Extracting a formally verified Subtyping Algorithm for Intersection Types from Ideals and Filters

The BCD type system of intersection types has been introduced by Barendregt, Coppo and Dezani in [1]. It is derived from a filter lambda model in order to characterize exactly the strongly normalizing terms. Formally, intersection types over variables α ∈ V σ, τ, ρ ::= α | σ → τ | σ ∩ τ | ω are related by the least preorder ≤ closed under the rules σ ≤ ω, ω ≤ ω → ω, σ ∩ τ ≤ σ, σ ∩ τ ≤ τ, σ ≤ σ ∩ σ; (σ → τ) ∩ (σ → ρ) ≤ σ → τ ∩ ρ; If σ ≤ σ and τ ≤ τ ′ then σ ∩ τ ≤ σ ∩ τ ′ and σ → τ ≤ σ → τ . Decidability of this preorder has been shown in [6, 4, 7, 8]. Laurent has formalized the relation in Coq in order to eliminate transitivity cuts from it [5]. Following the ideas presented in [8], we show how to obtain a formally verified subtyping algorithm in Coq. Focusing on the algebraic properties of filters and ideals on the subtype relation, we manage to avoid additional proof infrastructure (e.g. lists of types) and extensions to the core type theory of Coq. When executed inside Coq, the algorithm produces a subtype proof tree for an arbitrary pair of intersection types or a counter proof if the input pair is not subtype related. Automatic program extraction allows to obtain Haskell and OCaml versions of the algorithm. Extracted code can be used as a reference for randomized testing of manually optimized implementations. We will report on an implemented but not yet machine verified subtype algorithm with O(n) asymptotic runtime behavior. Proven properties allow to formally show the correspondence between prime ideals and the notion of paths in intersection types, which is mentioned in [9]. Organization into an intersection of paths is an important lemma in proofs for various decision problems, e.g. type inhabitation [3], type matching [2] and type inference [4]. We will demonstrate our implementation and made it publicly available in the hope that it can serve as a platform for exploring formal verification and program extraction of algorithms based on intersection types.