An Abstract Machine for Strong Call by Value
Małgorzata Biernacka, Dariusz Biernacki, Witold Charatonik, Tomasz Drab
aa r X i v : . [ c s . P L ] S e p An Abstract Machine for Strong Call by Value ⋆ Ma lgorzata Biernacka , Dariusz Biernacki , Witold Charatonik , andTomasz Drab Institute of Computer Science, University of Wroc law, Poland { mabi,dabi,wch,tdr } @cs.uni.wroc.pl Abstract.
We present an abstract machine that implements a full-reducing (a.k.a. strong) call-by-value strategy for pure λ -calculus. It isderived using Danvy et al.’s functional correspondence from Cr´egut’s KNby: (1) deconstructing KN to a call-by-name normalization-by-evaluationfunction akin to Filinski and Rohde’s, (2) modifying the resulting nor-malizer so that it implements the right-to-left call-by-value function ap-plication, and (3) constructing the functionally corresponding abstractmachine.This new machine implements a reduction strategy that subsumes thefireball-calculus variant of call by value studied by Accattoli et al. Wedescribe the strong strategy of the machine in terms of a reduction se-mantics and prove the correctness of the machine using a method basedon Biernacka et al.’s generalized refocusing. As a byproduct, we presentan example application of the machine to checking term convertibilityby discriminating on the basis of their partially normalized forms. Keywords: λ -calculus · Abstract machines · Reduction strategies · Nor-malization by evaluation · Reduction semantics.
Full-reducing (also known as strong) normalization strategies in the lambda cal-culus have so far received relatively little attention compared to weak strategiesthat provide foundations for functional programming languages, such as OCaml(implementing call by value) or Haskell (implementing call by need). However,recent advances in proof technology and the use of proof assistants based ondependently typed lambda calculus for complex verification efforts propel thedesign and study of strong reduction strategies, and of their corresponding effi-cient realizations on a machine [2,7,17].Abstract machines provide a convenient computation model that mediatesbetween the specific reduction strategy in the calculus and its practical im-plementations. The first machine for strong normalization of lambda terms isdue to Cr´egut[10]. This machine implements normal-order strategy [16], i.e., a ⋆ This research is supported by the National Science Centre of Poland, under grantnumber 2019/33/B/ST6/00289. M. Biernacka et al. hybrid strategy that iterates call by name (CbN), and necessarily extends re-duction to open terms and reduces under lambda abstractions—unlike machinesfor weak strategies that operate on closed terms and stop at lambdas. Similarlyto strong CbN, one can define strong call by value (CbV) as an iteration ofweak CbV, carefully generalizing the notion of value to open terms [1]. A nor-malization function realizing strong CbV was proposed by Gr´egoire&Leroy andimplemented in their virtual machine extending the ZAM machine [17]. Anothervirtual machine for strong CbV was derived by Ager et al. [6] from Aehlig andJoachimski’s normalization function [4]. Recently, a strong call-by-need strategyhas been proposed by Kesner et al. [7], and the corresponding abstract machinehas been derived by Biernacka et al. [9]. On the other hand, there is a line ofwork done by Accattoli et al. who study computational complexity of abstractmachines, in particular in the context of a weak CbV strategy that operateson open terms, as an intermediate step towards an efficient machine for strongCbV [2].Many abstract machines are devised or tailored by hand, and their correctnessis far from obvious. Alternatively, Danvy et al. initiated a derivational approachthat allows to obtain abstract machines from preexisting semantic artefacts forspecific strategies by applying well-defined transformations in a systematic way.Danvy et al.’s functional correspondence [5] is a two-way semantics-preservingderivation method that relates higher-order evaluators and abstract machines.More precisely, following Reynolds’ recipe of applying a CPS translation anddefunctionalization to a higher-order evaluator expressed in a functional meta-language, it leads to an implementation, in the same meta-language, of the cor-responding abstract machine [22]. However, the two program transformationscan be inverted and, as first observed by Danvy [11], starting with an imple-mentation of an abstract machine, one can obtain a higher-order compositionalevaluator, in the style of a valuation function of denotational semantics [23], thatabstractly and concisely embodies the low-level intricacies of the machine, typi-cally scattered all over the transition rules. Such an evaluator can then be locallymodified according to one’s needs and a new abstract machine can be derivedfrom it. This approach has proven extremely successful at numerous occasionsand it appears to be considerably more systematic and effective than gropingfor the right changes directly at the level of the abstract machine.The goal of this work is to derive an abstract machine that can be seen asa strong CbV counterpart of Cr´egut’s machine for normal order which avoidsneedless reevaluation of function arguments. Rather than directly tweaking theKN machine we propose to take a systematic approach following Danvy’s recipeand (1) we first deconstruct KN into a compositional evaluator, (2) we thenmodify this evaluator accordingly to account for CbV, and (3) from the newevaluator we derive a new abstract machine. Our meta-language is a small subsetof OCaml [19].In the process, we identify the reduction semantics of the rrCbV variant of astrong CbV strategy in the pure lambda calculus which we also present. In theterminology of Biernacka et al.’s, this is a hybrid strategy that uses three kinds n Abstract Machine for Strong Call by Value 3 of contexts, and it subsumes as a substrategy the weak right-to-left strategy ofAccattoli et al.’s fireball calculus. As an application of the machine we also showhow to check convertibility of terms by their partial normalization where we canstop the machine and compare computed prefixes of normal forms. Thus, thecontributions of this paper include:1. a full systematic derivation of the machine from a CbV evaluator,2. a presentation of an abstract machine for strong CbV that is a counterpartof Cr´egut’s KN machine,3. a reduction semantics for a strong CbV strategy,4. an application of the machine to convertibility checking.
Outline.
In Section 2 we recall the KN machine and present the NbE functionobtained by its deconstruction. In Section 3 we present the machine derivedfrom the evaluator, and in Section 4 the corresponding reduction semantics. InSection 5 we prove the correctness of the machine with respect to the semantics,and in Section 6 we conclude.
Supplementary materials.
The full derivations can be found athttps://bitbucket.org/pl-uwr/scbv-machine
In this section we highlight the endpoints of the derivation: the KN machine,and the resulting evaluator obtained from an OCaml encoding of the machine.The main steps in the derivation are: disentangling the abstract machine into adefunctionalized form, refunctionalizing the stacks of the machine into continua-tions, mapping the continuation-passing evaluator to direct style, and refunction-alizing the closures the direct-style evaluator operates on into their functionalrepresentation [11]. All these transformations are described in detail in the sup-plementary materials.
Cr´egut’s KN machine is shown in Figure 1. Due to the lack of space we do notdiscuss its architecture here; we refer the reader to the original paper [10] (whichalso includes a nice introduction to de Bruijn indices and levels) or to a moremodern presentation in [16]. We also discuss all transitions of the machine inour supplementary materials.The presentation here is slightly optimized compared to the original, and itcoincides (on closed terms) with later presentation introduced by Munk [20]. Themachine is in strong bisimulation with the original one, but the latter threadsmore redundant information: the parameter m in configurations is exactly thenumber of lambda frames in the current stack and need not be saved in stackframes. M. Biernacka et al.
Syntax:
Terms ∋ T ::= n | T T | λTT N ::= T | V ( n ) Closures ∋ C ::= [ T N , E ] Envs = Closures ∗ ∋ E ::= • | C :: E Frames ∋ F ::= (cid:3) [ T, E ] | λ (cid:3) | T (cid:3) Stacks = Frames ∗ ∋ S ::= • | F :: S Confs ∋ K ::= h T N , E, S, m i | h S, T, m i Initial state (for closed terms): I KN : T
7→ h T, • , • , i Transition rules: h T T , E, S , m i → h T , E, (cid:3) [ T , E ] :: S , m i (1) h λT , E, (cid:3) [ T ′ , E ′ ] :: S , m i → h T, [ T ′ , E ′ ] :: E, S , m i (2) h λT , E, S , m i → h T, [ V ( m + 1) , • ] :: E, λ (cid:3) :: S , m + 1 i (3) h , [ T, E ] :: E ′ , S , m i → h T, E, S , m i (4) h n + 1 , C :: E, S , m i → h n, E, S , m i (5) h V ( n ) , E, S , m i → h S , m − n, m i (6) h• , T nf , i → T nf (7) h (cid:3) [ T ′ , E ′ ] :: S , T neu , m i → h T ′ , E ′ , T neu (cid:3) :: S , m i (8) h λ (cid:3) :: S , T nf , m i → h S , λT nf , m − i (9) h T neu (cid:3) :: S , T nf , m i → h S , T neu T nf , m i (10) Fig. 1.
Rules for the KN machine
The machine operates on lambda terms with de Bruijn indices used to rep-resent bound variables in the standard way. Things get more complicated whenwe want to reduce open terms or reduce under lambdas, where we need to carefor free variables. In the KN machine this is done using de Bruijn levels whichrepresent the number of enclosing lambda abstractions from the root of theterm to the current variable occurrence, and such abstract variables are formedwith a different constructor V ( n ). The machine normalizes terms according tothe normal-order strategy that extends CbN to reduce open terms and underlambdas. It can be seen as an extension of the Krivine machine for CbN [18]. The machine specification can be seen as a function explicitly written in tram-polined style [14], where each transition dispatches by a single pattern matchingon the term or on the stack component of the configuration. Stacks are sequencesof frames that are constructed when traversing the term in search of a next re- n Abstract Machine for Strong Call by Value 5 dex. However, this “flat” representation allows more stacks to be formed thanare reachable in a machine run from the initial empty stack. In order to reasonabout the machine correctness, one needs to identify the precise structure ofreachable stacks. Cr´egut expresses this shape invariant by a regular expression[10] but it can also be expressed simply by the context grammar using two kindsof stacks S , S : S ::= (cid:3) [ T, E ] :: S | S S ::= • | λ (cid:3) :: S | T neu (cid:3) :: S where T neu denotes terms in neutral form. Neutral and normal forms are con-structed according to the following grammar:Normal forms ∋ T nf ::= λT nf | T neu Neutral terms ∋ T neu ::= n | T neu T nf Garc´ıa-P´erez & Nogueira [15] underline the importance of establishing theshape invariant for refunctionalization step of the functional correspondence andcharacterize evaluation contexts of the normal-order strategy by an outside-incontext grammar. Below we present the grammar of normal-order contexts forthe λ -calculus, i.e., leftmost-outermost contexts. We can see that the machinestacks correspond to the inside-out representation of contexts: S represents L -contexts encoding the weak CbN strategy while S represents A -contexts of thestrong extension of CbN. The grammar of outside-in contexts is, on the otherhand, more natural for top-down decomposition. Both L io and L oi representthe same L -contexts family but with reversed order of frames in the lists. Weelaborate on the connection between the two kinds of representations in Section 4when we discuss the strong CbV strategy.inside-out contexts L io ::= (cid:3) T :: L io | A io A io ::= • | λ (cid:3) :: A io | T neu (cid:3) :: L io outside-in contexts B oi ::= (cid:3) T :: B oi | T neu (cid:3) :: L oi | • L oi ::= λ (cid:3) :: L oi | B oi The evaluator derived through the functional correspondence from the encodingof the abstract machine of Figure 1, after some tidying to underline its structure,is shown in Figure 2. The evaluator implements an algorithm that follows theprinciples of normalization by evaluation [13], where the idea is to map a λ -termto an object in the meta-language from which a syntactic normal form of theinput term can subsequently be read off. Actually, what we have mechanicallyobtained from KN is an OCaml implementation of a domain-theoretic residual-izing model of the λ -calculus, in which the recursive type sem is an encoding of This family can be also defined in terms of an order on contexts [3]. M. Biernacka et al. (* syntax of the lambda - calculus with de Bruijn indices *) type index = inttype term = Var of index | Lam of term | App of term * term (* semantic domain *) type level = inttype glue = Abs of ( sem -> sem ) | Neutral of termand sem = level -> glue (* reification of semantic objects into normal forms *) let rec reify (d : sem ) (m : level ) : term =match d m with| Abs f ->Lam ( reify (f ( fun m ’ -> Neutral ( Var (m ’-m -1))))( m +1))| Neutral a ->a (* sem -> sem as a retract of sem *) let to_sem (f : sem -> sem ) : sem =fun _ -> Abs flet from_sem (d : sem ) : sem -> sem =fun d ’ -> fun m ->match d m with| Abs f -> f d ’ m| Neutral a -> Neutral ( App (a , reify d ’ m )) (* interpretation function *) let rec eval (t : term ) (e : sem list ) : sem =match t with| Var n -> List . nth e n| Lam t ’ -> to_sem ( fun d -> eval t ’ (d :: e ))| App (t1 , t2 ) -> from_sem ( eval t1 e)( fun m -> eval t2 e m) (* NbE : interpretation followed by reification *) let nbe (t : term ) : term = reify ( eval t []) 0
Fig. 2.
An OCaml implementation of the higher-order compositional evaluator corre-sponding to the KN machine: an instance of normalization by evaluation for normal-order β -reduction in the λ -calculus. a reflexive domain D of interpretation, isomorphic to N → (( D → D ) + Λ neu ⊥ ) ⊥ (where N and Λ neu are discrete CPOs of natural numbers and neutral terms,respectively). In particular, to sem and from sem encode continuous functions φ : ( D → D ) → D and ψ : D → ( D → D ), respectively, such that ψ ◦ φ = id , es-tablishing that D → D is a retract of D [13], which guarantees that β -convertibleterms are mapped to the same semantic object. The interpretation function eval n Abstract Machine for Strong Call by Value 7 is completely standard, except for the η -expansion in the clause for applicationwhich comes from the fact that the derivation has been carried out in an eagermeta-language. The reification function reify mediates between syntax and se-mantics in the way known from Filinski and Rohde’s work [13] on NbE for theuntyped λ -calculus.As a matter of fact, what we have obtained through the functional correspon-dence from KN is very close to what Filinski and Rohde invented (and provedcorrect using domain-theoretic tools). The difference lies in the semantic domainwhich in their case was represented (in SML) by the type that in OCaml wouldread as type sem = Abs of (( unit -> sem) -> sem )| N e u t r a l of ( level -> term ) from which we can see that the de Bruijn level is only needed to construct aneutral term and otherwise redundant (an observation confirmed by the defi-nition of to sem we have derived). With this domain of interpretation functionarguments are explicitly passed as thunks. From the reduction strategy point ofview, the normalizer of Figure 2 (and KN) implements a two-stage normalizationstrategy: first reduce a term to a weak normal form (function eval ) and thennormalize the result (function reify ). Seen that way, the two constructors oftype sem represent the two possible kinds of weak normal forms.For the record, we have derived an alternative abstract machine for normal-order reduction starting with Filinski and Rohde’s NbE. This machine differsfrom KN in that it processes neutral terms in a separate mode and with anadditional kind of stack. In the next section, we modify our NbE so that itaccounts for CbV function applications.In his MSc thesis, Munk also presents selected steps of a deconstruction ofKN into a NbE [20]. However, he goes through a step in which de Bruijn levelsare moved from the stack to closures in the environment. This step has notbeen formally justified and the resulting NbE is quite different from Filinski andRohde’s or from ours. In this section we derive a call-by-value variant of the Cr´egut abstract machine.This is done by modifying the evaluator of Figure 2 such that it accounts forCbV, and then inverting the transformations on the path from the abstractmachine to the evaluator.Call by value is a family of strategies where arguments of a function areevaluated (to a weak normal form) before being passed to the function. This wayone avoids needless recomputation of arguments that are used more than once.A possible approach to a strong variant of such a strategy is the applicative order (a.k.a. leftmost-innermost) reduction [24], where the arguments are evaluated tothe strong normal form. Here, however, we aim at a different, two-stage strategy,analogous to the one embodied in KN and in the normalizer of Figure 2, which is
M. Biernacka et al. type sem = Abs of ( sem -> sem ) | Neutral of ( level -> term )let rec reify (d : sem ) (m : level ) : term =match d with| Abs f ->Lam ( reify (f ( Neutral ( fun m ’ -> Var (m ’-m -1))))( m +1))| Neutral l ->l mlet to_sem (f : sem -> sem ) : sem = Abs flet from_sem (d : sem ) : sem -> sem =fun d ’ ->match d with| Abs f ->f d ’| Neutral l ->Neutral ( fun m -> let n = reify d ’ m in App (l m , n ))let rec eval (t : term ) (e : sem list ) : sem =match t with| Var n -> List . nth e n| Lam t ’ -> to_sem ( fun d -> eval t ’ (d :: e ))| App (t1 , t2 ) -> let d2 = eval t2 ein from_sem ( eval t1 e) d2let nbe (t : term ) : term = reify ( eval t []) 0
Fig. 3.
An OCaml implementation of the modified higher-order compositional evalua-tor: an instance of normalization by evaluation for a call-by-value β -reduction in the λ -calculus. a conservative extension of the standard CbV: the arguments are first evaluatedto a weak normal form, then the function is applied and only then the resultingweak normal form is further reduced to the strong normal form. In order toobtain one fixed member of the family, we follow [2] and choose the right-to-left order of evaluation of arguments (we also choose the right-to-left order ofnormalization in inert terms, see Section 4). In call by value, function arguments are evaluated before the application takesplace. To reflect this design choice in the evaluator, we modify the domain ofinterpretation: type sem = Abs of ( sem -> sem )| N e u t r a l of ( level -> term ) n Abstract Machine for Strong Call by Value 9 where an argument passed to a function is no longer a thunk, but a preevaluatedvalue in the semantic domain. Here, the two constructors correspond to two kindsof weak normal forms: λ -abstraction and inert term, as presented in Section 4. Allthe other changes in the evaluator are simple adjustments to this modification.An OCaml implementation of the modified evaluator is shown in Figure 3, wherewe arbitrarily decided to evaluate function application right to left (witness theexplicit sequencing of computations with let in the clause for application in eval ) and similarly for generating neutral terms (again, with let in from sem ). This normalizer could subsequently be given a domain-theoretic treatment,using the same techniques as the ones applied by Filinski and Rohde to their call-by-name normalizer [13] – an interesting endeavour that would offer one possibleway of revealing the precise meaning of the modified normalizer. Here, instead,we take advantage of the functional correspondence and we derive a semanticallyequivalent abstract machine that we then analyse and we identify the reductionstrategy it implements and inherits from the underlying NbE of Figure 3.The machine we derived from the evaluator has been subject to further op-timizations before we arrived at the version presented in the next section. Inparticular, the de Bruijn level m has been moved from application frames of thestack to a dedicated register in the configurations of the machine. This modifi-cation requires a more careful bookkeeping of the level and, most notably, it hasto be decremented when the machine leaves the scope of a lambda, just as in KNof Figure 1. We also flattened the stack structure to be represented by a singlelist of frames, instead of by a pair of mutually inductive list-like structures. Thefinal machine is then close in style to KN and can be seen as its call-by-valuevariant. The machine obtained by derivation from the NbE evaluator is presented in Fig-ure 4. There are syntactic categories of lambda terms T in de Bruijn notation,machine representations of weak normal forms W , inert terms I , environments E ,stack frames F , stacks S and configurations K . Weak normal forms are eitherclosures consisting of a lambda abstraction and an environment or inert terms.Inert terms are either abstract variables V ( n ) or inert terms applied to a weaknormal form. Just as in the KN machine, here n is de Bruijn level (not to beconfused with de Bruijn index in the grammar of terms T ). Weak normal formsrepresent the intermediate values that are passed to functions as argumentsthrough the environment and subsequently reduced further to normal form. En-vironments are just sequences of weak normal forms; they represent mappingsthat assign n th element of the sequence to the variable with de Bruijn index n .As usual, stacks represent evaluation contexts. While it would be possible to directly use Filinski and Rohde’s NbE to obtain theevaluator of this section, our goal was to reveal and adjust the evaluator underlyingKN, and the precise relation between KN and Filinski and Rohde’s NbE has notbeen revealed prior to this work.0 M. Biernacka et al.
Syntax:
Terms ∋ T ::= n | T T | λT Wnfs ∋ W ::= [ λT, E ] | I Inerts ∋ I ::= V ( n ) | I W
Envs ∋ E ::= • | W :: E Frames ∋ F ::= [ T, E ] (cid:3) | (cid:3) W | (cid:3) T | λ (cid:3) | I (cid:3) Stacks ∋ S ::= • | F :: S Confs ∋ K ::= h T, E, S, m i E | h S, W, m i C | h S, T, m i S Transition rules: T
7→ h T, • , • , i E (0) h T T , E, S , m i E → h T , E, [ T , E ] (cid:3) :: S , m i E (1) h λT , E, S , m i E → h S , [ λT, E ] , m i C (2) h , W :: E, S , m i E → h S , W, m i C (3) h n + 1 , W :: E, S , m i E → h n, E, S , m i E (4) h [ T, E ] (cid:3) :: S , W, m i C → h T, E, (cid:3) W :: S , m i E (5) h (cid:3) W :: S , [ λT, E ] , m i C → h T, W :: E, S , m i E (6) h (cid:3) W :: S , I, m i C → h S , I W, m i C (7) h S , [ λT, E ] , m i C → h T, V ( m + 1) :: E, λ (cid:3) :: S , m + 1 i E (8) h S , I W, m i C → h I (cid:3) :: S , W, m i C (9) h S , V ( n ) , m i C → h S , m − n, m i S (10) h I (cid:3) :: S , T nf , m i S → h (cid:3) T nf :: S , I, m i C (11) h λ (cid:3) :: S , T nf , m i S → h S , λT nf , m − i S (12) h (cid:3) T nf :: S , T neu , m i S → h S , T neu T nf , m i S (13) h• , T nf , i S T nf (14) Fig. 4.
Rules for KNV, a call-by-value variant of KN
There are three kinds of configurations corresponding to three modes of oper-ation: in configurations h· , · , · , ·i E the machine evaluates some subterm to a weaknormal form; in h· , · , ·i C it continues with a computed weak normal form and in h· , · , ·i S it continues with a computed (strong) normal form. Let us discuss thetransitions. For the moment we ignore the indices in stacks; we think of S , S and S as arbitrary members of the syntactic category S of stacks. Similarly, T neu and T nf are arbitrary terms. These indices will become relevant in the nextsection.Transitions (0)–(6) implement a right-to-left version of the well-known CEKmachine [12] in a formulation similar to [5], but using de Bruijn indices. Theinitial transition (0) loads the term to be evaluated to a configuration with theempty environment and empty stack on de Bruijn level 0. Transitions (1)–(4) n Abstract Machine for Strong Call by Value 11 operate on configurations of the form h T, E, S, m i E that are meant to evaluatethe term T within the environment E in the context represented by S to a weaknormal form (wnf). In the case of application T T , transition (1) calls theevaluation of T and pushes a closure pairing T with the current environmentto the stack. Note that this implements the first of our right-to-left choices of theorder of reduction. A lambda abstraction in (2) is already in wnf, so we changethe mode of operation to a configuration of the form h S, W, m i C . Transitions (3)and (4) simply read a value of a variable from the environment (which alwaysreturns a wnf) and change the mode of operation.Configurations of the form h S, W, m i C continue with a wnf W in a contextrepresented by S . There are two goals in these configurations: the first is to finishthe evaluation (to wnfs) of the closures stored on the stack according to the weakcall-by-value strategy; the second is to reduce W to a strong normal form. Thisis handled by rules (5)–(10), where rules (5) and (6) are responsible for the firstgoal, and rules (7)–(10) for the second. In rule (5) the stack contains a closure,so we start evaluating this closure and push the already computed wnf to thestack; when this evaluation reaches a wnf, rules (6) or (7) apply. If the wnf isa lambda abstraction, transition (6) implements a β -contraction. Otherwise it isan inert term; in this case rule (7) reconstructs the application of this inert termto the wnf popped from the stack (which gives another wnf). Rules (8)–(10) areapplied when there are no more wnfs on the top of the stack; here we pattern-match on the currently processed wnf W . If W is a closure, transition (8) pushesthe elementary context λ (cid:3) to the stack, increments the de Bruijn level ( m + 1),adds the abstract variable V ( n ) to the environment and starts the evaluationof the body. If W is an application I W ′ , rule (9) delays the normalization of I by pushing it to the stack and continues with W ′ ; note that this implementsthe second of our right-to-left choices of the order of reduction. Finally, if W isan abstract variable with index n at level m , we reach a normal form; rule (10)computes the final index of the variable and changes the mode of operation toa configuration of the form h S, T, m i S .Configurations of the form h S, T, m i S continue with a (strong) normal form T in a context represented by S (recall that the grammar of normal forms is pre-sented in Section 2.2). The goal in these configurations is to finish the evaluationof inert term stored on the stack and to reconstruct the final term. This is handledby transitions (11)–(14); the choice of the transition is done by pattern-matchingon the stack. If there is an inert term I on the top of the stack, rule (11) pushesthe already computed normal form on the stack and calls normalization of I byswitching the mode of operation to h S, W, m i C . Otherwise there is a λ (cid:3) frameor a previously computed normal form on the top of the stack; in these casestransitions (12) and (13) reconstruct the term accordingly. Finally, when thestack is empty, transition (14) unloads the final result from a configuration.The machine is pure in a sense that it does not use mutable state nor othercomputational effects so it can be directly implemented in a pure functionallanguage. Thanks to that all structures of the machine are persistent data struc-tures with their advantages (cf. [21]). It differs from machines of [2] in that its implementation does not perform on-the-fly α -conversion nor does it use point-ers explicitly. Assuming uniform cost criteria for arithmetic operations, the costof dispatch and of each transition is constant. As in the case of the KN machine, not all sequences of stack frames representvalid contexts that can occur in a reachable configuration of the machine fromFigure 4. We define the syntactic category K wf of well-formed configurationswith the following grammar. S ::= [ T, E ] (cid:3) :: S | (cid:3) W :: S | S S ::= (cid:3) T nf :: S | S S ::= • | λ (cid:3) :: S | I (cid:3) :: S K wf ::= h T, E, S , m i E | h S , W, m i C | h S , I, m i C | h S , T neu , m i S | h S , T nf , m i S A simple induction on the length of evaluation gives the folowing lemma.
Lemma 1.
For all initial terms T , all configurations reachable from T are well-formed. One can note that there is no invention in designing syntactic categories W and I which correspond to grammars of weak normal forms and inert terms. Theyare products of defunctionalization which is a part of mechanization carriedout via functional correspondence. More interestingly, all shape invariants canbe derived. It is enough to use a separate grammar for normal forms in thehigher-order normalizer. Through derivation this grammar is imprinted on thegrammars of stacks and configurations. Here we show a method for early discovering that two terms are not β -convertible,i.e., that they do not have equal normal forms. Gr´egoire&Leroy show in [17] thatthe comparison of normal forms can be short-circuited when enough data is com-puted. Our idea is to run the machine on both terms as long as partial resultsare the same. If the machine completes the computation on both terms and thecomputed normal forms are equal, the terms are β -convertible. But wheneverit sees partial results that are different for the two input terms, we immedi-ately know that the two terms do not have equal normal forms, without actuallycompleting the computation. In some cases it allows to give an answer even ondivergent terms. To get a partial result it is enough to interrupt the machineafter transitions (8) and (11) when it pushes λ (cid:3) and (cid:3) T nf frames, respectively,on the stack. This method is implemented in the accompanying code.As an example, consider the terms λx.λy.Ω and λx. ( x λy.Ω ) x (using stan-dard notation with names). Even if the evaluation of these terms never termi-nates, we can detect different partial results and determine that these two terms n Abstract Machine for Strong Call by Value 13( T T )[ i := T ] = T [ i := T ] T [ i := T ]( λT )[ i := T ] = λ ( T [ i + 1 := T ]) n [ i := T ] = n : n < i ↑ i ≥ T : n = in − n > i ↑ i ≥ k ( T T ) = ↑ i ≥ k T ↑ i ≥ k T ↑ i ≥ k λT = λ ↑ i ≥ k +1 T ↑ i ≥ k n = ( n + i : n ≥ kn : n < k ( λT ) T ⇀ β T [0 := T ] C [ T ] C → β C [ T ] if T ⇀ β T Fig. 5. β -contraction and β -reduction for terms with de Bruijn indices cannot have equal normal forms. By running our machine we learn that thenormal form of the former term (if it exists) starts with λx.λy. (cid:3) while the thenormal form of the latter (if it exists) starts with λx. (cid:3) x .This application is not specific to KNV and a similar procedure can be im-plemented based on KN. However, as is usual with CbV vs CbN, KNV in generalperforms better by avoiding reevaluation (to weak normal form) of function ar-guments. A reduction semantics is a form of small-step operational semantics with anexplicit representation of reduction contexts, i.e., of locations in a term wherethe computation can take place. Roughly, reduction contexts can be thoughtto represent terms with a hole. The atomic computation step is defined by arewriting relation on terms, often called the contraction relation. For example,in our source language, the lambda calculus with de Bruijn indices, the reductionsemantics can be formally defined as in Figure 5, where the contraction relationis ⇀ β , and one-step reduction is defined as contraction in context C → β , wherereduction contexts C describe the specific reduction strategy. For example, if wetake C to be L from Section 2.2, then we obtain the normal-order strategy. Thenotation C [ T ] denotes the term reconstructed by plugging the term T in the holeof the context C .In uniform strategies the grammar of reduction contexts is defined using onlyone nonterminal (as in CbN or CbV), while hybrid strategies use more than onenonterminal (as in normal order). The strong CbV strategy is another example ofa hybrid strategy, one with three nonterminals leading to three kinds of contexts,each describing a separate substrategy.As already observed in Section 2.2, shape invariants of the machine stacknaturally lead to reduction contexts of the strategy realized by the machine. Forthe case of the KNV machine, stack invariants translate to grammar of contexts shown in Figure 6 (left). Equivalently, they can be translated to an automaton,whose transitions are labelled with terms (as opposed to their machine represen-tations), where the syntactic categories of terms in weak normal form and inertterms in the lambda calculus areWeak normal forms Wnfs ∋ T W ::= λT | T I Inert terms
Inerts ∋ T I ::= n | T I T W The grammar generates all stacks in syntactic categories S , S , S in an inside-out manner: the automaton reading a stack from left to right moves from thehole of the represented context towards the topmost symbol. By reversing thearrows in the automaton we obtain an outside-in grammar (Figure 6 right). Acontext nonterminal (its kind) in inside-out grammars denotes the kind of thehole, whereas in outside-in grammars it denotes the kind of the context generatedby that nonterminal. inside-out S S S λ (cid:3) ε ε (cid:3) T nf T I (cid:3) (cid:3) T W T (cid:3) S ::= S | (cid:3) T W :: S | T (cid:3) :: S S ::= S | (cid:3) T nf :: S S ::= • | λ (cid:3) :: S | T I (cid:3) :: S S ⊆ S ⊆ S outside-in R H Fλ (cid:3) ε ε (cid:3) T nf T I (cid:3) (cid:3) T W T (cid:3) F ::= (cid:3) T W :: F | T (cid:3) :: F | • H ::= (cid:3) T nf :: H | T I (cid:3) :: RR ::= λ (cid:3) :: R | H | FF ⊆ R ⊇ H Fig. 6.
Reduction semantics: automata and grammars of contexts
To complete the reduction semantics of strong CbV we have to specify a con-traction relation. We simply read it from transition (6), where environments stor-ing delayed substitution consist of structures representing weak normal forms.Thus our contraction is β -contraction restricted to a variant where an argumenthas to be in weak normal form. We call it β wnf -contraction:( λT ) T W ⇀ βwnf T [0 := T W ]The substrategy corresponding to the F nonterminal in Figure 6 and β wnf -contraction can be recognized as the right-to-left weak strategy of the fireballcalculus considered in [2]. It is known that this strategy is deterministic andreduces terms to weak normal forms. Our strong strategy corresponds to the n Abstract Machine for Strong Call by Value 15 nonterminal R (the starting symbol in the grammar); it contains the substrat-egy F and thus it is a conservative extension of the right-to-left call-by-valuestrategy.In our strategy arguments of functions are evaluated in the right-to-left or-der. Similarly, arguments of inert terms are evaluated in the same order—thuswe can refer to the strategy as twice right-to-left call-by-value, rrCbV . This isan arbitrary choice; three other options are possible. Some of these options, likelrCbV leave place for optimizations: after completing the weak right-to-left re-duction the stack contains a sequence of arguments in weak normal form, whichare then composed to build an inert term that is immediately decomposed tothe very same sequence of weak normal forms before normalizing them withthe strong left-to-right strategy. An optimized machine could refocus directly tostrong reduction of arguments on stack instead of rebuilding an inert term anddecomposing it again.Strong CbV, as weak CbV, is an incomplete strategy , i.e., some normalizableterms may loop forever, e.g., K I Ω . Nevertheless, it allows to compute valuesof recursive functions.
Example 1.
Consider the term λ ( K I Ω ). We can decompose it uniquely into acontext λ ( K I (cid:3) ) and a subterm Ω forming a β wnf -redex. The context in theinside-out representation is K I (cid:3) :: λ (cid:3) :: • and it satisfies the S constraints.In the outside-in representation it is λ (cid:3) :: K I (cid:3) :: • and conforms with thegrammar R . Here S and R are initial nonterminals in the grammars of contextsdefined in Figure 6. Thus λ ( K I Ω ) loops in the rrCbV strategy.On the contrary, in term λ ( K I λΩ ) the subterm λΩ fits the T W grammarand λ ( (cid:3) λΩ ) is a correct context of rrCbV. Thus λ ( K I λΩ ) reduces to λI intwo steps. In this section we show the correctness of the derived machine: it traces [8] (i.e.,exactly implements, in a step-by-step manner) the reduction semantics. Beforestating the formal theorem we need some definitions.
In the proof of correctness we have to translate lambda terms to machineconfigurations and back. The encoding of a term to a configuration is given bytransition (0) in Figure 4. The translation in the other direction is more involved.We start by defining two functions: J · , · K W : Wnfs → N → Wnfs decodingthe machine representations of weak normal forms and the function J · , · K I : Inerts → N → Inerts decoding the representations of inert terms. The formaldefinitions of these functions are given in Appendix A. The second parameter, Where K = λx.λy.x , I = λx.x , Ω = ( λx.x x ) ( λx.x x ), using standard notation withnames.6 M. Biernacka et al. which is a de Bruijn level, is needed to decode an abstract variable. The function J · , · , · K T : Terms → Envs → N → Terms decodes machine representations ofarbitrary terms.
Stacks.
Intuitively, a stack should be decoded to an evaluation context. How-ever, we are going to prove a termination result (cf. Lemma 8), for which weneed an intermediate representation: lists of annotated frames . The annotation {·} w in { T } w (cid:3) indicates that the term T occurring in a context T (cid:3) is knownto be in weak normal form; similarly {·} n in (cid:3) { T } n indicates that T is knownto be in strong normal form. AnnFrms ∋ C ::= T (cid:3) | (cid:3) T | { T } w (cid:3) | (cid:3) { T } n | λ (cid:3) AnnFrms ∗ ∋ L ::= • | C :: L The function J · K S : Stacks → AnnFrms ∗ decodes stacks by decoding term rep-resentations in stack frames and adding frame annotations. Annotated decompositions.
A configuration of the machine encodes, amongothers, a decomposition of a term into its subterm and a surrounding context.
Example 2.
Consider a fragment of evaluation of the term λ
00 (which is λx.xx in de Bruijn notation). We adopt here the OCaml notation for lists, so [1; λ (cid:3) ]is the same as 1 :: λ (cid:3) :: • . h [ (cid:3) V (1); λ (cid:3) ] , V (1) , i C ( ) → h [ λ (cid:3) ] , V (1) V (1) , i C ( ) →h [ V (1) (cid:3) ; λ (cid:3) ] , V (1) , i C ( ) → h [ V (1) (cid:3) ; λ (cid:3) ] , , i S ( ) →h [ (cid:3) λ (cid:3) ] , V (1) , i C Here both stacks [ (cid:3) λ (cid:3) ] and [ (cid:3) V (1); λ (cid:3) ] represent the same context λ ( (cid:3) λ
00 to the subterm 0 in the context λ ( (cid:3) annotated decomposition . We introduce annotations for terms that allow todistinguish between arbitrary terms and terms in weak or strong normal form. AnnTerms ∋ A ::= T | { T } w | { T } n AnnDcmp ∋ D ::= A :: L Configurations.
Configurations are first decoded to annotated decompositionswith function J · K K : Confs → AnnDcmp and then to terms by function plug :
AnnDcmp → Terms . The latter function ignores all annotations. n Abstract Machine for Strong Call by Value 17
We are now ready to state the result formally as the following theorem.
Theorem 1.
KNV traces the twice right-to-left strong CbV strategy, i.e.:1. The function plug( J · K K ) : Confs → Terms is a surjection.2. For each machine transition K → K ′ , either plug( J K K K ) = plug( J K ′ K K ) (i.e., the two configurations represent different decompositions of the sameterm), or plug( J K K K ) reduces to plug( J K ′ K K ) in the strategy.3. There are no silent loops in the machine, i.e., no infinite sequences of tran-sitions K → . . . → K n → . . . such that plug( J K i K K ) = plug( J K i +1 K K ) forall i .4. For all terms T, T ′ , if T reduces to T ′ according to the strategy, then for each K such that plug( J K K K ) = T there exists a sequence of machine transitions K → . . . → K ′ such that plug( J K ′ K K ) = T ′ . The proof of this theorem is more tedious than sophisticated. We provide asketch in Appendix C. Point 1 is a simple observation that for any term T thecorresponding initial configuration is decoded to T . For point 2, a simple caseanalysis gives that all transitions =( ) → leave the decoding of the configurationsunchanged. The fact that ( ) → implements β wnf -contraction is technically moreinvolved, but not surprising.Probably the most interesting part concerns point 3, which implies that themachine always finds a redex in a finite number of steps. We present the mainintuitions here, leaving formal details in the appendices. We start by introducinga strict partial order on annotated terms and frames. For all terms T , . . . , T we set T < T (cid:3) < (cid:3) T < { T } w < { T } w (cid:3) < (cid:3) { T } n < λ (cid:3) < { T } n Then we extend this order to the reversed lexicographic extension < rlex of < onannotated decompositions: D < rlex D iff D R < lex D R where D R denotes thereverse of D and < lex is the standard lexicographic extension of < . Since a giventerm may have only finitely many corresponding annotated decompositions thatcannot grow forever, there are no silent loops. Example 3.
The following is the sequence of decodings of configurations fromExample 2. Note that this sequence is strictly increasing in the < rlex order.[ { } w ; (cid:3) λ (cid:3) ] ( ) → [ { } w ; λ (cid:3) ] ( ) → [ { } w ; { } w (cid:3) ; λ (cid:3) ] ( ) → [ { } n ; { } w (cid:3) ; λ (cid:3) ] ( ) → [ { } w ; (cid:3) { } n ; λ (cid:3) ] Since all the transformations used in the derivation are meaning-preserving, wecan informally state that: For every closed term T and its OCaml representa-tion t , the computation eval t [] 0 in the call-by-value normalizer of Figure 3 returns a sem value iff T reaches weak normal form in the strategy. Similarly thecomputation nbe t returns a term value t’ iff T reaches a normal form T ′ inthe strategy, and t’ is an OCaml representation of T ′ . We presented the first systematic derivation of an abstract machine KNV thatimplements the strong CbV strategy for normalization in the lambda calculus.The derivation starts from the KN machine for normal-order reduction and usesoff-the-shelf tools to transform semantic artefacts in a sequence of steps that con-stitute the so-called functional correspondence, as a two-way derivation recipe.We also presented the reduction semantics for the strong CbV strategy that canbe read off the obtained machine, and that is an example of a hybrid strategywith three kinds of reduction contexts. As an example application of the ma-chine, we illustrated how it can be used for convertibility checking, e.g., in proofassistants based on dependent type theory.In [2], the authors introduced a time complexity criterion for an abstractmachine: a machine is called a reasonable implementation of a given strategy ifit can simulate n reduction steps in a number of transitions that is polynomialin n and in the size of the initial term. It is easy to observe that KNV is nota reasonable implementation of strong CbV due to the size explosion problem.Consider, e.g., the following term family e n where c n denotes the n th Churchnumeral: ω := λx.x x e n := λx.c n ω x Each e n reduces to its normal form in the number of steps linear in n , but the sizeof this normal form is exponential in n . Since KNV never reuses structures con-structed before, it has to introduce each of the exponentially many constructorsin a separate step. Therefore, it is not a reasonable implementation. We intendto construct a modified version of KNV that will critically rely on sharing ofintermediate results. We conjecture that such a modification is both necessaryand sufficient to achieve a reasonable implementation of strong CbV. We alsobelieve that the present development is a crucial stepping stone in this under-taking and that it offers all the necessary tools. In particular, sharing, in morethan one flavour, can be most naturally introduced at the level of the evalua-tor of Figure 3 and the resulting abstract machine will be a reflection of thismodification through the functional correspondence. Acknowledgements.
We thank Filip Sieczkowski and the anonymous reviewersfor their helpful comments on the presentation of this work.
References
1. Accattoli, B., Guerrieri, G.: Open call-by-value. In: 14th Asian Symposium,APLAS 2016, Proceedings. LNCS, vol. 10017, pp. 206–226 (2016)n Abstract Machine for Strong Call by Value 192. Accattoli, B., Guerrieri, G.: Abstract machines for open call-by-value. Sci. Comput.Program. (2019)3. Accattoli, B., Lago, U.D.: (Leftmost-outermost) beta reduction is invariant, indeed.Logical Methods in Computer Science (2016)4. Aehlig, K., Joachimski, F.: Operational aspects of untyped normalization by eval-uation. Mathematical Structures in Computer Science , 587–611 (2004)5. Ager, M.S., Biernacki, D., Danvy, O., Midtgaard, J.: A functional correspondencebetween evaluators and abstract machines. In: Proceedings of the Fifth ACM-SIGPLAN Conference, PPDP’03. pp. 8–19 (2003)6. Ager, M.S., Biernacki, D., Danvy, O., Midtgaard, J.: From interpreter to compilerand virtual machine: a functional derivation. Tech. Rep. BRICS RS-03-14, DAIMI,Aarhus University, Aarhus, Denmark (Mar 2003)7. Balabonski, T., Barenbaum, P., Bonelli, E., Kesner, D.: Foundations of strong callby need. PACMPL (ICFP), 20:1–20:29 (2017)8. Biernacka, M., Charatonik, W., Zielinska, K.: Generalized refocusing: From hy-brid strategies to abstract machines. In: 2nd International Conference on FormalStructures for Computation and Deduction, FSCD 2017. pp. 10:1–10:17 (2017)9. Biernacka, M., Charatonik, W.: Deriving an abstract machine for strong call byneed. In: 4th International Conference on Formal Structures for Computation andDeduction, FSCD 2019. LIPIcs, vol. 131, pp. 8:1–8:20 (2019)10. Cr´egut, P.: Strongly reducing variants of the Krivine abstract machine. Higher-Order and Symbolic Computation (3), 209–230 (2007)11. Danvy, O.: A rational deconstruction of Landin’s SECD machine. In: Implemen-tation and Application of Functional Languages, 16th International Workshop,IFL’04. pp. 52–71 (2004)12. Felleisen, M., Friedman, D.P.: Control operators, the SECD machine, and the λ -calculus. In: Wirsing, M. (ed.) Formal Description of Programming Concepts III,pp. 193–217. Elsevier Science Publishers B.V. (North-Holland), Amsterdam (1986)13. Filinski, A., Rohde, H.K.: Denotational aspects of untyped normalization by eval-uation. Theoretical Informatics and Applications (3), 423–453 (2005)14. Ganz, S.E., Friedman, D.P., Wand, M.: Trampolined style. In: Proceedings of the1999 ACM SIGPLAN International Conference on Functional Programming. pp.18–27 (1999)15. Garc´ıa-P´erez, A., Nogueira, P.: On the syntactic and functional correspondence be-tween hybrid (or layered) normalisers and abstract machines. Science of ComputerProgramming , 176–199 (2014)16. Garc´ıa-P´erez, ´A., Nogueira, P.: The full-reducing Krivine abstract machine KNsimulates pure normal-order reduction in lockstep: A proof via corresponding cal-culus. J. Funct. Program. , e7 (2019)17. Gr´egoire, B., Leroy, X.: A compiled implementation of strong reduction. In: In-ternational Conference on Functional Programming. pp. 235–246. SIGPLAN No-tices 37(9) (2002)18. Krivine, J.L.: A call-by-name lambda-calculus machine. Higher-Order and Sym-bolic Computation (3), 199–207 (2007)19. Leroy, X., Doligez, D., Frisch, A., Garrigue, J., R´emy, D., Vouillon, J.: The OCamlsystem, release 4.10. INRIA, Rocquencourt, France (Feb 2020)20. Munk, J.: A Study of Syntactic and Semantic Artifacts and its Application toLambda Definability, Strong Normalization, and Weak Normalization in the Pres-ence of State. Master’s thesis, DAIMI, Aarhus University, Denmark (2007), BRICSresearch report RS-08-30 M. Biernacka et al.21. Okasaki, C.: Purely functional data structures. Cambridge University Press (1999)22. Reynolds, J.C.: Definitional interpreters for higher-order programming languages.Higher-Order and Symbolic Computation (4), 363–397 (1998)23. Schmidt, D.A.: Denotational Semantics: A Methodology for Language Develop-ment. Allyn and Bacon, Inc. (1986)24. Sestoft, P.: Demonstrating lambda calculus reduction. In: The Essence of Compu-tation: Complexity, Analysis, Transformation. Essays Dedicated to Neil D. Jones.pp. 420–435. No. 2566 in Lecture Notes in Computer Science (2002)n Abstract Machine for Strong Call by Value 21 A Decoding of machine representations
Terms.
The functions J · , · K W : Wnfs → N → Wnfs and J · , · K I : Inerts → N → Inerts decode the machine representations of weak normal forms and therepresentations of inert terms. J [ λT, E ] , m K W = λ J T, V ( m + 1) :: E, m + 1 K T J I, m K W = J I, m K I J V ( n ) , m K I = m − n J I W, m K I = J I, m K I J W, m K W . The function J · , · , · K T : Terms → Envs → N → Terms decodes machinerepresentations of arbitrary terms; it uses an auxiliary function J · , · , · K n : N → Envs → N → Terms that implements a lookup of a variable in an environment. J T T , E, m K T = J T , E, m K T J T , E, m K T J λT, E, m K T = J [ λT, E ] , m K W J n, E, m K T = J n, E, m K n J , W :: E, m K n = J W, m K W J n + 1 , W :: E, m K n = J n, E, m K n Stacks. J • K S = • J λ (cid:3) :: S K S = λ (cid:3) :: J S K S J I (cid:3) :: S K S = { J I, | S | λ (cid:3) K I } w (cid:3) :: J S K S J (cid:3) T nf :: S K S = (cid:3) { T nf } n :: J S K S J [ T, E ] (cid:3) :: S K S = J T, E, | S | λ (cid:3) K T (cid:3) :: J S K S J (cid:3) W :: S K S = (cid:3) J W, | S | λ (cid:3) K W :: J S K S Configurations. J h T, E, S, m i E K K = J T, E, m K T :: J S K S J h S, W, m i C K K = { J W, m K W } w :: J S K S J h S, T, m i S K K = { T } n :: J S K S plug( T :: • ) = T plug( T :: T (cid:3) :: L ) = plug( T T :: L )plug( T :: (cid:3) T :: L ) = plug( T T :: L )plug( T :: λ (cid:3) :: L ) = plug( λT :: L ) B Closedness invariants
The following function defines the number of lambda constructors needed toclose a given term. open T ( n ) = n + 1open T ( T T ) = max { open T ( T ) , open T ( T ) } open T ( λT ) = max { open T ( T ) − , } Obviously a term T is closed if open T ( T ) = 0. We say that an environ-ment E closes T if open T ( T ) ≤ | E | . We then extend the function to (machinerepresentations of) environments and weak normal forms.open W ([ λT, E ]) = open E ( E ) if E closes λT open W ( I ) = open I ( I )open I ( V ( n )) = n open I ( I W ) = max { open I ( I ) , open W ( W ) } open E ( • ) = 0open E ( W :: E ) = max { open W ( W ) , open E ( E ) } Lemma 2.
The machine maintains following invariants:In configurations h T, E, S, m i E T is closed by E and open E ( E ) ≤ m = | S | λ (cid:3) In configurations h S, W, m i C open W ( W ) ≤ m = | S | λ (cid:3) In configurations h S, T, m i S open T ( T ) ≤ m = | S | λ (cid:3) In stacks (cid:3) W :: S open W ( W ) ≤ | S | λ (cid:3) In stacks I (cid:3) :: S open I ( I ) ≤ | S | λ (cid:3) Invariants from Lemma 2 are needed in proofs of lemmas involving reach-able configurations like Lemma 5. Unreachable configurations may be subject ofstrange anomalies. For example, decoding of J [ λ , • ] , K W does not exist because λ • does not close it. A weird thing happens when onetries to decode J λλ , V (5) :: • , K T : here λλ λλ
1, which is a closed term. In an appropriate context this may lead to aviolation of a variant of Lemma 5 for non-reachable configurations: J λλ , V (5) :: • , K T J V (2) , K W = ( λλ
1) 2 → β λ = − J λ , V (2) :: V (5) :: • , K T C Sketch of correctness proof
Below we state the main lemmas needed in the proof of Theorem 1.
Lemma 3 (initial correctness). If T is a closed term then J T, • , K T = T . n Abstract Machine for Strong Call by Value 23 Lemma 4 (overhead identification). If K is a reachable configuration and K =( ) → K ′ then plug( J K K K ) = plug( J K ′ K K ) . Lemma 5 (correctness of contraction). If h (cid:3) W :: S, [ λT, E ] , m i C is a reach-able configuration of the machine then J λT , E, m K T J W, m K W ⇀ β J T, W :: E, m K T . Lemma 6 (strategy simulates machine). If K is a reachable configurationof the machine and K ( ) → K ′ then plug( J K K K ) R → β wnf plug( J K ′ K K ) .Proof. By correct contraction implementation and decoding of stacks.The following lemma formalizes the intuition from Example 3.
Lemma 7. If K → K by any of the transitions (1)–(2), (5), (7)–(13) then J K K K < rlex J K K K .Proof. The proof is done by inspection of the respective transitions. Below wesummarize, for each of the involved transitions, the key arguments. For all terms
T, T , T and all lists of annotated contexts L : T T :: L < rlex T :: T (cid:3) :: L (1) λT :: L < rlex { λT } w :: L (2) { T } w :: T (cid:3) :: L < rlex T :: (cid:3) T :: L (5) { T } w :: (cid:3) T :: L < rlex { T T } w :: L (7) { λT } w :: L < rlex T :: λ (cid:3) :: L (8) { T T } w :: L < rlex { T } w :: { T } w (cid:3) :: L (9) { n } w :: L < rlex { n } n :: L (10) { T } n :: { T } w (cid:3) :: L < rlex { T } w :: (cid:3) { T } n :: L (11) { T } n :: λ (cid:3) :: L < rlex { λT } n :: L (12) { T } n :: (cid:3) { T } n :: L < rlex { T T } n :: L (13)The following lemma formally states the main argument behind the “no silentloops” result. Lemma 8 (no silent loops).
Every sequence of transitions not involving thetransition ( ) → is finite.Proof. Consider any sequence K , K , . . . of transitions such that K i =( ) → K i +1 for all i . By Lemma 4 we have plug( J K i K K ) = plug( J K j K K ) for all i, j . Since for agiven term there exist only finitely many possible decompositions into elementarycontexts and subterms, there exist only finitely many annotated decompositions D such that plug( D ) = plug( J K K K ).Machine transitions (3)–(4) leave unchanged the decoding of a configura-tion to an annotated decomposition, in symbols if K i ( , ) → K i +1 then J K i K K = J K i +1 K K . However, the number of consecutive transitions (3)–(4) is bounded bythe biggest de Bruijn index (which is bounded by the number of λ constructors)in plug( J K i K K ). All other transitions strictly increase the decoding J K i K K byLemma 7. Therefore the sequence is finite.The remaining lemmas in this section (Lemmas 9–11) are key observationsin the proof of point 4 of Theorem 1. Lemma 9 (strategy determinism).
Any term has at most one β wnf-redexpositioned in R context. For the sake of proof we will say that a term has a C -decomposition if it hasa β wnf -redex positioned in a context C . We will use a fact that any term has atmost one F -decomposition and if it has no F -decomposition then it is a weaknormal form. We will prove stronger lemma than Lemma 9: Lemma 10.
Every term has at most one R -decomposition. If it has no R -decomposition then it is a normal form.Proof. Proof by structural induction on term T .1. If term is a variable it has no redex and is a normal form. 2. If term is anabstraction then its body either has at most one R -decomposition or is a normalform by induction hypothesis, and so is T . 3. Otherwise it is an application: T = T T .3.1. If its right branch T has a F -decomposition then no redex can be foundin the left branch T because T can’t be peeled of as a (cid:3) T W nor (cid:3) T nf frame.3.2. Otherwise right branch T is a weak normal form.3.2.1. If the left branch T has a F -decomposition then no redex can be foundin the right branch T because T can’t be peeled off as a T I (cid:3) frame. 3.2.2.Otherwise left branch T is a weak normal form.3.2.2.1. If the left branch T is an abstraction this application raises β wnf -redex. No redex can be found in the right branch T because it has no F -decomposition and abstraction T can’t be peeled off as a T I (cid:3) frame. No redexcan be found in the left branch T because abstraction has no F -decompositionor H -decomposition. 3.2.2.2. Otherwise T is an inert term.3.2.2.2.1. If T has a R -decomposition then no redex can be found in theleft branch T because T can’t be peeled of as a (cid:3) T nf frame. It’s the only R -decomposition of T by induction hypothesis. 3.2.2.2.2. Otherwise T is a normalform by induction hypothesis.3.2.2.2.2.1. If T has a R -decomposition then it’s the only R -decompositionby induction hypothesis. 3.2.2.2.2.2. Otherwise T is a neutral term by inductionhypothesis and so T is. Lemma 11 (machine simulates strategy). If plug( J K K K ) has a β wnf-redexpositioned in R context then there exists K ′ s.t. K → ∗ ( ) → K ′ .Proof..Proof.