An affine-intuitionistic system of types and effects: confluence and termination

An affine-in tuitionisti c system of t yp es and effects: confluence and termina t ion Rob erto M. Amadio † P atrick Baillot ‡ An toine Madet † † Universit ´ e P aris Diderot (Paris 7) PPS (UMR 7126 CNRS- P aris-Diderot) ‡ ENS Lyon, Univ. Lyon LIP (UMR 5668 CNRS- ENSL-IN R IA-UCBL) No ve m b er 6, 2018 Abstract W e present an affine-intuitionistic system of typ es and effe cts which can b e r egarded as an extensio n of Barb er -Plotkin Dual In tuitionistic Line ar L o gic to multi-threaded pro- grams with effects. In the system, dynamically generated v alues such a s references or channels are abstracted in to a finite set of r e gions . W e intro duce a discipline of r e gion us- age that en tails the c onfluenc e (and hence determinacy) of the typable pro g rams. F urther, we show that a discipline of reg ion st r atific ation gua rantees termination . Keyw ords : Linea r logic. Types a nd Effects. Co nfluence. T ermination. 1 In tro duction There is a w ell-kno wn connection b etw een intuitionistic pr o ofs and typ e d functional pr o gr ams that go es un der the name of Curry-Howar d corresp ondence. F ollo wing the int ro duction of line ar lo gic [9 ], this corresp ond ence has b een r efined to includ e an explicit treatment of the pro cess of data d uplication. V arious formalisations of these ideas h a ve b een prop osed in the literature (see, e.g. , [3, 4, 17, 16, 2]) an d w e w ill fo cus here in particular on Affin e-In tuitionistic Logic and, more precisely , on an affine v ersion of Barb er-Plotkin Dual Intuitionistic Line ar L o gic (DILL) as describ ed in [2]. In DILL, th e op eration of λ -abstr action is alwa ys affine , i.e. , the formal parameter is used at m ost once. The more general situation where the formal parameter has multiple usages is h andled thr ough a constructor ‘! ′ (read b ang) marking v alues that can b e dup licated and a destructor let filtering them and effectiv ely allo win g their d u plication. F ollo wing this idea, e.g. , an in tuitionistic jud gemen t is translate d in to an affine-in tuitionistic one as follo ws: y : A ⊢ λx .x ( xy ) : ( A → A ) → A (intuitionisti c) y : ( ∞ , A ) ⊢ λx. let ! x = x in x !( x ! y ) : !(! A ⊸ A ) ⊸ A (aff.-intuitionistic ) W e recall that in DILL the hyp otheses are sp lit in t w o zones according to their usage . Namely , one distinguishes b etw een the affine hyp otheses that can b e used at most once and the intuitionistic ones that can b e used a rbitrarily man y times. In our formalisation, w e will use ‘1 ′ for the former and ‘ ∞ ′ for the latter. 1 Our pur p ose is to exp lore an extension of this connection to multi-thr e ade d pr o gr ams with effe cts . By extending the connection, we mean in p articular th at the t yp e system sh ou ld guaran tee confl u ence (and h ence d etermin ism ) and termination of the t ypable pr ograms wh ile preserving a reasonable expressiv e p o wer. By m ulti-threaded program, we mean a p r ogram where d istinct threads of execution may b e activ e at the same time (as it is t yp ically the case in concurrent programs) and by effect, we mean th e p ossibilit y of executing op erations that mo dify the state of a system suc h as reading/writing a reference or sendin g/receiving a message. W e w ill start b y in tro ducing a simple-mind ed extension of the p u rely fu nctional language with op erators to ru n threads in p arallel wh ile reading/mo difyin g the state whic h is lo osely inspired b y concurrent extensions of the ML programming language such as [8] and [18]. F ollo win g a r ather standard practice (see, e.g. , [15, 20]), we supp ose that dynamically gen- erated v alues such as channels or references are abstr acte d in to a finite num b er of r e gions . This abs tr action is reflected in the t yp e system w here the t yp e of an address dep ends on the region with wh ic h the add ress is asso ciated. Th us we wr ite Reg r A for the typ e of addresses con taining v alues of type A and r elating to the region r of the store. Not su rprisingly , the resulting fu nctional-concurren t language is neither confluent nor terminating. Ho we v er, it turn s out that there are reasonable strategies to reco v er th ese prop erties. The general i dea is that c onfluenc e can b e reco vered by in tro ducing a pr op er discipline of r e gion usage while terminatio n can b e reco v ered thr ough a discipline of r e gion str atific ation . The notion of r e gion usage is reminiscent of the one of hyp otheses usage arising in affine- in tu itionistic lo gic. Sp ecifically , w e distinguish the regions that can b e used at most once to write and at most once to read and those that can b e used at most once to write and arbitrarily man y times to r ead. The notion of r e gion str atific ation is based on the idea that v alues stored in a region should only pro duce effects on sma l ler regions. The implemen tation of this idea requires a substanti al refi nemen t of the typ e sys tem that has to p redict the effe cts p otent ially generated b y the ev aluation of an expression. This is w here typ e and e ff e ct systems , as in tro du ced in [15], come in to pla y . It turns out that the notions of region us age and region stratification com bine smo othly , leading to the defin ition of an affine-int uitionistic system of t yp es and effects. The system has affine-in tuitionistic logic as its f u nctional core and it can b e used to guarantee the determinacy and termination of multi- threaded pr ograms with effects. Related w ork Girard, through the introd uction of line ar lo gic [9], has widely pr omoted a finer analysis of the structur al rules of logic. There ha v e b ee n v arious attempts at pro d ucing a functional programming language based on th ese ideas and with a reasonably hand y synta x (see, e.g. , [3, 4, 17, 16, 2]). The logical origin of th e notion of usage can b e traced bac k to Girard’s LU s ystem [10] and in particular it is adopted in the Barb er-Plot kin system [2] on whic h we build on. A num b er of wo rks on type systems for concurrent languages su c h as the π -calculus ha ve b een insp ired by linear logic eve n though in man y cases the exact relationships with logic are at b est u nclear. In particular, Koba yashi et al. [14] intro d uce a type-system with ‘use-once’ c hann el t yp es that guarantees c onfluenc e . Clearly , th is approac h in spires our conditions for confluence. Let u s also recall that K ob ay ashi et al. (see, e.g. , [13, 12]) ha ve pr o duced type 2 x, y , . . . (V ariables) V ::= ∗ | | x | | λx .M | | ! V (V alues) M ::= V | | M M | | ! M | | let ! x = M in M ν x M | | set ( x, V ) | | pset ( x , V ) | | get ( x ) | | ( M | M ) (T erms) S ::= ( x ← V ) | | ( x ⇐ V ) | | ( S | S ) (Stores) P ::= M | | S | | ( P | P ) | | ν x P (Programs) E ::= [ ] | | E M | | V E | | ! E | | let ! x = E in M (Ev aluation Contexts) C ::= [ ] | | ( C | P ) | | ( P | C ) | | ν x C (Static Contexts) T able 1: Syn tax: p rograms systems with a muc h m ore elab orate n otion of usage than ours (a usage can b e almost as complex as a CCS pro cess) and sho wn th at they can guaran tee a v ariet y of prop erties of concurrent p rograms such as absenc e of de ad lo ck . It is well known that intuitionistic logic is at the basis of typ ed functional p rogramming. The typ e and effe ct system introd uced in [15] is an enric hm en t of the intuitio nistic system tracing the effects of imp er ative higher-ord er programs acting on a stor e . The system has pro v id ed a su ccessful static analysis to ol for the problem of he ap-memory de al lo c ation [20]. More recentl y , this issue h as b een revisited follo wing the ideas of linear logic [23, 7] . The so called r e ducibility c andidates meth o d is probably the most imp ortan t tec hniqu e to prov e termina tion of t ypable higher-order programs. Ex tens ions of the method to ‘func- tional fragmen ts’ of the π -calculus h a ve b een pr op osed, e.g. , in [24, 19]. Boud ol [6] has shown that a stratification of the regions guarante es termination for a m ulti-threaded higher-order functional language w ith references and co op erativ e scheduling. Ou r formulation of the str at- ification discipline is actually b ased on [1] whic h revisits and extends [6 ]. Structure of the pap er Section 2 introd u ces an affine-intuitio n istic system w ith regions for a call-by- v alue fun ctional-co ncurrent language. S ection 3 introd uces a disciplin e of region usage that guaran tees conflu ence of the t ypable pr ograms. Section 4 enric h es the affine- in tu itionistic system introdu ced in section 2 with a notion of effect whic h provi des an up p er b ound on the set of regions on whic h the ev aluation of a term may pr o duce effects. Finally , section 5 d escrib es a discipline of region stratification th at guaran tees the termin ation of the t ypable pr ograms. Pro ofs of the main results are av ailable in app end ix A. 2 An affine-in tuitionistic t yp e system with regions 2.1 Syn tax: programs T able 1 in tr o duces the synt ax of our pr ograms. W e denote v ariables with x, y , . . . , and with V the v alues whic h are included in the category M of terms. Stores are denoted by S , and pr ograms P are combinatio n s of terms and stores. W e commen t the main operators of the l anguage: ∗ is a co n stan t inhabiting the terminal t yp e 1 (see belo w ), λx.M is the affine abstractio n and M M the applicatio n , ! marks v alues th at can be duplicated while let ! x = M in N filters them and allo w s their m ultiple usage in N , in ν x M the op erator ν generates a fresh addr ess name x w hose scop e is M , set ( x, V ) and pset ( x, V ) write the v alue V in a volatile add r ess an d a p e rsistent one, resp ecti v ely , while get ( x ) fetc hes a v alue from the address x (either vola tile or p ersisten t), fi n ally ( M | N ) ev aluates in p arallel M and N . Note 3 P | P ′ ≡ P ′ | P (Comm u tativity) ( P | P ′ ) | P ′′ ≡ P | ( P ′ | P ′′ ) (Associativity) ν x P | P ′ ≡ ν x ( P | P ′ ) x / ∈ FV ( P ′ ) ( ν | ) E [ ν x M ] ≡ ν x E [ M ] x / ∈ FV ( E ) ( ν E ) E [( λx.M ) V ] → E [[ V /x ] M ] E [ let ! x = ! V in M ] → E [[ V /x ] M ] E [ se t ( x, V )] → E [ ∗ ] | ( x ← V ) E [ pset ( x, V )] → E [ ∗ ] | ( x ⇐ V ) E [ ge t ( x )] | ( x ← V ) → E [ V ] E [ ge t ( x ) ] | ( x ⇐ ! V ) → E [! V ] | ( x ⇐ ! V ) T able 2: Op erational seman tics r, r ′ , . . . (Regions) α ::= B | | A (T yp es) A ::= 1 | | A ⊸ A | | ! A | | Reg r A (V alue-typ es) Γ ::= x 1 : ( u 1 , A 1 ) , . . . , x n : ( u n , A n ) (Con texts) R ::= r 1 : ( U 1 , A 1 ) , . . . , r n : ( U n , A n ) (Region con texts) T able 3: Syn tax: typ es and con texts that when wr iting either λx.M , or ν x M , or let ! x = N in M the v ariable x is b ound in M . As u sual, w e abbr eviate ( λz .N ) M with M ; N , where z is n ot free in N . Evaluatio n c ontexts E follo w a c al l-b y- value discipline. Static c ontexts C are comp osed of parallel comp osition and ν ’s. No te that stores can only app ear in a static con text. T hus M = V ( set ( x, V ′ ); V ′′ ) is a legal term w h ile M ′ = V ( V ′′ | ( x ← V )) is not. 2.2 Op erational seman tics T able 2 describ es the op erati onal seman tics of our language. Programs are considered up to a structur al e quivalenc e ≡ whic h is th e least equiv alence relation preserved b y static conte xts, and which con tains the equations f or α -ren aming, for the commutat ivit y and asso ciativit y of parallel comp osition, for en larging the s cop e of the ν operators to p arallel programs, and for extracting the ν f rom an ev aluation context . W e use the notation [ V /x ] for th e su bstitution of the v alue V for the v ariable x . The red u ction rules apply mo du lo stru ctural equiv alence and in a static cont ext C . F or instance, the program (( ν x λy .M )( ν x ′ λx ′ .M ′ )) V | P is stru cturally equiv alen t (up to some renaming) to ν x ν x ′ (( λy .M )( λy ′ .M ′ )) V | P . This trans formation exp oses the term E [( λy.M )( λy ′ .M ′ )] in the static co n text C = ν x ν x ′ [ ] | P , wh ere the ev aluation context E is [ ] V . 2.3 Syn tax: t yp es and con t ext s T able 3 introdu ces the synt ax of t yp es and con texts. W e denote regions w ith r , r ′ , . . . and w e supp ose a region r is either volatile ( V ( r )) or p ersistent ( P ( r )). T yp es are denoted with α, α ′ , . . . . Note that we distin gu ish a sp ecial b eh a viour t yp e B whic h is give n to the enti ties of the language whic h are not su pp ose d to return a v alue (su c h as a store or sev eral v alues in parallel) while t yp es of entit ies that ma y return a v alue are denoted with A . Among the t yp es A , we distinguish a terminal t yp e 1 , an affine fun ctional type A ⊸ B , the t yp e ! A of 4 terms of t yp e A that can b e d u plicated, and the typ e Reg r A of addresses con taining v alues of typ e A and related to the region r . Hereby t yp es ma y d ep end on regions. Before commenting v ariable and region cont exts, we need to define the notion of usage . T o this end, it is conv enien t to in tro duce a set with three v alues { 0 , 1 , ∞} and a p artial binary op eration ⊎ su ch that x ⊎ 0 = 0 ⊎ x = x , ∞ ⊎ ∞ = ∞ and which is und efined otherwise. W e denote with u a variable usage and assume that u is either 1 (a v ariable to b e u sed at m ost once) or ∞ (a v ariable that can b e used arb itrarily many times). Then a v ariable con text (or simp ly a con text) Γ has the shap e: x 1 : ( u 1 , A 1 ) , . . . , x n : ( u n , A n ), where x i are distinct v ariables, u i ∈ { 1 , ∞} and A i are t yp es of terms that ma y return a r esult. W r iting x : ( u, A ) means that the v ariable x ranges on v alues of type A and can b e used according to u . W e wr ite dom (Γ) for the set { x 1 , . . . , x n } of v ariables wh er e the conte xt is d efined. The sum on u sages is extend ed to context s comp onen t wise. In particular, if x : ( u 1 , A ) ∈ Γ 1 and x : ( u 2 , A ) ∈ Γ 2 then x : ( u 1 ⊎ u 2 , A ) ∈ (Γ 1 ⊎ Γ 2 ) only if u 1 ⊎ u 2 is defin ed. W e are going to asso ciate a usage with regions to o, bu t in this case a usage will b e a t wo dimensional ve ctor b ecause we wan t to b e able to distinguish input and outp ut usages. W e de- note with U an element of one of the follo w in g three s ets of usages: { [ ∞ , ∞ ] } , { [1 , ∞ ] , [0 , ∞ ] } , { [0 , 0] , [1 , 0] , [0 , 1 ] , [1 , 1] } , where by con v ention w e reserve the fir st comp onent to d escrib e th e output u s age and the second for the in put u sage. Th us a r egion with usage [1 , ∞ ] s h ould b e written at most on ce wh ile it can b e read arbitrarily many times. The addition U 1 ⊎ U 2 is defined provided U 1 and U 2 are in the same set of u sages and moreo ve r the comp onent wise addition is d efined. F or instance, if U 1 = [ ∞ , ∞ ] and U 2 = [0 , ∞ ] then the sum is u n defined b ecause U 1 and U 2 are not in the s ame set while if U 1 = [1 , ∞ ] and U 2 = [1 , ∞ ] then th e sum is u ndefined b ecause 1 ⊎ 1 is undefined. Note that in eac h set of usages there is a neu tr al usage U 0 suc h that U 0 ⊎ U = U for all U in the same set. A r egion con text R h as the shap e: r 1 : ( U 1 , A 1 ) , . . . , r n : ( U n , A n ) (1) where r i are distinct regions, U i are usages in the sense ju st defined, and A i are t y p es of terms that ma y return a result. The t yping system will additionally guarant ee that wh enev er w e use a t yp e Reg r A the region con text conta ins an hyp othesis r : ( U, A ) for some U . Intuitiv ely , writing r : ( U, A ) means that addresses r elated to region r cont ain v alues of t yp e A and that they can b e used according to the u sage U . W e w rite dom ( R ) for the set { r 1 , . . . , r n } of the regions where the region cont ext is defined . As for con texts, the su m on usages is extended to region contexts comp onent wise. In particular, i f r : ( U 1 , A ) ∈ R 1 and r : ( U 2 , A ) ∈ R 2 then r : ( U 1 ⊎ U 2 , A ) ∈ ( R 1 ⊎ R 2 ) only if U 1 ⊎ U 2 is defined. Moreo v er, for ( R 1 ⊎ R 2 ) to b e defined we r equire that dom ( R 1 ) = dom ( R 2 ). There is no loss of generalit y in this hyp othesis b ecause if, sa y , r : ( U, A ) ∈ R 1 and r / ∈ dom ( R 2 ) then we can alwa ys add r : ( U 0 , A ) to R 2 where U 0 is the neutral usage of the set to whic h U b elongs (this is left implicit in th e t yp ing rules). 2.4 Affine-in tuitionistic type system wit h regions Because types dep en d on regions, w e hav e to b e careful in stating in table 4 w hen a r egion- con text and a typ e are compatible ( R ↓ α ), wh en a region con text is wel l-formed ( R ⊢ ), when a type is w ell-formed in a region con text ( R ⊢ α ) and when a cont ext is well- formed in a region conte xt ( R ⊢ Γ). 5 R ↓ 1 R ↓ B R ↓ A R ↓ α R ↓ ( A ⊸ α ) r : ( U, A ) ∈ R R ↓ Reg r A ∀ r : ( U, A ) ∈ R R ↓ A R ⊢ R ⊢ R ↓ α R ⊢ α ∀ x : ( u, A ) ∈ Γ R ⊢ A R ⊢ Γ T able 4: T yp e and conte xt formation rules (un stratified) A more informal wa y to express the condition is to sa y that a jud gemen t r 1 : ( U 1 , A 1 ) , . . . , r n : ( U n , A n ) ⊢ α is w ell formed p ro vided that: (1) all th e regio n names o ccurring in th e t yp es A 1 , . . . , A n , α b elong to the set { r 1 , . . . , r n } and (2) all t yp es of the shap e Reg r i B with i ∈ { 1 , . . . , n } and o ccur ring in the t yp es A 1 , . . . , A n , α are su ch that B = A i . F or instance, one ma y v erify that r : ( U, 1 ⊸ 1 ) ⊢ Reg r ( 1 ⊸ 1 ) can b e derived while r : ( U, 1 ) ⊢ R eg r ( 1 ⊸ 1 ) and r : ( U, Reg r 1 ) ⊢ 1 cann ot. Next, table 5 introdu ces an affine-in tuitionistic t yp e system with r e gions w hose basic judgement R ; Γ ⊢ P : α att ributes a t yp e α to the p rogram P in th e region con text R an d the context Γ. Here and in the follo wing we omit the ru le f or typing a p rogram ( S | P ) w hic h is symmetric to the one for the pr ogram ( P | S ). W e write aff ( x : ( u, A )) if u = 1 and aff ( r : ([ v , v ′ ] , A )) if either 1 ∈ { v , v ′ } or V ( r ) and v ′ 6 = 0. W e write aff ( R ; Γ) ( saff ( R ; Γ)) if the pr edicate aff holds for at least one (for all) the h y p otheses in R ; Γ. Notice that th e so called pr omotion rule that allo ws to duplicate a v alue requires that the relat ed cont exts are not affine. Because of this condition, the rule allo ws for a f orm of weak ening of th e hyp otheses in the conclusion. W e can then state th e follo wing we akening lemma. Lemma 1 (w eak ening) If R ; Γ ⊢ P : α and R ⊎ R ′ ⊢ Γ ⊎ Γ ′ then R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ P : α . Example 2 L et R = r : ([1 , 1 ] , 1 ) and M = λx . l et ! x = x in get ( x ) | set ( x, ∗ ) . We che ck that: R ; ⊢ M : ! Reg r 1 ⊸ B . By the rule for affine implic ation, this r e duc es to: R ; x : (1 , ! Reg r 1 ) ⊢ let ! x = x in get ( x ) | set ( x, ∗ ) : B . If we define R 0 = r : ([0 , 0] , 1 ) , then by the rule for the let we r e duc e to: R 0 ; x : (1 , ! Reg r 1 ) ⊢ x : ! Reg r 1 and R ; x : ( ∞ , Reg r 1 ) ⊢ get ( x ) | set ( x, ∗ ) : B . The former is an axiom while the latter is derive d fr om: r : ([0 , 1] , 1 ); x : ( ∞ , Reg r 1 ) ⊢ get ( x ) : 1 and r : ([1 , 0] , 1 ); x : ( ∞ , Reg r 1 ) ⊢ set ( x, ∗ ) : 1 . N ote that we c an actual ly appl y the function M to a v alue ! y which i s typ e d using the pr omotion rule as fol lo ws: R 0 ; y : ( ∞ , Reg r 1 ) ⊢ y : Reg r 1 R 0 ; y : ( ∞ , Reg r 1 ) ⊢ ! y : ! Reg r 1 We r emark that the r e gion c ontext and the c ontext play two differ ent r oles: th e c ontext c ounts the numb er of o c c urr e nc es of a variable while the r e gion c ontext c ounts the numb er of input- output effe cts. In our example, the variable x o c curs sever al times but we c an b e su r e that ther e wil l b e at most one input and at most one output in the r elate d r e gion. Example 3 We c onsider a f unctional M = λf .λf ′ .ν y ( f y | f ′ y ) which c an b e given the typ e ( Reg r 1 ⊸ 1 ) ⊸ ( Reg r 1 ⊸ 1 ) ⊸ B in a r e gion c ontext R = r : ([0 , 0] , 1 ) . We c an apply M to the functions V 1 = λx. get ( x ) and V 2 = λx. set ( x, ∗ ) which have the appr opriate typ es in the c omp atible r e gion c ontexts R ′ = r : ([0 , 1] , 1 ) and R ′′ = r : ([1 , 0] , 1 ) , r esp e ctive ly. Such affine usages would not b e c omp atible with an intuitionistic implic ation as in this c ase one has to promote (put a ! in fr ont of ) V 1 and V 2 b efor e p assing them as ar guments. 6 R ⊢ Γ x : ( u, A ) ∈ Γ R ; Γ ⊢ x : A R ⊢ Γ R ; Γ ⊢ ∗ : 1 R ; Γ , x : (1 , A ) ⊢ M : α R ; Γ ⊢ λ x .M : ( A ⊸ α ) R 1 ; Γ 1 ⊢ M : ( A ⊸ α ) R 2 ; Γ 2 ⊢ N : A R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ M N : α R ⊎ R ′ ⊢ (Γ ⊎ Γ ′ ) saff ( R ′ ; Γ ′ ) R ; Γ ⊢ M : A ¬ aff ( R ; Γ) R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ ! M : ! A R 1 ; Γ 1 ⊢ M : ! A R 2 ; Γ 2 , x : ( ∞ , A ) ⊢ N : α R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ let ! x = M in N : α R ; Γ , x : ( u, Reg r A ) ⊢ P : α R ; Γ ⊢ ν x P : α R ⊢ Γ x : ( u, Reg r A ) ∈ Γ r : ([ v , v ′ ] , A ) ∈ R v ′ 6 = 0 R ; Γ ⊢ get ( x ) : A Γ = x : ( u, Reg r A ) ⊎ Γ ′ V ( r ) R = r : ([ v , v ′ ] , A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : A R ; Γ ⊢ set ( x, V ) : 1 Γ = x : ( u, Reg r ! A ) ⊎ Γ ′ P ( r ) R = r : ([ v , v ′ ] , ! A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : ! A R ; Γ ⊢ p set ( x, V ) : 1 Γ = x : ( u, Reg r A ) ⊎ Γ ′ V ( r ) R = r : ([ v , v ′ ] , A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : A R ; Γ ⊢ ( x ← V ) : B Γ = x : ( u, Reg r ! A ) ⊎ Γ ′ P ( r ) R = r : ([ v , v ′ ] , ! A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : ! A R ; Γ ⊢ ( x ⇐ V ) : B R 1 ; Γ 1 ⊢ P : α R 2 ; Γ 2 ⊢ S : B R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ ( P | S ) : α R i ; Γ i ⊢ P i : α i P i not a store i = 1 , 2 R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ ( P 1 | P 2 ) : B T able 5: An affine-intuitionistic type system with r egions 7 As in Barb er-Plotkin system [2], the preserv ation of t yping by s ubstitution comes in t w o fla vours: one for affin e v ariables and another for in tu itionistic v ariables. Lemma 4 (substitution) (1) If R ; Γ , x : (1 , A ) ⊢ M : α , R ′ ; Γ ′ ⊢ V : A , and R ⊎ R ′ ⊢ Γ ⊎ Γ ′ then R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ [ V /x ] M : α . (2) If R ; Γ , x : ( ∞ , A ) ⊢ M : α , R ′ ; Γ ′ ⊢ ! V : ! A , and R ⊎ R ′ ⊢ Γ ⊎ Γ ′ then R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ [ V /x ] M : α . W e rely on lemma 4 to s h o w that the basic r ed uction rules in table 2 preserve t yping. Then, observing that typing is in v arian t u nder structural equ iv alence, we can lift the prop ert y to the redu ction relation whic h is generated by the b asic redu ction rules. Theorem 5 (sub ject reduction) If R ; Γ ⊢ P : α and P → P ′ then R ; Γ ⊢ P ′ : α . In our formalism, a close d program is a program whose only fr ee v ariables ha v e region t yp es (as in, sa y , the π -calculus). F or close d programs one can state a pr o gr ess pr op erty sa ying that if a program cannot p rogress then, up to str u ctural equiv alence, ev ery thread is either a v alue or a term of the shap e E [ get ( x )] and there is no store in parallel of the shap e ( x ← V ) or ( x ⇐ V ). In particular, w e n otice that a c lose d v alue of type ! A m ust ha ve the shap e ! V so that in well-t y p ed closed pr ograms suc h as let ! x = V in M or E [ get ( x )] | ( x ⇐ V ), V is guaran teed to hav e the shap e ! V required by th e op erational semant ics in table 2. Prop osition 6 (progress) Supp ose P is a close d typ able pr o gr am which c annot r e duc e. Then P is structur al ly e quivalent to a pr o gr am ν x 1 , . . . , x m ( M 1 | · · · | M n | S 1 | · · · | S p ) m, n , p ≥ 0 wher e M i is either a value or c an b e uniquely de c omp ose d as a term E [ get ( y )] such that no value is asso ciate d with the addr ess y in the stor e s S 1 , . . . , S p . 3 Confluence In our language, eac h thread ev aluates d eterministically acc ording to a call-by-v alue ev alu- ation strategy . The only source of non-determinism comes from a co ncurrent access to th e memory . More sp ecifically , w e may ha ve a n on -d eterministic program if sev eral v alues are stored at the s ame addr ess as in the follo wing example: get ( x ) | ( x ⇐ V 1 ) | ( x ⇐ V 2 ) (2) or if there is a race condition on a v olatile add ress as in the follo win g example: E 1 [ get ( x )] | E 2 [ get ( x )] | ( x ← V ) (3) On th e other hand, a race cond ition on a p ersisten t address su c h as: E 1 [ get ( x )] | E 2 [ get ( x )] | ( x ⇐ V ) (4) do es not compromise determinism b ecause the tw o p ossible reductions comm u te. W e can rule out the p roblematic situations 2 and 3 if we remo v e from our system the region usage [ ∞ , ∞ ] 8 U ∈ { [1 , ∞ ] , [0 , ∞ ] } ∪ { [1 , 1] , [1 , 0] , [0 , 1] , [0 , 0] } Γ = x : ( u, Reg r A ) ⊎ Γ ′ V ( r ) R = r : ([ v , v ′ ] , A ) ⊎ R ′ v 6 = 0 , v ′ 6 = ∞ R ⊢ Γ R ′ ; Γ ′ ⊢ V : A R ; Γ ⊢ set ( x, V ) : 1 Γ = x : ( u, Reg r A ) ⊎ Γ ′ V ( r ) R = r : ([ v , v ′ ] , A ) ⊎ R ′ v 6 = 0 , v ′ 6 = ∞ R ⊢ Γ R ′ ; Γ ′ ⊢ V : A R ; Γ ⊢ ( x ← V ) : B T able 6: Restric ted u sages and restricted rules f or confluence and if we r estrict the usages of n on-p ersistent stores to th ose in which there is at most one read effect. More precisely , we add a cond ition v ′ 6 = ∞ to the t yp in g rules for vo latile stores set ( x, V ) and ( x ← V ) as sp ecified in table 6. W e denote w ith ⊢ C pro v abilit y in th is r estricted system. T his system still en jo ys the sub ject reduction p rop erty and moreo ver its typable programs are strongly confluent. Prop osition 7 (sub j. red. and confluence) Supp ose R ; Γ ⊢ C P : α . Then: (1) If P → P ′ then R ; Γ ⊢ C P ′ : α . (2) If P → P ′ and P → P ′′ then either P ′ ≡ P ′′ or ther e is a Q su c h that P ′ → Q ′ and P ′′ → Q . Pr oof . (1) W e just h a ve to reconsider the case wh er e E [ set ( x, V )] → E [ ∗ ] | ( x ← V ) and v erify that if R ; Γ ⊢ set ( x, V ) : 1 then R ; Γ ⊢ ( x ← V ) : B whic h en tails that E [ ∗ ] | ( x ← V ) is t ypable in the same con text as E [ set ( x, V )]. (2) The r estrictions on the usages f orbid the t yping of a store suc h as the one in 2 wh er e t wo v alues are stored in the s ame region. Mo r eo ve r, it also forbids the typing of t wo parallel reads on a vola tile store. ✷ W e note that the ru les f or ensur ing confl u ence require that at most one v alue is asso ciated with a region. This is quite a restrictiv e discipline b ut one has to keep in mind that it targets regions that can b e accessed concurrently b y s ev eral thr eads. Of cour s e, the discipline could b e r elaxed for the regions that are accessed by one single sequent ial thread. 4 An affine-in tuitionistic t yp e and effect system W e r efine the t yp e system to include effe cts whic h are denoted with e, e ′ , . . . and are finite sets of regions. The synt ax of programs (table 1 ) and their op erational seman tics (table 2) are unc hanged. The only mo d ification t o the syntax of t yp es (table 3) is that the affin e implication is now annotated with an effect so that we write: A e ⊸ α . Th is introdu ces a new dep end ency of typ es on regions and consequen tly the compatibilit y condition b etw een r egion con texts and fun ctional t yp es in table 4 b ecomes: R ↓ A R ↓ α e ⊆ dom ( R ) R ↓ ( A e ⊸ α ) F or instance, one ma y v erify that the ju dgemen t r : ( U, 1 { r } ⊸ 1 ) ⊢ is d eriv able. Also to allo w for some flexibilit y , it is con v enient to in tro duce a subtyping relation on t yp es and effects as sp ecified in table 7. 9 R ⊢ α ≤ α R ⊢ A ≤ A ′ R ⊢ ! A ≤ ! A ′ e ⊆ e ′ ⊆ dom ( R ) R ⊢ A ′ ≤ A R ⊢ α ≤ α ′ R ⊢ ( A e ⊸ α ) ≤ ( A ′ e ′ ⊸ α ′ ) e ⊆ e ′ ⊆ dom ( R ) R ⊢ α ≤ α ′ R ⊢ ( α, e ) ≤ ( α, e ′ ) R ; Γ ⊢ M : ( α, e ) R ⊢ ( α, e ) ≤ ( α ′ , e ′ ) R ; Γ ⊢ M : ( α ′ , e ′ ) T able 7: Subt ypin g ind uced by effect conta inmen t W e n otice that th e tr ansitivity rule for su bt y p ing R ⊢ α ≤ α ′ R ⊢ α ′ ≤ α ′′ R ⊢ α ≤ α ′′ can b e deriv ed via a simple induction on the heigh t of the pro ofs. The t yping jud gemen ts no w tak e the shap e R ; Γ ⊢ P : ( α, e ) where the effect e provides an upp er b ound on the set of regions on wh ic h the program P ma y read or wr ite when it is ev aluated. In particular, w e can b e sure that v alues and stores pro du ce an empt y effect. As for the op erations to read and w r ite the store, one exploits the dep end ency of addr ess t yp es on regions to determine the region wher e the effect o ccurs (cf. [15]). F or the sak e of complete ness, the typing rules are sp elled out in table 8. W e stress that these rules are the same as th e ones in table 5 mo dulo the enric h ed syntax of the functional types and the manag emen t of the effect e on the right hand side of the sequen ts. The managemen t of the effects is additive as in [15], in deed effects are just sets of regions. The in tr o duction of the subt yp in g rules has a limited imp act on the structure of the t ypin g p r o ofs. Indeed, if R ⊢ A ≤ B then we kno w that A and B may just differ in the effects ann otating th e functional t yp es. In particular, when lo oking at the pr o of of the typing judgement of a v alue suc h as R ; Γ ⊢ λx.M : ( A, e ), we can alwa y s argue that A has the shap e A 1 e 1 ⊸ A 2 and, in case the effect e is not empt y , that there is a shorter p ro of of the judgement R ; Γ ⊢ λx.M : ( B 1 e 2 ⊸ B 2 , ∅ ) where R ⊢ A 1 ≤ B 1 , R ⊢ B 2 ≤ A 2 , and e 2 ⊆ e 1 . Then to pr o ve su b ject reduction, w e just rep eat the pr o of of theorem 5 wh ile usin g stan- dard arguments to keep trac k of the effects. Prop osition 8 (sub ject re duction with effects) T yp es and effe cts ar e pr eserve d by r e- duction. It easy to c h ec k that a t ypable program such as E [ set ( x, V )] which is ready to p ro duce an effect on the region r associated w ith x will indeed con tain r in its effect. Thus the su b ject reduction pr op ert y stated ab o v e as p rop osition 8 en tails th at the type and effect system d o es pro v id e an upp er b oun d on the effects a p rogram ma y p ro du ce du ring its ev aluation. 5 T erminatio n T erm s typable in the un stratified t yp e and effect system describ ed in table 8 ma y d iv erge. F or instance, th e follo wing term M stores at the add ress x a f unction that, give n an argum ent, 10 R ⊢ Γ x : ( u, A ) ∈ Γ R ; Γ ⊢ x : ( A, ∅ ) R ⊢ Γ R ; Γ ⊢ ∗ : ( 1 , ∅ ) R ; Γ , x : (1 , A ) ⊢ M : ( α, e ) R ; Γ ⊢ λx.M : ( A e ⊸ α, ∅ ) R 1 ; Γ 1 ⊢ M : ( A e ⊸ α, e ′ ) R 2 ; Γ 2 ⊢ N : ( A, e ′′ ) R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ M N : ( α, e ∪ e ′ ∪ e ′′ ) R ⊎ R ′ ⊢ (Γ ⊎ Γ ′ ) saff ( R ′ ; Γ ′ ) R ; Γ ⊢ M : ( A, e ) ¬ aff ( R ; Γ) R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ ! M : (! A, e ) R 1 ; Γ 1 ⊢ M : (! A, e ) R 2 ; Γ 2 , x : ( ∞ , A ) ⊢ ( N , e ′ ) : α R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ let ! x = M in N : ( α, e ∪ e ′ ) R ; Γ , x : ( u, Reg r A ) ⊢ P : ( α, e ) R ; Γ ⊢ ν x P : ( α, e ) R ⊢ Γ x : ( u, Reg r A ) ∈ Γ r : ([ v , v ′ ] , A ) ∈ R v ′ 6 = 0 R ; Γ ⊢ get ( x ) : ( A, { r } ) Γ = x : ( u, Reg r A ) ⊎ Γ ′ V ( r ) R = r : ([ v , v ′ ] , A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : ( A , ∅ ) R ; Γ ⊢ set ( x, V ) : ( 1 , { r } ) Γ = x : ( u, Reg r ! A ) ⊎ Γ ′ P ( r ) R = r : ([ v , v ′ ] , ! A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : (! A, ∅ ) R ; Γ ⊢ pset ( x, V ) : ( 1 , { r } ) Γ = x : ( u, Reg r A ) ⊎ Γ ′ V ( r ) R = r : ([ v , v ′ ] , A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : ( A , ∅ ) R ; Γ ⊢ ( x ← V ) : ( B , ∅ ) Γ = x : ( u, Reg r ! A ) ⊎ Γ ′ P ( r ) R = r : ([ v , v ′ ] , ! A ) ⊎ R ′ v 6 = 0 R ⊢ Γ R ′ ; Γ ′ ⊢ V : (! A, ∅ ) R ; Γ ⊢ ( x ⇐ V ) : ( B , ∅ ) R 1 ; Γ 1 ⊢ P : ( α, e ) R 2 ; Γ 2 ⊢ S : ( B , ∅ ) R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ ( P | S ) : ( α, e ) R i ; Γ i ⊢ P i : ( α i , e i ) P i not a store i = 1 , 2 R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ ( P 1 | P 2 ) : ( B , e 1 ∪ e 2 ) T able 8: An affine-intuitionistic type and effect system 11 ∅ ⊢ R ⊢ A r / ∈ dom ( R ) R, r : ( U, A ) ⊢ R ⊢ R ⊢ 1 R ⊢ R ⊢ B R ⊢ A R ⊢ ! A R ⊢ A R ⊢ α e ⊆ dom ( R ) R ⊢ ( A e ⊸ α ) R ⊢ r : ( U, A ) ∈ R R ⊢ Reg r A R ⊢ α e ⊆ dom ( R ) R ⊢ ( α, e ) T able 9: Rules for the formation of t yp es and conte x ts (stratified) 1 = 1 , B = B , A e ⊸ α = A e − → α , ! A = A, Reg r A = Reg r A r 1 : ( U 1 , A 1 ) , . . . , r n : ( U n , A n ) = r 1 : A 1 , . . . , r n : A n x : ( u, A ) , Γ =  x : A , Γ if A 6 = R eg r B Γ otherwise x = x, x r = r, ∗ = ∗ , λx.M = λx.M , M N = M N ! M = M , let ! x = M in N = ( λx.N ) M , ν x M = M , get ( x r ) = get ( r ) , set ( x r , V ) = set ( r, V ) , pset ( x r , V ) = pset ( r, V ) , ( x r ← V ) = ( r ⇐ V ) , ( x r ⇐ V ) = ( r ⇐ V ) , P | P ′ = P | P ′ T able 10: F orgetful translation k eeps fetc hing itself from the store forev er: M = ν x pset ( x, !( λy . l et ! x = get ( x ) in xy )) ; let ! x = get ( x ) in x ∗ . (5) One may v erif y th at M is t yp able in a region context R = r : ([1 , ∞ ] , !( 1 { r } ⊸ 1 )). This examp le suggests that in order to reco ver termin ation, we ma y o r der r egions and mak e sure t hat a v alue stored in a certain region wh en pu t in an ev aluation con text can only pro duce effects on smaller regions. T o f ormalise this idea, we introd u ce in table 9 rules for the formation of t yp es and con texts wh ic h are alternativ e to those in table 4 . Assumin g R = r : ( U, 1 ), one ma y c h ec k that the judgement r : ( U, 1 ) , r ′ : ( U ′ , 1 { r } ⊸ 1 ) ⊢ is deriv able while r ′ : ( U ′ , 1 { r ′ } ⊸ 1 ) ⊢ is not . It is easy to v erify that th e stratified system is a restriction of the unstratified on e and that the s u b ject reduction theorem 8 still holds in the restricted stratified system. If confluence is required, th en one ma y add the restrictions s p elled out in table 6. Concerning termination, w e recall that there is a standard forgetful tran s lation ( ) fr om affine-in tuitionistic logic to in tuitionistic logic which amounts to forget ab out the mo dalit y ! and the us ages and to regard the affine implication as an ordinary intuitionistic implication. Th us, for instance, th e translation of types goes as follo w s: ! A = A and A ⊸ B = A → B ; while the tran s lation of terms is: ! M = M and let ! x = M in N = ( λx.N ) M . In table 10, w e lift th is translation from the stratified affine-intui tionistic t y p e and effec t system into a stratified intuitionistic t yp e and effect s ystem defined in [1]. The translation assumes a de c or ation p hase wh ere the (free or b ound) v ariables with a region t yp e of the sh ap e Reg r A are lab ell ed with the region r . Intuitiv ely , the in tuitionistic 12 system abstracts an address x related to th e region r to th e r egion r itself so that a d ecorated v ariable x r translates into a constant r . In the int uitionistic language, a region r is a term of region typ e Reg r A , for some A and all sto r es are persistent. The full definition of the language is recalled in app endix 9. It tu rns out that a redu ction in the affine-intuitio n istic system is mapp ed to exactly a reduction in the intuitio nistic system. Then the termination of the int uitionistic system pro ved in [1] entai ls the termin ation of the affine-in tuitionistic one. Theorem 9 (termination) Pr o gr ams typ able in the str atifie d affine-intuitionistic typ e and effe ct system terminate. 6 Conclusion W e h a ve presen ted an affine-in tuitionistic system of typ es and effects for a functional-concurrent programming language. The fu nctional core of the system is based on Barb ed-Plotkin affine- in tu itionistic logic w hic h d istinguishes b etw een affine and in tuitionistic hyp otheses. T he lan- guage also includ es a ‘non-logical’ part with op erators to r ead and wr ite dynamically generated addresses of a ‘store’. In the t yp e s y s tem, suc h addresses are abs tr acted in to a fin ite num b er of r e g ions . W e hav e shown that suitable disciplines of r egion usage and region str atific ation allo w to regain c onfluenc e and termination , resp ectiv ely . Bey ond these crucial prop erties, w e hop e to show in future w ork th at other in teresting prop erties of the functional core can b e extended to the considered framewo rk. W e think in particular of the construction of den otational mo d els (see, e.g , [5]) and of b ounds on the computational complexit y of t yp able p rograms (see, e .g. , [11 ]). Ac kno wledgemen t s The first author wa s partially supp orted by ANR -06-SETI-010-02 and the second and third auth ors by ANR-08-BLANC-0211-01. References [1] R.M. Amadio. On stratified regio ns. I n Proc. APLAS , Springer LNCS (to app ear), 2009. Exten d ed versi on av ailable as arXiv:0 904.207 6 v2 . [2] A. Barb er. Dual intuitionistic linear logic. University of Edinbur gh , T ec hnical rep ort ECS-LFCS-96-347, 1996. [3] N. Ben t on, G. Bierman, V. de Paiv a and M. H yland. A T erm Calculus for Intuitionistic Linear Logic. In Proc. T yp e d L amb da Calculi and Applic ations , Springer LN CS 664:75-90, 2003. [4] N. Benton. A mixed linear and non-linear logic; pro ofs, terms and mo dels. I n Pro c. Computer Scienc e L o gic , Sp ringer LNCS 933:121-135, 2004. [5] G. Bierman. What is a categorical mod el of intuitionistic linear logic? In Pro c. T yp e d L amb da-Calculi and Applic ations , Springer LNCS 902:78-93, 1995. [6] G. Boudol. Typing termination in a higher-order concurrent imp erative language. In Pro c. CONCUR , Springer LNCS 4703:27 2-286, 2007. [7] M. Fluet, G. Morrisett, and A. Ahmed. Linear Regions Are All Y ou Need. In Pro c. ESOP , S pringer LNCS 3924: 7-21, 2006. [8] A. Giacalone, P . Mishra, and S. Prasad. F ACILE: A Symmet ric Integration of Concurrent and F unctional Programming. In Pro c. T APSO FT , Springer LNCS 352:184-209, 1989. [9] J.-Y. Girard. Lin ear Logic. The or etic al Computer Scienc e , 50(1):1-102, 1987. [10] J.-Y. Girard. On the unity of logic. Ann. Pur e A ppl . L o gic , 59(3):201-21 7, 1993. 13 [11] J.-Y. Girard. Light Linear Logic. I nformation and Computation , 143(2): 175-204, 1998. [12] A. Igarashi and N . Kobay ashi. R esource u sage analysis. ACM T r ans. Pr o gr am . L ang. Syst. 27(2): 264-313, 2005. [13] N. Koba yas hi. T y p e systems for concurrent progra ms. In Proc. 10th A nniversary Col lo quium of UNU/IIST , Springer LNCS 2757:439-453 , 2003. [14] N. Kobay ashi, B. Pierce, and D. T urner. Linearity and the pi-calculus. ACM T r ans. on Pr o gr am. L ang. and Systems , 21(5):914-947, 1999. [15] J. Lucassen and D. Gifford. Polymorphic effect systems. In Pro c. ACM-POPL , pp 47-57, 1988. [16] J. Maraist, M. Od ersky , D. T urner, and Ph. W adler. Call-b y-Name, Call-by-V alue, Call-by-Need, and th e Linear Lambda Calculus. In Pro c. Mathematic al F oundations of Pr o gr amm ing Semantics , Elect. Notes in Comp. Sci. 1(1), Elsevier, 1995. [17] G. Plotkin. Typ e theory and recursion. In Proc. IEEE-LICS, Abstract, 1993. [18] J. Reppy . CML: A higher-order concu rrent language. I n Pro c. ACM-SIGPLAN Conf. on Pr o g. L anguage Design and Im pl ementation , pp 293-305, 1991. [19] D. Sangiorgi. T ermination of pro cesses. Math. Struct. in Comp. Sci . , 16:1-39, 2006. [20] M. T ofte and J.-P . T alpin. R egion-based memory management. I nformation and Computation , 132(2): 109-176, 1997. [21] Ph. W adler. A T aste of Linear Logic. In Pro c. Mathematic al F oundations of Computer Scienc e , Sp ringer LNCS 711:185-210 , 1993. [22] D. W alker. S ubstructural typ e systems. Chapter 1 of A dvanc e d topics in typ es and pr o gr amming languages , B. Pierce (ed .), MIT Press, 2002. [23] D. W alk er and K .W atkins. On Regions and Linear Types. In Pro c. I nt. Conf. on F un. Pr o g. , pp 181- 192,200 1. [24] N. Y oshida, M. Berger, and K. Honda. Strong normalisation in th e π -calculus. Information and Compu- tation , 191(2):145-202, 2004. 14 A Pro ofs A.1 Pro of of theorem 5 Lemma 10 (w ea kening) If R ; Γ ⊢ P : α and R ⊎ R ′ ⊢ Γ ⊎ Γ ′ then R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ P : α . Pr oof . By induction on th e t yp ing of P . F ollo wing table 5, there are 14 rules to b e considered of w h ic h we highligh t 3. P ≡ M N W e hav e: R 1 ; Γ 1 ⊢ M : A ⊸ α R 2 ; Γ 2 ⊢ N : A R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ M N : α . W e notice th at the comp osition op erati on ⊎ on con texts is asso ciativ e and commuta tiv e (when it is defin ed) and that ( R 1 ⊎ R 2 ⊎ R ′ ) ⊢ (Γ 1 ⊎ Γ 2 ⊎ Γ ′ ) entails that ( R 1 ⊎ R ′ ) ⊢ (Γ 1 ⊎ Γ ′ ). Hence, by ind uction hypothesis, we get R 1 ⊎ R ′ ; Γ 1 ⊎ Γ ′ ⊢ M : A ⊸ α , f rom which we deriv e: R 1 ⊎ R ′ ; Γ 1 ⊎ Γ ′ ⊢ M : A ⊸ α R 2 ; Γ 2 ⊢ N : A R 1 ⊎ R 2 ⊎ R ′ ; Γ 1 ⊎ Γ 2 ⊎ Γ ′ ⊢ M N : α . P ≡ ! M W e hav e: R ⊎ R ′′ ⊢ Γ ⊎ Γ ′′ saff ( R ′′ ; Γ ′′ ) ¬ aff ( R ; Γ) R ; Γ ⊢ M : A R ⊎ R ′′ ; Γ ⊎ Γ ′′ ⊢ ! M : ! A . W e can alw a ys decomp ose R ′ as R ′ 1 ⊎ R ′ ∞ and Γ ′ as Γ ′ 1 ⊎ Γ ′ ∞ so th at ¬ aff ( R ′ ∞ ; Γ ′ ∞ ) and saff ( R ′ 1 ; Γ ′ 1 ). By indu ction hyp othesis, we hav e R ⊎ R ′ ∞ ; Γ ⊎ Γ ′ ∞ ⊢ M : A . W e notice that ¬ aff ( R ⊎ R ′ ∞ ; Γ ⊎ Γ ′ ∞ ) and saff ( R ′ 1 ⊎ R ′′ ; Γ ′ 1 ⊎ Γ ′′ ) (rememb er that 1 ⊎ ∞ is undefin ed). Hence we deriv e: ( R ⊎ R ′ ∞ ⊎ R ′ 1 ⊎ R ′′ ) ⊢ (Γ ⊎ Γ ′ ∞ ⊎ Γ ′ 1 ⊎ Γ ′′ ) saff ( R ′ 1 ⊎ R ′′ ; Γ ′ 1 ⊎ Γ ′′ ) ¬ aff ( R ⊎ R ′ ∞ ; Γ ⊎ Γ ′ ∞ ) R ⊎ R ′ ∞ ; Γ ⊎ Γ ′ ∞ ⊢ M : A R ⊎ R ′ ⊎ R ′′ ; Γ ⊎ Γ ′ ⊎ Γ ′′ ⊢ ! M : ! A . P ≡ set ( x, V ) W e hav e: Γ = x : ( u, Reg r A ) ⊎ Γ ′′ R = r : ([ v , v ′ ] , A ) ⊎ R ′′ v 6 = 0 R ⊢ Γ R ′′ ; Γ ′′ ⊢ V : A R ; Γ ⊢ set ( x, V ) : 1 . By ind uction hyp othesis, w e h av e R ′′ ⊎ R ′ ; Γ ′′ ⊎ Γ ′ ⊢ V : A , from which we derive : Γ ⊎ Γ ′ = x : ( u, Reg r A ) ⊎ (Γ ′′ ⊎ Γ ′ ) R ⊎ R ′ = r : ([ v , v ′ ] , A ) ⊎ ( R ′′ ⊎ R ′ ) v 6 = 0 R ⊎ R ′ ⊢ Γ ⊎ Γ ′ R ′′ ⊎ R ′ ; Γ ′′ ⊎ Γ ′ ⊢ V : A R ⊎ R ′ ; Γ ⊎ Γ ′ ⊢ set ( x, V ) : 1 . W e notice that this argum en t still h olds when introd ucing the restriction v ′ 6 = ∞ in order to guarant ee conflu ence (cf. table 6). Ind eed, the restriction v ′ 6 = ∞ is equiv alen t to requ ire that the usage of the region r ranges in the f amily of us ages { [1 , 1] , [1 , 0] , [0 , 1] , [ 0 , 0 ] } . ✷ 15 Lemma 11 (affine substitut ion lemma) If R 1 ; Γ 1 , x : (1 , A ) ⊢ P : α , R 2 ; Γ 2 ⊢ V : A , and R 1 ⊎ R 2 ⊢ Γ 1 ⊎ Γ 2 then R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ [ V /x ] P : α . Pr oof . By ind u ction on the typing of P . W e highligh t 4 cases out of 14. P ≡ M N W e hav e: R 3 ; Γ ′ 3 ⊢ M : C ⊸ α R 4 ; Γ ′ 4 ⊢ N : C R 3 ⊎ R 4 ; Γ ′ 3 ⊎ Γ ′ 4 ⊢ M N : α . Because x : (1 , A ) is an affin e hypothesis, it can o ccur exclusively either in Γ ′ 3 or in Γ ′ 4 . W e consider b ot h cases. 1. Γ ′ 3 = Γ 3 , x : (1 , A ) and Γ ′ 4 = Γ 4 with x / ∈ dom (Γ 4 ). By induction hyp othesis we ha ve R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : C ⊸ α . Plus x / ∈ FV ( N ) so [ V /x ] N ≡ N , hence R 4 ; Γ 4 ⊢ [ V /x ] N : C . T h en we derive : R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : C ⊸ α R 4 ; Γ 4 ⊢ [ V /x ] N : C R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( M N ) : α . 2. Γ ′ 3 = Γ 3 with x / ∈ dom (Γ 3 ) and Γ ′ 4 = Γ 4 , x : (1 , A ). By in d uction h yp othesis we ha ve R 2 ⊎ R 4 ; Γ 2 ⊎ Γ 4 ⊢ [ V /x ] N : C . Plus x / ∈ FV ( M ) so [ V /x ] M ≡ M , hence R 3 ; Γ 3 ⊢ [ V /x ] M : C ⊸ α . Then w e derive: R 3 ; Γ 3 ⊢ [ V /x ] M : C ⊸ α R 2 ⊎ R 4 ; Γ 2 ⊎ Γ 4 ⊢ [ V /x ] N : C R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( M N ) : α . P ≡ ! M W e hav e: R 1 ⊎ R ′ ⊢ (Γ 1 ⊎ (Γ ′ , x : (1 , A ))) saff ( R ′ ; Γ ′ , x : (1 , A )) R 1 ; Γ 1 ⊢ M : A ¬ aff ( R 1 ; Γ 1 ) R 1 ⊎ R ′ ; Γ 1 ⊎ (Γ ′ , x : (1 , A )) ⊢ ! M : ! A W e d educe that x / ∈ FV (! M ), h ence [ V /x ](! M ) ≡ ! M and R 1 ⊎ R ′ ; Γ 1 ⊎ Γ ′ ⊢ [ V /x ](! M ) : ! A . By lemma 10, we get R 1 ⊎ R ′ ⊎ R 2 ; Γ 1 ⊎ Γ ′ ⊎ Γ 2 ⊢ [ V /x ](! M ) : ! A . P ≡ let ! y = M in N Renaming y so th at y 6 = x , we hav e: R 3 ; Γ ′ 3 ⊢ M : ! C R 4 ; Γ ′ 4 , y : ( ∞ , C ) ⊢ N : α R 3 ⊎ R 4 ; Γ ′ 3 ⊎ Γ ′ 4 ⊢ let ! y = M i n N : α As in the case of application, w e d istin gu ish tw o cases. 1. Γ ′ 3 = Γ 3 , x : (1 , A ) and Γ ′ 4 = Γ 4 with x / ∈ dom (Γ 4 ). By induction h yp othesis, we h av e R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : ! C . Plus x / ∈ FV ( N ) so [ V /x ] N ≡ N , hence R 4 ; Γ 4 , y : ( ∞ , C ) ⊢ [ V /x ] N : α . Then we derive: R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : ! C R 4 ; Γ 4 , y : ( ∞ , C ) ⊢ [ V /x ] N : α R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( let ! y = M in N ) : α . 16 2. Γ ′ 3 = Γ 3 with x / ∈ dom (Γ 3 ) and Γ ′ 4 = Γ 4 , x : (1 , A ). By ind uction hyp othesis we ha ve R 2 ⊎ R 4 ; Γ 2 , y : ( ∞ , C ) ⊎ Γ 4 ⊢ [ V /x ] N : α . Plus x / ∈ FV ( M ) so [ V /x ] M ≡ M , hence R 3 ; Γ 3 ⊢ [ V /x ] M : ! C . Then we deriv e: R 3 ; Γ 3 ⊢ [ V /x ] M : ! C R 2 ⊎ R 4 ; Γ 2 , y : ( ∞ , C ) ⊎ Γ 4 ⊢ [ V /x ] N : α R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( let ! y = M in N ) : α . P ≡ set ( y , V ′ ) W e d istin gu ish t wo cases. 1. I f y 6 = x w e hav e: Γ 1 , x : (1 , A ) = y : ( u, Reg r C ) ⊎ Γ ′ 1 R 1 = r : ([ v , v ′ ] , C ) ⊎ R ′ 1 v 6 = 0 R 1 ⊢ Γ 1 , x : (1 , A ) R ′ 1 ; Γ ′ 1 ⊢ V ′ : C R 1 ; Γ 1 , x : (1 , A ) ⊢ set ( y , V ′ ) : 1 . W e deduce that Γ ′ 1 = Γ ′′ 1 ⊎ x : (1 , A ), a nd by induction hypothesis we get R ′ 1 ⊎ R 2 ; Γ ′′ 1 ⊎ Γ 2 ⊢ [ V /x ] V ′ : C , f rom which w e derive: Γ 1 = y : ( u, R eg r C ) ⊎ Γ ′′ 1 R 1 = r : ([ v , v ′ ] , C ) ⊎ R ′ 1 v 6 = 0 R 1 ⊢ Γ 1 R ′ 1 ⊎ R 2 ; Γ ′′ 1 ⊎ Γ 2 ⊢ [ V /x ] V ′ : C R 1 ; Γ 1 ⊢ [ V /x ] set ( y , V ′ ) : 1 . By lemma 10, we obtain R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ [ V /x ] set ( y , V ′ ) : 1 . 2. I f y = x th en [ V /x ] set ( y , V ′ ) ≡ set ( V , V ′ ), A = Reg r C , and u = 1. Moreo ve r V m u st b e a v ariable, thus w e can derive: Γ 1 = V : (1 , Reg r C ) ⊎ Γ ′ 1 R 1 = r : ([ v , v ′ ] , C ) ⊎ R ′ 1 v 6 = 0 R 1 ⊢ Γ 1 R ′ 1 ; Γ ′ 1 ⊢ V ′ : C R 1 ; Γ 1 ⊢ [ V /x ] set ( y , V ′ ) : 1 , and by lemma 10 we get R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ [ V /x ] set ( y , V ′ ) : 1 . ✷ Lemma 12 (in tuitionistic substitution lemma) If R 1 ; Γ 1 , x : ( ∞ , A ) ⊢ P : α , R 2 ; Γ 2 ⊢ ! V : ! A , and R 1 ⊎ R 2 ⊢ Γ 1 ⊎ Γ 2 then R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ [ V /x ] P : α . Pr oof . By ind u ction on the typing of P . W e highligh t 4 cases out of 14. P ≡ M N W e hav e: R 3 ; Γ ′ 3 ⊢ M : C ⊸ α R 4 ; Γ ′ 4 ⊢ N : C R 3 ⊎ R 4 ; Γ ′ 3 ⊎ Γ ′ 4 ⊢ M N : α . W e d istinguish 3 cases. 1. Γ ′ 3 = Γ 3 , x : ( ∞ , A ) and Γ ′ 4 = Γ 4 with x / ∈ dom (Γ 4 ). By induction h yp othesis w e ha v e R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : C ⊸ α . Plus x / ∈ FV ( N ) so [ V /x ] N ≡ N , hence R 4 ; Γ 4 ⊢ [ V /x ] N : C . T hen we d eriv e: R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : C ⊸ α R 4 ; Γ 4 ⊢ [ V /x ] N : C R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( M N ) : α . 17 2. Γ ′ 3 = Γ 3 with x / ∈ dom (Γ 3 ) and Γ ′ 4 = Γ 4 , x : ( ∞ , A ) . By in d uction h yp othesis we ha ve R 2 ⊎ R 4 ; Γ 2 ⊎ Γ 4 ⊢ [ V /x ] N : C . Plus x / ∈ FV ( M ) so [ V /x ] M ≡ M , hence R 3 ; Γ 3 ⊢ [ V /x ] M : C ⊸ α . Then w e derive: R 3 ; Γ 3 ⊢ [ V /x ] M : C ⊸ α R 2 ⊎ R 4 ; Γ 2 ⊎ Γ 4 ⊢ [ V /x ] N : C R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( M N ) : α . 3. Γ ′ 3 = Γ 3 , x : ( ∞ , A ) and Γ ′ 4 = Γ 4 , x : ( ∞ , A ). By ind uction hyp othesis w e hav e R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : C ⊸ α and R 2 ⊎ R 4 ; Γ 2 ⊎ Γ 4 ⊢ [ V /x ] N : C . Mo reo ve r we ha ve: R 5 ⊎ R ′ ⊢ Γ 5 ⊎ Γ ′ saff ( R ′ ; Γ ′ ) R 5 ; Γ 5 ⊢ V : A ¬ aff ( R 5 ; Γ 5 ) R 2 ; Γ 2 ⊢ ! V : ! A , where R 2 = R 5 ⊎ R ′ and Γ 2 = Γ 5 ⊎ Γ ′ . Hence w e kno w that all the hypotheses of R ′ and Γ ′ are of we ak ened regions and v ariables. Thus w e also hav e R 3 ⊎ R 5 ; Γ 3 ⊎ Γ 5 ⊢ [ V /x ] M : C ⊸ α and R 4 ⊎ R 5 ; Γ 4 ⊎ Γ 5 ⊢ [ V /x ] N : C . Plus from ¬ aff ( R 5 ; Γ 5 ) we get R 5 ⊎ R 5 = R 5 and Γ 5 ⊎ Γ 5 = Γ 5 , and we can derive: R 3 ⊎ R 5 ; Γ 3 ⊎ Γ 5 ⊢ [ V /x ] M : C ⊸ α R 4 ⊎ R 5 ; Γ 4 ⊎ Γ 5 ⊢ [ V /x ] N : C R 3 ⊎ R 4 ⊎ R 5 ; Γ 3 ⊎ Γ 4 ⊎ Γ 5 ⊢ [ V /x ]( M N ) : α . By lemma 10 w e obtain R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( M N ) : α . P ≡ ! M S upp ose: R 5 ⊎ R ′ ⊢ (Γ 5 , x : ( ∞ , A )) ⊎ Γ ′ saff ( R ′ ; Γ ′ ) R 5 ; Γ 5 , x : ( ∞ , A ) ⊢ M : B ¬ aff ( R 5 ; Γ 5 , x : ( ∞ , A )) R 5 ⊎ R ′ ; (Γ 5 , x : ( ∞ , A )) ⊎ Γ ′ ⊢ ! M : ! B . And also: R 6 ⊎ R 7 ⊢ Γ 6 ⊎ Γ 7 saff ( R 7 ; Γ 7 ) aff ( R 6 ; Γ 6 ) R 6 ; Γ 6 ⊢ V : A R 2 ; Γ 2 ⊢ ! V : ! A , with R 2 = R 6 ⊎ R 7 and Γ 2 = Γ 6 ⊎ Γ 7 . Hence we know that all the h yp otheses of R 7 and Γ 7 are of weak ened r egions and v ariables, su c h th at R 6 ; Γ 6 ⊢ ! V : ! A . By induction h y p othesis w e get R 5 ⊎ R 6 ; Γ 5 ⊎ Γ 6 ⊢ [ V /x ] M : B and we can d er ive: ( R 5 ⊎ R 6 ) ⊎ ( R 7 ⊎ R ′ ) ⊢ (Γ 5 ⊎ Γ 6 ) ⊎ (Γ 7 ⊎ Γ ′ ) saff ( R 7 ⊎ R ′ ; Γ 7 ⊎ Γ ′ ) ¬ aff ( R 5 ⊎ R 6 ; Γ 5 ⊎ Γ 6 ) R 5 ⊎ R 6 ; Γ 5 ⊎ Γ 6 ⊢ [ V /x ] M : B R 5 ⊎ R 2 ⊎ R ′ ; Γ 5 ⊎ Γ 2 ⊎ Γ ′ ⊢ [ V /x ]! M : ! B . P ≡ let ! y = M in N W e h a ve: R 3 ; Γ ′ 3 ⊢ M : ! C R 4 ; Γ ′ 4 , y : ( ∞ , C ) ⊢ N : α R 3 ⊎ R 4 ; Γ ′ 3 ⊎ Γ ′ 4 ⊢ let ! y = M in N : α . with y 6 = x . W e just sp ell out the case where Γ ′ 3 = Γ 3 , x : ( ∞ , A ) and Γ ′ 4 = Γ 4 , x : ( ∞ , A ) . By ind uction h y p othesis, we ha ve R 2 ⊎ R 3 ; Γ 2 ⊎ Γ 3 ⊢ [ V /x ] M : ! C and R 2 ⊎ R 4 ; (Γ 2 , y : ( ∞ , C )) ⊎ Γ 4 ⊢ [ V /x ] N : α . Moreo ver we h a ve: R 5 ⊎ R ′ ⊢ Γ 5 ⊎ Γ ′ saff ( R ′ ; Γ ′ ) R 5 ; Γ 5 ⊢ V : A ¬ aff ( R 5 ; Γ 5 ) R 2 ; Γ 2 ⊢ ! V : ! A , 18 where Γ 2 = Γ 5 ⊎ Γ ′ and R 2 = R 5 ⊎ R ′ . Hence w e kno w that all th e hyp otheses of R ′ and Γ ′ are of weak ened regions and v ariables. Thus we also ha ve R 3 ⊎ R 5 ; Γ 3 ⊎ Γ 5 ⊢ [ V /x ] M : ! C and R 4 ⊎ R 5 ; (Γ 4 , y : ( ∞ , C )) ⊎ Γ 5 ⊢ [ V /x ] N : α . Plus fr om ¬ aff ( R 5 ; Γ 5 ) w e get Γ 5 ⊎ Γ 5 = Γ 5 and R 5 ⊎ R 5 = R 5 , and w e can derive: R 3 ⊎ R 5 ; Γ 3 ⊎ Γ 5 ⊢ [ V /x ] M : ! C R 4 ⊎ R 5 ; (Γ 4 , y : ( ∞ , C )) ⊎ Γ 5 ⊢ [ V /x ] N : α R 3 ⊎ R 4 ⊎ R 5 ; Γ 3 ⊎ Γ 4 ⊎ Γ 5 ⊢ [ V /x ]( let ! y = M in N ) : α . By lemma 10, we obtain R 2 ⊎ R 3 ⊎ R 4 ; Γ 2 ⊎ Γ 3 ⊎ Γ 4 ⊢ [ V /x ]( let ! y = M i n N ) : α . P ≡ set ( y , V ′ ) W e ju st lo ok at th e case y 6 = x . W e ha ve: Γ 1 , x : ( ∞ , A ) = y : ( u, Reg r C ) ⊎ Γ ′ 1 R 1 = r : ([ v , v ′ ] , C ) ⊎ R ′ 1 v ′ 6 = 0 R 1 ⊢ Γ 1 , x : ( ∞ , A ) R ′ 1 ; Γ ′ 1 ⊢ V ′ : C R 1 ; Γ 1 , x : ( ∞ , A ) ⊢ set ( y , V ′ ) : 1 . W e dedu ce that Γ ′ 1 = Γ ′′ 1 ⊎ x : ( ∞ , A ), and by indu ction hyp othesis we get R ′ 1 ⊎ R 2 ; Γ ′′ 1 ⊎ Γ 2 ⊢ [ V /x ] V ′ : C , f rom which w e derive: Γ 1 = y : ( u, R eg r C ) ⊎ Γ ′′ 1 R 1 = r : ([ v , v ′ ] , C ) ⊎ R ′ 1 v ′ 6 = 0 R 1 ⊢ Γ 1 R ′ 1 ⊎ R 2 ; Γ ′′ 1 ⊎ Γ 2 ⊢ [ V /x ] V ′ : C R 1 ⊎ R 2 ; Γ 1 ⊎ Γ 2 ⊢ [ V /x ] set ( y , V ′ ) : 1 . ✷ Lemma 13 (structural equiv alence preserves typing) If R ; Γ ⊢ P : α and P ≡ P ′ then R ; Γ ⊢ P ′ : α . Pr oof . R ecall that structural equiv alence is the least equiv alence r elation induced b y the equations stated in table 2 and closed un der static context s. Then we p ro ceed by ind uction on th e pro of of stru ctur al equiv alence. This is is mainly a m atter of reordering the p ieces of the typing pro of of P so as to obtain a typing pro of of P ′ . ✷ Lemma 14 (ev aluation con texts and typing ) Su pp ose that in the pr o of of R ; Γ ⊢ E [ M ] : α we pr ove R ′ ; Γ ′ ⊢ M : A . Then r eplacing M with a M ′ such that R ′ ; Γ ′ ⊢ M ′ : A , we c an stil l derive R ; Γ ⊢ E [ M ′ ] : α . Pr oof . By ind u ction on the stru cture of E . ✷ Lemma 15 (functional redexes) If R ; Γ ⊢ E [∆] : α wher e ∆ has the sha p e ( λx.M ) V or let ! x = V in M th en R ; Γ ⊢ E [[ V /x ] M ] : α . Pr oof . If ∆ = ( λx.M ) V we app eal to th e affine substitution lemma 11 and if ∆ = let ! x = V in M we rely on the intuitionistic lemma 12. This settles the case where the ev aluation con text E is trivial. If it is complex then we also need lemma 14. ✷ 19 Lemma 16 (side-effects redexes) If R ; Γ ⊢ ∆ : α wher e ∆ i s one of the pr o gr ams on the left-hand side then R ; Γ ⊢ ∆ ′ : α wher e ∆ ′ is the c orr esp onding pr o gr am on the right-hand side: (1) E [ set ( x, V )] E [ ∗ ] | ( x ← V ) (2) E [ pset ( x, V )] E [ ∗ ] | ( x ⇐ V ) (3) E [ get ( x )] | ( x ← V ) E [ V ] (4) E [ get ( x )] | ( x ⇐ ! V ) E [! V ] | ( x ⇐ ! V ) Pr oof . W e pro cee d by case analysis. 1. S upp ose w e deriv e R ; Γ ⊢ E [ set ( x, V )] : α f rom R 2 ; Γ 2 ⊢ set ( x, V ) : 1 . By the t y p ing r ule for set ( x, V ) we kno w that R 2 = r : ([ v , v ′ ] , A ) ⊎ R 3 , V ( r ), Γ 2 = x : ( u, Reg r A ) ⊎ Γ 3 , and R 3 ; Γ 3 ⊢ V : A . It follo ws that R 2 ; Γ 2 ⊢ ( x ← V ) : B . W e can decomp ose R 2 ; Γ 2 in to an additiv e part ( R 2 ; Γ 2 ) 0 and a m u ltiplicativ e one ( R 2 ; Γ 2 ) 1 . Th en fr om ( R 2 ; Γ 2 ) 0 ⊢ ∗ : 1 , w e can derive R 1 ; Γ 1 ⊢ E [ ∗ ] : α , where ( R 1 ; Γ 1 ) ⊎ ( R 2 ; Γ 2 ) 1 = R ; Γ. 2. S upp ose we deriv e R ; Γ ⊢ E [ pset ( x, V )] : α from R 2 ; Γ 2 ⊢ pset ( x, V ) : 1 . By the typing rule for pset ( x, V ) we know that R 2 = r : ([ v , v ′ ] , ! A ) ⊎ R 3 , P ( r ), Γ 2 = x : ( u, Reg r ! A ) ⊎ Γ 3 , and R 3 ; Γ 3 ⊢ V : ! A . It f ollo ws that R 2 ; Γ 2 ⊢ ( x ⇐ V ) : B . Then we reason as in th e previous case. 3. S upp ose R 1 ; Γ 1 ⊢ E [ get ( x )] : α is deriv ed from R 2 ; Γ 2 ⊢ get ( x ) : A , that R 3 ; Γ 3 ⊢ ( x ← V ) : B , an d t hat R ; Γ = ( R 1 ; Γ 1 ) ⊎ ( R 3 ; Γ 3 ). Then ( R 2 ; Γ 2 ) ⊎ ( R 3 ; Γ 3 ) ⊢ V : A , b y w eake ning. Also, let r be t he r egion asso ciated with the address x . W e kno w that V ( r ) and that R 2 m u st ha v e a reading usage on r . It follo ws that aff ( R 2 ; Γ 2 ) and therefore the con text E c annot con tain a sub-conte xt of the shap e ! E ′ . Thus from ( R 2 ; Γ 2 ) ⊎ ( R 3 ; Γ 3 ) ⊢ V : A we can deriv e R ; Γ ⊢ E [ V ] : α . 4. S upp ose R 1 ; Γ 1 ⊢ E [ get ( x )] : α is derived from R 2 ; Γ 2 ⊢ get ( x ) : ! A , that R 3 ; Γ 3 ⊢ ( x ⇐ ! V ) : B , and that R ; Γ = ( R 1 ; Γ 1 ) ⊎ ( R 3 ; Γ 3 ). By the promotion rule, R 3 ; Γ 3 is a w eake ning of R 4 ; Γ 4 suc h that ¬ aff ( R 4 ; Γ 4 ) and R 4 ; Γ 4 ⊢ V : A . Then from R 4 ; Γ 4 ⊢ ! V : ! A w e can derive R ′ ; Γ ′ ⊢ E [! V ] : α where R ; Γ is a weak ening of ( R ′ ; Γ ′ ) ⊎ ( R 3 ; Γ 3 ). ✷ Theorem 17 (sub ject reduction) If R ; Γ ⊢ P : α and P → P ′ then R ; Γ ⊢ P ′ : α . Pr oof . W e recall that P → P ′ means th at P is structurally equiv alen t to a program C [∆] where C is a s tatic con text, ∆ is one of the programs on the left-hand side of the rewriting rules sp ecified i n table 2, ∆ ′ is the resp ectiv e program on the righ t-hand side, and P ′ is syn tactica lly equal to C [∆ ′ ]. By lemma 13, we kno w that R ; Γ ⊢ C [∆] : α . This entai ls th at R ′ ; Γ ′ ⊢ ∆ : α ′ for suitable R ′ , Γ ′ , α ′ . By lemmas 15 and 16, we d eriv e that R ′ ; Γ ′ ⊢ ∆ ′ : α ′ . Then by ind uction on the structure of C we argue that R ; Γ ⊢ C [∆ ′ ] : α . ✷ A.2 Pro of of theorem 9 T able 11 su mmarizes the main syn tactic catego ries and the reduction r ules of th e in tuitionistic system. It is imp ortant to n otice that in the intuitionistic system regions are terms and that the op erations that man ip ulate the store op erate d irectly on the regions so that w e write: get ( r ), pset ( r , V ), and ( r ⇐ V ) rather than get ( x ), pset ( x, V ), and ( x ⇐ V ). T able 12 summarizes the typing rules for the stratified t yp e and effect system. 20 Synt ax: terms x, y , . . . (V ariables) r, s, . . . (Regions) V ::= x | | ∗ | | r | | λx .M (V alues) M ::= V | | M M | | get ( V ) | | pset ( V , V ) | | ( M | M ) (T erms) S ::= ( r ⇐ v ) | | ( S | S ) (Stores) P ::= M | | S | | ( P | P ) (Programs) E ::= [ ] | | E M | | V E (Ev aluation Contexts) C ::= [ ] | | ( C | P )( P | C ) (Static Contexts) Opera tional seman tics P | P ′ ≡ P ′ | P (Comm u tativity) ( P | P ′ ) | P ′′ ≡ P | ( P ′ | P ′′ ) (Associativity) E [( λx.M ) V ] → E [[ V /x ] M ] E [ ge t ( r )] , ( r ⇐ V ) → E [ V ] , ( r ⇐ V ) E [ pset ( r , V )] → E [ ∗ ] , ( r ⇐ V ) Synt ax: types and contexts α ::= A | | B (T yp es) A ::= 1 | | ( A e − → α ) | | Reg r A (V alue-typ es) Γ ::= x 1 : A 1 , . . . , x n : A n (Con texts) R ::= r 1 : A 1 , . . . , r n : A n (Region contexts) T able 11: I n tu itionistic system: syn tactic categories and op erati onal seman tics Pro viso T o a v oid confusion, in the foll o wing we write ⊢ AI for p ro v abilit y in the affine- in tu itionistic system and ⊢ I for pro v abilit y in the intuitio nistic system. The translation acts on t ypable programs. In ord er to define it, it is usefu l to go through a phase of de c or ation wh ic h amoun ts to lab el eac h o ccurr ence (either free or b ound) of a v ariable x of region t yp e Reg r A with the region r . F or instance, supp ose R = r 1 : ( U 1 , A 1 ) , . . . , r 4 : ( U 4 , A 4 ) and supp ose w e h a ve a pr o v able j udgemen t: R ; x 1 : ( u 1 , Reg r 1 A ) ⊢ AI x 1 | let ! x 2 = . . . in x 2 | λx 3 .x 3 | ν x 4 x 4 : ( B , ∅ ) F ur ther supp ose in the pro of the v ariable x i relates to the region r i for i = 1 , . . . , 4. T hen the decorated term is: x r 1 1 | let ! x 2 = . . . in x r 2 2 | λx 3 .x r 3 3 | ν x 4 x r 4 4 . The idea is th at the translation of a decorate d v ariable x r is simply th e regio n r so that in the p revious case w e obtain the f ollo wing term of th e int uitionistic system: r 1 | ( λx 2 .r 2 )( . . . ) | λx 3 .r 3 | r 4 . Note that in the translation the ν ’s d isapp ear while the λ ’s and let ’s are simulated b y the in tu itionistic λ ’s. Assuming th e decoration phase, the forgetful translation ( ) is defined in table 10. Lemma 18 The for getful tr anslation pr eserves pr ovability in the fol lowing sense: 1. If R ⊢ AI then R ⊢ I . 21 Stra tified regi on contexts and type s ∅ ⊢ R ⊢ A r / ∈ dom ( R ) R, r : A ⊢ R ⊢ R ⊢ 1 R ⊢ R ⊢ B R ⊢ A R ⊢ α e ⊆ dom ( R ) R ⊢ ( A e − → α ) R ⊢ r : A ∈ R R ⊢ Reg r A R ⊢ α e ⊆ dom ( R ) R ⊢ ( α, e ) Subtyping rules R ⊢ α R ⊢ α ≤ α R ⊢ A ′ ≤ A R ⊢ α ≤ α ′ e ⊆ e ′ ⊆ dom ( R ) R ⊢ ( A e − → α ) ≤ ( A ′ e ′ − → α ′ ) R ⊢ α ≤ α ′ e ⊆ e ′ ⊆ dom ( R ) R ⊢ ( α, e ) ≤ ( α ′ , e ′ ) R ; Γ ⊢ M : ( α, e ) R ⊢ ( α, e ) ≤ ( α ′ , e ′ ) R ; Γ ⊢ M : ( α ′ , e ′ ) Terms, stores, and programs R ⊢ Γ x : A ∈ Γ R ; Γ ⊢ x : ( A, ∅ ) R ⊢ Γ r : A ∈ R R ; Γ ⊢ r : ( Reg r A, ∅ ) R ⊢ Γ R ; Γ ⊢ ∗ : ( 1 , ∅ ) R ; Γ , x : A ⊢ M : ( α, e ) R ; Γ ⊢ λ x .M : ( A e − → α, ∅ ) R ; Γ ⊢ M : ( A e 2 − → α, e 1 ) R ; Γ ⊢ N : ( A, e 3 ) R ; Γ ⊢ M N : ( α, e 1 ∪ e 2 ∪ e 3 ) R ; Γ ⊢ V : ( Reg r A, ∅ ) R ; Γ ⊢ get ( V ) : ( A , { r } ) R ; Γ ⊢ V : ( Reg r A, ∅ ) R ; Γ ⊢ V ′ : ( A, ∅ ) R ; Γ ⊢ pset ( V , V ′ ) : ( 1 , { r } ) r : A ∈ R R ; Γ ⊢ V : ( A, ∅ ) R ; Γ ⊢ ( r ⇐ V ) : ( B , ∅ ) R ; Γ ⊢ P : ( α, e ) R ; Γ ⊢ S : ( B , ∅ ) R ; Γ ⊢ ( P | S ) : ( α, e ) P i not a store R ; Γ ⊢ P i : ( α i , e i ) , i = 1 , 2 R ; Γ ⊢ ( P 1 | P 2 ) : ( B , e 1 ∪ e 2 ) T able 12: I n tu itionistic system: stratified types and effects 22 2. If R ⊢ AI α then R ⊢ I α . 3. If R ⊢ AI ( α, e ) then R ⊢ I ( α, e ) . 4. If R ⊢ AI α ≤ α ′ then R ⊢ I α ≤ α ′ . 5. If R ⊢ AI ( α, e ) ≤ ( α ′ , e ′ ) then R ⊢ I ( α, e ) ≤ ( α ′ , e ′ ) . 6. If R ⊢ AI Γ then R ⊢ AI Γ . 7. If R ; Γ ⊢ AI P : ( α, e ) (and P has b e en de c or ate d) then R ; Γ ⊢ I P : ( α, e ) . Pr oof . By ind u ction on the pr o v abilit y relation ⊢ AI . Concerning the ru les for t yp es and region con texts formation and for sub t yp in g, the for- getful translation pro vides a one-to-one mapping from the rules of th e affine-intuitio nistic system to the r u les of the intuitio n istic one (the only exception are th e rules for ! A w h ic h b ecome trivial in the in tu itionistic framew ork). Also note that dom ( R ) = dom ( R ). With these r emarks in mind, the pro of of (1-5) is straight forw ard. The p r o of of (6) follo ws directly fr om (2). W e just n otice that the f orgetful trans lation of a conte xt Γ eliminates all the v ariable asso ciated with region types. Th e p oin t is that if these v ariables o ccur in the pr ogram they will decorated and therefore in the translation they will b e r eplaced by r egions, i.e. , constan ts. In the pro of of (7), it is useful to make a few preliminary remarks. First, we akening is a derive d r ule for the in tu itionistic sys tem, so th at if we can prov e R ; Γ ⊢ I P : ( α, e ) and R, R ′ ⊢ Γ , Γ ′ then we can pro ve R, R ′ ; Γ , Γ ′ ⊢ I P : ( α, e ) to o. S econd, if R 1 ⊎ R 2 is d efi ned then R 1 = R 2 = R 1 ⊎ R 2 . The pro of is then a rather direct ind uction on th e prov abilit y relation ⊢ AI . When we discharge an assu m ption and when we introd uce a formal parameter with λ or with let we must distinguish the situation where the v ariable under consideration has region typ e, say , Reg r A . In this case the v ariable do es not o ccur in the translation of the related cont ext Γ and it is r eplaced in the term by the region r . ✷ Next we wan t to r elate t he reduction of a program and of its translation. As already men tioned, in the int uitionistic system all s tores are p ersisten t. Consequen tly , a redu ction suc h as: get ( x r ) | ( x r ← V ) → V migh t b e simulated by get ( r ) | ( r ⇐ V ) → V | ( r ⇐ V ) . In other terms, the translated program may conta in more v alues in the store than the source program. T o accoun t for this, we introd uce a ‘sim ulation’ relatio n S in d exed on a pair R ; Γ suc h that R ⊢ Γ and Γ is just comp osed of v ariables of region t yp e: S R ;Γ = { ( P, Q ) | R ; Γ ⊢ AI P : ( α, e ) , R ; ⊢ I Q : ( α, e ) , Q ≡ ( P | S ) } Lemma 19 (sim ulation) If ( P , Q ) ∈ S R ;Γ and P → P ′ then Q → Q ′ and ( P ′ , Q ′ ) ∈ S R ;Γ . Pr oof . Supp ose ( P , Q ) ∈ S R ;Γ . Then ( P , P ) ∈ S R ;Γ . Also if P → P ′ then R ; Γ ⊢ AI P ′ b y sub ject red uction of the affine-intuitio n istic system (in cidentally , sub ject r eduction h olds for the intuitionistic system to o [1]). 23 By definition P → P ′ means that P is structurally equiv alen t to a p ro cess P 1 whic h can b e d ecomp osed in a static conte xt C and a r e dex ∆ of the s h ap e describ ed in table 2. W e notice that the forgetful translation p reserv es structural equiv alence, n amely if P ≡ P 1 then P ≡ P 1 . I ndeed, the commutati vit y and asso ciativit y rules of the affine-intuitio n istic system matc h th ose of th e intuitionistic system while the rules for comm uting th e ν ’s are ‘absorb ed’ b y the translation. F or in stance, ν x P | P ′ = P | P ′ = ν x ( P | P ′ ) with x not free in P ′ . W e also remark that the forgetful tr anslation can b e extended to static and ev aluation con texts simp ly by defining [ ] = [ ]. Then we n ote that the translation of a static (ev aluation) con text is an intuitionistic static (ev aluation) conte xt. In particular, this h olds b ecause the translation of a v alue is still a v alue. F ollo win g these remarks, we can derive that Q ≡ C [∆] | S . T hus it is enough to fo cus on th e r ed exes ∆ and s ho w that eac h red uction in the affin e-intuitionistic system is mapp ed to a redu ction in the int uitionistic one and that the resulting program is still related to the program P ′ via the relation S R ;Γ . T o this end, w e notice that the translation comm u tes with th e su bstitution so that [ V /x ] M = [ V /x ] M . Th is is a stand ard argument, mo dulo the fact that the v ariable of region type hav e to b e giv en a sp eci al treatment . F or instance, we ha v e: [ y r /x r ] x r = y r = r = [ r /x r ] r = [ y r /x r ] x r . Then one pro ceeds by case analysis on the redex ∆. Let us lo ok at tw o cases in some detail. If ∆ = E [ let ! x = V in M ] → E [[ V /x ] M ] th en ∆ = E [ let ! x = V in M ] = E [( λx.M ) V ] → E [[ V /x ] M ] = E [[ V /x ] M ] = E [[ V /x ] M . On th e other hand if ∆ = E [ get ( x r )] | ( x r ← V ) th en ∆ = E [ get ( r )] | ( r ⇐ V ) → E [ V ] | ( r ⇐ V ) = E [ V ] | ( r ⇐ V ) . Notice that in this case w e ha ve an additional store ( r ⇐ V ) whic h is the reason why in the defi nition of th e relation S w e relate a program to its translation in parallel with some additional store. ✷ Theorem 20 ([1]) If R ; ⊢ I P : ( α, e ) then al l r e ductions starting fr om P terminate. Corollary 21 (termination) If R ; Γ ⊢ AI P : ( α, e ) then al l r e ductions starting fr om P terminate. Pr oof . By contradict ion. W e hav e ( P , P ) ∈ S R ;Γ and R ; ⊢ I P : ( α , e ). If there is an infinite reduction starting from P th en the sim u lation lemma 19 ent ails that there is an infi nite reduction starting form P . And this con tradicts the termination of the int uitionistic s ystem (theorem 20). ✷ 24