Embed Size (px)
Citation preview
Modal Logic, Linear Logic,Optimal Lambda-ReductionStefano Guerrini1, Simone Martini2, Andrea Masini31 IRCS, University of Pennsylvania,3401 Walnut Street, Suite 400A, Philadelphia, PA 19104-6228 { USA;[email protected] Dipartimento di Matematica e Informatica, Universit�a di Udine,Via delle Scienze, 206, I-33100 Udine { Italy; [email protected] Dipartimento di Informatica, Universit�a di Pisa,Corso Italia, 40, I-56125 Pisa { Italy; [email protected] IntroductionThe paper will maintain and justify the following thesis :A purist approach to modal proof-theory may have some (applied) ben-e�ts for the e�cient reduction of lambda-terms, an important problemin the implementation of functional programming languages.1.1 Modal proof-theoryThe quest for symmetry, concision, and generality is a distinctive trait of math-ematics. Proof-theory is a remarkable example of this search. A large class oflogical systems may be described with few key ingredients, organized aroundcrucial symmetries (left/right; introduction/elimination). At �rst sight, modal-ities seem to spoil the scene. On one hand, the rules are seldom symmetric,or, when they are, they involve global constraints on their applicability. More-over, moving from one system to a more powerful one often means to radicallychange the rules (and the proofs of the main metatheoretical properties, likenormalization).To restore symmetry and locality one resorts to indexed systems, where for-mulas are annotated with additional information. The idea goes back to Kripke[Kri63] and has been developed by many authors (a good review is [Wan94]).What kind of information is added, the way it \codes" the structure of the(Kripke) models of the logic, and the bookkeeping of this information, makecrucial di�erences among the several approaches. We focus here on 2-sequents,put forward in [Mas92]. It is a class of formal systems where annotations arenon-negative indexes, introduced with the simple motivation to mimic the in-terplay of variables and quanti�ers in �rst order logic. Di�erent systems (inthe range K{S4) are obtained with simple side conditions on indexes of a single(elimination) rule [MM96].
In Section 2 we will brie y recall the 2-sequent natural deduction calculusfor linear logic (which, as far as modalities are concerned, is similar to S4).Section 2.1 will show how this proposal looks like in the context of linear logicproof-nets.1.2 Optimal reduction of lambda-termsThe �-calculus is a paradigmatic functional programming language, whose op-erational semantics is given by �-reduction: (�x:M)N !� [N=x]M. Given anormalizable �-term M it would be interesting to determine the shortest reduc-tion sequence starting from M and reaching its normal form. However, it iswell known that there is no recursive, one-step strategy for this. One has to re-sort to parallel strategies, reducing several redexes at once. It is a fundamentalresult of L�evy [L�ev78] that an optimal recursive parallel strategy exists. Theonly known \implementations" of L�evy's strategy are based on graph-rewriting.A lambda-term M is represented as a graph in which special nodes expressthe (partial) sharing of common subterms of M. Then, the graph-rewritingrules for �-reduction are extended with rules for the explicit bookkeeping of thesharing information. After Lamping's original solution [Lam90], also [GAL92a]and [Asp95b] have presented proposals. Interestingly enough, these approachesmay be interpreted as a particular way of performing reduction of linear logicproof nets [GAL92b].We discuss in Section 4 the improvements that may be obtained from ourapproach to linear logic. More extended discussion may be found in [GMM96],or [Gue95] for the speci�c problem of �-calculus. The practical application ofthese reduction techniques is in the implementation of functional programminglanguages|see [AG97] for a detailed treatment.2 Linear logic, from an indexed perspectiveFrom a proof-theoretical point of view, linear logic [Gir87] arises by dropping thestructural rules of contraction and weakening from the standard formulation of asequent calculus for classical logic. This very weak system is then strengthen byadding modalities (?, and its dual !) marking those formulas on which weakeningand contraction is allowed. As exempli�cation of the 2-sequent approach tomodalities, we present here a natural deduction system for a fragment of the fulllogic, see [MM95].Formulas are built out of atoms (ranged over by p), by means of the binaryconnectives and (, and the (unary) modality !. Each formula is decoratedwith a nonnegative integer (its level); the formal system establishes judgmentsof the shape � ` Ak, where � is a multi-set of indexed formulas, A is a formula,k is the level of A (the rules will ensure that the levels of the formulas in � areless or equal to k). The propositional rules of this fragment are summarized inFigure 1. To ensure linearity, in ( I and E each discharging is compulsory2
Ak����Ak ����Bk IA Bk ����A Bj [Aj] [Bj] ����Ck E j�kCk� [Ak]���Bk ( IA( Bk ����A( Bk ����Ak ( EBkFigure 1. Propositional rules.and involves exactly one formula occurrence (note that this fragment is linearalso in modal formulas: no contraction or weakening is allowed at all).We write � ` Ak if there is a deduction whose conclusion is Ak and whoseopen assumptions are exactly the formulas of �.Modal (exponential) rules|Figure 2|uses the level machinery to formulatethe \context constraint" on the introduction rule. For a set of assumptions �,de�ne #� = maxfk j Ak 2 �g; #� = -1 when � is empty.����Ak+1 !I k�#�!Ak ����!Aj !Ek�jAkFigure 2. Exponential rules.It is worth to compare the two exponential rules with the rules for universalquanti�cation: ����A 8I x62FV(�)8x:A ����8x:A 8EA[t=x]Indeed, as the introduction of \!" decrements the level of the conclusion of ex-actly one, so the introduction of 8 binds exactly one variable. The side conditionk � #�, is the analogous of the usual constraint that x be not free in the activepremises of the derivation. Again, as the elimination of \!" raises the level of3
the conclusion of an arbitrary increment, so the elimination of 8 allows the in-troduction of a new term t with an arbitrary number (possibly zero) of new freevariables. This analogy has been a leading idea of the 2-sequents approach andkeeps holding when we consider reduction of proofs.In linear proofs, exponential redexes and their reductions may be de�ned asfollows: DAk !I!Ak-1 !EAk-1+j reduces to [j- 1]k-1DAk-1+jwhere the (meta) notation [n]kD means the result of incrementing of n all thelevels greater than k in the deduction D. Formally:absorption:If v � i : [n]i� D�v = D�vreindexing:If v > i : [n]i � D�v = [n]iD�v+nThe side condition on !I ensures correctness of the reduction. Under the anal-ogy \modalities are quanti�ers", this process of reindexing corresponds to sub-stitution in �rst-order logic (the absorption case corresponding to a test on thefreeness of the involved variable).2.1 Levels in a proof-net formulationThe system we are interested in adds contraction to the basic rules of the previoussection. It is best described using proof-nets, a formal system for linear logicexploiting (and displaying at its best) the symmetry of the logic (see [Laf95] for alucid introduction). We only recall that multiplicative proof nets are formulatedfor the logic based on atoms (propositional letters p and their duals p?), andthe two dual connectives tensor () and par (}). Negation is primitive onlyon atoms and de�ned on formulas by full double negation and DeMorgan rules.Linear implication is de�ned as A( B � A?}B.When exponentials are introduced, the elegance and simplicity of the nets(and of their reduction rules) have to be spoiled by the notion of box|a sub-netrepresenting the context where an !-introduction is applied. Boxes are necessaryboth for static (i.e., for soundness) and dynamic correctness (i.e., for keepingtrack of the context during the reduction of an exponential redex). A sketch ofthe general case (including contraction) is depicted in Figure 3 (forget for themoment the levels of the formulas). Observe, �rst, that the box � (on the leftin the �rst line) is duplicated. Second, after the reduction the di�erent copiesof � may have been put inside other boxes (this happens when the ?-node isa secondary door of another box). (The notation �[ki - k] means that all thelevels of � have been incremented by ki - k.)4
k!A cut
!?
Γ1
Γ2
Γr
k+rA A
k+s1∆
∆2
∆s
Π r Π’s
Π2Π’2
Π1 Π’1
⊥Ak+1
?
?Akk
... ...
iB
Π
?B
Γ1
Γ2
Γr
k+rA A
k+s1∆
∆2
∆s
Π r Π’sΠ’2Π2
Π1 Π’1
cut cut
?
... ...
B⊥A B
⊥A
Π [r-1]
k+ri+r-1
Π [s-1]
i+s-1 k+s
k?BFigure 3. Box (global) reduction.How does the system of the previous section relates to proof-nets? It is notdi�cult to establish the following result.Theorem 2.1. Let � ` A0, where all the assumptions in � have level 0. Thenthere is a proof-net � with conclusions �?; A.Proof. (sketch) Let us �rst build the labeled graph underlying �. Then we willtake care of boxes. Proceed by induction on � ` A0, as in the usual equivalencebetween natural deduction and sequents: assumptions go to axioms; introductionrules are mapped into the corresponding links; elimination rules are transformedinto cuts between the premise and a suitable proof-net. Now assign boxes: thelevel of a formula is interpreted as the box-nesting-depth of the correspondinglink. The side condition on !I ensures that for each !-link (principal door of a5
box) one can �nd suitable ? links acting as secondary doors of the correspondingbox.This translation extends to normalization: any reduction of a natural de-duction derivation is transformed into a valid cut-elimination step of the corre-sponding proof-net. The reindexing case in the de�nition of [n]kD correspondsexactly to the fact that a box, after reduction, may be put inside other boxes;absorption corresponds to the selection of the correct subnet to be reindexed(the reindexing stops at the secondary doors), cf. Figure 3. This relation (whichwas unexpected when we begun our work on levels is the starting point of thetechnical contribution of the next section.3 Leveled nets and their reductionWe have just seen that rewriting and reindexing of proof-nets may be done usinglevels|a local information|instead of explicit boxes|a global information. Thelast step we perform is the internalization of the meta-operation of reindexing.That is, instead of having an external de�nition of [n]kD, we extend our netsand their reductions as to incrementally and locally perform reindexing duringthe process of cut-elimination.We start with the formal de�nition [GMM96] of sharing s`-structures (sharingleveled structures of links) and proof `-structures, our level-based formalizationof proof-nets with explicit reindexing operators (the mux links).De�nition 3.1. An s`-structure is a �nite connected hypergraph whose nodesare labeled with indexed formulas and hyperedges (also called links) are labeledfrom the set fcut, ax; };; !; ?g[ fmux[i]j i � 0g[ fdemux[i]j i � 0g; the integer iin (de)muxes is the threshold of the link. Allowed links and nodes are drawn inFigure 4. The source nodes of a link are its premises; the target nodes are theconclusions. Premises and conclusions are assumed to be distinguishable (i.e.,we will have left/right premises, i-th conclusion and so on), with the exceptionof ?-links. In an s`-structure, each node must be conclusion of exactly one linkand premise of at most one link; those nodes that are not premises of any linkare the net conclusions; unary (de)muxes are also called lifts.De�nition 3.2 (proof `-structure). A proof `-structure is an s`-structure with-out (de)muxes.We assume that any axiom of an s`-structure has only atomic conclusions.Such a restriction does not decrease the expressive power of s`-structures. Toeach (standard) proof-net P we may associate a proof `-structure D [P], the dec-oration of P: D [P] is obtained by assigning to each node of P the level corre-sponding to the number of exponential boxes containing that node.De�nition 3.3. A proof `-structure S is a restricted proof `-net i� S = D [P] forsome weakening-free proof net P. 6
Ak cut A?k Ak ax A?k Ak BkABk Ak } BkA}BkAk+1!!Ak Ak1 ��� Akr??Akk�k1;:::;krr�1 Ak1 ���k�1�k1;:::;krr�1 AkriAk AkiAk1 ���k�1�k1;:::;krr�1 AkrFigure 4. Links of s`-structures.By using indexes it is possible to \recognize" exponential boxes:De�nition 3.4. Let S be a proof `-structure and let Ak be a premise of an!-link; we call box of Ak a sub-hypergraph bxS[Ak] of S verifying the followingproperties:1. Ak 2 bxS[Ak] (Ak is the principal door of bxS[Ak]);2. bxS[Ak] is a proof `-net;3. each net conclusion of bxS[Ak] di�erent from the principal door is a premise,in S, of a ?-link with conclusion at level j < k (such ?-premises are thesecondary doors of the box);4. for each Bj 2 S, if Bj 2 bxS[Ak], then j � k.We denote by BX[S] the set of boxes of S. Because of the de�nition of `-structure, boxes are connected.Restricted proof `-nets are a complete system for weakening-free classicallinear logic; s`-structures captures in a local way the process of cut-elimination,while muxes perform reindexing of boxes. (When weakening is allowed, proof-nets become disconnected and there is no local way to perform cut-elimination;in [GMM97] we propose a solution, calling for a simple modi�cation of the proof-net syntax).We distinguish the rules in two kinds: the logical (or �) rules (Figure 5),where interaction happens through a cut-link (corresponding to a logical cut-elimination step); and the � rules (Figures 6, 7, and 8), when one of the inter-acting nodes is a mux/demux (corresponding to a step of incremental duplicationand/or reindexing).Observe, in particular, rule absorption (Babs), corresponding to the casewhen the mux reaches the border of a box (through one of its secondary doors)and has therefore exhausted its job. It matches the absorption case in thede�nition of [n]kD, in Section 2.3.1 OptimalityL�evy's parallel strategy (cf. Section 1.2) for lambda-calculus consists in reducingat any step a certain number of redexes|those belonging to the same family,7
Ak cut Ak? ax Ak Bide AkAk } Bk A?k B?kA}Bk cut A?k B?kBmul Ak cut A?k Bk cut B?kAk+1 A?k1 ��� A?kr! ?!Ak cut ?A?k Bexp Ak+1kAk1 ��� Akr cut A?krcut A?k1Figure 5. Logical (or �) rules. The symmetric cases are not shown.[L�ev78]. Main result of [Lam90] is a graph rewriting implementation in which,representing lambda-terms as graphs with additional (partial) sharing operators(fans, akin to our muxes), each �-reduction (that is reductions essentially similarto those of Figure 5) corresponds to a parallel step of L�evy's strategy.An analysis essentially similar may be conducted for proof-nets [GAL92b,AL93]: also in this case the number of �-reductions of the known sharing graphimplementations is equal to the number of parallel reductions in L�evy's strategy.Of course, not all the reductions of Figures 6, 7, and 8 may be freely appliedif we want an optimal reduction. Indeed, a free application of rule Bdup wouldduplicate any redex in its scope. Intuitively, during an optimal reduction a muxmust be propagated only if otherwise it would prevent the formation of a newredex. A moment's thought shows that a mux \coming from above" on a logicalnode must never be propagated. Among all the reduction rules, we thus isolatethe set �opt = � - Bdup containing the only rules allowed during an optimalreduction. It is well known that proof-nets may encode typed lambda-terms(they may encode also type-free terms, if one forces the type isomorphism D �=!D( D, or D �= !(D( D), [Reg92]). If we now take the proof-net encoding ofa lambda-term, its optimal reduction (as de�ned here) exactly corresponds toits L�evy optimal reduction.4 CoherenceThe approaches to optimal reduction of proof-nets/lambda-terms discussed in 1.2and the previous section, share a problem of coherence. Suppose that the proof-8
Ak1 ��� AkriAk cut Ak? Bidup Ak?i���Ak1 cut Ak1?Akr cut Akr?Ak1 ��� AkriAj1 ��� Ajn??Ak BdupAjni���Ak1 ��� Ajn+k1�j1 Akr ��� Ajn+kr�j1? ??Ak+k1�j1 ��� ?Ak+kr�j1i?Akwhere i < kFigure 6. Duplication rules (I). The following cases are not shown: in Bidupthe dual rule (demux/ax); in Bdup the cases where interaction happens throughanother premise of the ?-link; in Bdup the cases where the logical link is , }, !,instead of why-not (?).net (or lambda-term) N reduces by standard cut-elimination (beta-reduction) toN 0. Then, by reducing the graph corresponding to N we do not obtain the graphcorresponding (in the given translation) to N 0. The recovering of the proof-net N 0 is instead obtained by the so-called read-back process, a semanticallybased procedure external to the reduction system, which essentially computesthe equivalence quotient of all the sharing graphs representing the same proof-net (term). A �rst contribution towards the solution of this problem is thenotion of safeness in [Asp95a]. In presence of certain safety conditions (whichmay be computed along the computation) some additional reductions may beperformed, allowing a further simpli�cation of the net. We show here that thisproblem is �xed in our approach.The proofs of the theorems, or even an intelligible sketch of them, are wellbeyond the page limits of this paper. The reader may see [GMM96] or [Gue96]for a more detailed overview. Let an s`-structure G be correct i� there exists arestricted proof `-net N s.t. N B� G. 9
Aj1 ��� Ajn??Aki?Ak1 ��� ?Akr Bodup Aj1 Ajni iAj1+k1�k ������ Ajn+k1�k Aj1+kr�k ������ Ajn+kr�k? ??Ak1 ?AkrAk1 ��� AkriAnjAh1 ��� Ahs Bswap Ak1 Akrj1 jrAk1+h1�n ������ Ak1+hs�n Akr+h1�n ������ Akr+hs�ni1 isAh1 Ahs� � �� � �where i1 = � � � = is = i; and j1 = j + k1 � n; : : : ; jr = j + kr � n when i < j,i1 = i+ h1 � n; : : : ; is = i+ hs � n and j1 = � � � = jr = j; when i > j.Figure 7. Duplication rules (II). The following cases are not shown: in Bodupthe cases where the logical link is , }, !, instead of why-not (?).Aj1 ��� AjriAk??Av Babs Aj1 ��� Ajr??Av
Ak1 ��� AkriAkiAk1 ��� Akr Banh Ak1 � � �Akrwhere i � vFigure 8. Simpli�cation rules.Theorem 4.1 (strong normalization). Let G be a correct s`-structure.1. The � rules are strongly normalizing and con uent on G. The � normalform of G is a restricted proof `-net.2. The �+� rewriting rules are strongly normalizing and con uent on G. The� + � normal form of G is a restricted proof `-net.10
3. The � normal form of G reduces by standard cut-elimination to its � + �normal form.The third item of Theorem 4.1 ensures the soundness of the system. Theresult can be stated in a stronger way, as in the following Lemma 4.3, which isindeed a preliminary step in the proof of Theorem 4.1 (B�std denotes a standardcut-elimination reduction).De�nition 4.2 (read-back). The read-back R(G) of a correct `-net G is the �normal form of G.Lemma 4.3 (soundness). Let G be a correct s`-structure and N be the re-stricted proof `-net s.t. N B� G. Then N B�std R(G).According to Section 3.1, there is a strategy minimizing the number of B�rules.Theorem 4.4 (optimality). The �+ �opt rewriting rules are L�evy optimal.Theorem 4.5. Let G be a correct s`-structure and N be its �+� normal form.Let G 0 be a � + �opt normal form of G, then R(G 0) = N.By Theorem 4.5, normalization of correct `-nets may be performed in twodistinct steps: �rst optimal reduction (� + �opt ), then read-back reduction (�).5 ConclusionsOur coherence results are made possible by the presence of the absorption rule.In its turn, the rule could not be formulated without a way to recognize theborder of a box and, hence, its secondary doors. This is achieved via a clearseparation of the logical and control information in the representation of a net.The logical information takes the form of levels on the formulas of the proof-net; control is expressed by muxes (unifying the fans and brackets of the otherapproaches, which are also used to express levels), which may be viewed simplyas the internalization of the meta-operation of reindexing. It is this separationto allow coherence.ReferencesAG97. Andrea Asperti and Stefano Guerrini. The Optimal Implementation of Func-tional Programming Languages. Cambridge Univ. Press, 1997. To appear.AL93. Andrea Asperti and Cosimo Laneve. Interaction systems. In Int. Workshopon Higher Order Algebra, Logic and Term Rewriting, 1993.Asp95a. Andrea Asperti. � � !" = 1: Optimizing optimal �-calculus implementations.In Jieh Hsiang, editor. Rewriting Techniques and Applications, 6th Inter-national Conference, RTA-95, LNCS 914, pages 102{116, Kaiserslautern,Germany, April 5{7, 1995. Springer-Verlag.11
Asp95b. Andrea Asperti. Linear logic, comonads and optimal reductions. Funda-menta infomaticae, 22:3{22, 1995.GAL92a. Georges Gonthier, Mart��n Abadi, and Jean-Jacques L�evy. The geometry ofoptimal lambda reduction. In Proc. of Nineteenth Principles of ProgrammingLanguages (POPL), pages 15{26. ACM. January 1992.GAL92b. Georges Gonthier, Mart��n Abadi, and Jean-Jacques L�evy. Linear logic with-out boxes. Proc. of 7th Symposium on Logic in Computer Science, (LICS),pages 223{234. IEEE. Santa Cruz, CA, June 1992.Gir87. Jean-Yves Girard. Linear logic. Theoretical Computer Sci., 50:1{102, 1987.GMM96. Stefano Guerrini, Simone Martini, and Andrea Masini. Coherence for sharingproof-nets. In H. Ganzinger, editor, Rewriting Techniques and Applications {RTA'96, volume 1103 of Lecture Notes in Computer Science, pages 215{229.Springer-Verlag, 1996.GMM97. Stefano Guerrini, Simone Martini, and Andrea Masini. Proof nets, garbage,and computation. In R. Hindley, editor, Typed Lambda-Calculus and Appli-cations 1997, LNCS. Springer-Verlag, 1997. To appear.Gue95. Stefano Guerrini. Sharing-graphs, sharing-morphisms, and (optimal) �-graph reductions. In 1st Tbilisi Symposium on Logic, Language, and Com-putation, Tblisi, Georgia, October 1995.Gue96. Stefano Guerrini. Theoretical and Practical Aspects of Optimal Implemen-tations of Functional Languages. PhD thesis, Dottorato di Ricerca in Infor-matica, Pisa{Udine, TD 3/96, January 1996.Kri63. Saul Kripke. Semantical analysis of modal logic I. Zeitschr. f. math. Logikund Grund. d. Mathematik, 9:67{96, 1963.Laf95. Yves Lafont. From proof-nets to interaction nets. In J.-Y. Girard, Y. Lafont,and L. Regnier, editors, Advances in Linear Logic, volume 222 of LondonMathematical Society Lecture Note Series, pages 225{247. Cambridge Uni-versity Press, 1995. Proceedings of the 1993 Cornell Linear Logic Workshop.Lam90. John Lamping. An algorithm for optimal lambda calculus reduction. InPrinciples of Programming Languages (POPL), pages 16{30. ACM, 1990.L�ev78. Jean-Jacques L�evy. R�eductions Correctes et Optimales dans le lambda-calcul.PhD Thesis, Universit�e Paris VII, 1978.Mas92. Andrea Masini. 2-sequent calculus: A proof theory of modalities. Annals ofPure and Applied Logic, 58:229{246, 1992.MM95. Simone Martini and Andrea Masini. On the �ne structure of the exponentialrule. In J.-Y. Girard, Y. Lafont, and L. Regnier, editors, Advances in LinearLogic, volume 222 of London Mathematical Society Lecture Note Series,pages 197{210. Cambridge University Press, 1995. Proceedings of the 1993Cornell Linear Logic Workshop.MM96. Simone Martini and Andrea Masini. A computational interpretation ofmodal proofs. In H. Wansing, editor, Proof Theory of Modal Logics, pages213{241. Kluwer, 1996.Reg92. Laurent Regnier. Lambda-Calcul et R�eseaux. Th�ese de doctorat, Universit�eParis 7, 1992.Wan94. H. Wansing. Sequent calculi for normal modal propositional logic. Journalof Logic and Computation, 4(2):125{142, 1994.12
