Results 1  10
of
23
Biorthogonality, StepIndexing and Compiler Correctness
, 2009
"... We define logical relations between the denotational semantics of a simply typed functional language with recursion and the operational behaviour of lowlevel programs in a variant SECD machine. The relations, which are defined using biorthogonality and stepindexing, capture what it means for a piec ..."
Abstract

Cited by 24 (10 self)
 Add to MetaCart
We define logical relations between the denotational semantics of a simply typed functional language with recursion and the operational behaviour of lowlevel programs in a variant SECD machine. The relations, which are defined using biorthogonality and stepindexing, capture what it means for a piece of lowlevel code to implement a mathematical, domaintheoretic function and are used to prove correctness of a simple compiler. The results have been formalized in the Coq proof assistant.
A typed, compositional logic for a stackbased abstract machine
 In Proc. 3rd Asian Symposium on Programming Languages and Systems (APLAS), volume 3780 of Lecture Notes in Computer Science
, 2005
"... Abstract. We define a compositional program logic in the style of Floyd and Hoare for a simple, typed, stackbased abstract machine with unstructured control flow, global variables and mutually recursive procedure calls. Notable features of the logic include a careful treatment of auxiliary variable ..."
Abstract

Cited by 22 (7 self)
 Add to MetaCart
Abstract. We define a compositional program logic in the style of Floyd and Hoare for a simple, typed, stackbased abstract machine with unstructured control flow, global variables and mutually recursive procedure calls. Notable features of the logic include a careful treatment of auxiliary variables and quantification and the use of substructural typing to permit local, modular reasoning about program fragments. Semantic soundness is established using an interpretation of types and assertions defined by orthogonality with respect to sets of contexts. 1
Recursive Polymorphic Types and Parametricity in an Operational Framework
, 2005
"... We construct a realizability model of recursive polymorphic types, starting from an untyped language of terms and contexts. An orthogonality relation e # indicates when a term e and a context # may be safely combined in the language. Types are interpreted as sets of terms closed by biorthogonalit ..."
Abstract

Cited by 22 (1 self)
 Add to MetaCart
We construct a realizability model of recursive polymorphic types, starting from an untyped language of terms and contexts. An orthogonality relation e # indicates when a term e and a context # may be safely combined in the language. Types are interpreted as sets of terms closed by biorthogonality. Our main result states that recursive types are approximated by converging sequences of interval types. Our proof is based on a "typedirected" approximation technique, which departs from the "languagedirected" approximation technique developed by MacQueen, Plotkin and Sethi in the ideal model. We thus keep the language elementary (a callbyname #calculus) and unstratified (no typecase, no reduction labels). We also include a short account of parametricity, based on an orthogonality relation between quadruples of terms and contexts.
Stepindexed Kripke models over recursive worlds
 In Proc. of POPL
, 2011
"... Over the last decade, there has been extensive research on modelling challenging features in programming languages and program logics, such as higherorder store and storable resource invariants. A recent line of work has identified a common solution to some of these challenges: Kripke models over w ..."
Abstract

Cited by 18 (9 self)
 Add to MetaCart
Over the last decade, there has been extensive research on modelling challenging features in programming languages and program logics, such as higherorder store and storable resource invariants. A recent line of work has identified a common solution to some of these challenges: Kripke models over worlds that are recursively defined in a category of metric spaces. In this paper, we broaden the scope of this technique from the original domaintheoretic setting to an elementary, operational one based on step indexing. The resulting method is widely applicable and leads to simple, succinct models of complicated language features, as we demonstrate in our semantics of Charguéraud and Pottier’s typeandcapability system for an MLlike higherorder language. Moreover, the method provides a highlevel understanding of the essence of recent approaches based on step indexing. 1.
Abstracting Allocation: The New new Thing
 In Computer Science Logic
, 2006
"... Abstract. We introduce a FloydHoarestyle framework for specification and verification of machine code programs, based on relational parametricity (rather than unary predicates) and using both stepindexing and a novel form of separation structure. This yields compositional, descriptive and extensi ..."
Abstract

Cited by 18 (6 self)
 Add to MetaCart
Abstract. We introduce a FloydHoarestyle framework for specification and verification of machine code programs, based on relational parametricity (rather than unary predicates) and using both stepindexing and a novel form of separation structure. This yields compositional, descriptive and extensional reasoning principles for many features of lowlevel sequential computation: independence, ownership transfer, unstructured control flow, firstclass code pointers and address arithmetic. We demonstrate how to specify and verify the implementation of a simple memory manager and, independently, its clients in this style. The work has been fully machinechecked within the Coq proof assistant. 1
Reducibility and ⊤⊤lifting for computation types
 In Proc. 7th International Conference on Typed Lambda Calculi and Applications (TLCA), volume 3461 of Lecture Notes in Computer Science
, 2005
"... Abstract. We propose ⊤⊤lifting as a technique for extending operational predicates to Moggi’s monadic computation types, independent of the choice of monad. We demonstrate the method with an application to GirardTait reducibility, using this to prove strong normalisation for the computational meta ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
Abstract. We propose ⊤⊤lifting as a technique for extending operational predicates to Moggi’s monadic computation types, independent of the choice of monad. We demonstrate the method with an application to GirardTait reducibility, using this to prove strong normalisation for the computational metalanguage λml. The particular challenge with reducibility is to apply this semantic notion at computation types when the exact meaning of “computation ” (stateful, sideeffecting, nondeterministic, etc.) is left unspecified. Our solution is to define reducibility for continuations and use that to support the jump from value types to computation types. The method appears robust: we apply it to show strong normalisation for the computational metalanguage extended with sums, and with exceptions. Based on these results, as well as previous work with local state, we suggest that this “leapfrog ” approach offers a general method for raising concepts defined at value types up to observable properties of computations. 1
Compiling functional types to relational specifications for low level imperative code
 In TLDI
, 2009
"... We describe a semantic type soundness result, formalized in the Coq proof assistant, for a compiler from a simple functional language into an idealized assembly language. Types in the highlevel language are interpreted as binary relations, built using both secondorder quantification and separation, ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
We describe a semantic type soundness result, formalized in the Coq proof assistant, for a compiler from a simple functional language into an idealized assembly language. Types in the highlevel language are interpreted as binary relations, built using both secondorder quantification and separation, over stores and values in the lowlevel machine. Categories and Subject Descriptors F.3.1 [Logics and meanings of programs]: Specifying and Verifying and Reasoning about
Formalizing and verifying semantic type soundness for a simple compiler
, 2007
"... We describe a semantic type soundness result, formalized in the Coq proof assistant, for a compiler from a simple imperative language with heapallocated data into an idealized assembly language. Types in the highlevel language are interpreted as binary relations, built using both secondorder quan ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
We describe a semantic type soundness result, formalized in the Coq proof assistant, for a compiler from a simple imperative language with heapallocated data into an idealized assembly language. Types in the highlevel language are interpreted as binary relations, built using both secondorder quantification and a form of separation structure, over stores and code pointers in the lowlevel machine.
Subtyping Union Types
, 2004
"... Subtyping rules can be fairly complex for union types, due to interactions with other types, such as function types. Furthermore, these interactions turn out to depend on the calculus considered: for instance, a callbyvalue calculus and a callbyname calculus will have different possible subtypin ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
Subtyping rules can be fairly complex for union types, due to interactions with other types, such as function types. Furthermore, these interactions turn out to depend on the calculus considered: for instance, a callbyvalue calculus and a callbyname calculus will have different possible subtyping rules. In order to abstract ourselves away from this dependence, we consider a fairly large class of calculi. We define types in a semantic fashion, as sets of terms. Then, a type can be a subtype of another type if its denotation is included in the denotation of the other type. We first consider a simple type system with union, function, pair and constant types. Using inference rules, we specify a subtyping relation which is both sound and complete with respect to the class of calculi. We then extend this result to a richer type system with MLstyle polymorphism and type constructors. We expect this framework to allow the study of subtyping relations that only hold for some calculi by restricting the class considered, and to allow the study of subtyping relations for richer type systems by enriching the class.
Semantic foundations for typed assembly languages
 Prog. Languages and Systems (TOPLAS
, 2008
"... Typed Assembly Languages (TALs) are used to validate the safety of machinelanguage programs. The Foundational ProofCarrying Code project seeks to verify the soundness of TALs using the smallest possible set of axioms—the axioms of a suitably expressive logic plus a specification of machine semanti ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
Typed Assembly Languages (TALs) are used to validate the safety of machinelanguage programs. The Foundational ProofCarrying Code project seeks to verify the soundness of TALs using the smallest possible set of axioms—the axioms of a suitably expressive logic plus a specification of machine semantics. This paper proposes general semantic foundations that permit modular proofs of the soundness of TALs. These semantic foundations include Typed Machine Language (TML), a type theory for specifying properties of lowlevel data with powerful and orthogonal type constructors, and Lc, a compositional logic for specifying properties of machine instructions with simplified reasoning about unstructured control flow. Both of these components, whose semantics we specify using higherorder logic, are useful for proving the soundness of TALs. We demonstrate this by using TML and Lc to verify the soundness of a lowlevel, typed assembly language, LTAL, which is the target of our coreMLtosparc compiler. To prove the soundness of the TML type system we have successfully applied a new approach, that of stepindexed logical relations. This approach provides the first semantic model for a type system with updatable references to values of impredicative quantified types. Both impredicative polymorphism and mutable references are essential when representing function closures in compilers with typed closure conversion, or when compiling objects to simpler typed primitives.