Results 1  10
of
63
Dependently Typed Functional Programs and their Proofs
, 1999
"... Research in dependent type theories [ML71a] has, in the past, concentrated on its use in the presentation of theorems and theoremproving. This thesis is concerned mainly with the exploitation of the computational aspects of type theory for programming, in a context where the properties of programs ..."
Abstract

Cited by 85 (13 self)
 Add to MetaCart
Research in dependent type theories [ML71a] has, in the past, concentrated on its use in the presentation of theorems and theoremproving. This thesis is concerned mainly with the exploitation of the computational aspects of type theory for programming, in a context where the properties of programs may readily be specified and established. In particular, it develops technology for programming with dependent inductive families of datatypes and proving those programs correct. It demonstrates the considerable advantage to be gained by indexing data structures with pertinent characteristic information whose soundness is ensured by typechecking, rather than human effort. Type theory traditionally presents safe and terminating computation on inductive datatypes by means of elimination rules which serve as induction principles and, via their associated reduction behaviour, recursion operators [Dyb91]. In the programming language arena, these appear somewhat cumbersome and give rise to unappealing code, complicated by the inevitable interaction between case analysis on dependent types and equational reasoning on their indices which must appear explicitly in the terms. Thierry Coquand’s proposal [Coq92] to equip type theory directly with the kind of
Polymorphism and Separation in Hoare Type Theory
, 2006
"... In previous work, we proposed a Hoare Type Theory (HTT) which combines effectful higherorder functions, dependent types and Hoare Logic specifications into a unified framework. However, the framework did not support polymorphism, and failed to provide a modular treatment of state in specifications. ..."
Abstract

Cited by 84 (15 self)
 Add to MetaCart
(Show Context)
In previous work, we proposed a Hoare Type Theory (HTT) which combines effectful higherorder functions, dependent types and Hoare Logic specifications into a unified framework. However, the framework did not support polymorphism, and failed to provide a modular treatment of state in specifications. In this paper, we address these shortcomings by showing that the addition of polymorphism alone is sufficient for capturing modular state specifications in the style of Separation Logic. Furthermore, we argue that polymorphism is an essential ingredient of the extension, as the treatment of higherorder functions requires operations not encodable via the spatial connectives of Separation Logic.
Syntax and Semantics of Dependent Types
 Semantics and Logics of Computation
, 1997
"... ion is written as [x: oe]M instead of x: oe:M and application is written M(N) instead of App [x:oe] (M; N ). 1 Iterated abstractions and applications are written [x 1 : oe 1 ; : : : ; x n : oe n ]M and M(N 1 ; : : : ; N n ), respectively. The lacking type information can be inferred. The universe ..."
Abstract

Cited by 58 (4 self)
 Add to MetaCart
(Show Context)
ion is written as [x: oe]M instead of x: oe:M and application is written M(N) instead of App [x:oe] (M; N ). 1 Iterated abstractions and applications are written [x 1 : oe 1 ; : : : ; x n : oe n ]M and M(N 1 ; : : : ; N n ), respectively. The lacking type information can be inferred. The universe is written Set instead of U . The Eloperator is omitted. For example the \Pitype is described by the following constant and equality declarations (understood in every valid context): ` \Pi : (oe: Set; : (oe)Set)Set ` App : (oe: Set; : (oe)Set; m: \Pi(oe; ); n: oe) (m) ` : (oe: Set; : (oe)Set; m: (x: oe) (x))\Pi(oe; ) oe: Set; : (oe)Set; m: (x: oe) (x); n: oe ` App(oe; ; (oe; ; m); n) = m(n) Notice, how terms with free variables are represented as framework abstractions (in the type of ) and how substitution is represented as framework application (in the type of App and in the equation). In this way the burden of dealing correctly with variables, substitution, and binding is s...
Internal Type Theory
 Lecture Notes in Computer Science
, 1996
"... . We introduce categories with families as a new notion of model for a basic framework of dependent types. This notion is close to ordinary syntax and yet has a clean categorical description. We also present categories with families as a generalized algebraic theory. Then we define categories with f ..."
Abstract

Cited by 55 (8 self)
 Add to MetaCart
(Show Context)
. We introduce categories with families as a new notion of model for a basic framework of dependent types. This notion is close to ordinary syntax and yet has a clean categorical description. We also present categories with families as a generalized algebraic theory. Then we define categories with families formally in MartinLof's intensional intuitionistic type theory. Finally, we discuss the coherence problem for these internal categories with families. 1 Introduction In a previous paper [8] I introduced a general notion of simultaneous inductiverecursive definition in intuitionistic type theory. This notion subsumes various reflection principles and seems to pave the way for a natural development of what could be called "internal type theory", that is, the construction of models of (fragments of) type theory in type theory, and more generally, the formalization of the metatheory of type theory in type theory. The present paper is a first investigation of such an internal type theor...
Observational Equality, Now!
 A SUBMISSION TO PLPV 2007
, 2007
"... This paper has something new and positive to say about propositional equality in programming and proof systems based on the CurryHoward correspondence between propositions and types. We have found a way to present a propositional equality type • which is substitutive, allowing us to reason by repla ..."
Abstract

Cited by 47 (15 self)
 Add to MetaCart
This paper has something new and positive to say about propositional equality in programming and proof systems based on the CurryHoward correspondence between propositions and types. We have found a way to present a propositional equality type • which is substitutive, allowing us to reason by replacing equal for equal in propositions; • which reflects the observable behaviour of values rather than their construction: in particular, we have extensionality— functions are equal if they take equal inputs to equal outputs; • which retains strong normalisation, decidable typechecking and canonicity—the property that closed normal forms inhabiting datatypes have canonical constructors; • which allows inductive data structures to be expressed in terms of a standard characterisation of wellfounded trees; • which is presented syntactically—you can implement it directly, and we are doing so—this approach stands at the core of Epigram 2; • which you can play with now: we have simulated our system by a shallow embedding in Agda 2, shipping as part of the standard examples package for that system [20]. Until now, it has always been necessary to sacrifice some of these aspects. The closest attempt in the literature is Altenkirch’s construction of a setoidmodel for a system with canonicity and extensionality on top of an intensional type theory with proofirrelevant propositions [4]. Our new proposal simplifies Altenkirch’s construction by adopting McBride’s heterogeneous approach to equality [18].
Setoids in Type Theory
, 2000
"... Formalising mathematics in dependent type theory often requires to use setoids, i.e. types with an explicit equality relation, as a representation of sets. This paper surveys some possible denitions of setoids and assesses their suitability as a basis for developing mathematics. In particular, we ..."
Abstract

Cited by 44 (4 self)
 Add to MetaCart
Formalising mathematics in dependent type theory often requires to use setoids, i.e. types with an explicit equality relation, as a representation of sets. This paper surveys some possible denitions of setoids and assesses their suitability as a basis for developing mathematics. In particular, we argue that a commonly advocated approach to partial setoids is unsuitable, and more generally that total setoids seem better suited for formalising mathematics. 1
Extensional equivalence and singleton types
 ACM Transactions on Computational Logic
"... We study the λΠΣS ≤ calculus, which contains singleton types S(M) classifying terms of base type provably equivalent to the term M. The system includes dependent types for pairs and functions (Σ and Π) and a subtyping relation induced by regarding singletons as subtypes of the base type. The decidab ..."
Abstract

Cited by 38 (8 self)
 Add to MetaCart
We study the λΠΣS ≤ calculus, which contains singleton types S(M) classifying terms of base type provably equivalent to the term M. The system includes dependent types for pairs and functions (Σ and Π) and a subtyping relation induced by regarding singletons as subtypes of the base type. The decidability of type checking for this language is nonobvious, since to type check we must be able to determine equivalence of wellformed terms. But in the presence of singleton types, the provability of an equivalence judgment Γ ⊢ M1 ≡ M2: A can depend both on the typing context Γ and on the particular type A at which M1 and M2 are compared. We show how to prove decidability of term equivalence, hence of type checking, in λΠΣS ≤ by exhibiting a typedirected algorithm for directly computing normal forms. The correctness of normalization is shown using an unusual variant of Kripke logical relations organized around sets; rather than defining a logical equivalence relation, we work directly with (subsets of) the corresponding equivalence classes. We then provide a more efficient algorithm for checking type equivalence without constructing normal forms. We also show that type checking, subtyping, and all other judgments of the system are decidable.
The Groupoid Interpretation of Type Theory
 In Venice Festschrift
, 1996
"... ion and application Suppose that M 2 Tm(B). We define its abstraction A;B (M) 2 Tm(\Pi LF (A; B)) on objects by A;B (M)(fl)(a) = M(fl; a) A;B (M)(fl)(q) = M(id fl ; q) If p : fl ! fl 0 then we need a natural transformation A;B (M)(p) : p \Delta A;B (M)(fl) ! A;B (M)(fl 0 ) At object a ..."
Abstract

Cited by 36 (1 self)
 Add to MetaCart
(Show Context)
ion and application Suppose that M 2 Tm(B). We define its abstraction A;B (M) 2 Tm(\Pi LF (A; B)) on objects by A;B (M)(fl)(a) = M(fl; a) A;B (M)(fl)(q) = M(id fl ; q) If p : fl ! fl 0 then we need a natural transformation A;B (M)(p) : p \Delta A;B (M)(fl) ! A;B (M)(fl 0 ) At object a 2 A(fl 0 ) it is given by M(p; id a ). Conversely, if M 2 Tm(\Pi(A; B)) we define a dependent object \Gamma1 A;B 2 Tm(B). Its object part is given by \Gamma1 A;B (M)(fl; a) = M(fl)(a) For the morphism part assume p : fl ! fl 0 and q : p \Delta a ! a 0 . We define \Gamma1 A;B (M)(p; q) = M(fl 0 )(q) ffi (id fl 0 ; q) \Delta M(p) p \Delta a We claim that \Gamma1 A;B (M)(p; q) : (p; q) \Delta \Gamma1 A;B (M)(fl; a) ! \Gamma1 A;B (M)(fl 0 ; a 0 ) as required. To see this, first note that M(fl 0 )(q) : (id fl 0 ; q) \Delta M 0 (fl 0 )(p \Delta a) !M 0 (fl 0 )(a 0 ) because q : p \Delta a ! a 0 . On the other hand M(p) : p \Delta M(fl) !M(fl 0 )...
Hoare Logic and VDM: MachineChecked Soundness and Completeness Proofs
, 1998
"... Investigating soundness and completeness of verification calculi for imperative programming languages is a challenging task. Many incorrect results have been published in the past. We take advantage of the computeraided proof tool LEGO to interactively establish soundness and completeness of both H ..."
Abstract

Cited by 34 (1 self)
 Add to MetaCart
Investigating soundness and completeness of verification calculi for imperative programming languages is a challenging task. Many incorrect results have been published in the past. We take advantage of the computeraided proof tool LEGO to interactively establish soundness and completeness of both Hoare Logic and the operation decomposition rules of the Vienna Development Method (VDM) with respect to operational semantics. We deal with parameterless recursive procedures and local variables in the context of total correctness. As a case study, we use LEGO to verify the correctness of Quicksort in Hoare Logic. As our main contribution, we illuminate the rle of auxiliary variables in Hoare Logic. They are required to relate the value of program variables in the final state with the value of program variables in the initial state. In our formalisation, we reflect their purpose by interpreting assertions as relations on states and a domain of auxiliary variables. Furthermore, we propose a new structural rule for adjusting auxiliary variables when strengthening preconditions and weakening postconditions. This rule is stronger than all previously suggested structural rules, including rules of adaptation. With the new treatment, we are able to show that, contrary to common belief, Hoare Logic subsumes VDM in that every derivation in VDM can be naturally embedded in Hoare Logic. Moreover, we establish completeness results uniformly as corollaries of Most General Formula theorems which remove the need to reason about arbitrary assertions.
Representing Inductively Defined Sets by Wellorderings in MartinLöf's Type Theory
, 1996
"... We prove that every strictly positive endofunctor on the category of sets generated by MartinLof's extensional type theory has an initial algebra. This representation of inductively defined sets uses essentially the wellorderings introduced by MartinLof in "Constructive Mathematics and C ..."
Abstract

Cited by 18 (0 self)
 Add to MetaCart
We prove that every strictly positive endofunctor on the category of sets generated by MartinLof's extensional type theory has an initial algebra. This representation of inductively defined sets uses essentially the wellorderings introduced by MartinLof in "Constructive Mathematics and Computer Programming". 1 Background MartinLof [10] introduced a general set former for wellorderings in intuitionistic type theory. It has formation rule Aset (x : A) B(x)set W x:A B(x)set introduction rule a : A (x : B(a)) b(x) : W x:A B(x) sup(a; b) : W x:A B(x) : elimination rule c : W x:A B(x) (x : A; y : B(x) !W x:A B(x); z : Q t:B(x) C(y(t))) d(x; y; z) : C(sup(a; b)) T (c; d) : C(c) and equality rule a : A (x : B(a)) b(x) : W x:A B(x) (x : A; y : B(x) !W x:A B(x); z : Q t:B(x) C(y(t))) d(x; y; z) : C(sup(a; b)) T (sup(a; b); d) = d(a; b; t:T (b(t); d) : C(c) The elimination rule can be viewed either as a rule of transfinite induction or as a rule of definition by transfinite re...