Results 1  10
of
55
Typed Memory Management in a Calculus of Capabilities
, 2000
"... Regionbased memory management is an alternative to standard tracing garbage collection that makes potentially dangerous operations such as memory deallocation explicit but verifiably safe. In this article, we present a new compiler intermediate language, called the Capability Calculus, that supp ..."
Abstract

Cited by 196 (23 self)
 Add to MetaCart
Regionbased memory management is an alternative to standard tracing garbage collection that makes potentially dangerous operations such as memory deallocation explicit but verifiably safe. In this article, we present a new compiler intermediate language, called the Capability Calculus, that supports regionbased memory management and enjoys a provably safe type system. Unlike previous regionbased type systems, region lifetimes need not be lexically scoped and yet the language may be checked for safety without complex analyses. Therefore, our type system may be deployed in settings such as extensible operating systems where both the performance and safety of untrusted code is important.
A Mixed Linear and NonLinear Logic: Proofs, Terms and Models (Preliminary Report)
, 1994
"... Intuitionistic linear logic regains the expressive power of intuitionistic logic through the ! (`of course') modality. Benton, Bierman, Hyland and de Paiva have given a term assignment system for ILL and an associated notion of categorical model in which the ! modality is modelled by a comonad satis ..."
Abstract

Cited by 96 (3 self)
 Add to MetaCart
Intuitionistic linear logic regains the expressive power of intuitionistic logic through the ! (`of course') modality. Benton, Bierman, Hyland and de Paiva have given a term assignment system for ILL and an associated notion of categorical model in which the ! modality is modelled by a comonad satisfying certain extra conditions. Ordinary intuitionistic logic is then modelled in a cartesian closed category which arises as a full subcategory of the category of coalgebras for the comonad. This paper attempts to explain the connection between ILL and IL more directly and symmetrically by giving a logic, term calculus and categorical model for a system in which the linear and nonlinear worlds exist on an equal footing, with operations allowing one to pass in both directions. We start from the categorical model of ILL given by Benton, Bierman, Hyland and de Paiva and show that this is equivalent to having a symmetric monoidal adjunction between a symmetric monoidal closed category and a cartesian closed category. We then derive both a sequent calculus and a natural deduction presentation of the logic corresponding to the new notion of model.
Light Affine Logic
 ACM TRANSACTIONS ON COMPUTATIONAL LOGIC
, 1998
"... Much effort has been recently devoted to the study of polytime formal (and especially logical) systems [GSS92, LM93, Le94, Gi96]. The purpose of such systems is manyfold. On the theoretical side, they provide a better understanding of what is the logical essence of polytime reduction (and other comp ..."
Abstract

Cited by 56 (3 self)
 Add to MetaCart
Much effort has been recently devoted to the study of polytime formal (and especially logical) systems [GSS92, LM93, Le94, Gi96]. The purpose of such systems is manyfold. On the theoretical side, they provide a better understanding of what is the logical essence of polytime reduction (and other complexity classes). On the practical side, via the well known CurryHoward correspondence, they yield sophisticated typing systems, where types provide (statically) an accurate upper bound on the complexity of the computation. Even more, the type annotations give essential information on the "efficient way" to reduce the term. The most promising of these logical systems is Girard 's Light Linear Logic [Gi96] (see the same paper for a comparison with other approaches). In this paper, we introduce a slight variation of LLL, by adding full weakening (for this reason, we call it Light Affine Logic). This modification does not alter the good complexity properties of LLL: cutelimination is still pol...
Safety checking of machine code
, 2000
"... We show how to determine statically whether it is safe for untrusted machine code to be loaded into a trusted host system. Our safetychecking technique operates directly on the untrusted machinecode program, requiring only that the initial inputs to the untrusted program be annotated with typestat ..."
Abstract

Cited by 54 (3 self)
 Add to MetaCart
We show how to determine statically whether it is safe for untrusted machine code to be loaded into a trusted host system. Our safetychecking technique operates directly on the untrusted machinecode program, requiring only that the initial inputs to the untrusted program be annotated with typestate information and linear constraints. This approach opens up the possibility of being able to certify code produced by any compiler from any source language, which gives the code producers more freedom in choosing the language in which they write their programs. It eliminates the dependence of safety on the correctness of the compiler because the final product of the compiler is checked. It leads to the decoupling of the safety policy from the language in which the untrusted code is written, and consequently, makes it possible for safety checking to be performed with respect to an extensible set of safety properties that are specified on the host side. We have implemented a prototype safety checker for SPARC machinelanguage programs, and applied the safety checker to several examples. The safety checker was able to either prove that an example met the necessary safety conditions, or identify the places where the safety conditions were violated. The checking times ranged from less than a second to 14 seconds on an UltraSPARC machine.
Typed Memory Management via Static Capabilities
 ACM Transactions on Programming Languages and Systems
, 2000
"... Machine We have described the type constructor language of CL and the typing rules for the main termlevel constructs. In fact, the previous section contains all of the ACM Transactions on Programming Languages and Systems, Vol. TBD, No. TDB, Month Year. 20 D. Walker, K. Crary, and G. Morriset ..."
Abstract

Cited by 54 (5 self)
 Add to MetaCart
Machine We have described the type constructor language of CL and the typing rules for the main termlevel constructs. In fact, the previous section contains all of the ACM Transactions on Programming Languages and Systems, Vol. TBD, No. TDB, Month Year. 20 D. Walker, K. Crary, and G. Morrisett #; #;# # h at r : # # # # f : Type #; ## # ; #{f :# f , x 1 :# 1 , . . . , xn :# n}; C # e # # f = #[# # ].(C, # 1 , . . . , #n ) # 0 at r f, x 1 , . . . , xn ## Dom(#) # #; #;# # fix f[# # ](C, x 1 :# 1 , . . . , xn :# n ).e at r : # f (hfix) #; #;# # v i : # i (for 1 # i # n) # # r : Rgn #; #;# # #v 1 , . . . , vn # at r : ## 1 , . . . , #n # at r (htuple) #; #;# # h at r : # # # # # # = # : Type #; #;# # h at r : # (heq) #; #;# # v : # #; #;# # x : # (#(x) = #) (vvar) #; #;# # i : int (vint) #; #;# # v : #[#:#, # # ].(C, # 1 , . . . , #n ) # 0 at r # # c : # #; #;# # v[c] : (#[# # ].(C, # 1 , . . . , #n ) # 0)[c/#] at r (vtype) #; #;# # v : #[# # C ## , # # ].(C # , # 1 , . . . , #n ) # 0 at r # # C # C ## #; #;# # v[C] : (#[# # ].(C # , # 1 , . . . , #n ) # 0)[C/#] at r (vsub) #; #;# # v : # # # # # # = # : Type #; #;# # v : # (veq) Fig. 6. Capability static semantics: Heap and word values. information programmers or compilers require to write typesafe programs in CL. However, in order to prove a type soundness result in the style of Wright and Felleisen [Wright and Felleisen 1994], we must be able to type check programs at every step during their evaluation. In this section, we give the static semantics of the runtime values that are not normally manipulated by programmers, but are nevertheless necessary to prove our soundness result. At first, the formal definition ...
A lambda calculus for quantum computation
 SIAM Journal of Computing
"... The classical lambda calculus may be regarded both as a programming language and as a formal algebraic system for reasoning about computation. It provides a computational model equivalent to the Turing machine, and continues to be of enormous benefit in the classical theory of computation. We propos ..."
Abstract

Cited by 49 (1 self)
 Add to MetaCart
The classical lambda calculus may be regarded both as a programming language and as a formal algebraic system for reasoning about computation. It provides a computational model equivalent to the Turing machine, and continues to be of enormous benefit in the classical theory of computation. We propose that quantum computation, like its classical counterpart, may benefit from a version of the lambda calculus suitable for expressing and reasoning about quantum algorithms. In this paper we develop a quantum lambda calculus as an alternative model of quantum computation, which combines some of the benefits of both the quantum Turing machine and the quantum circuit models. The calculus turns out to be closely related to the linear lambda calculi used in the study of Linear Logic. We set up a computational model and an equational proof system for this calculus, and we argue that it is equivalent to the quantum Turing machine.
A Judgmental Analysis of Linear Logic
, 2003
"... We reexamine the foundations of linear logic, developing a system of natural deduction following MartinL of's separation of judgments from propositions. Our construction yields a clean and elegant formulation that accounts for a rich set of multiplicative, additive, and exponential connectives, ext ..."
Abstract

Cited by 49 (27 self)
 Add to MetaCart
We reexamine the foundations of linear logic, developing a system of natural deduction following MartinL of's separation of judgments from propositions. Our construction yields a clean and elegant formulation that accounts for a rich set of multiplicative, additive, and exponential connectives, extending dual intuitionistic linear logic but differing from both classical linear logic and Hyland and de Paiva's full intuitionistic linear logic. We also provide a corresponding sequent calculus that admits a simple proof of the admissibility of cut by a single structural induction. Finally, we show how to interpret classical linear logic (with or without the MIX rule) in our system, employing a form of doublenegation translation.
Applications of Linear Logic to Computation: An Overview
, 1993
"... This paper is an overview of existing applications of Linear Logic (LL) to issues of computation. After a substantial introduction to LL, it discusses the implications of LL to functional programming, logic programming, concurrent and objectoriented programming and some other applications of LL, li ..."
Abstract

Cited by 41 (3 self)
 Add to MetaCart
This paper is an overview of existing applications of Linear Logic (LL) to issues of computation. After a substantial introduction to LL, it discusses the implications of LL to functional programming, logic programming, concurrent and objectoriented programming and some other applications of LL, like semantics of negation in LP, nonmonotonic issues in AI planning, etc. Although the overview covers pretty much the stateoftheart in this area, by necessity many of the works are only mentioned and referenced, but not discussed in any considerable detail. The paper does not presuppose any previous exposition to LL, and is addressed more to computer scientists (probably with a theoretical inclination) than to logicians. The paper contains over 140 references, of which some 80 are about applications of LL. 1 Linear Logic Linear Logic (LL) was introduced in 1987 by Girard [62]. From the very beginning it was recognized as relevant to issues of computation (especially concurrency and stat...
Once Upon a Polymorphic Type
, 1998
"... We present a sound typebased `usage analysis' for a realistic lazy functional language. Accurate information on the usage of program subexpressions in a lazy functional language permits a compiler to perform a number of useful optimisations. However, existing analyses are either adhoc and approxim ..."
Abstract

Cited by 38 (5 self)
 Add to MetaCart
We present a sound typebased `usage analysis' for a realistic lazy functional language. Accurate information on the usage of program subexpressions in a lazy functional language permits a compiler to perform a number of useful optimisations. However, existing analyses are either adhoc and approximate, or defined over restricted languages. Our work extends the Once Upon A Type system of Turner, Mossin, and Wadler (FPCA'95). Firstly, we add type polymorphism, an essential feature of typed functional programming languages. Secondly, we include general Haskellstyle userdefined algebraic data types. Thirdly, we explain and solve the `poisoning problem', which causes the earlier analysis to yield poor results. Interesting design choices turn up in each of these areas. Our analysis is sound with respect to a Launchburystyle operational semantics, and it is straightforward to implement. Good results have been obtained from a prototype implementation, and we are currently integrating the system into the Glasgow Haskell Compiler.
An expressive, scalable type theory for certified code
 In ACM International Conference on Functional Programming
, 2002
"... Abstract We present the type theory LTT, intended to form a basis for typed target languages, providing an internal notion of logical proposition and proof. The inclusion of explicit proofs allows the type system to guarantee properties that would otherwise be incompatible with decidable type checki ..."
Abstract

Cited by 35 (4 self)
 Add to MetaCart
Abstract We present the type theory LTT, intended to form a basis for typed target languages, providing an internal notion of logical proposition and proof. The inclusion of explicit proofs allows the type system to guarantee properties that would otherwise be incompatible with decidable type checking. LTT also provides linear facilities for tracking ephemeral properties that hold only for certain program states. Our type theory allows for reuse of typechecking software by casting a variety of type systems within a single language. We provide additional reuse with a framework for modular development of operational semantics. This framework allows independent type systems and their operational semantics to be joined together, automatically inheriting the type safety properties of those individual systems.