Results 1  10
of
13
Dependently Typed Functional Programs and their Proofs
, 1999
"... Research in dependent type theories [ML71a] has, in the past, concentrated on its use in the presentation of theorems and theoremproving. This thesis is concerned mainly with the exploitation of the computational aspects of type theory for programming, in a context where the properties of programs ..."
Abstract

Cited by 70 (13 self)
 Add to MetaCart
Research in dependent type theories [ML71a] has, in the past, concentrated on its use in the presentation of theorems and theoremproving. This thesis is concerned mainly with the exploitation of the computational aspects of type theory for programming, in a context where the properties of programs may readily be specified and established. In particular, it develops technology for programming with dependent inductive families of datatypes and proving those programs correct. It demonstrates the considerable advantage to be gained by indexing data structures with pertinent characteristic information whose soundness is ensured by typechecking, rather than human effort. Type theory traditionally presents safe and terminating computation on inductive datatypes by means of elimination rules which serve as induction principles and, via their associated reduction behaviour, recursion operators [Dyb91]. In the programming language arena, these appear somewhat cumbersome and give rise to unappealing code, complicated by the inevitable interaction between case analysis on dependent types and equational reasoning on their indices which must appear explicitly in the terms. Thierry Coquand’s proposal [Coq92] to equip type theory directly with the kind of
Types for Modules
, 1998
"... The programming language Standard ML is an amalgam of two, largely orthogonal, languages. The Core language expresses details of algorithms and data structures. The Modules language expresses the modular architecture of a software system. Both languages are statically typed, with their static and dy ..."
Abstract

Cited by 69 (9 self)
 Add to MetaCart
The programming language Standard ML is an amalgam of two, largely orthogonal, languages. The Core language expresses details of algorithms and data structures. The Modules language expresses the modular architecture of a software system. Both languages are statically typed, with their static and dynamic semantics specified by a formal definition.
Principal type schemes for modular programs
 In European Symposium on Programming (ESOP
, 2006
"... Abstract. Two of the most prominent features of ML are its expressive module system and its support for DamasMilner type inference. However, while the foundations of both these features have been studied extensively, their interaction has never received a proper typetheoretic treatment. One conseq ..."
Abstract

Cited by 13 (12 self)
 Add to MetaCart
Abstract. Two of the most prominent features of ML are its expressive module system and its support for DamasMilner type inference. However, while the foundations of both these features have been studied extensively, their interaction has never received a proper typetheoretic treatment. One consequence is that both the official Definition and the alternative HarperStone semantics of Standard ML are difficult to implement correctly. To bolster this claim, we offer a series of short example programs on which no existing SML typechecker follows the behavior prescribed by either formal definition. It is unclear how to amend the implementations to match the definitions or vice versa. Instead, we propose a way of defining how type inference interacts with modules that is more liberal than any existing definition or implementation of SML and, moreover, admits a provably sound and complete typechecking algorithm via a straightforward generalization of Algorithm W. In addition to being conceptually simple, our solution exhibits a novel hybrid of the Definition and HarperStone semantics of SML, and demonstrates the broader relevance of some typetheoretic techniques developed recently in the study of recursive modules. 1
A Theory of Program Refinement
, 1998
"... We give a canonical program refinement calculus based on the lambda calculus and classical firstorder predicate logic, and study its proof theory and semantics. The intention is to construct a metalanguage for refinement in which basic principles of program development can be studied. The idea is t ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
We give a canonical program refinement calculus based on the lambda calculus and classical firstorder predicate logic, and study its proof theory and semantics. The intention is to construct a metalanguage for refinement in which basic principles of program development can be studied. The idea is that it should be possible to induce a refinement calculus in a generic manner from a programming language and a program logic. For concreteness, we adopt the simplytyped lambda calculus augmented with primitive recursion as a paradigmatic typed functional programming language, and use classical firstorder logic as a simple program logic. A key feature is the construction of the refinement calculus in a modular fashion, as the combination of two orthogonal extensions to the underlying programming language (in this case, the simplytyped lambda calculus). The crucial observation is that a refinement calculus is given by extending a programming language to allow indeterminate expressions (or ‘stubs’) involving the construction ‘some program x such that P ’. Factoring this into ‘some x...’
A TypeTheoretic Analysis of Modular Specifications
, 1996
"... We study the problem of representing a modular specification language in a typetheory based theorem prover. Our goals are: to provide mechanical support for reasoning about specifications and about the specification language itself; to clarify the semantics of the specification language by formalis ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We study the problem of representing a modular specification language in a typetheory based theorem prover. Our goals are: to provide mechanical support for reasoning about specifications and about the specification language itself; to clarify the semantics of the specification language by formalising them fully; to augment the specification language with a programming language in a setting where they are both part of the same formal environment, allowing us to define a formal implementation relationship between the two. Previous work on similar issues has given rise to a dichotomy between “shallow ” and “deep ” embedding styles when representing one language within another. We show that the expressiveness of type theory, and the high degree of reflection that it permits, allow us to develop embedding techniques which lie between the “shallow ” and “deep ” extremes. We consider various possible embedding strategies and then choose one of them to explore more fully. As our object of study we choose a fragment of the Z specification language, which we encode in the type theory UTT, as implemented in the LEGO proofchecker. We use the encoding to study some of the operations on schemas provided by Z. One of our main concerns is whether it is possible to reason about Z specifications at the level of these operations. We prove some theorems about Z showing that, within certain constraints, this kind of reasoning is indeed possible. We then show how these metatheorems can be used to carry out formal reasoning about Z specifications. For this we make use of an example taken from the Z Reference Manual (ZRM). Finally, we exploit the fact that type theory provides a programming language as well as a logic to define a notion of implementation for Z specifications. We illustrate this by encoding some example programs taken from the ZRM. ii Declaration I declare that this thesis was composed by myself, and that the work contained in it is my own except where otherwise stated. Some of this work has been published previously [Mah94]. iii
Towards a ML extension with Refinement: a Semantic Issue
, 2006
"... Abstract. Refinement is a method to derive correct programs from specifications. A rich type language is another way to ensure program correctness. In this paper, we propose a widespectrum language mixing both approaches for the ML language. Mainly, base types are simply included into expressions, ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. Refinement is a method to derive correct programs from specifications. A rich type language is another way to ensure program correctness. In this paper, we propose a widespectrum language mixing both approaches for the ML language. Mainly, base types are simply included into expressions, introducing underdeterminism and dependent types. We focus on the semantic aspects of such a language. We study three different semantics: a denotational, a deterministic operational and a nondeterministic operational semantics. We prove their equivalence. We show that this language is a conservative extension of ML. 1
Adding Equations to System F Types
"... Abstract. System F, the polymorphic lambda calculus, is wellknown for its rich equational theory. In this paper, we study internalizing the equational theory of System F by extending it with a type of termlevel equations. This results in a core calculus suitable for formalizing features such as Ha ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract. System F, the polymorphic lambda calculus, is wellknown for its rich equational theory. In this paper, we study internalizing the equational theory of System F by extending it with a type of termlevel equations. This results in a core calculus suitable for formalizing features such as Haskell’s rewriting rules mechanism or Extended ML signatures. 1
Subtyping with Singleton Types
 In Eighth International Workshop on Computer Science Logic
, 1995
"... We give syntax and a PERmodel semantics for a typed hcalculus with subtypes and singleton types. The calculus may be seen as a minimal calculus of subtyping with a simple form of dependent types. The aim is to study singleton types and to take a canny step towards more complex dependent subtypi ..."
Abstract
 Add to MetaCart
We give syntax and a PERmodel semantics for a typed hcalculus with subtypes and singleton types. The calculus may be seen as a minimal calculus of subtyping with a simple form of dependent types. The aim is to study singleton types and to take a canny step towards more complex dependent subtyping systems. Singleton types have applications in the use of type systems for specification and program extraction: given a program P we can form the very tight specification {P} which is met uniquely by P. Singletons integrate abbreviational definitions into a type system: the hypothesis x : {M} asserts x = M. The addition of singleton types is a non conservative extension of familiar subtyping theories. In our system, more terms are typable and previously typable terms have more (nondependent) types.
Applicative Notions in MLlike Programs
, 1998
"... Pure functional languages are expressive tools for writing modular and reliable code. State in programming languages is a useful tool for programming dynamic systems. However, their combination yields programming languages that are difficult to model and to reason about. There have been ongoing atte ..."
Abstract
 Add to MetaCart
Pure functional languages are expressive tools for writing modular and reliable code. State in programming languages is a useful tool for programming dynamic systems. However, their combination yields programming languages that are difficult to model and to reason about. There have been ongoing attempts to find subsets of the whole languages which have good properties; in particular subsets where the programs are more modular and the side effects are controlled. The existing studies are: interference control, typing with sideeffects information, and linear logic based languages. This thesis presents a new classification for a paradigm called constant program throughout a computational invariant. A program is called constant throughout an invariant R if its inputoutput behaviour is constant over any variations of state that satisfy the invariant R. Hence such a program behaves in an applicative way when it is executed in a context that satisfies the invariant R. The language of discussion is a pure ML fragment augmented with ref,:=, and!. Programs with side effects are modelled in terms of sets, functions, and the
Proving Correctness of Modular Functional Programs
"... and for Mum. I whacked the back of the driver’s seat with my fist. “This is important, goddamnit! This is a true story! ” The car swerved sickeningly, thenstraightenedout....Thekidinthebacklookedlikehewasready to jump right out of the car and take his chances. Our vibrations were getting nasty—but w ..."
Abstract
 Add to MetaCart
and for Mum. I whacked the back of the driver’s seat with my fist. “This is important, goddamnit! This is a true story! ” The car swerved sickeningly, thenstraightenedout....Thekidinthebacklookedlikehewasready to jump right out of the car and take his chances. Our vibrations were getting nasty—but why? I was puzzled, frustrated. Was there no communication in this car? Had we deteriorated to the level of dumb beasts? Because my story was true. I was certain of that. And it was extremely important, I felt, for the meaning of our journey to be made absolutelyclear....Andwhenthecallcame, I wasready. One reason for studying and programming in functional programming languages is that they are easy to reason about, yet there is surprisingly little work on proving the correctness of large functional programs. In this dissertation I show