A Finite Semantics of Simply-Typed Lambda Terms for Infinite Runs of<br> Automata

Model checking properties are often described by means of finite automata. Any particular such automaton divides the set of infinite trees into finitely many classes, according to which state has an infinite run. Building the full type hierarchy upon this interpretation of the base type gives a finite semantics for simply-typed lambda-trees. A calculus based on this semantics is proven sound and complete. In particular, for regular infinite lambda-trees it is decidable whether a given automaton has a run or not. As regular lambda-trees are precisely recursion schemes, this decidability result holds for arbitrary recursion schemes of arbitrary level, without any syntactical restriction.Comment: 23 page

IO vs OI in Higher-Order Recursion Schemes

We propose a study of the modes of derivation of higher-order recursion schemes, proving that value trees obtained from schemes using innermost-outermost derivations (IO) are the same as those obtained using unrestricted derivations. Given that higher-order recursion schemes can be used as a model of functional programs, innermost-outermost derivations policy represents a theoretical view point of call by value evaluation strategy.Comment: In Proceedings FICS 2012, arXiv:1202.317

Relational semantics of linear logic and higher-order model-checking

In this article, we develop a new and somewhat unexpected connection between higher-order model-checking and linear logic. Our starting point is the observation that once embedded in the relational semantics of linear logic, the Church encoding of any higher-order recursion scheme (HORS) comes together with a dual Church encoding of an alternating tree automata (ATA) of the same signature. Moreover, the interaction between the relational interpretations of the HORS and of the ATA identifies the set of accepting states of the tree automaton against the infinite tree generated by the recursion scheme. We show how to extend this result to alternating parity automata (APT) by introducing a parametric version of the exponential modality of linear logic, capturing the formal properties of colors (or priorities) in higher-order model-checking. We show in particular how to reunderstand in this way the type-theoretic approach to higher-order model-checking developed by Kobayashi and Ong. We briefly explain in the end of the paper how his analysis driven by linear logic results in a new and purely semantic proof of decidability of the formulas of the monadic second-order logic for higher-order recursion schemes.Comment: 24 pages. Submitte

Semantics of Higher-Order Recursion Schemes

Higher-order recursion schemes are recursive equations defining new operations from given ones called "terminals". Every such recursion scheme is proved to have a least interpreted semantics in every Scott's model of \lambda-calculus in which the terminals are interpreted as continuous operations. For the uninterpreted semantics based on infinite \lambda-terms we follow the idea of Fiore, Plotkin and Turi and work in the category of sets in context, which are presheaves on the category of finite sets. Fiore et al showed how to capture the type of variable binding in \lambda-calculus by an endofunctor H\lambda and they explained simultaneous substitution of \lambda-terms by proving that the presheaf of \lambda-terms is an initial H\lambda-monoid. Here we work with the presheaf of rational infinite \lambda-terms and prove that this is an initial iterative H\lambda-monoid. We conclude that every guarded higher-order recursion scheme has a unique uninterpreted solution in this monoid

Using models to model-check recursive schemes

We propose a model-based approach to the model checking problem for recursive schemes. Since simply typed lambda calculus with the fixpoint operator, lambda-Y-calculus, is equivalent to schemes, we propose the use of a model of lambda-Y-calculus to discriminate the terms that satisfy a given property. If a model is finite in every type, this gives a decision procedure. We provide a construction of such a model for every property expressed by automata with trivial acceptance conditions and divergence testing. Such properties pose already interesting challenges for model construction. Moreover, we argue that having models capturing some class of properties has several other virtues in addition to providing decidability of the model-checking problem. As an illustration, we show a very simple construction transforming a scheme to a scheme reflecting a property captured by a given model.Comment: Long version of a paper presented at TLCA 201

Typing weak MSOL properties

International audienceWe consider non-interpreted functional programs: the result of the execution of a program is its normal form, that can be seen as the tree of calls to built-in operations. Weak monadic second-order logic (wMSO) is well suited to express properties of such trees. This is an extension of first order logic with quantification over finite sets. Many behavioral properties of programs can be expressed in wMSO. We use the simply typed lambda calculus with the fixpoint operator, $\lambda Y$-calculus, as an abstraction of functional programs that faithfully represents the higher-order control flow. We give a type system for ensuring that the result of the execution of a $\lambda Y$-program satisfies a given wMSO property. The type system is an extension of a standard intersection type system with both: the least-fixpoint rule, and a restricted version of the greatest-fixpoint rule. In order to prove soundness and completeness of the system we construct a denotational semantics of $\lambda Y$-calculus that is capable of computing properties expressed in wMSO. The model presents many symmetries reflecting dualities in the logic and has also other applications on its own. The type system is obtained from the model following the domain in logical form approach

A Finite Semantics of Simply-Typed Lambda Terms for Infinite Runs of Automata

Model checking properties are often described by means of finite automata. Any particular such automaton divides the set of infinite trees into finitely many classes, according to which state has an infinite run. Building the full type hierarchy upon this interpretation of the base type gives a finite semantics for simply-typed lambda-trees. A calculus based on this semantics is proven sound and complete. In particular, for regular infinite lambda-trees it is decidable whether a given automaton has a run or not. As regular lambda-trees are precisely recursion schemes, this decidability result holds for arbitrary recursion schemes of arbitrary level, without any syntactical restriction