Region-based memory management is an alternative to standard tracing garbage collection that makes potentially dangerous operations such as memory deallocation explicit but verifiably safe. In this article, we present a new compiler intermediate language, called the Capability Calculus, that supports region-based memory management and enjoys a provably safe type system. Unlike previous region-based type systems, region lifetimes need not be lexically scoped and yet the language may be checked for safety without complex analyses. Therefore, our type system may be deployed in settings such as extensible operating systems where both the performance and safety of untrusted code is important.

Machine We have described the type constructor language of CL and the typing rules for the main term-level constructs. In fact, the previous section contains all of the ACM Transactions on Programming Languages and Systems, Vol. TBD, No. TDB, Month Year. 20 D. Walker, K. Crary, and G. Morrisett #; #;# # h at r : # # # # f : Type #; ## # ; #{f :# f , x 1 :# 1 , . . . , xn :# n}; C # e # # f = #[# # ].(C, # 1 , . . . , #n ) # 0 at r f, x 1 , . . . , xn ## Dom(#) # #; #;# # fix f[# # ](C, x 1 :# 1 , . . . , xn :# n ).e at r : # f (h-fix) #; #;# # v i : # i (for 1 # i # n) # # r : Rgn #; #;# # #v 1 , . . . , vn # at r : ## 1 , . . . , #n # at r (h-tuple) #; #;# # h at r : # # # # # # = # : Type #; #;# # h at r : # (h-eq) #; #;# # v : # #; #;# # x : # (#(x) = #) (v-var) #; #;# # i : int (v-int) #; #;# # v : #[#:#, # # ].(C, # 1 , . . . , #n ) # 0 at r # # c : # #; #;# # v[c] : (#[# # ].(C, # 1 , . . . , #n ) # 0)[c/#] at r (v-type) #; #;# # v : #[# # C ## , # # ].(C # , # 1 , . . . , #n ) # 0 at r # # C # C ## #; #;# # v[C] : (#[# # ].(C # , # 1 , . . . , #n ) # 0)[C/#] at r (v-sub) #; #;# # v : # # # # # # = # : Type #; #;# # v : # (v-eq) Fig. 6. Capability static semantics: Heap and word values. information programmers or compilers require to write type-safe programs in CL. However, in order to prove a type soundness result in the style of Wright and Felleisen [Wright and Felleisen 1994], we must be able to type check programs at every step during their evaluation. In this section, we give the static semantics of the run-time values that are not normally manipulated by programmers, but are nevertheless necessary to prove our soundness result. At first, the formal definition ...

Submitted for publication to Information and Computation. A summary of this paper appeared in TACS '97.

This thesis examines the use of denotational semantics to reason about control flow in sequential, basically functional languages. It extends recent work in game semantics, in which programs are interpreted as strategies for computation by interaction with an environment. Abramsky has suggested that an intensional hierarchy of computational features such as state, and their fully abstract models, can be captured as violations of the constraints on strategies in the basic functional model. Non-local control flow is shown to fit into this framework as the violation of strong and weak ‘bracketing ’ conditions, related to linear behaviour. The language µPCF (Parigot’s λµ with constants and recursion) is adopted as a simple basis for higher-type, sequential computation with access to the flow of control. A simple operational semantics for both call-by-name and call-by-value evaluation is described. It is shown that dropping the bracketing condition on games models of PCF yields fully abstract models of µPCF.

. Dynamic binding, which has always been associated with Lisp, is still semantically obscure to many. Although largely replaced by lexical scoping, not only does dynamic binding remain an interesting and expressive programming technique in specialised circumstances, but also it is a key notion in semantics. This paper presents a syntactic theory that enables the programmer to perform equational reasoning on programs using dynamic binding. The theory is proved to be sound and complete with respect to derivations allowed on programs in "dynamic-environment passing style". From this theory, we derive a sequential evaluation function in a context-rewriting system. Then, we exhibit the power and usefulness of dynamic binding in two different ways. First, we prove that dynamic binding adds expressiveness to a purely functional language. Second, we show that dynamic binding is an essential notion in semantics that can be used to define the semantics of exceptions. Afterwards, we further refin...

The significance of type theory to the theory of programming languages has long been recognized. Advances in programming languages have often derived from understanding that stems from type theory. However, these applications of type theory to practical programming languages have been indirect; the differences between practical languages and type theory have prevented direct connections between the two. This dissertation presents systematic techniques directly relating practical programming languages to type theory. These techniques allow programming languages to be interpreted in the rich mathematical domain of type theory. Such interpretations lead to semantics that are at once denotational and operational, combining the advantages of each, and they also lay the foundation for formal verification of computer programs in type theory. Previous type theories either have not provided adequate expressiveness to interpret practical languages, or have provided such expressiveness at the expense of essential features of the type theory. In particular, no previous type theory has supported a notion of partial functions (needed to interpret recursion in practical languages), and a notion of total functions and objects (needed to reason about data values), and an intrinsic notion of equality (needed for most interesting results). This dissertation presents the first type theory incorporating all three, and discusses issues arising in the design of that type theory. This type theory is used as the target of a type­theoretic semantics for a expressive programming calculus. This calculus may serve as an internal language for a variety of functional programming languages. The semantics is stated as a syntax­directed embedding of the programming calculus into type theory. A critical point arising in both the type theory and the type­theoretic semantics is the issue of admissibility. Admissibility governs what types it is legal to form recursive functions over. To build a useful type theory for partial functions it is necessary to have a wide class of admissible types. In particular, it is necessary for all the types arising in the type­theoretic semantics to be admissible. In this dissertation I present a class of admissible types that is considerably wider than any previously known class.

Abstract not found

. Call-by-push-value is a new paradigm that subsumes the call-by-name and call-by-value paradigms, in the following sense: both operational and denotational semantics for those paradigms can be seen as arising, via translations that we will provide, from similar semantics for call-by-push-value. To explain call-by-push-value, we first discuss general operational ideas, especially the distinction between values and computations, using the principle that "a value is, a computation does". Using an example program, we see that the lambda-calculus primitives can be understood as push/pop commands for an operand-stack. We provide operational and denotational semantics for a range of computational effects and show their agreement. We hence obtain semantics for call-by-name and call-by-value, of which some are familiar, some are new and some were known but previously appeared mysterious. 1 Introduction 1.1 Contribution In his invited lecture at POPL '98 [32], Reynolds, surveying over 30 year...

Functional programming languages are informally classified into pure and impure languages. The precise meaning of this distinction has been a matter of controversy. We therefore investigate a formal definition of purity. We begin by showing that some proposed definitions that rely on confluence, soundness of the beta axiom, preservation of pure observational equivalences, and independence of the order of evaluation, do not withstand close scrutiny. We propose instead a definition based on parameter-passing independence. Intuitively, the definition implies that functions are pure mappings from arguments to results; the operational decision of how to pass the arguments is irrelevant. In the context of Haskell, our definition is consistent with the fact that the traditional call-by-name denotational semantics coincides with the traditional call-by-need implementation. Furthermore, our definition is compatible with the stream-based, continuationbased, and monad-based integration of computa...

This article presents a hybrid method of partial evaluation (PE), which is exactly as precise as naive online PE and nearly as efficient as state-of-the-art offline PE, for a statically typed call-by-value functional language.