On Correspondence between Selective CPS Transformation and Selective Double Negation Translation

: A double negation translation (DNT) embeds classical logic into intuitionistic logic. Such translations correspond to continuation passing style (CPS) transformations in programming languages via the Curry-Howard isomorphism. A selective CPS transformation uses a type and effect system to selectively translate only nontrivial expressions possibly with computational effects into CPS functions. In this paper, we review the conventional call-by-value (CBV) CPS transformation and its corresponding DNT, and provide a logical account of a CBV selective CPS transformation by deﬁning a selective DNT via the Curry-Howard isomorphism. By using an annotated proof system derived from the corresponding type and effect system, our selective DNT translates classical proofs into equivalent intuitionistic proofs, which are smaller than those obtained by the usual DNTs. We believe that our work can serve as a reference point for further study on the Curry-Howard isomorphism between CPS transformations and DNTs.


Introduction
The Curry-Howard isomorphism [1,2] states that formulas and proofs in mathematical logic correspond to types and programs in programming languages. For example, propositions and proofs in intuitionistic propositional logic (IPL) correspond to types and terms in the simply typed λ-calculus (λ → ). A similar correspondence also exists between classical propositional logic (CPL) and the simply typed λ-calculus with control operators such as callcc (call-with-current continuation) and throw (λ cont ) [3,4].
Classical logic differs from intuitionistic logic, also known as constructive logic, in that it includes the law of excluded middle (EM), A ∨ ¬A, as a theorem, which states that for any proposition A, either A is true or its negation ¬A is true (i.e., A is false). Classical logic also includes Peirce's law, ((A ⊃ B) ⊃ A) ⊃ A, and double negation elimination (DNE), ¬¬A ⊃ A. Any of these three theorems can be added as an axiom to proof systems for intuitionistic logic in order to obtain a sound and complete proof system for classical logic. Taking Peirce's law and DNE as axioms corresponds to the control operators such as callcc and Felleisen et al.'s C operator, which allow a nonlocal transfer of program control, respectively [3][4][5].
A double negation translation (DNT), also known as a negative translation, translates a classically valid formula into an intuitionistically valid one [6][7][8][9][10][11], for example, by placing a double negation ¬¬ in front of every subformula of the given formula [9]. More precisely, while intuitionistic logic admits double negation introduction, A ⊃ ¬¬A, it only rejects double negation elimination, ¬¬A ⊃ A. In other words, ¬¬A is weaker than A in intuitionistic logic, but they are equivalent in classical logic. Hence, in general, an instance of A in a classical proof derivation only corresponds to a weaker proposition ¬¬A in an intuitionistic proof derivation. In this regard, DNTs can be thought of as a proof transformation which eliminates every instance of DNE (or equivalently, EM or Peirce's law) used in a classical derivation of A, yielding an intuitionistic proof of ¬¬A * , where A * is the formula obtained by placing ¬¬ in front of every proper subformula of A. One important consequence of DNTs is the equivalence between the consistency of classical Peano arithmetic and the consistency of intuitionistic Heyting arithmetic.
The programming language counterpart of DNTs is continuation passing style (CPS) transformations [4,12,13], which are often used in compiler optimization [14,15]. Operationally, a continuation of type A cont is a reification of an evaluation context, i.e., the rest of the program, that expects the result of the current expression of type A. Hence, a continuation type A cont can be understood as a function type A → Ans, where Ans stands for the type of final results. If we interpret Ans as ⊥ and define ¬A as a syntactic abbreviation of A → ⊥ as usual, then DNTs correspond to CPS transformations, which translate an expression M of type A into a CPS function of type (A * → ⊥) → ⊥ that explicitly takes a continuation k as an argument and applies it to the result of M in its body. Here, the continuation k expects a value of type A * because, as in DNTs, CPS transformations also recursively translate every subexpression of the given expression into CPS expressions. The CPS transformations from λ cont into λ → [3,4], which eliminate control operators, correspond to a DNT from CPL with Peirce's law or DNE into IPL.
In this paper, we study the logical meaning of a selective CPS transformation [16] and present a selective DNT for CPL via the Curry-Howard isomorphism. The usual CPS transformations translate into CPS functions not only "nontrivial" expressions (possibly) with control operators (computational effects) but also "trivial" expressions, which lack them, yielding unnecessarily large expressions. In contrast, the selective CPS transformation only translates nontrivial expressions into CPS functions and keeps trivial expressions intact. To do so, it uses a type and effect system to keep track of the uses of control operators. Similarly, when viewed as a proof transformation, the usual DNTs also yield unnecessarily large proofs because they translate even intuitionistically valid proof derivations. Our selective DNT uses an annotated proof system to keep track of the uses of only classical axioms, which is similar to the type and effect system in [16], and only selectively translates the part of the given proof that exploits such axioms.
The main contributions of our paper are summarized as follows: • We review the Curry-Howard isomorphism between the standard call-by-value (CBV) CPS transformation with control operators and the corresponding DNT from CPL into IPL. • We review a CBV selective CPS transformation based on a type and effect system [16] and propose a corresponding selective DNT based on an annotated proof system, with its correctness proof showing that provability is preserved under the translation. • Our work can serve as a reference point for the close correspondence between the selective CPS transformation and the selective DNT and further research on this topic.
The remainder of the paper is organized as follows. Section 2 reviews the standard CBV CPS transformation from λ cont with control operators into λ → without these operators [3]. In Section 3, we present the corresponding DNT from CPL with Peirce's law into IPL. Section 4 reviews a CBV selective CPS transformation based on a type and effect system. In Section 5, we present an annotated proof system and propose a selective DNT corresponding to the selective CPS transformation via the Curry-Howard isomorphism. We also prove the correctness of the translation by showing that provability is preserved under the translation. Finally, Section 6 discusses related work and concludes.

A Call-by-Value CPS Transformation
In this section, we review the standard CBV CPS transformation [3] which translates a program in the source language λ cont with control operators callcc and throw into an operationally equivalent program in the target language λ → without control operators.

Simply Typed λ-Calculus with Control Operators
The source language λ cont is the simply typed λ-calculus with two control operators: callcc and throw [3]. Its abstract syntax is defined as follows.
An expression M is either a constant p, a variable x, a lambda abstraction (anonymous function) λx.M, a lambda application (function application) M N, or a control operator to be explained below. As for types, P ranges over an arbitrary but fixed set of primitive types, A → B denotes the type of functions from domain A to range B, and A cont denotes the type of continuations that expect a value of type A.
We consider a left-to-right CBV operational semantics for λ cont using evaluation contexts, where a well-typed expression evaluates to a value. Definition 2 (Operational semantics of λ cont ). extended expressions M, N ::= · · · | E evaluation contexts E :: An evaluation context E is an expression with a hole [ ]. Every expression M can be decomposed into a unique context E and a unique reducible expression (redex) N, i.e., M = E[N], where E[N] denotes the expression obtained by filling the hole in E with N. An evaluation context can be considered a pending computation which expects the result of another computation. Hence, we represent a continuation as a captured evaluation context of the form E . A value V is then either a constant, a lambda abstraction, or a continuation.
We use a reduction judgment M → M to denote one-step reduction of M to M . Given any program, the redex to be reduced is implicitly determined by the left-to-right CBV definition of evaluation contexts. There are three kinds of redexes. First, a lambda application of the form (λx.M) V reduces to M[V/x] (β-reduction), where M[V/x] denotes the standard capture-avoiding substitution which replaces every occurrence of x in M with V. Since we use a CBV semantics, β-reduction always substitutes a value for the formal parameter. Second, callcc x.M captures the current context E, stores a continuation E in x, and proceeds to reduce M. Finally, throw E 1 V throws a value V to a continuation E 1 and discards the current evaluation context, thus allowing a nonlocal transfer of control.
We evaluate only well-typed closed expressions [3]. To type expressions, we use a typing judgment Γ M : A which means that expression M is of type A under typing context Γ. Here, a typing context Γ is a set of type bindings of the form x : A, and we use · to denote an empty context. We assume that each variable is associated with at most one type, for example, by means of α-conversion.
typing contexts Γ ::= · | Γ, x : A A closed expression M is well-typed with respect to a type A if · M : A is provable using the typing rules in Definition 3.

Definition 3 (Typing rules for
The above typing rules are standard [3]. In the rule Tconst, CONST-TYPE is a predefined mapping from constants to primitive types. In the rule Tcallcc, callcc x.M is of type A if M is also of type A assuming x : A cont. Please note that x will at runtime be bound to a continuation that expects the result of M. Therefore, callcc itself can be given a type (A cont → A) → A for any type A, which corresponds to Peirce's law. In the rule Tthrow, if M and N are of type A cont and A, respectively, then throw M N can be assigned an arbitrary type C because its reduction never returns to the current evaluation context. Therefore, the rule Tthrow corresponds to the law of non-contradiction (followed by false elimination).
The type system given in Definition 3 is sound with respect to the operational semantics given in Definition 2 in that well-typed expressions never go wrong, i.e., cannot cause type errors during evaluation [17].

A Call-by-Value CPS Transformation
The CBV CPS transformation [3] translates the source language λ cont into the target language λ → without callcc and throw. The abstract syntax of λ → is defined as follows. The main idea of the transformation is twofold. First, it interprets a continuation of type A cont as a function of type A → ⊥, where we use ⊥ to denote the type of final answers. Second, it translates every expression M into a CPS function that explicitly takes as argument a continuation k expecting the result of M and applies k to the result in its body. Formally, the CBV CPS transformation associates each type A with A * , which is the type of values of type A after the CPS transformation and defined in Definition 5. Based on this, it translates each expression M of type A into a CPS expression C M of type (A * → ⊥) → ⊥, which is defined in Definition 6.
The transformation simply translates values and variables into the CPS form. Please note that in the translation of a lambda abstraction, the body is also translated into a CPS expression. For a lambda application M N, let us first analyze the type structure of the transformed expression: In the transformed expression λk : , C M will bind the CPS-transformed evaluation result of M to f and C N will bind that of N to v. Then the function f is called with the argument v and the initial continuation k as f v k, which returns an answer of type ⊥. In the translation of callcc x.M, C M of type (A * → ⊥) → ⊥ will apply the initial continuation k of type A * → ⊥ to the CPStransformed evaluation result of M, which is of type A * . Moreover, the continuation variable x of type A cont is substituted with the explicit continuation k in C M . Finally, in the translation of throw M N, C M will bind the continuation evaluated from M to k , and then C N will apply k to the CPS-transformed evaluation result of N. Please note that the initial continuation k is not used.
The above transformation preserves the operational meaning of the source program of primitive type: when applied to an initial continuation (an identity function), the translated program terminates if and only if the source program does, and in that case they evaluate to the same value of primitive type [3,16].
where → * is the reflexive and transitive closure of one-step reduction →.
The transformation also preserves typing [3], i.e., provability, as stated below, where Γ * is the typing context such that x : A * ∈ Γ * if and only if x : A ∈ Γ.
Proof. By induction on the structure of M.

A Double Negation Translation
By the Curry-Howard isomorphism, types and expressions in λ cont correspond to formulas and proofs in classical implicational propositional logic (CPL) [4]. The formulas of CPL are defined as follows.

Definition 7 (CPL formulas).
formulas A, B, C ::= P | A ⊃ B | ¬A P ranges over atomic propositions. We choose only implication ⊃ and negation ¬ as primitive connectives to clearly show the connection between λ cont and CPL. Other connectives A ∨ B and A ∧ B can be notionally defined as ¬A ⊃ B and ¬(A ⊃ ¬B), respectively. A continuation type A cont in λ cont is interpreted as a negated formula ¬A in CPL.
The type system for λ cont given in Definition 3 can be interpreted as the proof system for CPL given in Definition 8. We use a hypothetical judgment Γ K A to mean that a proposition A is true under a set Γ of hypotheses (where the subscript K stands for Klassical). Below, by removing the terms in each typing rule in Definition 3, we obtain the corresponding inference rule for CPL. (For simplicity, we omit the rule corresponding to Tconst because it is not necessary for studying the Curry-Howard isomorphism between CPL and IPL. However, it is needed for proving the observational soundness for the CPS transformation, stated in Theorem 1.) Definition 8 (Proof system for CPL).
The typing rules Tcallcc and Tthrow for control operators correspond to the rules Peirce and Contra which internalize Peirce's law and the law of non-contradiction, respectively. Using them, we can derive the following rules for double negation elimination and the law of excluded middle.
The DNT corresponding to the CBV CPS transformation translates CPL into intuitionistic implicational propositional logic (IPL) which corresponds to λ → in Definition 4. The formulas of IPL are defined as follows.

Definition 9 (IPL formulas).
formulas A, B, C ::= P | A ⊃ B | ⊥ A natural deduction system for IPL is defined below. We use a judgment Γ I A to mean that a proposition A is true in IPL under a set Γ of hypotheses (where the subscript I stands for Intuitionistic).
Although we include the ⊥E rule in Definition 10 for the completeness of the system, it is never used in the translation of CPL proof trees into IPL ones. In other words, our study is still valid without the ⊥E rule. Please note that ⊥ is not even included in CPL (although it can be encoded, for example, as A ∧ ¬A). Meanwhile, we regard ¬A as a syntactic abbreviation of A ⊃ ⊥ in IPL. Therefore, the following rules are special cases of the ⊃ introduction and elimination rules.
We define a translation of CPL formulas into IPL formulas exactly like the CBV CPS transformation of types, as follows.
The correctness of the DNT is stated as follows, where Γ * applies the translation elementwise: A * ∈ Γ * if and only if A ∈ Γ. Theorem 3. If Γ K A is provable, then Γ * I ¬¬A * is also provable.
Proof. We define a recursive function that maps a derivation of Γ K A into a derivation of Γ * I ¬¬A * . In particular, for each case, we build a derivation tree corresponding to its counterpart CPS transformation in Definition 6 (although a smaller derivation may be constructed).

A Call-by-Value Selective CPS Transformation
In this section, we review Nielsen's CBV selective CPS transformation [16]. The main idea is to distinguish trivial expressions whose evaluation does not give rise to computational effects (i.e., evaluation of callcc or throw) from nontrivial ones whose evaluation may give rise to effects. In general, it is undecidable to determine if the evaluation of an expression gives rise to effects, for example, in the presence of a recursive operator or recursive types. Since it is safe to assume that every expression might have an effect, the usual CPS transformation assumes every expression as nontrivial and translates into the CPS form.
To translate only nontrivial expressions selectively, while keeping trivial ones in the direct style, we use a type and effect system, where (definitely) trivial expressions are annotated with T while (possibly but not necessarily) nontrivial ones with N. The following is the minimally annotated syntax of the source language λ cont , where we omit annotations when clear from the structure of the given expression.  • every expression annotated with T is indeed trivial, • every abstraction annotated with T (resp. N) is applied only at application points annotated with T (resp. N), and • every abstraction whose body is annotated with N is also annotated with N.
To check the consistency of annotations, we use a type and effect system using a judgment Γ M : A, a which means that expression M is of type A and can be annotated with a under typing context Γ.

Definition 13 (Type and effect system).
Γ, x : A x : A, T Tvar CONST-TYPE(p) = P Γ p : P, T Tconst The relation a ≤ a 1 in the rule Tlam allows us to annotate an abstraction with a trivial body with N. Similarly, in the rule Tapp, even if a 1 , a 2 , and a 3 are all T, the application can be annotated with N. From now on, we consider only well-annotated expressions which are allowed by the type and effect system, i.e., typable by Definition 13. The following theorem shows that the type and effect system indeed ensures the consistency of annotations. As a corollary, if a closed expression M can be annotated with T, the evaluation of M does not give rise to an effect.
In order to transform expressions selectively, we use two functions: S − translates expressions of type A into those of type (A → ⊥) → ⊥ and S t − translates expressions of type A into those of type A . Given an expression, the former translates it into a CPS expression, whereas the latter keeps it in the direct style. In particular, S t − takes only trivial expressions. Specifically, at runtime, f will be bound to the result evaluated from M, which is of type A → B , and f v will evaluate to a value of type B , which is in the direct style. Hence, we apply to f v a continuation k that expects the result of M N.

Definition 15 (Selective CPS transformation).
The operational meaning of the source program of primitive type is preserved by the selective CPS transformation as stated below [16]. The transformation also preserves typing, as stated below, where Γ is the typing context such that x : A ∈ Γ if and only if x : A ∈ Γ.

2.
If Γ M T : A, T, then Γ S t M : A .
Proof. By simultaneous induction on derivations.

A Selective Double Negation Translation
In this section, we present an annotated proof system for CPL, which corresponds to the type and effect system given in Definition 13 via the Curry-Howard isomorphism. It keeps track of the uses of the Peirce and Contra rules using annotations. Based on the annotations in the proof, our selective DNT translates only the parts of the proof which use the Peirce or Contra rules into the double negation form.
We use annotated formulas defined below, where annotations are defined as in Definition 12.

Definition 16 (Annotated CPL formulas).
formulas A, B, C ::= P | A ⊃ a B | ¬A A formula A ⊃ N B means that assuming A is provable, B is also provable under the assumption A, (possibly) using the Peirce or Contra rules. In contrast, a formula A ⊃ T B means that assuming A is provable, B is also provable but without using those rules.
The proof system for annotated formulas is obtained from the type and effect system by removing the terms in each typing rule. (As in Definition 8, we omit the rule corresponding to Tconst for simplicity.) We use a judgment Γ K A, a which means that A is true under a set Γ of hypotheses, and its proof does not use the Peirce or Contra rules if a is T; otherwise, the proof may use them.
The interpretation of the annotations in the rules ⊃ I and ⊃ E is similar to the one for the rules Tlam and Tapp in Definition 13. In the rule ⊃ I, even if B is proved without using the Peirce or Contra rules, we may annotate the implication with N as if B is proved using them. In the rule ⊃ E, if all of a 1 , a 2 , and a 3 are T, then it means that the derivation of Γ K B, a does not use the Peirce or Contra rules. Nevertheless, it can be annotated with N as in the type and effect system. The annotated proof system is equivalent to the original proof system in the following sense.

1.
If Γ K A, a is provable, then erase(Γ) K erase(A) is also provable, where the function erase removes every annotation in the given context and formula.

2.
If Γ K A is provable, then there exists at least one annotation for A that is provable in the annotated proof system.

Proof.
(1) By straightforward induction on a derivation of Γ K A, a.
(2) The one where every implication is marked with N is always provable.
We can further extend the completeness statement such that there exists a maximal annotation with as many T's as possible. We now define a selective translation of annotated CPL formulas into IPL formulas as follows, which directly corresponds to the selective type translation in Definition 14.
The correctness of our selective DNT is stated as follows, where Γ applies the translation elementwise: A ∈ Γ if and only if A ∈ Γ.

1.
If Γ K A, a is provable, then Γ I ¬¬A is also provable.

2.
If Γ K A, T is provable, then Γ I A is also provable.
Proof. We define two mutually recursive functions f and g which translate derivations of Γ K A, a and Γ K A, T into derivations of Γ I ¬¬A and Γ I A , respectively. Their definitions directly correspond to the selective CPS transformation S − and S t − in Definition 15. In the translations below, whenever necessary, we implicitly apply weakening on the induction hypothesis, i.e., the result of a recursive call.
In the above translations, whereas f eliminates the instances of the rules Peirce and Contra used in the given derivation by double-negating the goal formula, g keeps the given derivation as it is since it is also valid in IPL.
The following diagram summarizes the relationship between the selective CPS transformation and the selective DNT. We note that the selective CPS transformation can be derived from the selective DNT by assigning proof terms to each inference rule.

Selective CPS transformation
Curry-Howard isomorphic

Discussion and Conclusions
In this paper, we studied the logical meaning of a selective CPS transformation [16]. Although we considered only a CBV semantics, our analysis can also be applied to a callby-name (CBN) CPS transformation [4,12,18]. In a CBN semantics, a lambda application (λx.M) N reduces to M[N/x] regardless of whether N is a value or not. Therefore, under the CBN CPS transformation, a translated function is passed an argument in the CPS form, and thus a function type A → B is translated into ((A * → ⊥) → ⊥) → (B * → ⊥) → ⊥. The corresponding DNT, such as Kolmogorov's translation [9], translates A ⊃ B into ¬¬A * ⊃ ¬¬B * , and we can exploit our annotated proof system, presented in Section 5, to derive a CBN selective DNT.
While our selective DNT is a direct logical interpretation of Nielsen's selective CPS transformation [16], there is still room for further improvement. First, unlike the rule Peirce, the rule Contra is valid not only in classical logic but also in intuitionistic logic, and therefore we may not need to translate the instances of Contra into the double negation form. We choose to translate them in order to keep the direct correspondence between the CPS transformation and the DNT. Second, by further analyzing annotations, we can produce a smaller proof. For example, the following derivation which is much smaller than the result of the selective DNT given in the proof of Theorem 8. The corresponding case of the selective CPS transformation given in Definition 15 can also be improved as follows.
S (M T @ T N T ) N = λk.k (S t M S t N ) We leave as future work a further investigation into whether or not this finer analysis of annotations still preserves the operational meaning of the source program in the sense of Theorem 5. Moreover, in this paper, we considered only control operators callcc and throw and the corresponding selective CPS transformation. Since there are other control structures (e.g., delimited continuations [19][20][21] and exceptions [22]) and corresponding selective CPS transformations, it will also be interesting to investigate their logical interpretation by parameterizing our analysis over such control operators. For further details on various control structures and CPS transformations, the reader may refer to [23].
Another interesting direction for future work is to include other connectives such as conjunction and disjunction which respectively correspond to product and sum types in programming languages. In addition, since we consider only propositional logic, one natural extension is to consider first-order predicate logic, which corresponds to dependently typed λ-calculus. However, it is challenging to define a computationally sound double negation proof translation for classical predicate logic, namely a CPS transformation for a dependently typed language. For example, the standard CPS transformation based on double negation is not type preserving for a dependently typed language with Σ types (strong dependent pairs which correspond to universal quantifiers) [24]. Moreover, unrestricted uses of callcc and throw together with Σ types and equality even leads to an inconsistent system [25]. Recently, Bowman et al. [26] developed type-preserving CBN and CBV CPS transformations for a dependently typed language with Σ and Π types based on answer type polymorphism [27]. It would be interesting to investigate the logical meaning of such translations, which we leave as future work. Acknowledgments: We thank Sungwoo Park who proposed the problem of selective double negation translation. We also thank anonymous reviewers for their helpful comments on an earlier version of the paper.

Conflicts of Interest:
The author declares no conflict of interest.

Abbreviations
The following abbreviations are used in this manuscript: