v↦w∈u₁
with ⊑-fun-inv {u₁} {u21} {v} {w} u₁⊑u₂ v↦w∈u₁
... | u₃ , afu₃ , u3⊆u₁ , du₃⊑v , w⊑codu₃ =
u₃ , afu₃ , (λ {x} x₁ inj₁ (u3⊆u₁ x₁)) , du₃⊑v , w⊑codu₃
⊑-fun-inv {u₁} {u21 u22} {v} {w} (⊑-conj-R2 u₁⊑u₂) v↦w∈u₁
with ⊑-fun-inv {u₁} {u22} {v} {w} u₁⊑u₂ v↦w∈u₁
... | u₃ , afu₃ , u3⊆u₁ , du₃⊑v , w⊑codu₃ =
u₃ , afu₃ , (λ {x} x₁ inj₂ (u3⊆u₁ x₁)) , du₃⊑v , w⊑codu₃
⊑-fun-inv {u11 u21} {u₂} {v} {w} (⊑-fun{u = u} u⊆u₂ afu du⊑u11 u21⊑cu)
refl =
u , afu , u⊆u₂ , du⊑u11 , u21⊑cu
sub-inv-trans : {u u₂ u : Value}
AllFun u u u
({v w} v w u Σ[ u₃ Value ] factor u₂ u₃ v w)
---------------------------------------------------------------
Σ[ u₃ Value ] factor u₂ u₃ (dom u) (cod u)
sub-inv-trans {} {u₂} {u} () u⊆u IH
sub-inv-trans {const k} {u₂} {u} () u⊆u IH
sub-inv-trans {u₁ u₂} {u₂} {u} fu u⊆u IH = IH refl
sub-inv-trans {u₁ u₂} {u₂} {u} afu₁ , afu₂ u⊆u IH
with sub-inv-trans {u₁} {u₂} {u} afu₁
(λ {u₁} z u⊆u (inj₁ z)) (λ {v} {w} z IH (inj₁ z))
| sub-inv-trans {u₂} {u₂} {u} afu₂
(λ {u₁} z u⊆u (inj₂ z)) (λ {v} {w} z IH (inj₂ z))
... | u₃ , afu₃ , u₃⊆ , du₃⊑ , ⊑cu₃
| u₄ , afu₄ , u₄⊆ , du₄⊑ , ⊑cu₄ =
(u₃ u₄) , afu₃ , afu₄ , G , H , I
where
G : {u₁} u₁ u₃ u₁ u₄ u₁ u₂
G {u₁} (inj₁ x) = u₃⊆ x
G {u₁} (inj₂ y) = u₄⊆ y
H : dom u₃ dom u₄ dom u₁ dom u₂
H = ⊑-conj-L (⊑-conj-R1 du₃⊑) (⊑-conj-R2 du₄⊑)
I : cod u₁ cod u₂ cod u₃ cod u₄
I = ⊑-conj-L (⊑-conj-R1 ⊑cu₃) (⊑-conj-R2 ⊑cu₄)
⊔⊑R : {B C A}
B C A
B A
⊔⊑R (⊑-conj-L B⊔C⊑A B⊔C⊑A₁) = B⊔C⊑A
⊔⊑R (⊑-conj-R1 B⊔C⊑A) = ⊑-conj-R1 (⊔⊑R B⊔C⊑A)
⊔⊑R (⊑-conj-R2 B⊔C⊑A) = ⊑-conj-R2 (⊔⊑R B⊔C⊑A)
⊔⊑L : {B C A}
B C A
C A
⊔⊑L (⊑-conj-L B⊔C⊑A B⊔C⊑A₁) = B⊔C⊑A₁
⊔⊑L (⊑-conj-R1 B⊔C⊑A) = ⊑-conj-R1 (⊔⊑L B⊔C⊑A)
⊔⊑L (⊑-conj-R2 B⊔C⊑A) = ⊑-conj-R2 (⊔⊑L B⊔C⊑A)
u∈v⊑w→u⊑w : {B A C} C B B A C A
u∈v⊑w→u⊑w {} C∈B B⊑A rewrite C∈B = B⊑A
u∈v⊑w→u⊑w {const k} C∈B B⊑A rewrite C∈B = B⊑A
u∈v⊑w→u⊑w {B₁ B₂} C∈B B⊑A rewrite C∈B = B⊑A
u∈v⊑w→u⊑w {B₁ B₂}{A}{C} (inj₁ C∈B₁) B⊑A = u∈v⊑w→u⊑w {B₁}{A}{C} C∈B₁ (⊔⊑R B⊑A)
u∈v⊑w→u⊑w {B₁ B₂}{A}{C} (inj₂ C∈B₂) B⊑A = u∈v⊑w→u⊑w {B₂}{A}{C} C∈B₂ (⊔⊑L B⊑A)
u⊆v⊑w→u⊑w : {u v w} u v v w u w
u⊆v⊑w→u⊑w {} {v} {w} u⊆v v⊑w = ⊑-⊥
u⊆v⊑w→u⊑w {const k} {v} {w} u⊆v v⊑w
with u⊆v refl
... | k∈v = u∈v⊑w→u⊑w k∈v v⊑w
u⊆v⊑w→u⊑w {u₁ u₂} {v} {w} u⊆v v⊑w
with u⊆v refl
... | u₁↦u₂∈v = u∈v⊑w→u⊑w u₁↦u₂∈v v⊑w
u⊆v⊑w→u⊑w {u₁ u₂} {v} {w} u⊆v v⊑w =
⊑-conj-L (u⊆v⊑w→u⊑w u₁⊆v v⊑w) (u⊆v⊑w→u⊑w u₂⊆v v⊑w)
where
u₁⊆v : u₁ v
u₁⊆v {u} u∈u₁ = u⊆v (inj₁ u∈u₁)
u₂⊆v : u₂ v
u₂⊆v {u} u∈u₂ = u⊆v (inj₂ u∈u₂)
depth : (v : Value)
depth = zero
depth (const k) = zero
depth (v w) = suc (max (depth v) (depth w))
depth (v₁ v₂) = max (depth v₁) (depth v₂)
size : (v : Value)
size = zero
size (const k) = zero
size (v w) = suc (size v + size w)
size (v₁ v₂) = suc (size v₁ + size v₂)
∈→depth≤ : {v u : Value} u v depth u depth v
∈→depth≤ {} {u} u∈v rewrite u∈v = _≤_.z≤n
∈→depth≤ {const x} {u} u∈v rewrite u∈v = _≤_.z≤n
∈→depth≤ {v w} {u} u∈v rewrite u∈v = ≤-refl
∈→depth≤ {v₁ v₂} {u} (inj₁ x) =
≤-trans (∈→depth≤ {v₁} {u} x) (m≤m⊔n (depth v₁) (depth v₂))
∈→depth≤ {v₁ v₂} {u} (inj₂ y) =
≤-trans (∈→depth≤ {v₂} {u} y) (n≤m⊔n (depth v₁) (depth v₂))
max-lub : {x y z : } x z y z max x y z
max-lub {.0} {y} {z} _≤_.z≤n y≤z = y≤z
max-lub {suc x} {.0} {suc z} (_≤_.s≤s x≤z) _≤_.z≤n = _≤_.s≤s x≤z
max-lub {suc x} {suc y} {suc z} (_≤_.s≤s x≤z) (_≤_.s≤s y≤z) =
let max-xy≤z = max-lub {x}{y}{z} x≤z y≤z in
_≤_.s≤s max-xy≤z
⊔⊆-inv : {u v w : Value}
(u v) w
---------------
u w × v w
⊔⊆-inv uvw = (λ x uvw (inj₁ x)) , (λ x uvw (inj₂ x))
⊆→depth≤ : {u v : Value} u v depth u depth v
⊆→depth≤ {} {v} u⊆v = _≤_.z≤n
⊆→depth≤ {const x} {v} u⊆v = _≤_.z≤n
⊆→depth≤ {u₁ u₂} {v} u⊆v = ∈→depth≤ (u⊆v refl)
⊆→depth≤ {u₁ u₂} {v} u⊆v
with ⊔⊆-inv u⊆v
... | u₁⊆v , u₂⊆v =
let u₁≤v = ⊆→depth≤ u₁⊆v in
let u₂≤v = ⊆→depth≤ u₂⊆v in
max-lub u₁≤v u₂≤v
dom-depth-≤ : {u : Value} depth (dom u) depth u
dom-depth-≤ {} = _≤_.z≤n
dom-depth-≤ {const k} = _≤_.z≤n
dom-depth-≤ {v w} = ≤-step (m≤m⊔n (depth v) (depth w))
dom-depth-≤ {u v} =
let ih1 = dom-depth-≤ {u} in
let ih2 = dom-depth-≤ {v} in
⊔-mono-≤ ih1 ih2
cod-depth-≤ : {u : Value} depth (cod u) depth u
cod-depth-≤ {} = _≤_.z≤n
cod-depth-≤ {const k} = _≤_.z≤n
cod-depth-≤ {v w} = ≤-step (n≤m⊔n (depth v) (depth w))
cod-depth-≤ {u v} =
let ih1 = cod-depth-≤ {u} in
let ih2 = cod-depth-≤ {v} in
⊔-mono-≤ ih1 ih2
≤′-trans : {x y z} x ≤′ y y ≤′ z x ≤′ z
≤′-trans x≤y y≤z = ≤⇒≤′ (≤-trans (≤′⇒≤ x≤y) (≤′⇒≤ y≤z))
data _<<_ : × × Set where
fst : {x x' y y'} x < x' x , y << x' , y'
snd : {x x' y y'} x ≤′ x' y < y' x , y << x' , y'
<<-nat-wf : (P : Set)
( x y ( {x' y'} x' , y' << x , y P x' y') P x y)
x y P x y
<<-nat-wf P ih x y = ih x y (help x y)
where help : (x y : ) { x' y'} x' , y' << x , y P x' y'
help .(suc x') y {x'}{y'} (fst ≤′-refl) =
ih x' y' (help x' y')
help .(suc x) y {x'}{y'} (fst (≤′-step {x} q)) =
help x y {x'}{y'} (fst q)
help x .(suc y) {x'}{y} (snd x'≤x ≤′-refl) =
let h : {x₁} {x₂} ( x₁ , x₂ << x , y ) P x₁ x₂
h = help x y in
ih x' y G
where
G : {x'' y'} x'' , y' << x' , y P x'' y'
G {x''} {y'} (fst x''<x') =
help x y (fst {y = y'}{y' = y} (≤′-trans x''<x' x'≤x))
G {x''} {y'} (snd x''≤x' y'<y) =
help x y {x''}{y'} (snd (≤′-trans x''≤x' x'≤x) y'<y)
help x .(suc y) {x'}{y'} (snd x≤x (≤′-step {y} q)) =
help x y {x'}{y'} (snd x≤x q)
⊑-trans-P : Set
⊑-trans-P d s = {u v w} d depth u + depth w s size u + size v
u v v w u w
⊑-trans-rec : d s ⊑-trans-P d s
⊑-trans-rec = <<-nat-wf ⊑-trans-P helper
where
helper : x y
( {x' y'} x' , y' << x , y ⊑-trans-P x' y')
⊑-trans-P x y
helper d s IH {.} {v} {w} d≡ s≡ ⊑-⊥ v⊑w = ⊑-⊥
helper d s IH {.(const _)} {.(const _)} {w} d≡ s≡ ⊑-const v⊑w = v⊑w
helper d s IH {u₁ u₂} {v} {w} d≡ s≡ (⊑-conj-L u₁⊑v u₂⊑v) v⊑w
rewrite d≡ | s≡ =
let u₁⊑w = IH M1 {u₁}{v}{w} refl refl u₁⊑v v⊑w in
let u₂⊑w = IH M2 {u₂}{v}{w} refl refl u₂⊑v v⊑w in
⊑-conj-L u₁⊑w u₂⊑w
where
M1a = begin
depth u₁ + depth w
≤⟨ +-mono-≤ (m≤m⊔n (depth u₁) (depth u₂)) ≤-refl
max (depth u₁) (depth u₂) + depth w
M1b = begin
suc (size u₁ + size v)
≤⟨ s≤s (+-mono-≤ ≤-refl (n≤m+n (size u₂) (size v)))
suc (size u₁ + (size u₂ + size v))
≤⟨ s≤s (≤-reflexive (sym (+-assoc (size u₁) (size u₂) (size v))))
suc (size u₁ + size u₂ + size v)
M1 : depth u₁ + depth w , size u₁ + size v <<
max (depth u₁) (depth u₂) + depth w ,
suc (size u₁ + size u₂ + size v)
M1 = snd (≤⇒≤′ M1a) (≤⇒≤′ M1b)
M2a = begin
depth u₂ + depth w
≤⟨ +-mono-≤ (n≤m⊔n (depth u₁) (depth u₂)) ≤-refl
max (depth u₁) (depth u₂) + depth w
M2b = begin
suc (size u₂ + size v)
≤⟨ s≤s (+-mono-≤ (n≤m+n (size u₁) (size u₂)) ≤-refl)
suc ((size u₁ + size u₂) + size v)
M2 : depth u₂ + depth w , size u₂ + size v <<
max (depth u₁) (depth u₂) + depth w ,
suc (size u₁ + size u₂ + size v)
M2 = snd (≤⇒≤′ M2a) (≤⇒≤′ M2b)
helper d s IH {u} {v₁ v₂} {w} d≡ s≡ (⊑-conj-R1 u⊑v₁) v₁⊔v₂⊑w
rewrite d≡ | s≡ =
let v₁⊑w = ⊔⊑R v₁⊔v₂⊑w in
IH M {u}{v₁}{w} refl refl u⊑v₁ v₁⊑w
where
Ma = begin
suc (size u + size v₁)
≤⟨ ≤-reflexive (sym (+-suc (size u) (size v₁)))
size u + suc (size v₁)
≤⟨ +-mono-≤ ≤-refl (s≤s (m≤m+n (size v₁) (size v₂)))
size u + suc (size v₁ + size v₂)
M : depth u + depth w , size u + size v₁ <<
depth u + depth w , size u + suc (size v₁ + size v₂)
M = snd (≤⇒≤′ ≤-refl) (≤⇒≤′ Ma)
helper d s IH {u} {v₁ v₂} {w} d≡ s≡ (⊑-conj-R2 u⊑v₂) v₁⊔v₂⊑w
rewrite d≡ | s≡ =
let v₂⊑w = ⊔⊑L v₁⊔v₂⊑w in
IH M {u}{v₂}{w} refl refl u⊑v₂ v₂⊑w
where
Ma = begin
suc (size u + size v₂)
≤⟨ ≤-reflexive (sym (+-suc (size u) (size v₂)))
size u + suc (size v₂)
≤⟨ +-mono-≤ ≤-refl (s≤s (n≤m+n (size v₁) (size v₂)))
size u + suc (size v₁ + size v₂)
M : depth u + depth w , size u + size v₂ <<
depth u + depth w , size u + suc (size v₁ + size v₂)
M = snd (≤⇒≤′ ≤-refl) (≤⇒≤′ Ma)
helper d s IH {u₁ u₂}{v}{w}d≡ s≡ (⊑-fun{u = v}v⊆v afv dv⊑u₁ u₂⊑cv) v⊑w
rewrite d≡ | s≡
with sub-inv-trans afv v⊆v
(λ {v₁}{v₂} v₁↦v₂∈v ⊑-fun-inv {v} {w} (u⊆v⊑w→u⊑w v⊆v v⊑w)
v₁↦v₂∈v)
... | w , afw , w⊆w , dw⊑dv , cv⊑cw =
let dw⊑u₁ = IH M1 {dom w}{dom v}{u₁} refl refl dw⊑dv dv⊑u₁ in
let u₂⊑cw = IH M2 {u₂}{cod v}{cod w} refl refl u₂⊑cv cv⊑cw in
⊑-fun{u = w} w⊆w afw dw⊑u₁ u₂⊑cw
where
dw≤w : depth (dom w) depth w
dw≤w = ≤-trans (dom-depth-≤{w}) (⊆→depth≤ w⊆w)
cw≤w : depth (cod w) depth w
cw≤w = ≤-trans (cod-depth-≤{w}) (⊆→depth≤ w⊆w)
M1a = begin
suc (depth (dom w) + depth u₁)
≤⟨ s≤s (≤-reflexive (+-comm (depth (dom w)) (depth u₁)))
suc (depth u₁ + depth (dom w))
≤⟨ s≤s (+-mono-≤ (m≤m⊔n (depth u₁) (depth u₂)) dw≤w)
suc (max (depth u₁) (depth u₂) + depth w)
M1 : depth (dom w) + depth u₁ , size (dom w) + size (dom v)
<< suc (max (depth u₁) (depth u₂) + depth w) ,
suc (size u₁ + size u₂ + size v)
M1 = fst (≤⇒≤′ M1a)
M2a = begin
suc (depth u₂ + depth (cod w))
≤⟨ s≤s (+-mono-≤ (n≤m⊔n (depth u₁) (depth u₂)) cw≤w)
suc (max (depth u₁) (depth u₂) + depth w)
M2 : depth u₂ + depth (cod w) ,
size u₂ + size (cod v)
<< suc (max (depth u₁) (depth u₂) + depth w) ,
suc (size u₁ + size u₂ + size v)
M2 = fst (≤⇒≤′ M2a)
⊑-trans : {u v w} u v v w u w
⊑-trans {u} {v} {w} u⊑v v⊑w =
⊑-trans-rec (depth u + depth w) (size u + size v) refl refl u⊑v v⊑w

48
extra/iso-exercise.lagda Normal file
View file

@ -0,0 +1,48 @@
\begin{code}
module iso-exercise where
import Relation.Binary.PropositionalEquality as Eq
open Eq using (_≡_; refl; cong₂)
open Eq.≡-Reasoning
open import plfa.Isomorphism using (_≃_)
open import Data.List using (List; []; _∷_)
open import Data.List.All using (All; []; _∷_)
open import Data.List.Any using (Any; here; there)
open import Data.List.Membership.Propositional using (_∈_)
open import Function using (_∘_)
postulate
extensionality : ∀ {A : Set} {B : A → Set} {C : A → Set} {f g : {x : A} → B x → C x}
→ (∀ {x : A} (bx : B x) → f {x} bx ≡ g {x} bx)
--------------------------------------------
→ (λ {x} → f {x}) ≡ (λ {x} → g {x})
f : ∀ {A : Set} {P : A → Set} {xs : List A} → All P xs → (∀ {x} -> x ∈ xs -> P x)
f [] ()
f (px ∷ pxs) (here refl) = px
f (px ∷ pxs) (there x∈xs) = f pxs x∈xs
g : ∀ {A : Set} {P : A → Set} {xs : List A} → (∀ {x} -> x ∈ xs -> P x) → All P xs
g {xs = []} h = []
g {xs = x ∷ xs} h = h {x} (here refl) ∷ g (h ∘ there)
gf : ∀ {A : Set} {P : A → Set} {xs : List A} → ∀ (pxs : All P xs) → g (f pxs) ≡ pxs
gf [] = refl
gf (px ∷ pxs) = Eq.cong₂ _∷_ refl (gf pxs)
fg : ∀ {A : Set} {P : A → Set} {xs : List A}
→ ∀ (h : ∀ {x} -> x ∈ xs -> P x) → ∀ {x} (x∈ : x ∈ xs) → f (g h) {x} x∈ ≡ h {x} x∈
fg {xs = []} h ()
fg {xs = x ∷ xs} h (here refl) = refl
fg {xs = x ∷ xs} h (there x∈xs) = fg (h ∘ there) x∈xs
lemma : ∀ {A : Set} {P : A → Set} {xs : List A} → All P xs ≃ (∀ {x} -> x ∈ xs -> P x)
lemma =
record
{ to = f
; from = g
; from∘to = gf
; to∘from = extensionality ∘ fg
}
\end{code}

3
extra/plfa-extra.agda-lib Normal file
View file

@ -0,0 +1,3 @@
name: plfa-extra
depend: standard-library plfa
include: .

1143
extra/qtt/Quantitative.lagda Normal file
View file

File diff suppressed because it is too large Load diff

2
src/plfa/Quantitative/LinAlg.lagda → extra/qtt/Quantitative/LinAlg.lagda
View file

@ -5,7 +5,7 @@ permalink : /Quantitative/LinAlg/
---
\begin{code}
module plfa.Quantitative.LinAlg where
module qtt.Quantitative.LinAlg where
\end{code}

2
src/plfa/Quantitative/Mult.lagda → extra/qtt/Quantitative/Mult.lagda
View file

@ -5,7 +5,7 @@ permalink : /Quantitative/Mult/
---
\begin{code}
module plfa.Quantitative.Mult where
module qtt.Quantitative.Mult where
\end{code}
\begin{code}

2
extra/stlc/StlcNew.lagda
View file

@ -360,7 +360,7 @@ we yield `V`, otherwise we yield `x` unchanged.
* For abstractions, we compare `w`, the variable we are substituting for,
with `x`, the variable bound in the abstraction. If they are the same,
we yield the abstraction unchanged, otherwise we subsititute inside the body.
we yield the abstraction unchanged, otherwise we substitute inside the body.
In all other cases, we push substitution recursively into
the subterms.

2
extra/stlc/StlcOld.lagda
View file

@ -402,7 +402,7 @@ we yield `V`, otherwise we yield `x` unchanged.
* For abstractions, we compare `x`, the variable we are substituting for,
with `x`, the variable bound in the abstraction. If they are the same,
we yield abstraction unchanged, otherwise we subsititute inside the body.
we yield abstraction unchanged, otherwise we substitute inside the body.
In all other cases, we push substitution recursively into
the subterms.

113
highlight.sh Executable file
View file

@ -0,0 +1,113 @@
#!/bin/bash
AGDA_STDLIB_SED=".agda-stdlib.sed"
function sedi {
sed --version >/dev/null 2>&1 && sed -i "$@" || sed -i "" "$@"
}
SRC="$1"
shift
function out_path {
OUT="$1"
OUT=`echo "$OUT" | sed -e "s|src/|out/|; s|courses/|out/|; s|\.lagda\.md|\.md|;"`
echo "$OUT"
}
OUT="$(out_path $SRC)"
OUT_DIR="$(dirname $OUT)"
function html_path {
SRC="$1"
HTML_DIR="$2"
# Extract the module name from the Agda file
# NOTE: this fails if there is more than a single space after 'module'
MOD_NAME=`grep -oP -m 1 "(?<=^module )(\\S+)(?=\\s+(\\S+\\s+)*where)" "$SRC"`
# Extract the extension from the Agda file
SRC_EXT="$(basename $SRC)"
SRC_EXT="${SRC_EXT##*.}"
HTML="$HTML_DIR/$MOD_NAME.$SRC_EXT"
echo "$HTML"
}
HTML_DIR="$(mktemp -d)"
HTML="$(html_path $SRC $HTML_DIR)"
# Highlight Syntax using Agda
set -o pipefail \
&& agda --html --html-highlight=code --html-dir="$HTML_DIR" "$SRC" "$@" \
| sed '/^Generating.*/d; /^Warning\: HTML.*/d; /^reached from the.*/d; /^\s*$/d'
# Check if the highlighted file was successfully generated
if [[ ! -f "$HTML" ]]; then
echo "File not generated: $FILE"
exit 1
fi
# Add source file to the Jekyll metadata
#sedi "1 s|---|---\nsrc: $SRC|" "$HTML"
ed "$HTML" <<EOF >/dev/null 2>&1
2i
src : "$SRC"
.
w
q
EOF
# Add raw tags around Agda code blocks
sedi "s|<pre class=\"Agda\">|{% raw %}<pre class=\"Agda\">|" "$HTML"
sedi "s|</pre>|</pre>{% endraw %}|" "$HTML"
# Fix links to the Agda standard library
STDLIB_AGDALIB=`grep -m 1 "standard-library" $HOME/.agda/libraries`
STDLIB_AGDALIB="$(eval "echo -e \"$STDLIB_AGDALIB\"")"
STDLIB_INCLUDE=`grep -m 1 "include:" "$STDLIB_AGDALIB"`
STDLIB_INCLUDE="${STDLIB_INCLUDE#include: }"
STDLIB_PATH="$(dirname $STDLIB_AGDALIB)"
STDLIB_PATH="$STDLIB_PATH/$STDLIB_INCLUDE"
if [ -z "$AGDA_STDLIB_VERSION" ]; then
AGDA_STDLIB_URL="https://agda.github.io/agda-stdlib/"
else
AGDA_STDLIB_URL="https://agda.github.io/agda-stdlib/v$AGDA_STDLIB_VERSION/"
fi
# Create a sed script which matches and replaces all Agda standard library links
if [ ! -f "$AGDA_STDLIB_SED" ]; then
echo "s|\\(Agda\\.[A-Za-z\\.]*\\)|$AGDA_STDLIB_URL\\1|;" > "$AGDA_STDLIB_SED"
find "$STDLIB_PATH" -name "*.agda" -print0 | while read -d $'\0' AGDA_MODULE_PATH; do
AGDA_MODULE=$(eval "echo \"$AGDA_MODULE_PATH\" | sed -e \"s|$STDLIB_PATH/||g; s|/|\\\.|g; s|\.agda|\\\.html|g\"")
echo "s|$AGDA_MODULE|$AGDA_STDLIB_URL$AGDA_MODULE|g;" >> "$AGDA_STDLIB_SED"
done
fi
sedi -f "$AGDA_STDLIB_SED" "$HTML"
# Create a sed script which matches and repairs all local links
for INCLUDE_PATH in "$@"; do
if [[ "$INCLUDE_PATH" = --include-path=* ]]; then
INCLUDE_PATH="${INCLUDE_PATH:15}"
INCLUDE_PATH="${INCLUDE_PATH%/}"
LOCAL_LINKS_SED=`echo ".links-${INCLUDE_PATH}.sed" | sed -e "s|/|-|g;"`
if [ ! -f "$LOCAL_LINKS_SED" ]; then
find "$INCLUDE_PATH" -name "*.lagda.md" -print0 | while read -d $'\0' AGDA_MODULE_SRC; do
AGDA_MODULE_OUT="$(out_path "$AGDA_MODULE_SRC")"
AGDA_MODULE_HTML="$(basename "$(html_path "$AGDA_MODULE_SRC" "$HTML_DIR")" .md).html"
echo "s|$AGDA_MODULE_HTML|{% endraw %}{{ site.baseurl }}{% link $AGDA_MODULE_OUT %}{% raw %}|;" >> "$LOCAL_LINKS_SED"
done
fi
sedi -f "$LOCAL_LINKS_SED" "$HTML"
fi
done
# Copy over the temporary file to the output path
mkdir -p "$OUT_DIR"
cp "$HTML" "$OUT"

BIN
hs/agda-count
View file

Binary file not shown.

2
hs/config.txt
View file

@ -8,8 +8,8 @@ Isomorphism
Connectives
Negation
Quantifiers
Lists
Decidable
Lists
--
Lambda
Properties

54
index.md
View file

@ -1,6 +1,6 @@
---
title : Table of Contents
layout : home
layout : page
---
This book is an introduction to programming language theory using the
@ -13,47 +13,49 @@ Pull requests are encouraged.
## Front matter
- [Dedication](/Dedication/)
- [Preface](/Preface/)
- [Dedication]({{ site.baseurl }}/Dedication/)
- [Preface]({{ site.baseurl }}/Preface/)
## Part 1: Logical Foundations
- [Naturals](/Naturals/): Natural numbers
- [Induction](/Induction/): Proof by induction
- [Relations](/Relations/): Inductive definition of relations
- [Equality](/Equality/): Equality and equational reasoning
- [Isomorphism](/Isomorphism/): Isomorphism and embedding
- [Connectives](/Connectives/): Conjunction, disjunction, and implication
- [Negation](/Negation/): Negation, with intuitionistic and classical logic
- [Quantifiers](/Quantifiers/): Universals and existentials
- [Decidable](/Decidable/): Booleans and decision procedures
- [Lists](/Lists/): Lists and higher-order functions
- [Naturals]({{ site.baseurl }}/Naturals/): Natural numbers
- [Induction]({{ site.baseurl }}/Induction/): Proof by induction
- [Relations]({{ site.baseurl }}/Relations/): Inductive definition of relations
- [Equality]({{ site.baseurl }}/Equality/): Equality and equational reasoning
- [Isomorphism]({{ site.baseurl }}/Isomorphism/): Isomorphism and embedding
- [Connectives]({{ site.baseurl }}/Connectives/): Conjunction, disjunction, and implication
- [Negation]({{ site.baseurl }}/Negation/): Negation, with intuitionistic and classical logic
- [Quantifiers]({{ site.baseurl }}/Quantifiers/): Universals and existentials
- [Decidable]({{ site.baseurl }}/Decidable/): Booleans and decision procedures
- [Lists]({{ site.baseurl }}/Lists/): Lists and higher-order functions
## Part 2: Programming Language Foundations
- [Lambda](/Lambda/): Introduction to Lambda Calculus
- [Properties](/Properties/): Progress and Preservation
- [DeBruijn](/DeBruijn/): Inherently typed De Bruijn representation
- [More](/More/): Additional constructs of simply-typed lambda calculus
- [Bisimulation](/Bisimulation/) : Relating reductions systems
- [Inference](/Inference/): Bidirectional type inference
- [Untyped](/Untyped/): Untyped lambda calculus with full normalisation
- [Lambda]({{ site.baseurl }}/Lambda/): Introduction to Lambda Calculus
- [Properties]({{ site.baseurl }}/Properties/): Progress and Preservation
- [DeBruijn]({{ site.baseurl }}/DeBruijn/): Inherently typed de Bruijn representation
- [More]({{ site.baseurl }}/More/): Additional constructs of simply-typed lambda calculus
- [Bisimulation]({{ site.baseurl }}/Bisimulation/): Relating reductions systems
- [Inference]({{ site.baseurl }}/Inference/): Bidirectional type inference
- [Untyped]({{ site.baseurl }}/Untyped/): Untyped lambda calculus with full normalisation
## Backmatter
- [Acknowledgements](/Acknowledgements/)
- [Fonts](/Fonts/): Test page for fonts
- [Statistics](/Statistics/): Line counts for each chapter
- [Acknowledgements]({{ site.baseurl }}/Acknowledgements/)
- [Fonts]({{ site.baseurl }}/Fonts/): Test page for fonts
- [Statistics]({{ site.baseurl }}/Statistics/): Line counts for each chapter
## Related
- A paper describing the book appears in [SBMF][sbmf].
- Courses taught from the textbook:
* Philip Wadler, University of Edinburgh,
[2018](http://plfa.inf.ed.ac.uk/TSPL/)
[2018]({{ site.baseurl }}/TSPL/2018/)
* David Darais, University of Vermont,
[2018](http://david.darais.com/courses/uvm-cs295A-fa2018/)
[2018](http://david.darais.com/courses/fa2018-cs295A/)
* John Leo, Google Seattle, 2018--2019
* Philip Wadler, Pontifícia Universidade Católica do Rio de Janeiro (PUC-Rio),
[2019]({{ site.baseurl }}/PUC/2019/)
- A paper describing the book appeared in [SBMF][sbmf]
[wen]: https://github.com/wenkokke
[phil]: https://homepages.inf.ed.ac.uk/wadler/

20
papers/sbmf/Makefile Normal file
View file

@ -0,0 +1,20 @@
.PHONY : default %.pdf clean realclean
.PRECIOUS : %.tex
default : PLFA.pdf
PLFA.pdf : PLFA.tex PLFA.bib
pdflatex PLFA
bibtex PLFA
pdflatex PLFA
bibtex PLFA
pdflatex PLFA
final.zip : PLFA.tex PLFA.bib
zip final.zip agda.sty llncs.cls PLFA.tex PLFA.bib splncsnat.bst figures/plfa-*.png figures/sf-*.png figures/raw.png figures/inherent.png
clean:
rm -f *.aux *.log *.out *.ptb *.blg *.fdb_latexmk *.agdai *.fls
realclean: clean
rm -f *.glob *.vo *.bbl latex/* PLFA.pdf

286
papers/sbmf/PLFA.bib Normal file
View file

@ -0,0 +1,286 @@
@inproceedings{Allais-et-al-2017,
title={Type-and-scope safe programs and their proofs},
author={Allais, Guillaume and Chapman, James and McBride, Conor and McKinna, James},
booktitle={Proceedings of the 6th ACM SIGPLAN Conference on Certified Programs and Proofs},
pages={195--207},
year={2017},
organization={ACM}
}
@inproceedings{Altenkirch-and-Reus-1999,
title={Monadic presentations of lambda terms using generalized inductive types},
author={Altenkirch, Thorsten and Reus, Bernhard},
booktitle={International Workshop on Computer Science Logic},
pages={453--468},
year={1999},
organization={Springer}
}
@article{Avigad-and-Harrison-2014,
title={Formally verified mathematics},
author={Avigad, Jeremy and Harrison, John},
journal={Communications of the ACM},
volume={57},
number={4},
pages={66--75},
year={2014},
publisher={ACM}
}
@inproceedings{Berger-1993,
title={Program extraction from normalization proofs},
author={Berger, Ulrich},
booktitle={International Conference on Typed Lambda Calculi and Applications},
pages={91--106},
year={1993},
organization={Springer}
}
@inproceedings{Bove-and-Capretta-2001,
title={Nested general recursion and partiality in type theory},
author={Bove, Ana and Capretta, Venanzio},
booktitle={International Conference on Theorem Proving in Higher Order Logics},
pages={121--125},
year={2001},
organization={Springer}
}
@inproceedings{Bove-et-al-2009,
title={A brief overview of Agda--a functional language with dependent types},
author={Bove, Ana and Dybjer, Peter and Norell, Ulf},
booktitle={International Conference on Theorem Proving in Higher Order Logics},
pages={73--78},
year={2009},
organization={Springer}
}
@article{Capretta-2005,
title={General recursion via coinductive types},
author={Venanzio Capretta},
journal={Logical Methods in Computer Science},
volume={1},
number={2},
year={2005}
}
@phdthesis{Chapman-2009,
title={Type checking and normalisation},
author={Chapman, James Maitland},
year={2009},
school={University of Nottingham}
}
@inproceedings{Danas-et-al-2017,
title={User Studies of Principled Model Finder Output},
author={Danas, Natasha and Nelson, Tim and Harrison, Lane and Krishnamurthi, Shriram and Dougherty, Daniel J},
booktitle={International Conference on Software Engineering and Formal Methods},
pages={168--184},
year={2017},
organization={Springer}
}
@inproceedings{Dagand-and-Scherer-2015,
title={Normalization by realizability also evaluates},
author={Dagand, Pierre-{\'E}variste and Scherer, Gabriel},
booktitle={Vingt-sixi{\`e}mes Journ{\'e}es Francophones des Langages Applicatifs (JFLA 2015)},
year={2015}
}
@book {Felleisen-et-al-2009,
title = {Semantics engineering with PLT Redex},
author = {Felleisen, Matthias and Findler, Robert Bruce and Flatt, Matthew},
year = {2009},
publisher = {By Press}
}
@techreport{Goguen-and-McKinna-1997,
title={Candidates for substitution},
author={Goguen, Healfdene and McKinna, James},
institution={Laboratory for Foundations of Computer Science, University of Edinburgh},
year={1997}
}
@incollection{Gonthier-2008,
title={The four colour theorem: Engineering of a formal proof},
author={Gonthier, Georges},
booktitle={Computer mathematics},
pages={333--333},
year={2008},
publisher={Springer}
}
@inproceedings{Gonthier-et-al-2013,
title={A machine-checked proof of the odd order theorem},
author={Gonthier, Georges and Asperti, Andrea and Avigad, Jeremy and others},
booktitle={International Conference on Interactive Theorem Proving},
pages={163--179},
year={2013},
organization={Springer}
}
@inproceedings{Hales-et-al-2017,
title={A formal proof of the {K}epler conjecture},
author={Hales, Thomas and Adams, Mark and Bauer, Gertrud and Dang, Tat Dat and Harrison, John and Le Truong, Hoang and Kaliszyk, Cezary and Magron, Victor and McLaughlin, Sean and Nguyen, Tat Thang and others},
booktitle={Forum of Mathematics, Pi},
volume={5},
year={2017},
organization={Cambridge University Press}
}
@book{Harper-2016,
title={Practical foundations for programming languages},
author={Harper, Robert},
year={2016},
publisher={Cambridge University Press}
}
@article{Huet-et-al-1997,
title={The {C}oq proof assistant a tutorial},
author={Huet, G{\'e}rard and Kahn, Gilles and Paulin-Mohring, Christine},
journal={Rapport Technique},
volume={178},
year={1997}
}
@inproceedings{Kastner-et-al-2017,
title={Closing the gap--the formally verified optimizing compiler CompCert},
author={K{\"a}stner, Daniel and Leroy, Xavier and Blazy, Sandrine and Schommer, Bernhard and Schmidt, Michael and Ferdinand, Christian},
booktitle={SSS'17: Safety-critical Systems Symposium 2017},
pages={163--180},
year={2017},
organization={CreateSpace}
}
@misc{Kiselyov-2009,
author={Oleg Kiselyov},
title={Formalizing languages, mechanizing type-soundess and other meta-theoretic proofs},
note={unpublished manuscript},
url={http://okmij.org/ftp/formalizations/index.html},
year={2009}
}
@inproceedings{Klein-2009,
title={seL4: Formal verification of an OS kernel},
author={Klein, Gerwin and Elphinstone, Kevin and Heiser, Gernot and Andronick, June and Cock, David and Derrin, Philip and Elkaduwe, Dhammika and Engelhardt, Kai and Kolanski, Rafal and Norrish, Michael and others},
booktitle={Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles},
pages={207--220},
year={2009},
organization={ACM}
}
@article{Leroy-2009,
title={Formal verification of a realistic compiler},
author={Leroy, Xavier},
journal={Communications of the ACM},
volume={52},
number={7},
pages={107--115},
year={2009},
publisher={ACM}
}
@misc{McBride-2005,
title={Type-preserving renaming and substitution},
author={McBride, Conor},
note={unpublished manuscript},
url={https://personal.cis.strath.ac.uk/conor.mcbride/ren-sub.pdf},
year={2005}
}
@inproceedings{McBride-2015,
title={Turing-completeness totally free},
author={McBride, Conor},
booktitle={International Conference on Mathematics of Program Construction},
pages={257--275},
year={2015},
organization={Springer}
}
@article{McBride-and-McKinna-2004,
title={The view from the left},
author={McBride, Conor and McKinna, James},
journal={Journal of functional programming},
volume={14},
number={1},
pages={69--111},
year={2004},
publisher={Cambridge University Press}
}
@inproceedings{O'Connor-2016,
title={Refinement through restraint: Bringing down the cost of verification},
author={O'Connor, Liam and Chen, Zilin and Rizkallah, Christine and Amani, Sidney and Lim, Japheth and Murray, Toby and Nagashima, Yutaka and Sewell, Thomas and Klein, Gerwin},
booktitle={ICFP},
pages={89--102},
year={2016}
}
@book{Pierce-2002,
title={Types and programming languages},
author={Pierce, Benjamin C},
year={2002},
publisher={MIT press}
}
@inproceedings{Pierce-2009,
title={Lambda, {T}he {U}ltimate {TA}},
author={Pierce, Benjamin C},
booktitle={ICFP},
pages={121--22},
year={2009}
}
@book{Pierce-et-al-2010,
title={Software foundations},
author={Benjamin C Pierce and Chris Casinghino and Marco Gaboardi and Michael Greenberg and C{\u{a}}t{\u{a}}lin Hri{\c{t}}cu and Vilhelm Sj{\"o}berg and Brent Yorgey},
url={http://www.cis.upenn.edu/bcpierce/sf/current/index.html},
year={2010}
}
@inproceedings{Pitts-2010,
title={Step-indexed biorthogonality: a tutorial example},
author={Pitts, Andrew M},
booktitle={Dagstuhl Seminar Proceedings},
year={2010},
organization={Schloss Dagstuhl-Leibniz-Zentrum f{\~A}$1/4$r Informatik}
}
@article{Plotkin-1977,
title={LCF considered as a programming language},
author={Plotkin, Gordon D.},
journal={Theoretical Computer Science},
volume={5},
number={3},
pages={223--255},
year={1977},
publisher={Elsevier}
}
@article{Rosu-Serbanuta-2010,
title={An Overview of the {K} Semantic Framework},
author={Grigore Ro{\c s}u and Traian Florin {\c S}erb{\u a}nu{\c t}{\u a} },
journal={Journal of Logic and Algebraic Programming},
volume={79},
number={6},
pages={397--434},
year={2010}
}
@book{Stump-2016,
title={Verified functional programming in Agda},
author={Stump, Aaron},
year={2016},
publisher={Morgan \& Claypool}
}
@article{Wright-and-Felleisen-1994,
title={A syntactic approach to type soundness},
author={Wright, Andrew K and Felleisen, Matthias},
journal={Information and computation},
volume={115},
number={1},
pages={38--94},
year={1994},
publisher={San Diego: Academic Press, c1987-}
}

740
papers/sbmf/PLFA.tex Executable file
View file

@ -0,0 +1,740 @@
%\documentclass[runningheads,oribibl]{llncs}
\documentclass[runningheads]{llncs}
\usepackage{natbib}
% \usepackage{stmaryrd}
% \usepackage{proof}
% \usepackage{amsmath}
% \usepackage{amssymb}
% \usepackage{color}
% \usepackage{bbm}
% \usepackage[greek,english]{babel}
% \usepackage{ucs}
% \usepackage[utf8x]{inputenc}
% \usepackage{autofe}
\usepackage{agda}
\usepackage{revsymb}
\usepackage{semantic}
\usepackage{graphicx}
\usepackage{url}
\renewcommand\UrlFont{\color{blue}\rmfamily}
\usepackage{stix}
\setcitestyle{round,aysep={}}
\begin{document}
\title{Programming Language Foundations in Agda}
\author{Philip Wadler}
\authorrunning{P. Wadler}
\institute{University of Edinburgh\\
\email{wadler@inf.ed.ac.uk}}
\maketitle
%
\begin{abstract}
One of the leading textbooks for formal methods is
\emph{Software Foundations} (SF), written by Benjamin Pierce in
collaboration with others, and based on Coq. After five years using SF
in the classroom, I have come to the conclusion that Coq is not the
best vehicle for this purpose, as too much of the course needs to
focus on learning tactics for proof derivation, to the cost of
learning programming language theory. Accordingly, I have written a
new textbook, \emph{Programming Language Foundations in Agda} (PLFA).
PLFA covers much of the same ground as SF, although it is not a
slavish imitation.
What did I learn from writing PLFA? First, that it is possible. One
might expect that without proof tactics that the proofs become too
long, but in fact proofs in PLFA are about the same length as those in
SF. Proofs in Coq require an interactive environment to be understood,
while proofs in Agda can be read on the page. Second, that
constructive proofs of preservation and progress give immediate rise
to a prototype evaluator. This fact is obvious in retrospect but it is
not exploited in SF (which instead provides a separate normalise
tactic) nor can I find it in the literature. Third, that using raw
terms with a separate typing relation is far less perspicuous than
using inherently-typed terms. SF uses the former presentation, while
PLFA presents both; the former uses about 1.6 as many lines of Agda
code as the latter, roughly the golden ratio.
The textbook is written as a literate Agda script, and can be found here:
\begin{center}
\url{http://plfa.inf.ed.ac.uk}
\end{center}
\keywords{Agda \and Coq \and lambda calculus \and dependent types.}
\end{abstract}
\section{Introduction}
The most profound connection between logic and computation is a pun.
The doctrine of Propositions as Types asserts that a certain kind of formal
structure may be read in two ways: either as a proposition in logic or
as a type in computing. Further, a related structure may be read as
either the proof of the proposition or as a programme of the
corresponding type. Further still, simplification of proofs
corresponds to evaluation of programs.
Accordingly, the title of this paper, and the corresponding textbook,
\emph{Programming Language Foundations in Agda} (hence, PLFA)
also has two readings. It may be parsed as ``(Programming Language)
Foundations in Agda'' or ``Programming (Language Foundations) in
Agda''---specifications in the proof assistant Agda both describe
programming languages and are themselves programmes.
Since 2013, I have taught a course on Types and Semantics for
Programming Languages to fourth-year undergraduates and masters
students at the University of Edinburgh. An earlier version of that
course was based on \emph{Types and Programming Languages} by
\citet{Pierce-2002}, but my version was taught from its successor,
\emph{Software Foundations} (hence, SF) by \citet{Pierce-et-al-2010},
which is based on the proof assistance Coq \citep{Huet-et-al-1997}.
I am convinced by the claim of \citet{Pierce-2009}, made in his ICFP
Keynote \emph{Lambda, The Ultimate TA}, that basing a course around a
proof assistant aids learning.
However, after five years of experience, I have come to the conclusion
that Coq is not the best vehicle. Too much of the course needs to
focus on learning tactics for proof derivation, to the cost of
learning the fundamentals of programming language theory. Every
concept has to be learned twice: e.g., both the product data type, and
the corresponding tactics for introduction and elimination of
conjunctions. The rules Coq applies to generate induction hypotheses
can sometimes seem mysterious. While the \texttt{notation} construct
permits pleasingly flexible syntax, it can be confusing that the same
concept must always be given two names, e.g., both
\texttt{subst~N~x~M} and \texttt{N~[x~:=~M]}. Names of tactics are
sometimes short and sometimes long; naming conventions in the standard
library can be wildly inconsistent. \emph{Propositions as types} as a
foundation of proof is present but hidden.
I found myself keen to recast the course in Agda \citep{Bove-et-al-2009}.
In Agda, there is
no longer any need to learn about tactics: there is just
dependently-typed programming, plain and simple. Introduction is
always by a constructor, elimination is always by pattern
matching. Induction is no longer a mysterious separate concept, but
corresponds to the familiar notion of recursion. Mixfix syntax is
flexible while using just one name for each concept, e.g.,
substitution is \texttt{\_[\_:=\_]}. The standard library is not perfect, but
there is a fair attempt at consistency. \emph{Propositions as types} as a
foundation of proof is on proud display.
Alas, there is no textbook for programming language theory in
Agda. \emph{Verified Functional Programming in Agda} by \citep{Stump-2016}
covers related ground, but focusses more on programming with dependent
types than on the theory of programming languages.
The original goal was to simply adapt \emph{Software Foundations},
maintaining the same text but transposing the code from Coq to Agda.
But it quickly became clear to me that after five years in the
classroom I had my own ideas about how to present the material. They
say you should never write a book unless you cannot \emph{not} write the
book, and I soon found that this was a book I could not not write.
I am fortunate that my student, Wen Kokke, was keen to help. She
guided me as a newbie to Agda and provided an infrastructure that is
easy to use and produces pages that are a pleasure to view.
The bulk of the book was written January--June 2018, while on
sabbatical in Rio de Janeiro.
This paper is a personal reflection, summarising what I learned in the
course of writing the textbook. Some of it reiterates advice that is
well-known to some members of the dependently-typed programming
community, but which deserves to be better known. The paper is
organised as follows.
Section~2 outlines the
topics covered in PLFA, and notes what is omitted.
Section~3 compares Agda and Coq as vehicles for pedagogy. Before
writing the book, it was not obvious that it was even possible;
conceivably, without tactics some of the proofs might
balloon in size. In fact, it turns out that for the results in PLFA
and SF, the proofs are of roughly comparable size, and (in my opinion)
the proofs in PLFA are more readable and have a pleasing visual
structure.
Section~4 observes that constructive proofs of progress and
preservation combine trivially to produce a constructive evaluator for
terms. This idea is obvious once you have seen it, yet I cannot
find it described in the literature. For instance, SF separately
implements a \texttt{normalise} tactic that has nothing to do with
progress and preservation.
Section~5 claims that raw terms should be avoided in favour of
inherently-typed terms. PLFA develops lambda calculus with both raw
and inherently-typed terms, permitting a comparison. It turns out the
former is less powerful---it supports substitution only for closed
terms---but significantly longer---about 1.6 times as many lines of code,
roughly the golden ratio.
I will argue that Agda has advantages over Coq for
pedagogic purposes. My focus is purely on the case of a proof assistant
as an aid to \emph{learning} formal semantics using examples of
\emph{modest} size. I admit up front that
there are many tasks for which Coq is better suited than Agda.
A proof assistant that supports tactics, such as Coq or Isabelle,
is essential for formalising serious mathematics,
such as the Four-Colour Theorem \citep{Gonthier-2008},
the Odd-Order Theorem \citep{Gonthier-et-al-2013},
or Kepler's Conjecture \citep{Hales-et-al-2017},
or for establishing correctness of software at scale,
as with the CompCert compiler \citep{Leroy-2009,Kastner-et-al-2017}
or the SEL4 operating system \citep{Klein-2009,O'Connor-2016}.
\section{Scope}
PLFA is aimed at students in the last year of an undergraduate
honours programme or the first year of a master or doctorate degree.
It aims to teach the fundamentals of operational semantics of
programming languages, with simply-typed lambda calculus as the
central example. The textbook is written as a literate script in Agda.
As with SF, the hope is that using
a proof assistant will make the development more concrete
and accessible to students, and give them rapid feedback to find
and correct misaprehensions.
The book is broken into two parts. The first part, Logical Foundations,
develops the needed formalisms. The second part, Programming Language
Foundations, introduces basic methods of operational semantics.
(SF is divided into books, the first two of which have the same names
as the two parts of PLFA, and cover similar material.)
Each chapter has both a one-word name and a title, the one-word name
being both its module name and its file name.
\subsection*{Part I, Logical Foundations}
\paragraph{Naturals: Natural numbers}
Introduces the inductive definition of natural numbers in terms of
zero and successor, and recursive definitions of addition,
multiplication, and monus. Emphasis is put on how a tiny description
can specify an infinite domain.
\paragraph{Induction: Proof by induction}
Introduces induction to prove properties
such as associativity and commutativity of addition.
Also introduces dependent functions to express universal quantification.
Emphasis is put on the correspondence between induction and recursion.
\paragraph{Relations: Inductive definitions of relations}
Introduces inductive definitions of less than or equal on natural numbers,
and odd and even natural numbers.
Proves properties such as reflexivity, transitivity, and
anti-symmetry, and that the sum of two odd numbers is even.
Emphasis is put on proof by induction over evidence that a relation holds.
\paragraph{Equality: Equality and equational reasoning}
Gives Martin L\"of's and Leibniz's definitions of equality, and proves
them equivalent, and defines the notation for equational reasoning used
throughout the book.
\paragraph{Isomorphism: Isomorphism and embedding}
Introduces isomorphism, which plays an important role in the
subsequent development. Also introduces dependent records, lambda
terms, and extensionality.
\paragraph{Connectives: Conjunction, disjunction, and implication}
Introduces product, sum, unit, empty, and function types, and their
interpretations as connectives of logic under Propositions as Types.
Emphasis is put on the analogy between these types and product, sum,
unit, zero, and exponential on naturals; e.g., product of numbers is
commutative and product of types is commutative up to isomorphism.
\paragraph{Negation: Negation, with intuitionistic and classical logic}
Introduces logical negation as a function into the empty
type, and explains the difference between classical and intuitionistic
logic.
\paragraph{Quantifiers: Universals and existentials}
Recaps universal quantifiers and their correspondence to dependent
functions, and introduces existential quantifiers and their
correspondence to dependent products.
\paragraph{Decidable: Booleans and decision procedures}
Introduces booleans and decidable types, and why the latter is to be
preferred to the former.
\paragraph{Lists: Lists and higher-order functions}
Gives two different definitions of reverse and proves them equivalent.
Introduces map and fold and their properties, including that fold left
and right are equivalent in a monoid. Introduces predicates that hold
for all or any member of a list, with membership as a specialisation
of the latter.
\subsection*{Part II, Programming Language Foundations}
\paragraph{Lambda: Introduction to lambda calculus}
Introduces lambda calculus, using a representation with named
variables and a separate typing relation. The language used is PCF
\citep{Plotkin-1977}, with variables, lambda abstraction, application,
zero, successor, case over naturals, and fixpoint. Reduction is
call-by-value and restricted to closed terms.
\paragraph{Properties: Progress and preservation}
Proves key properties of simply-typed
lambda calculus, including progress and preservation. Progress and
preservation are combined to yield an evaluator.
\paragraph{DeBruijn: Inherently typed de Bruijn representation}
Introduces de Bruijn indices and the inherently-typed representation.
Emphasis is put on the structural similarity between a term and its
corresponding type derivation; in particular, de Bruijn indices
correspond to the judgment that a variable is well-typed under a given
environment.
\paragraph{More: More constructs of simply-typed lambda calculus}
Introduces product, sum, unit, and empty types as well as lists and let bindings
are explained. Typing and reduction rules are given informally; a few
are then give formally, and the rest are left as exercises for the reader.
The inherently typed representation is used.
\paragraph{Bisimulation: Relating reduction systems}
Shows how to translate the language with ``let'' terms
to the language without, representing a let as an application of an abstraction,
and shows how to relate the source and target languages with a bisimulation.
\paragraph{Inference: Bidirectional type inference}
Introduces bidirectional type inference, and applies it to convert from
a representation with named variables and a separate typing relation
to a representation de Bruijn indices with inherent types. Bidirectional
type inference is shown to be both sound and complete.
\paragraph{Untyped: Untyped calculus with full normalisation}
As a variation on earlier themes, discusses an untyped (but inherently
scoped) lambda calculus. Reduction is call-by-name over open terms,
with full normalisation (including reduction under lambda terms). Emphasis
is put on the correspondence between the structure of a term and
evidence that it is in normal form.
\subsection*{Discussion}
PLFA and SF differ in several particulars. PLFA begins with a computationally
complete language, PCF, while SF begins with a minimal language, simply-typed
lambda calculus with booleans. PLFA does not include type annotations in terms,
and uses bidirectional type inference, while SF has terms with unique types and
uses type checking. SF also covers a simple imperative language with Hoare logic,
and for lambda calculus covers subtyping, record types, mutable references, and normalisation
---none of which are treated by PLFA. PLFA covers an inherently-typed de Bruijn
representation, bidirectional type inference, bisimulation, and an
untyped call-by-name language with full normalisation---none of which
are treated by SF.
SF has a third volume, written by Andrew Appel, on Verified Functional
Algorithms. I'm not sufficiently familiar with that volume to have a view
on whether it would be easy or hard to cover that material in Agda.
And SF recently added a fourth volume on random testing of Coq specifications
using QuickChick. There is currently no tool equivalent to QuickChick
available for Agda.
There is more material that would be desirable to include in PLFA
which was not due to limits of time. In future years, PLFA may be
extended to cover additional material, including mutable references,
normalisation, System F, pure type systems, and denotational
semantics. I'd especially like to include pure type systems as they
provide the readers with a formal model close to the dependent types
used in the book. My attempts so far to formalise pure type systems
have proved challenging, to say the least.
\section{Proofs in Agda and Coq}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/plfa-progress-1.png}
\caption{PLFA, Progress (1/2)}
\label{fig:plfa-progress-1}
\end{figure}
\begin{figure}[p]
\includegraphics[width=\textwidth]{figures/plfa-progress-2.png}
\includegraphics[width=\textwidth]{figures/plfa-progress-3a.png}
\caption{PLFA, Progress (2/2)}
\label{fig:plfa-progress-2}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/sf-progress-1.png}
\caption{SF, Progress (1/2)}
\label{fig:sf-progress-1}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/sf-progress-2.png}
\caption{SF, Progress (2/2)}
\label{fig:sf-progress-2}
\end{figure}
% \begin{figure}[t]
% \includegraphics[width=\textwidth]{figures/sf-progress-3.png}
% \caption{SF, Progress (3/3)}
% \label{fig:sf-progress-3}
% \end{figure}
The introduction listed several reasons for preferring Agda over Coq.
But Coq tactics enable more compact proofs. Would it be possible for
PLFA to cover the same material as SF, or would the proofs
balloon to unmanageable size?
As an experiment, I first rewrote SF's development of simply-typed
lambda calculus (SF, Chapters Stlc and StlcProp) in Agda. I was a
newbie to Agda, and translating the entire development, sticking as
closely as possible to the development in SF, took me about two days.
I was pleased to discover that the proofs remained about the same
size.
There was also a pleasing surprise regarding the structure of the
proofs. While most proofs in both SF and PLFA are carried out by
induction over the evidence that a term is well typed, in SF the
central proof, that substitution preserves types, is carried out by
induction on terms for a technical reason
(the context is extended by a variable binding, and hence not
sufficiently ``generic'' to work well with Coq's induction tactic). In
Agda, I had no trouble formulating the same proof over evidence that
the term is well typed, and didn't even notice SF's description of the
issue until I was done.
The rest of the book was relatively easy to complete. The closest to
an issue with proof size arose when proving that reduction is
deterministic. There are 18 cases, one case per line. Ten of the
cases deal with the situation where there are potentially two
different reductions; each case is trivially shown to be
impossible. Five of the ten cases are redundant, as they just involve
switching the order of the arguments. I had to copy the cases
suitably permuted. It would be preferable to reinvoke the proof on
switched arguments, but this would not pass Agda's termination checker
since swapping the arguments doesn't yield a recursive call on
structurally smaller arguments. I suspect tactics could cut down the
proof significantly. I tried to compare with SF's proof that reduction
is deterministic, but failed to find that proof.
SF covers an imperative language with Hoare logic, culminating in
code that takes an imperative programme suitably decorated with preconditions
and postconditions and generates the necessary
verification conditions. The conditions are then verified by a custom
tactic, where any questions of arithmetic are resolved by the
``omega'' tactic invoking a decision procedure. The entire
exercise would be easy to repeat in Agda, save for the last step: I
suspect Agda's automation would not be up to verifying the generated
conditions, requiring tedious proofs by hand. However, I had already
decided to omit Hoare logic in order to focus on lambda calculus.
To give a flavour of how the texts compare, I show the
proof of progress for simply-typed lambda calculus from both texts.
Figures~\ref{fig:plfa-progress-1} and \ref{fig:plfa-progress-2}
are taken from PLFA, Chapter Properties,
while Figures~\ref{fig:sf-progress-1} and \ref{fig:sf-progress-2}
are taken from SF, Chapter StlcProp.
Both texts are intended to be read online,
and the figures were taken by grabbing bitmaps of the text as
displayed in a browser.
PLFA puts the formal statements first, followed by informal explanation.
PLFA introduces an auxiliary relation \texttt{Progress} to capture
progress; an exercise (not shown) asks the reader to show it isomorphic
to the usual formulation with a disjunction and an existential.
Layout is used to present the auxiliary relation in inference rule form.
In Agda, any line beginning with two dashes is treated as a comment, making
it easy to use a line of dashes to separate hypotheses from conclusion
in inference rules. The proof of proposition \texttt{progress} (the different
case making it a distinct name) is layed out carefully. The neat
indented structure emphasises the case analysis, and all right-hand
sides line-up in the same column. My hope as an author is that students
will read the formal proof first, and use it as a tabular guide
to the informal explanation that follows.
SF puts the informal explanation first, followed by the formal proof.
The text hides the formal proof script under an icon;
the figure shows what appears when the icon is expanded.
As a teacher I was aware that
students might skip it on a first reading, and I would have to hope the
students would return to it and step through it with an interactive
tool in order to make it intelligible. I expect the students skipped over
many such proofs. This particular proof forms the basis for a question
of the mock exam and the past exams, so I expect most students will actually
look at this one if not all the others.
\newcommand{\ex}{\texttt{x}}
\newcommand{\why}{\texttt{y}}
\newcommand{\EL}{\texttt{L}}
\newcommand{\EM}{\texttt{M}}
\newcommand{\EN}{\texttt{N}}
\newcommand{\tee}{\texttt{t}}
\newcommand{\tick}{\texttt{\lq}}
\newcommand{\GG}{\Gamma}
\newcommand{\AY}{\texttt{A}}
\newcommand{\BE}{\texttt{B}}
(For those wanting more detail: In PLFA, variables and abstractions and
applications in the object language are written $\tick\;\ex$ and
$\lambdabar\;\ex\;{\Rightarrow}\;\EN$ and $\EL\;{\cdot}\;\EM$. The
corresponding typing rules are referred to by ${\vdash}\tick\;()$
and ${\vdash}\lambdabar\;{\vdash}\EN$ and ${\vdash}\EL\;{\cdot}\;{\vdash}\EM$, where
${\vdash}\EL$, ${\vdash}\EM$, ${\vdash}\EN$ are the proofs that terms
$\EL$, $\EM$, $\EN$ are well typed, and `()` denotes that there cannot
be evidence that a free variable is well typed in the empty context.
It was decided to overload infix dot for readability, but not other
symbols. In Agda, as in Lisp, almost any sequence of characters is a
name, with spaces essential for separation.)
(In SF, variables and abstractions and applications in
the object language are written $\texttt{tvar}~\ex$ and
$\texttt{tabs}~\ex~\tee$ and $\texttt{tapp}~\tee_1~\tee_2$.
The corresponding typing rules are referred to as
$\texttt{T\_Var}$ and $\texttt{T\_Abs}$ and $\texttt{T\_App}$.)
Both Coq and Agda support interactive proof. Interaction in Coq is
supported by Proof General, based on Emacs, or by CoqIDE, which
provides an interactive development environment of a sort familiar to
most students. Interaction in Agda is supported by an Emacs mode.
In Coq, interaction consists of stepping through a proof script, at
each point examining the current goal and the variables currently in
scope, and executing a new command in the script. Tactics are a whole
sublanguage, which must be learned in addition to the language for
expressing specifications. There are many tactics one can invoke in
the script at each point; one menu in CoqIDE lists about one hundred
tactics one might invoke, some in alphabetic submenus. A Coq
script presents the specification proved and the tactics executed.
Interaction is recorded in a script, which the students
may step through at their leisure. SF contains some prose descriptions
of stepping through scripts, but mainly contains scripts that students
are encouraged to step through on their own.
In Agda, interaction consists of writing code with holes, at each
point examining the current goal and the variables in scope, and
typing code or executing an Emacs command. The number of commands
available is much smaller than with Coq, the most important ones being
to show the type of the hole and the types of the variables in scope;
to check the code; to do a case analysis on a given variable; or to
guess how to fill in the hole with constructors or variables in scope.
An Agda proof consists of typed code. The interaction is \emph{not}
recorded. Students may recreate it by commenting out bits of code and
introducing a hole in their place. PLFA contains some prose descriptions
of interactively building code, but mainly contains code that students
can read. They may also introduce holes to interact with the code, but
I expect this will be rarer than with SF.
SF encourages students to interact with all the scripts in the text.
Trying to understand a Coq proof script without running it
interactively is a bit like understanding a chess game by reading
through the moves without benefit of a board, keeping it all in your
head. In contrast, PLFA provides code that students can read.
Understanding the code often requires working out the types, but
(unlike executing a Coq proof script) this is often easy to do in your
head; when it is not easy, students still have the option of
interaction.
While students are keen to interact to create code, I have found they
are reluctant to interact to understand code created by others. For
this reason, I suspect this may make Agda a more suitable vehicle for
teaching. Nate Foster suggests this hypothesis is ripe to be tested
empirically, perhaps using techniques similar to those of
\citet{Danas-et-al-2017}.
Neat layout of definitions such as that in
Figure~\ref{fig:plfa-progress-2} in Emacs requires a monospaced font
supporting all the necessary characters. Securing one has proved
tricky. As of this writing, we use FreeMono, but it lacks a few
characters ($\typecolon$ and $\qed$) which are loaded from fonts with a different
width. Long arrows are necessarily more than a single character wide.
Instead, we compose reduction —→ from an em dash — and an arrow →.
Similarly for reflexive and transitive closure —↠.
\section{Progress + Preservation = Evaluation}
\begin{figure}
\includegraphics[width=\textwidth]{figures/plfa-eval.png}
\caption{PLFA, Evaluation}
\label{fig:plfa-eval}
\end{figure}
A standard approach to type soundness used by many texts,
including SF and PLFA, is to prove progress and preservation,
as first suggested by \citet{Wright-and-Felleisen-1994}.
\begin{theorem}[Progress] Given term $M$ and type $A$ such that
$\emptyset \vdash M : A$ then either $M$ is a value or
$M \longrightarrow N$ for some term $N$.
\end{theorem}
\begin{theorem}[Preservation] Given terms $M$ and $N$ and type $A$
such that $\emptyset \vdash M : A$ and $M \longrightarrow N$, then
$\emptyset \vdash N : A$. \end{theorem}
A consequence is that when a term reduces to a value it retains
the same type. Further, well-typed terms don't get stuck:
that is, unable to reduce further but not yet reduced to a value.
The formulation neatly accommodates the case of non-terminating
reductions that never reach a value.
One useful by-product of the formal specification of a programming
language may be a prototype implementation of that language. For
instance, given a language specified by a reduction relation, such
as lambda calculus, the prototype might accept a term and apply reductions
to reduce it to a value. Typically, one might go to some extra work to
create such a prototype. For instance, SF introduces a \texttt{normalize}
tactic for this purpose. Some formal methods frameworks, such as
Redex \citep{Felleisen-et-al-2009} and K \citep{Rosu-Serbanuta-2010},
advertise as one of their advantages that they can generate
a prototype from descriptions of the reduction rules.
I was therefore surprised to realise that any constructive proof of
progress and preservation \emph{automatically} gives rise to such a
prototype. The input is a term together with evidence the term is
well-typed. (In the inherently-typed case, these are the same thing.)
Progress determines whether we are done, or should take another step;
preservation provides evidence that the new term is well-typed, so we
may iterate. In a language with guaranteed termination, we cannot
iterate forever, but there are a number of well-known techniques to
address that issue; see, e.g., \citet{Bove-and-Capretta-2001},
\citet{Capretta-2005}, or \citet{McBride-2015}.
We use the simplest, similar to McBride's \emph{petrol-driven} (or
\emph{step-indexed}) semantics: provide a maximum number of steps to
execute; if that number proves insufficient, the evaluator returns the
term it reached, and one can resume execution by providing a new
number.
Such an evaluator from PLFA is shown in Figure~\ref{fig:plfa-eval},
where (inspired by cryptocurrencies) the number of steps
to execute is referred to as \emph{gas}. All of the example reduction
sequences in PLFA were computed by the evaluator and then edited to
improve readability; in addition, the text includes examples of
running the evaluator with its unedited output.
It is immediately obvious that progress and preservation make it
trivial to construct a prototype evaluator, and yet I cannot find such
an observation in the literature nor mentioned in an introductory
text. It does not appear in SF, nor in \citet{Harper-2016}. A plea
to the Agda mailing list failed to turn up any prior mentions.
The closest related observation I have seen in the published
literature is that evaluators can be extracted from proofs of
normalisation \citep{Berger-1993,Dagand-and-Scherer-2015}.
(Late addition: My plea to the Agda list eventually bore fruit. Oleg
Kiselyov directed me to unpublished remarks on his web page where he
uses the name \texttt{eval} for a proof of progress and notes ``the
very proof of type soundness can be used to evaluate sample
expressions'' \citep{Kiselyov-2009}.)
\section{Inherent typing is golden}
\begin{figure}[p]
\includegraphics[width=\textwidth]{figures/raw.png}
\caption{Raw approach in PLFA}
\label{fig:raw}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/inherent.png}
\caption{Inherent approach in PLFA}
\label{fig:inherent}
\end{figure}
The second part of PLFA first discusses two different approaches to
modelling simply-typed lambda calculus. It first presents raw
terms with named variables and a separate typing relation and
then shifts to inherently-typed terms with de Bruijn indices.
Before writing the text, I had thought the two approaches
complementary, with no clear winner. Now I am convinced that the
inherently-typed approach is superior.
Figure~\ref{fig:raw} presents the raw approach.
It first defines $\texttt{Id}$, $\texttt{Term}$,
$\texttt{Type}$, and $\texttt{Context}$, the abstract syntax
of identifiers, raw terms, types, and contexts.
It then defines two judgements,
$\GG\:{\ni}\:\ex\:{\typecolon}\:\AY$ and
$\GG\:{\vdash}\:\EM\:{\typecolon}\:\AY$,
which hold when under context $\GG$ the variable $\ex$
and the term $\EM$ have type $\AY$, respectively.
Figure~\ref{fig:inherent} presents the inherent approach.
It first defines $\texttt{Type}$ and $\texttt{Context}$, the abstract syntax
of types and contexts, of which the first is as before and the second is
as before with identifiers dropped. In place of the two judgements,
the types of variables and terms are indexed by a context and a type,
so that $\GG\:{\ni}\:\AY$ and $\GG\:{\vdash}\:\AY$ denote
variables and terms, respectively, that under context $\GG$ hae type $\AY$.
The indexed types closely resemble the previous judgements:
we now represent a variable or a term by the proof that it is well-typed.
In particular, the proof that a variable is well-typed in the raw approach
corresponds to a de Bruijn index in the inherent approach.
The raw approach requires more lines of code than
the inherent approach. The separate definition of raw
terms is not needed in the inherent
approach; and one judgement in the raw approach needs to check that
$\ex \not\equiv \why$, while the corresponding judgement in the
inherent approach does not. The difference becomes more pronounced
when including the code for substitution, reductions, and proofs of
progress and preservation. In particular, where the raw approach
requires one first define substitution and reduction and then prove
they preserve types, the inherent approach establishes substitution at
the same time it defines substitution and reduction.
Stripping
out examples and any proofs that appear in one but not the other (but
could have appeared in both), the full development in PLFA for the raw approach takes 451
lines (216 lines of definitions and 235 lines for the proofs) and the
development for the inherent approach takes 275 lines (with
definitions and proofs interleaved). We have 451 / 235 = 1.64,
close to the golden ratio.
The inherent approach also has more expressive power. The raw
approach is restricted to substitution of one variable by a closed
term, while the inherent approach supports simultaneous substitution
of all variables by open terms, using a pleasing formulation due to
\citet{McBride-2005}, inspired by \citet{Goguen-and-McKinna-1997} and
\citet{Altenkirch-and-Reus-1999} and described in
\citet{Allais-et-al-2017}. In fact, I did manage to write a variant of
the raw approach with simultaneous open substitution along the lines
of McBride, but the result was too complex for use in an introductory
text, requiring 695 lines of code---more than the total for the other
two approaches combined.
The text develops both approaches because the raw approach is more
familiar, and because placing the inherent approach first would
lead to a steep learning curve. By presenting the more long-winded
but less powerful approach first, students can see for themselves the
advantages of de Bruijn indices and inherent types.
There are actually four possible designs, as the choice of named
variables vs de Bruijn indices, and the choice of raw vs
inherently-typed terms may be made independently. There are synergies
beween the two. Manipulation of de Bruijn indices can be notoriously
error-prone without inherent-typing to give assurance of correctness.
In inherent typing with named variables, simultaneous substitution by
open terms remains difficult.
The benefits of the inherent approach
are well known to some. The technique was introduced by
\citet{Altenkirch-and-Reus-1999}, and widely used elsewhere,
notably by \citet{Chapman-2009} and \citet{Allais-et-al-2017}.
I'm grateful to David Darais for bringing it to my attention.
\section{Conclusion}
I look forward to experience teaching from the new text,
and encourage others to use it too. Please comment!
\paragraph{Acknowledgements}
A special thank you to my coauthor, Wen Kokke. For inventing ideas on
which PLFA is based, and for hand-holding, many thanks to Conor
McBride, James McKinna, Ulf Norell, and Andreas Abel. For showing me
how much more compact it is to avoid raw terms, thanks to David
Darais. For inspiring my work by writing SF, thanks to Benjamin
Pierce and his coauthors. For comments on a draft of this paper, an
extra thank you to James McKinna, Ulf Norell, Andreas Abel, and
Benjamin Pierce. This research was supported by EPSRC Programme Grant
EP/K034413/1.
\bibliographystyle{plainnat}
%\bibliographystyle{splncsnat.bst}
\bibliography{PLFA}
\end{document}

23
papers/sbmf/README.txt Normal file
View file

@ -0,0 +1,23 @@
Look at the following when revising the paper.
On 2018-07-07 00:45, Philip Wadler wrote:
Indeed, I considered using Delay for the evaluator in the textbook,
but decided that supplying a step count was simpler, and avoided the
need to explain coinduction.
In "Operational Semantics Using the Partiality Monad"
(https://doi.org/10.1145/2364527.2364546) I defined the semantics of an
untyped language by giving a definitional interpreter, using the delay
monad. Then I proved type soundness for this language as a negative
statement (using a more positive lemma):
[] ⊢ t ∈ σ → ¬ (⟦ t ⟧ [] ≈ fail)
Thus, instead of starting with type soundness and deriving an evaluator,
I started with an evaluator and proved type soundness.
This kind of exercise has also been performed using fuel, see Siek's
"Type Safety in Three Easy Lemmas"
(http://siek.blogspot.com/2013/05/type-safety-in-three-easy-lemmas.html)
and "Functional Big-Step Semantics" by Owens et al.
(https://doi.org/10.1007/978-3-662-49498-1_23).

691
papers/sbmf/agda.sty Normal file
View file

@ -0,0 +1,691 @@
% ----------------------------------------------------------------------
% Some useful commands when doing highlighting of Agda code in LaTeX.
% ----------------------------------------------------------------------
\ProvidesPackage{agda}
\RequirePackage{ifxetex, ifluatex, xifthen, xcolor, polytable, etoolbox,
calc, environ}
% https://tex.stackexchange.com/questions/47576/combining-ifxetex-and-ifluatex-with-the-logical-or-operation
\newif\ifxetexorluatex
\ifxetex
\xetexorluatextrue
\else
\ifluatex
\xetexorluatextrue
\else
\xetexorluatexfalse
\fi
\fi
% ----------------------------------------------------------------------
% Options
\DeclareOption{bw} {\newcommand{\AgdaColourScheme}{bw}}
\DeclareOption{conor}{\newcommand{\AgdaColourScheme}{conor}}
\newif\if@AgdaEnableReferences\@AgdaEnableReferencesfalse
\DeclareOption{references}{
\@AgdaEnableReferencestrue
}
\newif\if@AgdaEnableLinks\@AgdaEnableLinksfalse
\DeclareOption{links}{
\@AgdaEnableLinkstrue
}
% If the "nofontsetup" option is used, then the package does not
% select any fonts, and it does not change the font encoding.
\newif\if@AgdaSetupFonts\@AgdaSetupFontstrue
\DeclareOption{nofontsetup}{
\@AgdaSetupFontsfalse
}
% If the "noinputencodingsetup" option is used, then the package does
% not change the input encoding, and it does not load the `ucs`
% package.
\newif\if@AgdaSetupInputEncoding\@AgdaSetupInputEncodingtrue
\DeclareOption{noinputencodingsetup}{
\@AgdaSetupInputEncodingfalse
}
\ProcessOptions\relax
% ----------------------------------------------------------------------
% Input encoding setup
\if@AgdaSetupInputEncoding
\ifxetexorluatex
\providecommand{\DeclareUnicodeCharacter}[2]{\relax}
\else
\RequirePackage{ucs}
\RequirePackage[utf8x]{inputenc}
\fi
\fi
% ----------------------------------------------------------------------
% Font setup
\tracinglostchars=2 % If the font is missing some symbol, then say
% so in the compilation output.
\if@AgdaSetupFonts
% XeLaTeX or LuaLaTeX
\ifxetexorluatex
% Hack to get the amsthm package working.
% https://tex.stackexchange.com/questions/130491/xelatex-error-paragraph-ended-before-tempa-was-complete
\let\AgdaOpenBracket\[\let\AgdaCloseBracket\]
\RequirePackage{fontspec}
\let\[\AgdaOpenBracket\let\]\AgdaCloseBracket
\RequirePackage{unicode-math}
\setmainfont
[ Ligatures = TeX
, BoldItalicFont = xits-bolditalic.otf
, BoldFont = xits-bold.otf
, ItalicFont = xits-italic.otf
]
{xits-regular.otf}
\setmathfont{xits-math.otf}
\setmonofont[Mapping=tex-text]{FreeMono.otf}
% Make mathcal and mathscr appear as different.
% https://tex.stackexchange.com/questions/120065/xetex-what-happened-to-mathcal-and-mathscr
\setmathfont[range={\mathcal,\mathbfcal},StylisticSet=1]{xits-math.otf}
\setmathfont[range=\mathscr]{xits-math.otf}
% pdfLaTeX
\else
% https://tex.stackexchange.com/questions/1774/how-to-insert-pipe-symbol-in-latex
\RequirePackage[T1]{fontenc}
\RequirePackage{amsfonts, amssymb}
\RequirePackage[safe]{tipa} % See page 12 of the tipa manual for what
% safe does.
\fi
\fi
% ----------------------------------------------------------------------
% Colour schemes.
\providecommand{\AgdaColourScheme}{standard}
% ----------------------------------------------------------------------
% References to code (needs additional post-processing of tex files to
% work, see wiki for details).
\if@AgdaEnableReferences
\RequirePackage{catchfilebetweentags, xstring}
\newcommand{\AgdaRef}[2][]{%
\StrSubstitute{#2}{\_}{AgdaUnderscore}[\tmp]%
\ifthenelse{\isempty{#1}}%
{\ExecuteMetaData{AgdaTag-\tmp}}%
{\ExecuteMetaData{#1}{AgdaTag-\tmp}}
}
\fi
\providecommand{\AgdaRef}[2][]{#2}
% ----------------------------------------------------------------------
% Links (only done if the option is passed and the user has loaded the
% hyperref package).
\if@AgdaEnableLinks
\@ifpackageloaded{hyperref}{
% List that holds added targets.
\newcommand{\AgdaList}[0]{}
\newtoggle{AgdaIsElem}
\newcounter{AgdaIndex}
\newcommand{\AgdaLookup}[3]{%
\togglefalse{AgdaIsElem}%
\setcounter{AgdaIndex}{0}%
\renewcommand*{\do}[1]{%
\ifstrequal{#1}{##1}%
{\toggletrue{AgdaIsElem}\listbreak}%
{\stepcounter{AgdaIndex}}}%
\dolistloop{\AgdaList}%
\iftoggle{AgdaIsElem}{#2}{#3}%
}
\newcommand*{\AgdaTargetHelper}[1]{%
\AgdaLookup{#1}%
{\PackageError{agda}{``#1'' used as target more than once}%
{Overloaded identifiers and links do not%
work well, consider using unique%
\MessageBreak identifiers instead.}%
}%
{\listadd{\AgdaList}{#1}%
\hypertarget{Agda\theAgdaIndex}{}%
}%
}
\newcommand{\AgdaTarget}[1]{\forcsvlist{\AgdaTargetHelper}{#1}}
\newcommand{\AgdaLink}[1]{%
\AgdaLookup{#1}%
{\hyperlink{Agda\theAgdaIndex}{#1}}%
{#1}%
}
}{\PackageError{agda}{Load the hyperref package before the agda package}{}}
\fi
\providecommand{\AgdaTarget}[1]{}
\providecommand{\AgdaLink}[1]{#1}
% ----------------------------------------------------------------------
% Font styles.
\ifxetexorluatex
\newcommand{\AgdaFontStyle}[1]{\ensuremath{\mathsf{#1}}}
\ifthenelse{\equal{\AgdaColourScheme}{bw}}{
\newcommand{\AgdaKeywordFontStyle}[1]{\underline{#1}}
}{
\newcommand{\AgdaKeywordFontStyle}[1]{\ensuremath{\mathsf{#1}}}
}
\newcommand{\AgdaStringFontStyle}[1]{\ensuremath{\texttt{#1}}}
\newcommand{\AgdaCommentFontStyle}[1]{\ensuremath{\texttt{#1}}}
\newcommand{\AgdaBoundFontStyle}[1]{\ensuremath{\mathit{#1}}}
\else
\newcommand{\AgdaFontStyle}[1]{\textsf{#1}}
\ifthenelse{\equal{\AgdaColourScheme}{bw}}{
\newcommand{\AgdaKeywordFontStyle}[1]{\underline{#1}}
}{
\newcommand{\AgdaKeywordFontStyle}[1]{\textsf{#1}}
}
\newcommand{\AgdaStringFontStyle}[1]{\texttt{#1}}
\newcommand{\AgdaCommentFontStyle}[1]{\texttt{#1}}
\newcommand{\AgdaBoundFontStyle}[1]{\textit{#1}}
\fi
% ----------------------------------------------------------------------
% Colours.
% ----------------------------------
% The black and white colour scheme.
\ifthenelse{\equal{\AgdaColourScheme}{bw}}{
% Aspect colours.
\definecolor{AgdaComment} {HTML}{000000}
\definecolor{AgdaOption} {HTML}{000000}
\definecolor{AgdaKeyword} {HTML}{000000}
\definecolor{AgdaString} {HTML}{000000}
\definecolor{AgdaNumber} {HTML}{000000}
\definecolor{AgdaSymbol} {HTML}{000000}
\definecolor{AgdaPrimitiveType}{HTML}{000000}
% NameKind colours.
\definecolor{AgdaBound} {HTML}{000000}
\definecolor{AgdaInductiveConstructor} {HTML}{000000}
\definecolor{AgdaCoinductiveConstructor}{HTML}{000000}
\definecolor{AgdaDatatype} {HTML}{000000}
\definecolor{AgdaField} {HTML}{000000}
\definecolor{AgdaFunction} {HTML}{000000}
\definecolor{AgdaMacro} {HTML}{000000}
\definecolor{AgdaModule} {HTML}{000000}
\definecolor{AgdaPostulate} {HTML}{000000}
\definecolor{AgdaPrimitive} {HTML}{000000}
\definecolor{AgdaRecord} {HTML}{000000}
\definecolor{AgdaArgument} {HTML}{000000}
% Other aspect colours.
\definecolor{AgdaDottedPattern} {HTML}{000000}
\definecolor{AgdaUnsolvedMeta} {HTML}{D3D3D3}
\definecolor{AgdaTerminationProblem}{HTML}{BEBEBE}
\definecolor{AgdaIncompletePattern} {HTML}{D3D3D3}
\definecolor{AgdaError} {HTML}{696969}
% Misc.
\definecolor{AgdaHole} {HTML}{BEBEBE}
% ----------------------------------
% Conor McBride's colour scheme.
}{ \ifthenelse{\equal{\AgdaColourScheme}{conor}}{
% Aspect colours.
\definecolor{AgdaComment} {HTML}{B22222}
\definecolor{AgdaOption} {HTML}{000000}
\definecolor{AgdaKeyword} {HTML}{000000}
\definecolor{AgdaString} {HTML}{000000}
\definecolor{AgdaNumber} {HTML}{000000}
\definecolor{AgdaSymbol} {HTML}{000000}
\definecolor{AgdaPrimitiveType}{HTML}{0000CD}
% NameKind colours.
\definecolor{AgdaBound} {HTML}{A020F0}
\definecolor{AgdaInductiveConstructor} {HTML}{8B0000}
\definecolor{AgdaCoinductiveConstructor}{HTML}{8B0000}
\definecolor{AgdaDatatype} {HTML}{0000CD}
\definecolor{AgdaField} {HTML}{8B0000}
\definecolor{AgdaFunction} {HTML}{006400}
\definecolor{AgdaMacro} {HTML}{006400}
\definecolor{AgdaModule} {HTML}{006400}
\definecolor{AgdaPostulate} {HTML}{006400}
\definecolor{AgdaPrimitive} {HTML}{006400}
\definecolor{AgdaRecord} {HTML}{0000CD}
\definecolor{AgdaArgument} {HTML}{404040}
% Other aspect colours.
\definecolor{AgdaDottedPattern} {HTML}{000000}
\definecolor{AgdaUnsolvedMeta} {HTML}{FFD700}
\definecolor{AgdaTerminationProblem}{HTML}{FF0000}
\definecolor{AgdaIncompletePattern} {HTML}{A020F0}
\definecolor{AgdaError} {HTML}{F4A460}
% Misc.
\definecolor{AgdaHole} {HTML}{9DFF9D}
% ----------------------------------
% The standard colour scheme.
}{
% Aspect colours.
\definecolor{AgdaComment} {HTML}{B22222}
\definecolor{AgdaOption} {HTML}{000000}
\definecolor{AgdaKeyword} {HTML}{CD6600}
\definecolor{AgdaString} {HTML}{B22222}
\definecolor{AgdaNumber} {HTML}{A020F0}
\definecolor{AgdaSymbol} {HTML}{404040}
\definecolor{AgdaPrimitiveType}{HTML}{0000CD}
% NameKind colours.
\definecolor{AgdaBound} {HTML}{000000}
\definecolor{AgdaInductiveConstructor} {HTML}{008B00}
\definecolor{AgdaCoinductiveConstructor}{HTML}{8B7500}
\definecolor{AgdaDatatype} {HTML}{0000CD}
\definecolor{AgdaField} {HTML}{EE1289}
\definecolor{AgdaFunction} {HTML}{0000CD}
\definecolor{AgdaMacro} {HTML}{458B74}
\definecolor{AgdaModule} {HTML}{A020F0}
\definecolor{AgdaPostulate} {HTML}{0000CD}
\definecolor{AgdaPrimitive} {HTML}{0000CD}
\definecolor{AgdaRecord} {HTML}{0000CD}
\definecolor{AgdaArgument} {HTML}{404040}
% Other aspect colours.
\definecolor{AgdaDottedPattern} {HTML}{000000}
\definecolor{AgdaUnsolvedMeta} {HTML}{FFFF00}
\definecolor{AgdaTerminationProblem}{HTML}{FFA07A}
\definecolor{AgdaIncompletePattern} {HTML}{F5DEB3}
\definecolor{AgdaError} {HTML}{FF0000}
% Misc.
\definecolor{AgdaHole} {HTML}{9DFF9D}
}}
% ----------------------------------------------------------------------
% Commands.
\newcommand{\AgdaNoSpaceMath}[1]
{\begingroup\thickmuskip=0mu\medmuskip=0mu#1\endgroup}
% Aspect commands.
\newcommand{\AgdaComment} [1]
{\AgdaNoSpaceMath{\AgdaCommentFontStyle{\textcolor{AgdaComment}{#1}}}}
\newcommand{\AgdaOption} [1]
{\AgdaNoSpaceMath{\AgdaCommentFontStyle{\textcolor{AgdaOption}{#1}}}}
\newcommand{\AgdaKeyword} [1]
{\AgdaNoSpaceMath{\AgdaKeywordFontStyle{\textcolor{AgdaKeyword}{#1}}}}
\newcommand{\AgdaString} [1]
{\AgdaNoSpaceMath{\AgdaStringFontStyle{\textcolor{AgdaString}{#1}}}}
\newcommand{\AgdaNumber} [1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaNumber}{#1}}}}
\newcommand{\AgdaSymbol} [1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaSymbol}{#1}}}}
\newcommand{\AgdaPrimitiveType}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaPrimitiveType}{#1}}}}
% Note that, in code generated by the LaTeX backend, \AgdaOperator is
% always applied to a NameKind command.
\newcommand{\AgdaOperator} [1]{#1}
% NameKind commands.
% The user can control the typesetting of (certain) individual tokens
% by redefining the following command. The first argument is the token
% and the second argument the thing to be typeset (sometimes just the
% token, sometimes \AgdaLink{<the token>}). Example:
%
% \usepackage{ifthen}
%
% % Insert extra space before some tokens.
% \DeclareRobustCommand{\AgdaFormat}[2]{%
% \ifthenelse{
% \equal{#1}{≡⟨} \OR
% \equal{#1}{≡⟨⟩} \OR
% \equal{#1}{∎}
% }{\ }{}#2}
%
% Note the use of \DeclareRobustCommand.
\newcommand{\AgdaFormat}[2]{#2}
\newcommand{\AgdaBound}[1]
{\AgdaNoSpaceMath{\AgdaBoundFontStyle{\textcolor{AgdaBound}{\AgdaFormat{#1}{#1}}}}}
\newcommand{\AgdaInductiveConstructor}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaInductiveConstructor}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaCoinductiveConstructor}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaCoinductiveConstructor}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaDatatype}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaDatatype}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaField}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaField}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaFunction}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaFunction}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaMacro}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaMacro}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaModule}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaModule}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaPostulate}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaPostulate}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaPrimitive}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaPrimitive}{\AgdaFormat{#1}{#1}}}}}
\newcommand{\AgdaRecord}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaRecord}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaArgument}[1]
{\AgdaNoSpaceMath{\AgdaBoundFontStyle{\textcolor{AgdaArgument}{\AgdaFormat{#1}{#1}}}}}
% Other aspect commands.
\newcommand{\AgdaFixityOp} [1]{\AgdaNoSpaceMath{$#1$}}
\newcommand{\AgdaDottedPattern} [1]{\textcolor{AgdaDottedPattern}{#1}}
\newcommand{\AgdaUnsolvedMeta} [1]
{\AgdaFontStyle{\colorbox{AgdaUnsolvedMeta}{#1}}}
\newcommand{\AgdaTerminationProblem}[1]
{\AgdaFontStyle{\colorbox{AgdaTerminationProblem}{#1}}}
\newcommand{\AgdaIncompletePattern} [1]{\colorbox{AgdaIncompletePattern}{#1}}
\newcommand{\AgdaError} [1]
{\AgdaFontStyle{\textcolor{AgdaError}{\underline{#1}}}}
\newcommand{\AgdaCatchallClause} [1]{#1} % feel free to change this
% Used to hide code from LaTeX.
%
% Note that this macro has been deprecated in favour of giving the
% hide argument to the code environment.
\long\def\AgdaHide#1{\ignorespaces}
% Misc.
\newcommand{\AgdaHole}[1]{\colorbox{AgdaHole}{#1}}
% ----------------------------------------------------------------------
% The code environment.
\newcommand{\AgdaCodeStyle}{}
% \newcommand{\AgdaCodeStyle}{\tiny}
\ifdefined\mathindent
{}
\else
\newdimen\mathindent\mathindent\leftmargini
\fi
% Adds the given amount of vertical space and starts a new line.
%
% The implementation comes from lhs2TeX's polycode.fmt, written by
% Andres Löh.
\newcommand{\Agda@NewlineWithVerticalSpace}[1]{%
{\parskip=0pt\parindent=0pt\par\vskip #1\noindent}}
% Should there be space around code?
\newboolean{Agda@SpaceAroundCode}
% Use this command to avoid extra space around code blocks.
\newcommand{\AgdaNoSpaceAroundCode}{%
\setboolean{Agda@SpaceAroundCode}{false}}
% Use this command to include extra space around code blocks.
\newcommand{\AgdaSpaceAroundCode}{%
\setboolean{Agda@SpaceAroundCode}{true}}
% By default space is inserted around code blocks.
\AgdaSpaceAroundCode{}
% Sometimes one might want to break up a code block into multiple
% pieces, but keep code in different blocks aligned with respect to
% each other. Then one can use the AgdaAlign environment. Example
% usage:
%
% \begin{AgdaAlign}
% \begin{code}
% code
% code (more code)
% \end{code}
% Explanation...
% \begin{code}
% aligned with "code"
% code (aligned with (more code))
% \end{code}
% \end{AgdaAlign}
%
% Note that AgdaAlign environments should not be nested.
%
% Sometimes one might also want to hide code in the middle of a code
% block. This can be accomplished in the following way:
%
% \begin{AgdaAlign}
% \begin{code}
% visible
% \end{code}
% \begin{code}[hide]
% hidden
% \end{code}
% \begin{code}
% visible
% \end{code}
% \end{AgdaAlign}
%
% However, the result may be ugly: extra space is perhaps inserted
% around the code blocks.
%
% The AgdaSuppressSpace environment ensures that extra space is only
% inserted before the first code block, and after the last one (but
% not if \AgdaNoSpaceAroundCode{} is used). Example usage:
%
% \begin{AgdaAlign}
% \begin{code}
% code
% more code
% \end{code}
% Explanation...
% \begin{AgdaSuppressSpace}
% \begin{code}
% aligned with "code"
% aligned with "more code"
% \end{code}
% \begin{code}[hide]
% hidden code
% \end{code}
% \begin{code}
% also aligned with "more code"
% \end{code}
% \end{AgdaSuppressSpace}
% \end{AgdaAlign}
%
% Note that AgdaSuppressSpace environments should not be nested.
%
% There is also a combined environment, AgdaMultiCode, that combines
% the effects of AgdaAlign and AgdaSuppressSpace.
% The number of the current/next code block (excluding hidden ones).
\newcounter{Agda@Current}
\setcounter{Agda@Current}{0}
% The number of the previous code block (excluding hidden ones), used
% locally in \Agda@SuppressEnd.
\newcounter{Agda@Previous}
% Is AgdaAlign active?
\newboolean{Agda@Align}
\setboolean{Agda@Align}{false}
% The number of the first code block (if any) in a given AgdaAlign
% environment.
\newcounter{Agda@AlignStart}
\newcommand{\Agda@AlignStart}{%
\ifthenelse{\boolean{Agda@Align}}{%
\PackageError{agda}{Nested AgdaAlign environments}{%
AgdaAlign and AgdaMultiCode environments must not be
nested.}}{%
\setboolean{Agda@Align}{true}%
\setcounter{Agda@AlignStart}{\value{Agda@Current}}}}
\newcommand{\Agda@AlignEnd}{\setboolean{Agda@Align}{false}}
\newenvironment{AgdaAlign}{%
\Agda@AlignStart{}}{%
\Agda@AlignEnd{}%
\ignorespacesafterend}
% Is AgdaSuppressSpace active?
\newboolean{Agda@Suppress}
\setboolean{Agda@Suppress}{false}
% The number of the first code block (if any) in a given
% AgdaSuppressSpace environment.
\newcounter{Agda@SuppressStart}
% Does a "do not suppress space after" label exist for the current
% code block? (This boolean is used locally in the code environment's
% implementation.)
\newboolean{Agda@DoNotSuppressSpaceAfter}
\newcommand{\Agda@SuppressStart}{%
\ifthenelse{\boolean{Agda@Suppress}}{%
\PackageError{agda}{Nested AgdaSuppressSpace environments}{%
AgdaSuppressSpace and AgdaMultiCode environments must not be
nested.}}{%
\setboolean{Agda@Suppress}{true}%
\setcounter{Agda@SuppressStart}{\value{Agda@Current}}}}
% Marks the given code block as one that space should not be
% suppressed after (if AgdaSpaceAroundCode and AgdaSuppressSpace are
% both active).
\newcommand{\Agda@DoNotSuppressSpaceAfter}[1]{%
% The use of labels is intended to ensure that LaTeX will provide a
% warning if the document needs to be recompiled.
\label{Agda@DoNotSuppressSpaceAfter@#1}}
\newcommand{\Agda@SuppressEnd}{%
\ifthenelse{\value{Agda@SuppressStart} = \value{Agda@Current}}{}{%
% Mark the previous code block in the .aux file.
\setcounter{Agda@Previous}{\theAgda@Current-1}%
\immediate\write\@auxout{%
\noexpand\Agda@DoNotSuppressSpaceAfter{\theAgda@Previous}}}%
\setboolean{Agda@Suppress}{false}}
\newenvironment{AgdaSuppressSpace}{%
\Agda@SuppressStart{}}{%
\Agda@SuppressEnd{}%
\ignorespacesafterend}
\newenvironment{AgdaMultiCode}{%
\Agda@AlignStart{}%
\Agda@SuppressStart{}}{%
\Agda@SuppressEnd{}%
\Agda@AlignEnd{}%
\ignorespacesafterend}
% Vertical space used for empty lines. By default \baselineskip.
\newlength{\AgdaEmptySkip}
\setlength{\AgdaEmptySkip}{\baselineskip}
% Extra space to be inserted for empty lines (the difference between
% \AgdaEmptySkip and \baselineskip). Used internally.
\newlength{\AgdaEmptyExtraSkip}
% The code environment.
%
% Code can be hidden by writing \begin{code}[hide].
%
% The implementation is based on plainhscode in lhs2TeX's
% polycode.fmt, written by Andres Löh.
\NewEnviron{code}[1][]{%
% Conditionally hide the code.
\ifthenelse{\equal{#1}{hide}}{}{%
%
% Conditionally emit space before the code block. Unconditionally
% switch to a new line.
\ifthenelse{\boolean{Agda@SpaceAroundCode} \and%
\(\not \boolean{Agda@Suppress} \or%
\value{Agda@SuppressStart} = \value{Agda@Current}\)}{%
\Agda@NewlineWithVerticalSpace{\abovedisplayskip}}{%
\Agda@NewlineWithVerticalSpace{0pt}}%
%
% Indent the entire code block.
\advance\leftskip\mathindent%
%
% The code's style can be customised.
\AgdaCodeStyle%
%
% Used to control the height of empty lines.
\setlength{\AgdaEmptyExtraSkip}{\AgdaEmptySkip - \baselineskip}%
%
% The environment used to handle indentation (of individual lines)
% and alignment.
\begin{pboxed}%
%
% Conditionally preserve alignment between code blocks.
\ifthenelse{\boolean{Agda@Align}}{%
\ifthenelse{\value{Agda@AlignStart} = \value{Agda@Current}}{%
\savecolumns}{%
\restorecolumns}}{}%
%
% The code.
\BODY%
\end{pboxed}%
%
% Does the label Agda@DoNotSuppressAfter@<current code block
% number> exist?
\ifcsdef{r@Agda@DoNotSuppressSpaceAfter@\theAgda@Current}{%
\setboolean{Agda@DoNotSuppressSpaceAfter}{true}}{%
\setboolean{Agda@DoNotSuppressSpaceAfter}{false}}%
%
% Conditionally emit space after the code block. Unconditionally
% switch to a new line.
\ifthenelse{\boolean{Agda@SpaceAroundCode} \and%
\(\not \boolean{Agda@Suppress} \or%
\boolean{Agda@DoNotSuppressSpaceAfter}\)}{%
\Agda@NewlineWithVerticalSpace{\belowdisplayskip}}{%
\Agda@NewlineWithVerticalSpace{0pt}}%
%
% Step the code block counter, but only for non-hidden code.
\stepcounter{Agda@Current}}}
% Space inserted after tokens.
\newcommand{\AgdaSpace}{ }
% Space inserted to indent something.
\newcommand{\AgdaIndentSpace}{\AgdaSpace{}$\;\;$}
% Default column for polytable.
\defaultcolumn{@{}l@{\AgdaSpace{}}}
% \AgdaIndent expects a non-negative integer as its only argument.
% This integer should be the distance, in code blocks, to the thing
% relative to which the text is indented.
%
% The default implementation only indents if the thing that the text
% is indented relative to exists in the same code block or is wrapped
% in the same AgdaAlign or AgdaMultiCode environment.
\newcommand{\AgdaIndent}[1]{%
\ifthenelse{#1 = 0
\or
\( \boolean{Agda@Align}
\and
\cnttest{\value{Agda@Current} - #1}{>=}{
\value{Agda@AlignStart}}
\)}{\AgdaIndentSpace{}}{}}
% Underscores are typeset using \AgdaUnderscore{}.
\newcommand{\AgdaUnderscore}{\_}
\endinput

BIN
papers/sbmf/copyright.pdf Normal file
View file

Binary file not shown.

32
papers/sbmf/extra.lagda Normal file
View file

@ -0,0 +1,32 @@
\section{Code}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/InherentIndices.png}
\caption{Indices}
\label{fig:indices}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/InherentSubst.png}
\caption{Substitution}
\label{fig:subst}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/InherentReductions.png}
\caption{Reductions}
\label{fig:reductions}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/InherentProgress.png}
\caption{Progress}
\label{fig:progress}
\end{figure}
\begin{figure}[t]
\includegraphics[width=\textwidth]{figures/InherentEval.png}
\caption{Evaluation}
\label{fig:eval}
\end{figure}

BIN
papers/sbmf/figures/InherentEval.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 168 KiB

BIN
papers/sbmf/figures/InherentIndices.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 105 KiB

BIN
papers/sbmf/figures/InherentProgress.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 120 KiB

BIN
papers/sbmf/figures/InherentReductions.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 148 KiB

BIN
papers/sbmf/figures/InherentSubst.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 208 KiB

BIN
papers/sbmf/figures/InherentTerms.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 135 KiB

BIN
papers/sbmf/figures/inherent.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
papers/sbmf/figures/plfa-eval.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 240 KiB

BIN
papers/sbmf/figures/plfa-progress-1.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 275 KiB

BIN
papers/sbmf/figures/plfa-progress-2.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 211 KiB

BIN
papers/sbmf/figures/plfa-progress-3.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 473 KiB

BIN
papers/sbmf/figures/plfa-progress-3a.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 360 KiB

BIN
papers/sbmf/figures/plfa-progress-3b.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 334 KiB

BIN
papers/sbmf/figures/raw.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
papers/sbmf/figures/sf-progress-1.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 379 KiB

BIN
papers/sbmf/figures/sf-progress-2.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 260 KiB

BIN
papers/sbmf/figures/sf-progress-3.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 86 KiB

1218
papers/sbmf/llncs.cls Executable file
View file

File diff suppressed because it is too large Load diff

35
papers/sbmf/query.lagda Normal file
View file

@ -0,0 +1,35 @@
Everyone on this list will be familiar with Progress and Preservation
for terms in a typed calculus. Write ∅ ⊢ M : A to indicate that term
M has type A for closed M.
Progress. If ∅ ⊢ M : A then either M is a value or M —→ N,
for some term N.
Preservation. If ∅ ⊢ M : A and M —→ N then ∅ ⊢ N : A.
It is easy to combine these two proofs into an evaluator.
Write —↠ for the transitive and reflexive closure of —→.
Evaluation. If ∅ ⊢ M : A, then for every natural number n,
either M —↠ V, where V is a value and the reduction sequence
has no more than n steps, or M —↠ N, where N is not a value
and the reduction sequence has n steps.
Evaluation implies that either M —↠ V or there is an infinite
sequence M —→ M₁ —→ M₂ —→ ... that never reduces to a value;
but this last result is not constructive, as deciding which of
the two results holds is not decidable.
An Agda implementation of Evaluation provides an evaluator for terms:
given a number n it will perform up to n steps of evaluation, stopping
early if a value is reached. This is entirely obvious (at least in
retrospect), but I have not seen it written down anywhere. For
instance, this approach is not exploited in Software Foundations to
evaluate terms (other methods are used instead). I have used it
in my draft textbook:
https:plfa.inf.ed.ac.uk
Questions: What sources in the literature should one cite for this
technique? How well-known is it as folklore?

245
papers/sbmf/reviews.txt Normal file
View file

@ -0,0 +1,245 @@
Dear Philip,
Thank you very much for having submitted to SBMF 2018.
We are glad to inform you that the paper "Programming Language
Foundations in Agda" has been accepted for presentation and inclusion
in the LNCS proceedings of SBMF 2018.
We have received 30 submissions to this edition of the conference,
accepting 14 submissions among them; each submission received a
minimum of three and a maximum of five review reports. Once again
congratulations for being among a select few!
We enclose below the review reports of your submission, provided by
our international program committee. Please consider them carefully
when preparing your camera-ready paper.
Please note that the camera-ready paper is due on September 11th, and
the deadline is strict. You will be invited to submit your final
manuscript via the EasyChair system. Please make sure that you use the
LNCS style file (without any manual modifications) for preparing the
camera-ready version and also include a signed copy of the LNCS
copyright form in your camera-ready submission.
Thank you very much again for having submitted your paper, and we are
looking forward to meeting you and listening to you at SBMF 2018.
Best regards -- Tiago Massoni and Mohammad Mousavi
PC Chairs of SBMF 2018
----------------------- REVIEW 1 ---------------------
PAPER: 14
TITLE: Programming Language Foundations in Agda
AUTHORS: Philip Wadler
Overall evaluation: 3 (strong accept)
----------- Overall evaluation -----------
This paper is an experience report about using the proof assistant
Agda to teach some basic topics in programming language theory,
following the lines of the book Software Foundations (SF) which uses
Coq. The Agda development discussed in the paper is part of a larger
development comprising a new textbook that uses Agda and covers some
of the topics of SF. There are three main contributions as I see
them. First, Agda is compared with Coq for suitability of teaching
this sort of material. Second, the paper spells out how constructive
proofs of progress and subject reduction can be composed in a simple
way to define an evaluator. Third, some arguments are given in favor
of using an inherently-typed representation of terms rather than raw
terms.
The comparison with Agda and Coq has no surprises for experts, but is
clearly written and should serve as a valuable guide to educators.
Key aspects of the two systems are explained, from the point of view
of teaching core PL concepts at an introductory level, and the paper
is likely to make a broad community aware of the newly developed
alternative to SF. The comparisons are interesting points, phrased
fairly and succinctly, and are based on substantial teaching
experience.
The direct use of progress plus subject reduction as the components of
an evaluator seems so obvious that it is surprising that, as the
author explains, it does not seem to be very widely known (and not
previously published). This part of the paper therefore provides
novel scientific content.
The discussion of inherently-typed term representation, and de Bruin
notation, is somewhat high level, less clear and less accessible to
non-experts than the other topics, but still interesting.
Details
The writing is excellent and I have only a few minor issues to point
out.
Given that the author aims to improve on SF, not merely reproduce it
in Agda, I suggest not settling for progress and preservation, but
also include some semantic type soundness result. The significance of
such results is well argued in Dreyer's invited talk at POPL 2018.
Perhaps the biggest contribution of the work reported here is the
possibility to do empirical studies of learning with two different
forms of interactive proving, as remarked near the top of page 11. I
encourage the author to pursue that.
- The first line of the abstract refers to SF as "the leading textbook
for formal methods". If there is evidence for that, it should be
mentioned in the paper; otherwise it should be watered down. Formal
methods is a broader field than the topics covered in SF, and SF is
not the only widely used textbook on those topics or others in
formal methods. [done]
- page 2 "Pierce and Benjamin" should be just Pierce [done]
- page 6 the first term in Fig 1 uses dot for application, which is
sufficiently nonstandard to deserve mention by the time the figure
is discussed; it doesn't become obvious until fig 2
- fig 2 could benefit with a bit more explanation of the formal
notation, for readers (like this reviewer) not familiar with Agda.
For example, on first glance it's surprising to see the identifier
progress re-defined, and back-tick empty-parens isn't obviously the
variable case. [done]
- page 13 comments about formatting, "All of the example ... output."
are not so interesting and could be omitted. [disagree]
- section 5 please consider showing some notation and explaining
inherently-typed terms in more detail
- page 13 "any proofs that appear in one..." is ambiguous. It could
refer to results that are only relevant to one but not the other, in
which case stripping them out could be an unfair comparison.
Perhaps you mean results that simply happen not to be stated and
proved in one of the two developments. [done]
----------------------- REVIEW 2 ---------------------
PAPER: 14
TITLE: Programming Language Foundations in Agda
AUTHORS: Philip Wadler
Overall evaluation: 2 (accept)
----------- Overall evaluation -----------
This paper reports an alternative to the Software Foundations book
(SF) by Pierce et al. The author claims that the language Agda is a
better vehicle to teaching the foundations of programming languages in
comparison to Coq. According to his experience using SF, much of the
learning effort goes to tactics. His textbook, Programming Language
Foundations in Agda, also provides an elegant way to get from
constructive proofs of preservation and progress to a prototype
evaluator.
As part of the "Experience reports regarding teaching formal methods"
of our Call for Paper, I think this work will introduce to the
audience a relevant alterantive to SF and an important new way to
teaching formal methods and programming languages.
----------------------- REVIEW 3 ---------------------
PAPER: 14
TITLE: Programming Language Foundations in Agda
AUTHORS: Philip Wadler
Overall evaluation: 2 (accept)
----------- Overall evaluation -----------
In this paper the author presents his personal experience on writing a
textbook covering the same material as the famous “Software
Foundations” in Agda instead of Coq. The main motivation to use Agda
is pedagogical. For understanding a Coq proof a student will typically
need to run the proof in an interactive prover. However, it should be
possible for a student to read an Agda proof without running it in a
prover. For the modest size proofs that the textbook uses the lengths
of the proofs are quite comparable. The author has given some
comparisons between the the two textbooks in Section 3. Sections 4 and
5 present some of the decisions that the author has made in writing
the book (prototype evaluator and inherent typing). The paper in
general is a pleasant read and the comparisons between the books are
interesting. I tend to agree with Nate Foster that it is certainly
interesting to empirically evaluate the reluctance of the students to
use theorem provers. Such an evaluation can quite a strong case for
writing the new book.
-------------------------------------------------------
Paper: 14
Authors: Philip Wadler
Title: Programming Language Foundations in Agda
-------------------------------------------------------
Dear Philip,
You have already received the comments by the reviewers in a
previous email. Please take them carefully into account when
preparing your camera-ready paper for the proceedings. The final
paper and the signed copyright form are due on
September 11, 2018
This is a firm deadline for the production of the proceedings.
You should submit your paper using your EasyChair proceedings
author role for SBMF 2018.
1. FINAL PAPER: Please submit the files belonging to your
camera-ready paper using your EasyChair author account. Follow
the instructions after the login for uploading two files:
(1) either a zipped file containing all your LaTeX sources or
a Word file in the RTF format, and
(2) the PDF version of your camera-ready paper
Please follow strictly
the author instructions of Springer-Verlag when preparing the
final version:
http://www.springer.de/comp/lncs/authors.html
Our publisher has recently introduced an extra control loop: once
data processing is finished, they will contact all corresponding
authors and ask them to check their papers. We expect this to
happen shortly before the printing of the proceedings. At that
time your quick interaction with Springer-Verlag will be greatly
appreciated.
2. COPYRIGHT: Please upload a signed and completed copyright form
to us as soon as possible. The Springer copyright forms can be
found at
https://resource-cms.springernature.com/springer-cms/rest/v1/content/15433008/data/Contract_Book_Contributor_Consent_to_Publish_LNCS_SIP
It is sufficient for one of the authors to sign the copyright
form. You can scan the form into PDF or any other standard image
format.
We greatly appreciate your cooperation in these matters. Thank
you again for your contribution to SBMF 2018.
All questions about papers should be sent to the volume editors
Tiago Massoni <massoni@computacao.ufcg.edu.br> and
Mohammadreza Mousavi <mm789@leicester.ac.uk>.
Sincerely,
-- Tiago Massoni and
Mohammad Mousavi
The LNCS edition will allow papers to present up to two (2) extra
pages in their final version, so you may use this to better
accommodate changes required by the reviews.
Regards,
Tiago and Mohammad.

1508
papers/sbmf/splncsnat.bst Normal file
View file

File diff suppressed because it is too large Load diff

20
papers/sbmf/text.lagda Normal file
View file

@ -0,0 +1,20 @@
\documentclass{article}
\usepackage{bbm}
\usepackage[greek,english]{babel}
\usepackage{ucs}
\usepackage[utf8x]{inputenc}
\usepackage{autofe}
\usepackage{agda}
\begin{document}
\begin{code}
data αβγδεζθικλμνξρστυφχψω : Set₁ where
postulate
→⇒⇛⇉⇄↦⇨↠⇀⇁ : Set
\end{code}
\[
∀X [ ∅ ∉ X ⇒ ∃f:X ⟶ X\ ∀A ∈ X (f(A) ∈ A) ]
\]
\end{document}

20
papers/scp/Makefile Normal file
View file

@ -0,0 +1,20 @@
.PHONY : default %.pdf clean realclean
.PRECIOUS : %.tex
default : PLFA.pdf
PLFA.pdf : PLFA.tex PLFA.bib
pdflatex PLFA
bibtex PLFA
pdflatex PLFA
bibtex PLFA
pdflatex PLFA
final.zip : PLFA.tex PLFA.bib
zip final.zip agda.sty llncs.cls PLFA.tex PLFA.bib splncsnat.bst figures/plfa-*.png figures/sf-*.png figures/raw.png figures/inherent.png
clean:
rm -f *.aux *.log *.out *.ptb *.blg *.fdb_latexmk *.agdai *.fls
realclean: clean
rm -f *.glob *.vo *.bbl latex/* PLFA.pdf

1080
papers/scp/PLFA-submitted.tex Executable file
View file

File diff suppressed because it is too large Load diff

452
papers/scp/PLFA.bib Normal file
View file

@ -0,0 +1,452 @@
@inproceedings{Allais-et-al-2017,
title={Type-and-scope safe programs and their proofs},
author={Allais, Guillaume and Chapman, James and McBride, Conor and McKinna, James},
booktitle={Proceedings of the 6th ACM SIGPLAN Conference on Certified Programs and Proofs},
pages={195--207},
year={2017},
organization={ACM}
}
@inproceedings{Altenkirch-and-Reus-1999,
title={Monadic presentations of lambda terms using generalized inductive types},
author={Altenkirch, Thorsten and Reus, Bernhard},
booktitle={International Workshop on Computer Science Logic},
pages={453--468},
year={1999},
organization={Springer}
}
@article{Avigad-and-Harrison-2014,
title={Formally verified mathematics},
author={Avigad, Jeremy and Harrison, John},
journal={Communications of the ACM},
volume={57},
number={4},
pages={66--75},
year={2014},
publisher={ACM}
}
@inproceedings{Aydemir-et-al-2005,
title={Mechanized metatheory for the masses: the PoplMark challenge},
author={Aydemir, Brian E and Bohannon, Aaron and Fairbairn, Matthew and Foster, J Nathan and Pierce, Benjamin C and Sewell, Peter and Vytiniotis, Dimitrios and Washburn, Geoffrey and Weirich, Stephanie and Zdancewic, Steve},
booktitle={International Conference on Theorem Proving in Higher Order Logics},
pages={50--65},
year={2005},
organization={Springer}
}
@inproceedings{Berger-1993,
title={Program extraction from normalization proofs},
author={Berger, Ulrich},
booktitle={International Conference on Typed Lambda Calculi and Applications},
pages={91--106},
year={1993},
organization={Springer}
}
@inproceedings{Bove-and-Capretta-2001,
title={Nested general recursion and partiality in type theory},
author={Bove, Ana and Capretta, Venanzio},
booktitle={International Conference on Theorem Proving in Higher Order Logics},
pages={121--125},
year={2001},
organization={Springer}
}
@inproceedings{Bove-et-al-2009,
title={A brief overview of Agda--a functional language with dependent types},
author={Bove, Ana and Dybjer, Peter and Norell, Ulf},
booktitle={International Conference on Theorem Proving in Higher Order Logics},
pages={73--78},
year={2009},
organization={Springer}
}
@article{Capretta-2005,
title={General recursion via coinductive types},
author={Venanzio Capretta},
journal={Logical Methods in Computer Science},
volume={1},
number={2},
year={2005}
}
@phdthesis{Chapman-2009,
title={Type checking and normalisation},
author={Chapman, James Maitland},
year={2009},
school={University of Nottingham}
}
@inproceedings{Danas-et-al-2017,
title={User Studies of Principled Model Finder Output},
author={Danas, Natasha and Nelson, Tim and Harrison, Lane and Krishnamurthi, Shriram and Dougherty, Daniel J},
booktitle={International Conference on Software Engineering and Formal Methods},
pages={168--184},
year={2017},
organization={Springer}
}
@inproceedings{Dagand-and-Scherer-2015,
title={Normalization by realizability also evaluates},
author={Dagand, Pierre-{\'E}variste and Scherer, Gabriel},
booktitle={Vingt-sixi{\`e}mes Journ{\'e}es Francophones des Langages Applicatifs (JFLA 2015)},
year={2015}
}
@book {Felleisen-et-al-2009,
title = {Semantics engineering with PLT Redex},
author = {Felleisen, Matthias and Findler, Robert Bruce and Flatt, Matthew},
year = {2009},
publisher = {By Press}
}
@techreport{Goguen-and-McKinna-1997,
title={Candidates for substitution},
author={Goguen, Healfdene and McKinna, James},
institution={Laboratory for Foundations of Computer Science, University of Edinburgh},
year={1997}
}
@incollection{Gonthier-2008,
title={The four colour theorem: Engineering of a formal proof},
author={Gonthier, Georges},
booktitle={Computer mathematics},
pages={333--333},
year={2008},
publisher={Springer}
}
@inproceedings{Gonthier-et-al-2013,
title={A machine-checked proof of the odd order theorem},
author={Gonthier, Georges and Asperti, Andrea and Avigad, Jeremy and others},
booktitle={International Conference on Interactive Theorem Proving},
pages={163--179},
year={2013},
organization={Springer}
}
@inproceedings{Hales-et-al-2017,
title={A formal proof of the {K}epler conjecture},
author={Hales, Thomas and Adams, Mark and Bauer, Gertrud and Dang, Tat Dat and Harrison, John and Le Truong, Hoang and Kaliszyk, Cezary and Magron, Victor and McLaughlin, Sean and Nguyen, Tat Thang and others},
booktitle={Forum of Mathematics, Pi},
volume={5},
year={2017},
organization={Cambridge University Press}
}
@book{Harper-2016,
title={Practical foundations for programming languages},
author={Harper, Robert},
year={2016},
publisher={Cambridge University Press}
}
@article{Huet-et-al-1997,
title={The {C}oq proof assistant a tutorial},
author={Huet, G{\'e}rard and Kahn, Gilles and Paulin-Mohring, Christine},
journal={Rapport Technique},
volume={178},
year={1997}
}
@inproceedings{Kastner-et-al-2017,
title={Closing the gap--the formally verified optimizing compiler CompCert},
author={K{\"a}stner, Daniel and Leroy, Xavier and Blazy, Sandrine and Schommer, Bernhard and Schmidt, Michael and Ferdinand, Christian},
booktitle={SSS'17: Safety-critical Systems Symposium 2017},
pages={163--180},
year={2017},
organization={CreateSpace}
}
@misc{Kiselyov-2009,
author={Oleg Kiselyov},
title={Formalizing languages, mechanizing type-soundess and other meta-theoretic proofs},
note={unpublished manuscript},
url={http://okmij.org/ftp/formalizations/index.html},
year={2009}
}
@inproceedings{Klein-2009,
title={seL4: Formal verification of an OS kernel},
author={Klein, Gerwin and Elphinstone, Kevin and Heiser, Gernot and Andronick, June and Cock, David and Derrin, Philip and Elkaduwe, Dhammika and Engelhardt, Kai and Kolanski, Rafal and Norrish, Michael and others},
booktitle={Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles},
pages={207--220},
year={2009},
organization={ACM}
}
@article{Leroy-2009,
title={Formal verification of a realistic compiler},
author={Leroy, Xavier},
journal={Communications of the ACM},
volume={52},
number={7},
pages={107--115},
year={2009},
publisher={ACM}
}
@misc{McBride-2005,
title={Type-preserving renaming and substitution},
author={McBride, Conor},
note={unpublished manuscript},
url={https://personal.cis.strath.ac.uk/conor.mcbride/ren-sub.pdf},
year={2005}
}
@inproceedings{McBride-2015,
title={Turing-completeness totally free},
author={McBride, Conor},
booktitle={International Conference on Mathematics of Program Construction},
pages={257--275},
year={2015},
organization={Springer}
}
@article{McBride-and-McKinna-2004,
title={The view from the left},
author={McBride, Conor and McKinna, James},
journal={Journal of functional programming},
volume={14},
number={1},
pages={69--111},
year={2004},
publisher={Cambridge University Press}
}
@inproceedings{O'Connor-2016,
title={Refinement through restraint: Bringing down the cost of verification},
author={O'Connor, Liam and Chen, Zilin and Rizkallah, Christine and Amani, Sidney and Lim, Japheth and Murray, Toby and Nagashima, Yutaka and Sewell, Thomas and Klein, Gerwin},
booktitle={ICFP},
pages={89--102},
year={2016}
}
@inproceedings{Owens-et-al-2016,
title={Functional big-step semantics},
author={Owens, Scott and Myreen, Magnus O and Kumar, Ramana and Tan, Yong Kiam},
booktitle={European Symposium on Programming},
pages={589--615},
year={2016},
organization={Springer}
}
@book{Pierce-2002,
title={Types and programming languages},
author={Pierce, Benjamin C},
year={2002},
publisher={MIT press}
}
@inproceedings{Pierce-2009,
title={Lambda, {T}he {U}ltimate {TA}},
author={Pierce, Benjamin C},
booktitle={ICFP},
pages={121--22},
year={2009}
}
@book{Pierce-et-al-2010,
title={Software foundations},
author={Benjamin C Pierce and Chris Casinghino and Marco Gaboardi and Michael Greenberg and C{\u{a}}t{\u{a}}lin Hri{\c{t}}cu and Vilhelm Sj{\"o}berg and Brent Yorgey},
url={http://www.cis.upenn.edu/bcpierce/sf/current/index.html},
year={2010}
}
@inproceedings{Pitts-2010,
title={Step-indexed biorthogonality: a tutorial example},
author={Pitts, Andrew M},
booktitle={Dagstuhl Seminar Proceedings},
year={2010},
organization={Schloss Dagstuhl-Leibniz-Zentrum f{\~A}$1/4$r Informatik}
}
@article{Plotkin-1977,
title={LCF considered as a programming language},
author={Plotkin, Gordon D.},
journal={Theoretical Computer Science},
volume={5},
number={3},
pages={223--255},
year={1977},
publisher={Elsevier}
}
@article{Rosu-Serbanuta-2010,
title={An Overview of the {K} Semantic Framework},
author={Grigore Ro{\c s}u and Traian Florin {\c S}erb{\u a}nu{\c t}{\u a} },
journal={Journal of Logic and Algebraic Programming},
volume={79},
number={6},
pages={397--434},
year={2010}
}
@book{Stump-2016,
title={Verified functional programming in Agda},
author={Stump, Aaron},
year={2016},
publisher={Morgan \& Claypool}
}
@article{Wright-and-Felleisen-1994,
title={A syntactic approach to type soundness},
author={Wright, Andrew K and Felleisen, Matthias},
journal={Information and computation},
volume={115},
number={1},
pages={38--94},
year={1994},
publisher={San Diego: Academic Press, c1987-}
}
@article{Abadi-1991,
Author = {Abadi, M. and Cardelli, L. and Curien, P.-L. and Levy, J.-J.},
Journal = {Journal of Functional Programming},
Number = {4},
Pages = {375-416},
Title = {Explicit Substitutions},
Volume = {1},
Year = {1991}}
@book{Barendregt-1984,
Author = {H.P. Barendregt},
Publisher = {Elsevier},
Series = {Studies in Logic},
Title = {The Lambda Calculus},
Volume = {103},
Year = {1984}}
@inproceedings{Schafer-Tebbi-Smolka-2015,
Author = {Steven Sch{\"{a}}fer and Tobias Tebbi and Gert Smolka},
Booktitle = {Interactive Theorem Proving - 6th International Conference},
Month = {August},
Pages = {359--374},
Publisher = {Springer},
Series = {ITP},
Title = {Autosubst: Reasoning with de Bruijn Terms and Parallel Substitutions},
Year = {2015}}
@techreport{Pfenning-1992,
Address = {Pittsburgh, PA, USA},
Author = {Pfenning, Frank},
Institution = {Carnegie Mellon University},
Number = {CMU-CS-92-186},
Title = {A Proof of the Church-Rosser Theorem and Its Representation in a Logical Framework},
Year = {1992}}
@article{Siek-2017,
Author = {Jeremy G. Siek},
Journal = {CoRR},
Number = {4},
Title = {Revisiting Elementary Denotational Semantics},
Volume = {abs/1707.03762},
Year = {2017}}
@article{Scott-1976,
Author = {Dana Scott},
Journal = {SIAM Journal on Computing},
Number = {3},
Pages = {522-587},
Title = {Data Types as Lattices},
Volume = {5},
Year = {1976}}
@article{Engeler-1981,
Author = {Engeler, Erwin},
Journal = {algebra universalis},
Month = {Dec},
Number = {1},
Pages = {389--392},
Title = {Algebras and combinators},
Volume = {13},
Year = {1981}}
@article{Plotkin-1993,
Author = {Gordon D. Plotkin},
Journal = {Theoretical Computer Science},
Number = {1},
Pages = {351 - 409},
Title = {Set-theoretical and other elementary models of the λ-calculus},
Volume = {121},
Year = {1993}}
@article{Barendregt-1983,
Author = {Henk Barendregt and Mario Coppo and Mariangiola Dezani-Ciancaglini},
Journal = {Journal of Symbolic Logic},
Month = {12},
Number = {4},
Pages = {931-940},
Title = {A filter lambda model and the completeness of type assignment},
Volume = {48},
Year = {1983}}
@inproceedings{Kokke-2015,
abstract = {As proofs in type theory become increasingly
complex, there is a growing need to provide better
proof automation. This paper shows how to implement
a Prolog-style resolution procedure in the
dependently typed programming language
Agda. Connecting this resolution procedure to Agdas
reflection mechanism provides a first-class proof
search tactic for first-order Agda terms. As a
result, writing proof automation tactics need not be
different from writing any other program. },
year = {2015},
month = jun,
isbn = {978-3-319-19796-8},
booktitle = {Mathematics of Program Construction},
volume = {9129},
series = {Lecture Notes in Computer Science},
editor = {Hinze, Ralf and Voigtländer, Janis},
doi = {10.1007/978-3-319-19797-5_14},
title = {Auto in Agda: Programming Proof Search Using Reflection},
url = {https://wenkokke.github.io/pubs/mpc2015.pdf},
publisher = {Springer International Publishing},
author = {Wen Kokke and Wouter Swierstra},
pages = {276-301}}
@thesis{Kidney-2019,
address = {Cork, Ireland},
type = {Bachelor thesis},
title = {Automatically and {Efficiently} {Illustrating} {Polynomial} {Equalities} in {Agda}},
url = {https://doisinkidney.com/pdfs/bsc-thesis.pdf},
abstract = {We present a new library which automates the construction of equivalence proofs between polynomials over commutative rings and semirings in the programming language Agda [20]. It is signi cantly faster than Agdas existing solver. We use re ection to provide a sim- ple interface to the solver, and demonstrate how to use the constructed proofs to provide step-by-step solutions.},
language = {en},
school = {University College Cork},
author = {Kidney, Donnacha Oisín},
month = apr,
year = {2019}}
@incollection{Reynolds-2003,
title={What do types mean?--From intrinsic to extrinsic semantics},
author={John C Reynolds},
booktitle={Programming methodology},
pages={309--327},
year={2003},
publisher={Springer}
}
@inproceedings{Wadler-2018,
author = {Philip Wadler},
title = {Programming Language Foundations in Agda},
editors = {Tiago Massoni and Mohammad Mousavi},
booktitle = {Formal Methods: Foundations and Applications (SBMF 2018)},
series = {Lecture Notes in Computer Science},
volume = {11254},
publisher = {Springer},
year = {2018}
}

1076
papers/scp/PLFA.tex Executable file
View file

File diff suppressed because it is too large Load diff

23
papers/scp/README.txt Normal file
View file

@ -0,0 +1,23 @@
Look at the following when revising the paper.
On 2018-07-07 00:45, Philip Wadler wrote:
Indeed, I considered using Delay for the evaluator in the textbook,
but decided that supplying a step count was simpler, and avoided the
need to explain coinduction.
In "Operational Semantics Using the Partiality Monad"
(https://doi.org/10.1145/2364527.2364546) I defined the semantics of an
untyped language by giving a definitional interpreter, using the delay
monad. Then I proved type soundness for this language as a negative
statement (using a more positive lemma):
[] ⊢ t ∈ σ → ¬ (⟦ t ⟧ [] ≈ fail)
Thus, instead of starting with type soundness and deriving an evaluator,
I started with an evaluator and proved type soundness.
This kind of exercise has also been performed using fuel, see Siek's
"Type Safety in Three Easy Lemmas"
(http://siek.blogspot.com/2013/05/type-safety-in-three-easy-lemmas.html)
and "Functional Big-Step Semantics" by Owens et al.
(https://doi.org/10.1007/978-3-662-49498-1_23).

BIN
papers/scp/SCICO-S-19-00290.pdf Normal file
View file

Binary file not shown.

691
papers/scp/agda.sty Normal file
View file

@ -0,0 +1,691 @@
% ----------------------------------------------------------------------
% Some useful commands when doing highlighting of Agda code in LaTeX.
% ----------------------------------------------------------------------
\ProvidesPackage{agda}
\RequirePackage{ifxetex, ifluatex, xifthen, xcolor, polytable, etoolbox,
calc, environ}
% https://tex.stackexchange.com/questions/47576/combining-ifxetex-and-ifluatex-with-the-logical-or-operation
\newif\ifxetexorluatex
\ifxetex
\xetexorluatextrue
\else
\ifluatex
\xetexorluatextrue
\else
\xetexorluatexfalse
\fi
\fi
% ----------------------------------------------------------------------
% Options
\DeclareOption{bw} {\newcommand{\AgdaColourScheme}{bw}}
\DeclareOption{conor}{\newcommand{\AgdaColourScheme}{conor}}
\newif\if@AgdaEnableReferences\@AgdaEnableReferencesfalse
\DeclareOption{references}{
\@AgdaEnableReferencestrue
}
\newif\if@AgdaEnableLinks\@AgdaEnableLinksfalse
\DeclareOption{links}{
\@AgdaEnableLinkstrue
}
% If the "nofontsetup" option is used, then the package does not
% select any fonts, and it does not change the font encoding.
\newif\if@AgdaSetupFonts\@AgdaSetupFontstrue
\DeclareOption{nofontsetup}{
\@AgdaSetupFontsfalse
}
% If the "noinputencodingsetup" option is used, then the package does
% not change the input encoding, and it does not load the `ucs`
% package.
\newif\if@AgdaSetupInputEncoding\@AgdaSetupInputEncodingtrue
\DeclareOption{noinputencodingsetup}{
\@AgdaSetupInputEncodingfalse
}
\ProcessOptions\relax
% ----------------------------------------------------------------------
% Input encoding setup
\if@AgdaSetupInputEncoding
\ifxetexorluatex
\providecommand{\DeclareUnicodeCharacter}[2]{\relax}
\else
\RequirePackage{ucs}
\RequirePackage[utf8x]{inputenc}
\fi
\fi
% ----------------------------------------------------------------------
% Font setup
\tracinglostchars=2 % If the font is missing some symbol, then say
% so in the compilation output.
\if@AgdaSetupFonts
% XeLaTeX or LuaLaTeX
\ifxetexorluatex
% Hack to get the amsthm package working.
% https://tex.stackexchange.com/questions/130491/xelatex-error-paragraph-ended-before-tempa-was-complete
\let\AgdaOpenBracket\[\let\AgdaCloseBracket\]
\RequirePackage{fontspec}
\let\[\AgdaOpenBracket\let\]\AgdaCloseBracket
\RequirePackage{unicode-math}
\setmainfont
[ Ligatures = TeX
, BoldItalicFont = xits-bolditalic.otf
, BoldFont = xits-bold.otf
, ItalicFont = xits-italic.otf
]
{xits-regular.otf}
\setmathfont{xits-math.otf}
\setmonofont[Mapping=tex-text]{FreeMono.otf}
% Make mathcal and mathscr appear as different.
% https://tex.stackexchange.com/questions/120065/xetex-what-happened-to-mathcal-and-mathscr
\setmathfont[range={\mathcal,\mathbfcal},StylisticSet=1]{xits-math.otf}
\setmathfont[range=\mathscr]{xits-math.otf}
% pdfLaTeX
\else
% https://tex.stackexchange.com/questions/1774/how-to-insert-pipe-symbol-in-latex
\RequirePackage[T1]{fontenc}
\RequirePackage{amsfonts, amssymb}
\RequirePackage[safe]{tipa} % See page 12 of the tipa manual for what
% safe does.
\fi
\fi
% ----------------------------------------------------------------------
% Colour schemes.
\providecommand{\AgdaColourScheme}{standard}
% ----------------------------------------------------------------------
% References to code (needs additional post-processing of tex files to
% work, see wiki for details).
\if@AgdaEnableReferences
\RequirePackage{catchfilebetweentags, xstring}
\newcommand{\AgdaRef}[2][]{%
\StrSubstitute{#2}{\_}{AgdaUnderscore}[\tmp]%
\ifthenelse{\isempty{#1}}%
{\ExecuteMetaData{AgdaTag-\tmp}}%
{\ExecuteMetaData{#1}{AgdaTag-\tmp}}
}
\fi
\providecommand{\AgdaRef}[2][]{#2}
% ----------------------------------------------------------------------
% Links (only done if the option is passed and the user has loaded the
% hyperref package).
\if@AgdaEnableLinks
\@ifpackageloaded{hyperref}{
% List that holds added targets.
\newcommand{\AgdaList}[0]{}
\newtoggle{AgdaIsElem}
\newcounter{AgdaIndex}
\newcommand{\AgdaLookup}[3]{%
\togglefalse{AgdaIsElem}%
\setcounter{AgdaIndex}{0}%
\renewcommand*{\do}[1]{%
\ifstrequal{#1}{##1}%
{\toggletrue{AgdaIsElem}\listbreak}%
{\stepcounter{AgdaIndex}}}%
\dolistloop{\AgdaList}%
\iftoggle{AgdaIsElem}{#2}{#3}%
}
\newcommand*{\AgdaTargetHelper}[1]{%
\AgdaLookup{#1}%
{\PackageError{agda}{``#1'' used as target more than once}%
{Overloaded identifiers and links do not%
work well, consider using unique%
\MessageBreak identifiers instead.}%
}%
{\listadd{\AgdaList}{#1}%
\hypertarget{Agda\theAgdaIndex}{}%
}%
}
\newcommand{\AgdaTarget}[1]{\forcsvlist{\AgdaTargetHelper}{#1}}
\newcommand{\AgdaLink}[1]{%
\AgdaLookup{#1}%
{\hyperlink{Agda\theAgdaIndex}{#1}}%
{#1}%
}
}{\PackageError{agda}{Load the hyperref package before the agda package}{}}
\fi
\providecommand{\AgdaTarget}[1]{}
\providecommand{\AgdaLink}[1]{#1}
% ----------------------------------------------------------------------
% Font styles.
\ifxetexorluatex
\newcommand{\AgdaFontStyle}[1]{\ensuremath{\mathsf{#1}}}
\ifthenelse{\equal{\AgdaColourScheme}{bw}}{
\newcommand{\AgdaKeywordFontStyle}[1]{\underline{#1}}
}{
\newcommand{\AgdaKeywordFontStyle}[1]{\ensuremath{\mathsf{#1}}}
}
\newcommand{\AgdaStringFontStyle}[1]{\ensuremath{\texttt{#1}}}
\newcommand{\AgdaCommentFontStyle}[1]{\ensuremath{\texttt{#1}}}
\newcommand{\AgdaBoundFontStyle}[1]{\ensuremath{\mathit{#1}}}
\else
\newcommand{\AgdaFontStyle}[1]{\textsf{#1}}
\ifthenelse{\equal{\AgdaColourScheme}{bw}}{
\newcommand{\AgdaKeywordFontStyle}[1]{\underline{#1}}
}{
\newcommand{\AgdaKeywordFontStyle}[1]{\textsf{#1}}
}
\newcommand{\AgdaStringFontStyle}[1]{\texttt{#1}}
\newcommand{\AgdaCommentFontStyle}[1]{\texttt{#1}}
\newcommand{\AgdaBoundFontStyle}[1]{\textit{#1}}
\fi
% ----------------------------------------------------------------------
% Colours.
% ----------------------------------
% The black and white colour scheme.
\ifthenelse{\equal{\AgdaColourScheme}{bw}}{
% Aspect colours.
\definecolor{AgdaComment} {HTML}{000000}
\definecolor{AgdaOption} {HTML}{000000}
\definecolor{AgdaKeyword} {HTML}{000000}
\definecolor{AgdaString} {HTML}{000000}
\definecolor{AgdaNumber} {HTML}{000000}
\definecolor{AgdaSymbol} {HTML}{000000}
\definecolor{AgdaPrimitiveType}{HTML}{000000}
% NameKind colours.
\definecolor{AgdaBound} {HTML}{000000}
\definecolor{AgdaInductiveConstructor} {HTML}{000000}
\definecolor{AgdaCoinductiveConstructor}{HTML}{000000}
\definecolor{AgdaDatatype} {HTML}{000000}
\definecolor{AgdaField} {HTML}{000000}
\definecolor{AgdaFunction} {HTML}{000000}
\definecolor{AgdaMacro} {HTML}{000000}
\definecolor{AgdaModule} {HTML}{000000}
\definecolor{AgdaPostulate} {HTML}{000000}
\definecolor{AgdaPrimitive} {HTML}{000000}
\definecolor{AgdaRecord} {HTML}{000000}
\definecolor{AgdaArgument} {HTML}{000000}
% Other aspect colours.
\definecolor{AgdaDottedPattern} {HTML}{000000}
\definecolor{AgdaUnsolvedMeta} {HTML}{D3D3D3}
\definecolor{AgdaTerminationProblem}{HTML}{BEBEBE}
\definecolor{AgdaIncompletePattern} {HTML}{D3D3D3}
\definecolor{AgdaError} {HTML}{696969}
% Misc.
\definecolor{AgdaHole} {HTML}{BEBEBE}
% ----------------------------------
% Conor McBride's colour scheme.
}{ \ifthenelse{\equal{\AgdaColourScheme}{conor}}{
% Aspect colours.
\definecolor{AgdaComment} {HTML}{B22222}
\definecolor{AgdaOption} {HTML}{000000}
\definecolor{AgdaKeyword} {HTML}{000000}
\definecolor{AgdaString} {HTML}{000000}
\definecolor{AgdaNumber} {HTML}{000000}
\definecolor{AgdaSymbol} {HTML}{000000}
\definecolor{AgdaPrimitiveType}{HTML}{0000CD}
% NameKind colours.
\definecolor{AgdaBound} {HTML}{A020F0}
\definecolor{AgdaInductiveConstructor} {HTML}{8B0000}
\definecolor{AgdaCoinductiveConstructor}{HTML}{8B0000}
\definecolor{AgdaDatatype} {HTML}{0000CD}
\definecolor{AgdaField} {HTML}{8B0000}
\definecolor{AgdaFunction} {HTML}{006400}
\definecolor{AgdaMacro} {HTML}{006400}
\definecolor{AgdaModule} {HTML}{006400}
\definecolor{AgdaPostulate} {HTML}{006400}
\definecolor{AgdaPrimitive} {HTML}{006400}
\definecolor{AgdaRecord} {HTML}{0000CD}
\definecolor{AgdaArgument} {HTML}{404040}
% Other aspect colours.
\definecolor{AgdaDottedPattern} {HTML}{000000}
\definecolor{AgdaUnsolvedMeta} {HTML}{FFD700}
\definecolor{AgdaTerminationProblem}{HTML}{FF0000}
\definecolor{AgdaIncompletePattern} {HTML}{A020F0}
\definecolor{AgdaError} {HTML}{F4A460}
% Misc.
\definecolor{AgdaHole} {HTML}{9DFF9D}
% ----------------------------------
% The standard colour scheme.
}{
% Aspect colours.
\definecolor{AgdaComment} {HTML}{B22222}
\definecolor{AgdaOption} {HTML}{000000}
\definecolor{AgdaKeyword} {HTML}{CD6600}
\definecolor{AgdaString} {HTML}{B22222}
\definecolor{AgdaNumber} {HTML}{A020F0}
\definecolor{AgdaSymbol} {HTML}{404040}
\definecolor{AgdaPrimitiveType}{HTML}{0000CD}
% NameKind colours.
\definecolor{AgdaBound} {HTML}{000000}
\definecolor{AgdaInductiveConstructor} {HTML}{008B00}
\definecolor{AgdaCoinductiveConstructor}{HTML}{8B7500}
\definecolor{AgdaDatatype} {HTML}{0000CD}
\definecolor{AgdaField} {HTML}{EE1289}
\definecolor{AgdaFunction} {HTML}{0000CD}
\definecolor{AgdaMacro} {HTML}{458B74}
\definecolor{AgdaModule} {HTML}{A020F0}
\definecolor{AgdaPostulate} {HTML}{0000CD}
\definecolor{AgdaPrimitive} {HTML}{0000CD}
\definecolor{AgdaRecord} {HTML}{0000CD}
\definecolor{AgdaArgument} {HTML}{404040}
% Other aspect colours.
\definecolor{AgdaDottedPattern} {HTML}{000000}
\definecolor{AgdaUnsolvedMeta} {HTML}{FFFF00}
\definecolor{AgdaTerminationProblem}{HTML}{FFA07A}
\definecolor{AgdaIncompletePattern} {HTML}{F5DEB3}
\definecolor{AgdaError} {HTML}{FF0000}
% Misc.
\definecolor{AgdaHole} {HTML}{9DFF9D}
}}
% ----------------------------------------------------------------------
% Commands.
\newcommand{\AgdaNoSpaceMath}[1]
{\begingroup\thickmuskip=0mu\medmuskip=0mu#1\endgroup}
% Aspect commands.
\newcommand{\AgdaComment} [1]
{\AgdaNoSpaceMath{\AgdaCommentFontStyle{\textcolor{AgdaComment}{#1}}}}
\newcommand{\AgdaOption} [1]
{\AgdaNoSpaceMath{\AgdaCommentFontStyle{\textcolor{AgdaOption}{#1}}}}
\newcommand{\AgdaKeyword} [1]
{\AgdaNoSpaceMath{\AgdaKeywordFontStyle{\textcolor{AgdaKeyword}{#1}}}}
\newcommand{\AgdaString} [1]
{\AgdaNoSpaceMath{\AgdaStringFontStyle{\textcolor{AgdaString}{#1}}}}
\newcommand{\AgdaNumber} [1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaNumber}{#1}}}}
\newcommand{\AgdaSymbol} [1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaSymbol}{#1}}}}
\newcommand{\AgdaPrimitiveType}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaPrimitiveType}{#1}}}}
% Note that, in code generated by the LaTeX backend, \AgdaOperator is
% always applied to a NameKind command.
\newcommand{\AgdaOperator} [1]{#1}
% NameKind commands.
% The user can control the typesetting of (certain) individual tokens
% by redefining the following command. The first argument is the token
% and the second argument the thing to be typeset (sometimes just the
% token, sometimes \AgdaLink{<the token>}). Example:
%
% \usepackage{ifthen}
%
% % Insert extra space before some tokens.
% \DeclareRobustCommand{\AgdaFormat}[2]{%
% \ifthenelse{
% \equal{#1}{≡⟨} \OR
% \equal{#1}{≡⟨⟩} \OR
% \equal{#1}{∎}
% }{\ }{}#2}
%
% Note the use of \DeclareRobustCommand.
\newcommand{\AgdaFormat}[2]{#2}
\newcommand{\AgdaBound}[1]
{\AgdaNoSpaceMath{\AgdaBoundFontStyle{\textcolor{AgdaBound}{\AgdaFormat{#1}{#1}}}}}
\newcommand{\AgdaInductiveConstructor}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaInductiveConstructor}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaCoinductiveConstructor}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaCoinductiveConstructor}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaDatatype}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaDatatype}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaField}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaField}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaFunction}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaFunction}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaMacro}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaMacro}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaModule}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaModule}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaPostulate}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaPostulate}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaPrimitive}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaPrimitive}{\AgdaFormat{#1}{#1}}}}}
\newcommand{\AgdaRecord}[1]
{\AgdaNoSpaceMath{\AgdaFontStyle{\textcolor{AgdaRecord}{\AgdaFormat{#1}{\AgdaLink{#1}}}}}}
\newcommand{\AgdaArgument}[1]
{\AgdaNoSpaceMath{\AgdaBoundFontStyle{\textcolor{AgdaArgument}{\AgdaFormat{#1}{#1}}}}}
% Other aspect commands.
\newcommand{\AgdaFixityOp} [1]{\AgdaNoSpaceMath{$#1$}}
\newcommand{\AgdaDottedPattern} [1]{\textcolor{AgdaDottedPattern}{#1}}
\newcommand{\AgdaUnsolvedMeta} [1]
{\AgdaFontStyle{\colorbox{AgdaUnsolvedMeta}{#1}}}
\newcommand{\AgdaTerminationProblem}[1]
{\AgdaFontStyle{\colorbox{AgdaTerminationProblem}{#1}}}
\newcommand{\AgdaIncompletePattern} [1]{\colorbox{AgdaIncompletePattern}{#1}}
\newcommand{\AgdaError} [1]
{\AgdaFontStyle{\textcolor{AgdaError}{\underline{#1}}}}
\newcommand{\AgdaCatchallClause} [1]{#1} % feel free to change this
% Used to hide code from LaTeX.
%
% Note that this macro has been deprecated in favour of giving the
% hide argument to the code environment.
\long\def\AgdaHide#1{\ignorespaces}
% Misc.
\newcommand{\AgdaHole}[1]{\colorbox{AgdaHole}{#1}}
% ----------------------------------------------------------------------
% The code environment.
\newcommand{\AgdaCodeStyle}{}
% \newcommand{\AgdaCodeStyle}{\tiny}
\ifdefined\mathindent
{}
\else
\newdimen\mathindent\mathindent\leftmargini
\fi
% Adds the given amount of vertical space and starts a new line.
%
% The implementation comes from lhs2TeX's polycode.fmt, written by
% Andres Löh.
\newcommand{\Agda@NewlineWithVerticalSpace}[1]{%
{\parskip=0pt\parindent=0pt\par\vskip #1\noindent}}
% Should there be space around code?
\newboolean{Agda@SpaceAroundCode}
% Use this command to avoid extra space around code blocks.
\newcommand{\AgdaNoSpaceAroundCode}{%
\setboolean{Agda@SpaceAroundCode}{false}}
% Use this command to include extra space around code blocks.
\newcommand{\AgdaSpaceAroundCode}{%
\setboolean{Agda@SpaceAroundCode}{true}}
% By default space is inserted around code blocks.
\AgdaSpaceAroundCode{}
% Sometimes one might want to break up a code block into multiple
% pieces, but keep code in different blocks aligned with respect to
% each other. Then one can use the AgdaAlign environment. Example
% usage:
%
% \begin{AgdaAlign}
% \begin{code}
% code
% code (more code)
% \end{code}
% Explanation...
% \begin{code}
% aligned with "code"
% code (aligned with (more code))
% \end{code}
% \end{AgdaAlign}
%
% Note that AgdaAlign environments should not be nested.
%
% Sometimes one might also want to hide code in the middle of a code
% block. This can be accomplished in the following way:
%
% \begin{AgdaAlign}
% \begin{code}
% visible
% \end{code}
% \begin{code}[hide]
% hidden
% \end{code}
% \begin{code}
% visible
% \end{code}
% \end{AgdaAlign}
%
% However, the result may be ugly: extra space is perhaps inserted
% around the code blocks.
%
% The AgdaSuppressSpace environment ensures that extra space is only
% inserted before the first code block, and after the last one (but
% not if \AgdaNoSpaceAroundCode{} is used). Example usage:
%
% \begin{AgdaAlign}
% \begin{code}
% code
% more code
% \end{code}
% Explanation...
% \begin{AgdaSuppressSpace}
% \begin{code}
% aligned with "code"
% aligned with "more code"
% \end{code}
% \begin{code}[hide]
% hidden code
% \end{code}
% \begin{code}
% also aligned with "more code"
% \end{code}
% \end{AgdaSuppressSpace}
% \end{AgdaAlign}
%
% Note that AgdaSuppressSpace environments should not be nested.
%
% There is also a combined environment, AgdaMultiCode, that combines
% the effects of AgdaAlign and AgdaSuppressSpace.
% The number of the current/next code block (excluding hidden ones).
\newcounter{Agda@Current}
\setcounter{Agda@Current}{0}
% The number of the previous code block (excluding hidden ones), used
% locally in \Agda@SuppressEnd.
\newcounter{Agda@Previous}
% Is AgdaAlign active?
\newboolean{Agda@Align}
\setboolean{Agda@Align}{false}
% The number of the first code block (if any) in a given AgdaAlign
% environment.
\newcounter{Agda@AlignStart}
\newcommand{\Agda@AlignStart}{%
\ifthenelse{\boolean{Agda@Align}}{%
\PackageError{agda}{Nested AgdaAlign environments}{%
AgdaAlign and AgdaMultiCode environments must not be
nested.}}{%
\setboolean{Agda@Align}{true}%
\setcounter{Agda@AlignStart}{\value{Agda@Current}}}}
\newcommand{\Agda@AlignEnd}{\setboolean{Agda@Align}{false}}
\newenvironment{AgdaAlign}{%
\Agda@AlignStart{}}{%
\Agda@AlignEnd{}%
\ignorespacesafterend}
% Is AgdaSuppressSpace active?
\newboolean{Agda@Suppress}
\setboolean{Agda@Suppress}{false}
% The number of the first code block (if any) in a given
% AgdaSuppressSpace environment.
\newcounter{Agda@SuppressStart}
% Does a "do not suppress space after" label exist for the current
% code block? (This boolean is used locally in the code environment's
% implementation.)
\newboolean{Agda@DoNotSuppressSpaceAfter}
\newcommand{\Agda@SuppressStart}{%
\ifthenelse{\boolean{Agda@Suppress}}{%
\PackageError{agda}{Nested AgdaSuppressSpace environments}{%
AgdaSuppressSpace and AgdaMultiCode environments must not be
nested.}}{%
\setboolean{Agda@Suppress}{true}%
\setcounter{Agda@SuppressStart}{\value{Agda@Current}}}}
% Marks the given code block as one that space should not be
% suppressed after (if AgdaSpaceAroundCode and AgdaSuppressSpace are
% both active).
\newcommand{\Agda@DoNotSuppressSpaceAfter}[1]{%
% The use of labels is intended to ensure that LaTeX will provide a
% warning if the document needs to be recompiled.
\label{Agda@DoNotSuppressSpaceAfter@#1}}
\newcommand{\Agda@SuppressEnd}{%
\ifthenelse{\value{Agda@SuppressStart} = \value{Agda@Current}}{}{%
% Mark the previous code block in the .aux file.
\setcounter{Agda@Previous}{\theAgda@Current-1}%
\immediate\write\@auxout{%
\noexpand\Agda@DoNotSuppressSpaceAfter{\theAgda@Previous}}}%
\setboolean{Agda@Suppress}{false}}
\newenvironment{AgdaSuppressSpace}{%
\Agda@SuppressStart{}}{%
\Agda@SuppressEnd{}%
\ignorespacesafterend}
\newenvironment{AgdaMultiCode}{%
\Agda@AlignStart{}%
\Agda@SuppressStart{}}{%
\Agda@SuppressEnd{}%
\Agda@AlignEnd{}%
\ignorespacesafterend}
% Vertical space used for empty lines. By default \baselineskip.
\newlength{\AgdaEmptySkip}
\setlength{\AgdaEmptySkip}{\baselineskip}
% Extra space to be inserted for empty lines (the difference between
% \AgdaEmptySkip and \baselineskip). Used internally.
\newlength{\AgdaEmptyExtraSkip}
% The code environment.
%
% Code can be hidden by writing \begin{code}[hide].
%
% The implementation is based on plainhscode in lhs2TeX's
% polycode.fmt, written by Andres Löh.
\NewEnviron{code}[1][]{%
% Conditionally hide the code.
\ifthenelse{\equal{#1}{hide}}{}{%
%
% Conditionally emit space before the code block. Unconditionally
% switch to a new line.
\ifthenelse{\boolean{Agda@SpaceAroundCode} \and%
\(\not \boolean{Agda@Suppress} \or%
\value{Agda@SuppressStart} = \value{Agda@Current}\)}{%
\Agda@NewlineWithVerticalSpace{\abovedisplayskip}}{%
\Agda@NewlineWithVerticalSpace{0pt}}%
%
% Indent the entire code block.
\advance\leftskip\mathindent%
%
% The code's style can be customised.
\AgdaCodeStyle%
%
% Used to control the height of empty lines.
\setlength{\AgdaEmptyExtraSkip}{\AgdaEmptySkip - \baselineskip}%
%
% The environment used to handle indentation (of individual lines)
% and alignment.
\begin{pboxed}%
%
% Conditionally preserve alignment between code blocks.
\ifthenelse{\boolean{Agda@Align}}{%
\ifthenelse{\value{Agda@AlignStart} = \value{Agda@Current}}{%
\savecolumns}{%
\restorecolumns}}{}%
%
% The code.
\BODY%
\end{pboxed}%
%
% Does the label Agda@DoNotSuppressAfter@<current code block
% number> exist?
\ifcsdef{r@Agda@DoNotSuppressSpaceAfter@\theAgda@Current}{%
\setboolean{Agda@DoNotSuppressSpaceAfter}{true}}{%
\setboolean{Agda@DoNotSuppressSpaceAfter}{false}}%
%
% Conditionally emit space after the code block. Unconditionally
% switch to a new line.
\ifthenelse{\boolean{Agda@SpaceAroundCode} \and%
\(\not \boolean{Agda@Suppress} \or%
\boolean{Agda@DoNotSuppressSpaceAfter}\)}{%
\Agda@NewlineWithVerticalSpace{\belowdisplayskip}}{%
\Agda@NewlineWithVerticalSpace{0pt}}%
%
% Step the code block counter, but only for non-hidden code.
\stepcounter{Agda@Current}}}
% Space inserted after tokens.
\newcommand{\AgdaSpace}{ }
% Space inserted to indent something.
\newcommand{\AgdaIndentSpace}{\AgdaSpace{}$\;\;$}
% Default column for polytable.
\defaultcolumn{@{}l@{\AgdaSpace{}}}
% \AgdaIndent expects a non-negative integer as its only argument.
% This integer should be the distance, in code blocks, to the thing
% relative to which the text is indented.
%
% The default implementation only indents if the thing that the text
% is indented relative to exists in the same code block or is wrapped
% in the same AgdaAlign or AgdaMultiCode environment.
\newcommand{\AgdaIndent}[1]{%
\ifthenelse{#1 = 0
\or
\( \boolean{Agda@Align}
\and
\cnttest{\value{Agda@Current} - #1}{>=}{
\value{Agda@AlignStart}}
\)}{\AgdaIndentSpace{}}{}}
% Underscores are typeset using \AgdaUnderscore{}.
\newcommand{\AgdaUnderscore}{\_}
\endinput

BIN
papers/scp/copyright.pdf Normal file
View file

Binary file not shown.

1596
papers/scp/elsarticle-harv.bst Normal file
View file

File diff suppressed because it is too large Load diff

BIN
papers/scp/figures/InherentEval.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 168 KiB

BIN
papers/scp/figures/InherentIndices.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 105 KiB

BIN
papers/scp/figures/InherentProgress.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 120 KiB

BIN
papers/scp/figures/InherentReductions.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 148 KiB

Some files were not shown because too many files have changed in this diff Show more