Language-based security relies on the assumption that all potential attacks are bound by the rules of the language in question. When programs are compiled into a different language, this is true only if the translation process preserves observational equivalence. We investigate the problem of fully abstract compilation, i.e., compilation that both preserves and reflects observational equivalence. In particular, we prove that typed closure conversion for the polymorphic λ-calculus with existential and recursive types is fully abstract. Our proof uses operational techniques in the form of a step-indexed logical relation and construction of certain wrapper terms that “back-translate ” from target values to source values. Although typed closure conversion has been assumed to be fully abstract, we are not aware of any previous result that actually proves this.

We discuss the conceptual problem of identifying the natural notions of computability at higher types (over the natural numbers). We argue for an eclectic approach, in which one considers a wide range of possible approaches to defining higher type computability and then looks for regularities. As a first step in this programme, we give an extended survey of the di#erent strands of research on higher type computability to date, bringing together material from recursion theory, constructive logic and computer science. The paper thus serves as a reasonably complete overview of the literature on higher type computability. Two sequel papers will be devoted to developing a more systematic account of the material reviewed here.

I/O mechanisms are needed if functional languages are to be suitable for general purpose programming and several implementations exist. But little is known about semantic methods for specifying and proving properties of lazy functional programs engaged in I/O. As a step towards formal methods of reasoning about realistic I/O we investigate three widely implemented mechanisms in the setting of teletype I/O: synchronised-stream (primitive in Haskell), continuationpassing (derived in Haskell) and Landin-stream I/O (where programs map an input stream to an output stream of characters) . Using methods from Milner's CCS we give a labelled transition semantics for the three mechanisms. We adopt bisimulation equivalence as equality on programs engaged in I/O and give functions to map between the three kinds of I/O. The main result is the first formal proof of semantic equivalence of the three mechanisms, generalising an informal argument of the Haskell committee. 1 Introduction and motivation...

Abstract. We describe a denotational semantics for a sequential functional language with random number generation over a countably infinite set (the natural numbers), and prove that it is fully abstract with respect to may-and-must testing. Our model is based on biordered sets similar to Berry’s bidomains, and stable, monotone functions. However, (as in prior models of unbounded non-determinism) these functions may not be continuous. Working in a biordered setting allows us to exploit the different properties of both extensional and stable orders to construct a Cartesian closed category of sequential, discontinuous functions, with least and greatest fixpoints having strong enough properties to prove computational adequacy. We establish full abstraction of the semantics by showing that it contains a simple, first-order “universal type-object ” within which all types may be embedded using functions defined by (countable) ordinal induction. 1

Software contracts help programmers enforce program properties that the language’s type system cannot express. Unlike types, contracts are (usually) enforced at run-time. When a contract fails, the contract system signals an error. Beyond such errors, contracts should have no other observable (functional) effect on the program’s results. In most implementations, however, the language of contracts is the full-fledged programming language, which means that programmers may (intentionally or unintentionally) introduce visible effects into their contracts. Here we present the results of investigating the nature of contracts from a denotational perspective. Specifically, we use SPCF and the category of observably sequential functions to show that contracts are best understood as projections. Thus far, the investigation has produced a significantly faster contract implementation and the insight that our contract language cannot express all projections, which in turn has produced a new contract combinator.

Every "practical" programming language supplies the programmer with at least one nonstrict construct, such as the ALGOL60 arithmetic `ifthen -else' and the LISP `cond'. Many programming languages also enable the user to define nonstrict functions. In some languages, this is accomplished through the lazy evaluation of procedure parameters, as realized, for example, by the call-by-name devices of ALGOL60 and SIMULA67 and the call-by-need mechanism of Haskell. In other languages, such as Common LISP, a macro definition facility can serve a similar purpose. Programming languages that provide a mechanism for the user to define nonstrict functions are nonstrict languages, and we call the natural underlying logic of these languages nonstrict positive free logic. In this paper, we present the definition theory of nonstrict positive free logic. Suitable transformations of sentences in standard logic into sentences in nonstrict positive free logic preserve many properties of definitions in stand...

The relationship between Hyland-Ong-style games and Berry-Curien sequential algorithms is investigated, with the object of describing semantic solutions to two problems | to characterise eectively the \minimal models" of the simply-typed -calculus and the fully abstract model of PCF with control operators | which are shown to be equivalent.

. In this paper, we develop a theory of higher-order computability suitable for comparing the expressiveness of sequential, deterministic programming languages. The theory is based on the construction of a new universal domain T and corresponding universal language KL. The domain T is universal for observably sequential domains; KL can define all the computable elements of T, including the elements corresponding to computable observably sequential functions. In addition, domain embeddings in T preserve the maximality of finite elements---preserving the termination behavior of programs over the embedded domains. 1 Background and Motivation Classic recursion theory [7, 13, 18] asserts that all conventional programming languages are equally expressive because they can define all partial recursive functions over the natural numbers. This statement, however, is misleading because real programming languages support and enforce a more abstract view of data than bitstrings. In particular, mo...

Abstract. We give a simple order-theoretic construction of a Cartesian closed category of sequential functions. It is based on bistable biorders, which are sets with a partial order — the extensional order — and a bistable coherence, which captures equivalence of program behaviour, up to permutation of top (error) and bottom (divergence). We show that monotone and bistable functions (which are required to preserve bistably bounded meets and joins) are strongly sequential, and use this fact to prove universality results for the bistable biorder semantics of the simply-typed lambda-calculus (with atomic constants), and an extension with arithmetic and recursion. We also construct a bistable model of SPCF, a higher-order functional programming language with non-local control. We use our universality result for the lambda-calculus to show that the semantics of SPCF is fully abstract. We then establish a direct correspondence between bistable functions and sequential algorithms by showing that sequential data structures give rise to bistable biorders, and that each bistable function between such biorders is computed by a sequential algorithm. 1.

Abstract not found