Intensional polymorphism, the ability to dispatch to di#erent routines based on types at run time, enables a variety of advanced implementation techniques for polymorphic languages, including tag-free garbage collection, unboxed function arguments, polymorphic marshalling, and flattened data structures. To date, languages that support intensional polymorphism have required a type-passing (as opposed to type-erasure) interpretation where types are constructed and passed to polymorphic functions at run time. Unfortunately, type-passing su#ers from a number of drawbacks: it requires duplication of run-time constructs at the term and type levels, it prevents abstraction, and it severely complicates polymorphic closure conversion.

We present a simple extension of typed -calculus where functions can be overloaded by putting different "branches of code" together. When the function is applied, the branch to execute is chosen according to a particular selection rule which depends on the type of the argument. The crucial feature of the present approach is that the branch selection depends on the "run-time type" of the argument, which may differ from its compile-time type, because of the existence of a subtyping relation among types. Hence overloading cannot be eliminated by a static analysis of code, but is an essential feature to be dealt with during computation. We obtain in this way a type-dependent calculus, which differs from the various -calculi where types do not play any role during computation. We prove Confluence and a generalized Subject-Reduction theorem for this calculus. We prove Strong Normalization for a "stratified" subcalculus. The definition of this calculus is guided by the understand...

A polymorphic function is parametric if its behavior does not depend on the type at which it is instantiated. Starting with Reynolds's work, the study of parametricity is typically semantic. In this paper, we develop a syntactic approach to parametricity, and a formal system that embodies this approach, called system R . Girard's system F deals with terms and types; R is an extension of F that deals also with relations between types. In R , it is possible to derive theorems about functions from their types, or "theorems for free", as Wadler calls them. An easy "theorem for free" asserts that the type "(X)XBool contains only constant functions; this is not provable in F. There are many harder and more substantial examples. Various metatheorems can also be obtained, such as a syntactic version of Reynolds's abstraction theorem.

Studies of the mathematical properties of impredicative polymorphic types have for the most part focused on the polymorphic lambda calculus of Girard–Reynolds, which is a calculus of total polymorphic functions. This paper considers polymorphic types from a functional programming perspective, where the partialness arising from the presence of fixpoint recursion complicates the nature of potentially infinite (‘lazy’) data types. An approach to Reynolds' notion of relational parametricity is developed that works directly on the syntax of a programming language, using a novel closure operator to relate operational behaviour to parametricity properties of types. Working with an extension of Plotkin's PCF with ∀-types, lazy lists and existential types, we show by example how the resulting logical relation can be used to prove properties of polymorphic types up to operational equivalence.

Access control mechanisms are often used with the intent of enforcing confidentiality and integrity policies, but few rigorous connections have been made between information flow and runtime access control. The Java virtual machine and the .NET runtime system provide a dynamic access control mechanism in which permissions are granted to program units and a runtime mechanism checks permissions of code in the calling chain. We investigate a design pattern by which this mechanism can be used to achieve confidentiality and integrity goals: a single interface serves callers of more than one security level and dynamic access control prevents release of high information to low callers. Programs fitting this pattern would be rejected by previous flow analyses. We give a static analysis that admits them, using permission-dependent security types. The analysis is given for a class-based object-oriented language with features including inheritance, dynamic binding, dynamically allocated mutable objects, type casts and recursive types. The analysis is shown to ensure a noninterference property formalizing confidentiality and integrity.

ion and Store Shapes . . . . . . . . . . 6 2 Two Variations on Algol 8 2.1 Idealized Algol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Name: P.W. O'Hearn Address: Department of Computer Science, Queen Mary and Westfield College, London E1 4NS, UK. e-mail: ohearn@dcs.qmw.ac.uk Name: J.C. Reynolds Address: School of Computer Science, Carnegie Mellon University, Pittsburgh PA 15213-3891, USA. e-mail: john.reynolds@cs.cmu.edu Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or direct commercial advantage and that copies show this notice on the first page or initial screen of a display along with the full citation. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, to redistribute to lists, or to use any component of th...

data types; F.3.2 [Logics and Meanings of Programs]: Semantics of Programming Languages---Operational Semantics; F.3.3 [Logics and Meanings of Programs]: Studies of Program Constructs---Type Structure General Terms: Languages, Security, Theory, Verification Additional Key Words and Phrases: Operational semantics, parametricity, proof techniques, syntactic proofs, type abstraction 1.

Sieber has described a model of PCF consisting of continuous functions that are invariant under certain (finitary) logical relations, and shown that it is fully abstract for closed terms of up to third-order types. We show that one may achieve full abstraction at all types using a form of "Kripke logical relations" introduced by Jung and Tiuryn to characterize -definability. To appear in Information and Computation. (Accepted, October 1994) Supported by NSF grant CCR-92110829. 1 Introduction The nature of sequential functional computation has fascinated computer scientists ever since Scott remarked on a curious incompleteness phenomenon when he introduced LCF (Logic for Computable Functions) and its continuous function model in 1969 (Scott, 1993). Scott noted that although the functionals definable by terms in PCF---the term language of LCF---admitted a sequential evaluation strategy, there were functions in the model that seemed to require a parallel evaluation strategy. "Sequen...

Abstract not found

this paper but which have some intriguing connections to some of our results and techniques, are [32] and [20]. We believe that the concept of prelogical relation would have a beneficial impact on the presentation and understanding of their results