Results 1  10
of
30
TypeSafe Linking and Modular Assembly Language
, 1999
"... Linking is a lowlevel task that is usually vaguely specified, if at all, by language definitions. However, the security of web browsers and other extensible systems depends crucially upon a set of checks that must be performed at link time. Building upon the simple, but elegant ideas of Cardelli, a ..."
Abstract

Cited by 60 (1 self)
 Add to MetaCart
Linking is a lowlevel task that is usually vaguely specified, if at all, by language definitions. However, the security of web browsers and other extensible systems depends crucially upon a set of checks that must be performed at link time. Building upon the simple, but elegant ideas of Cardelli, and module constructs from highlevel languages, we present a formal model of typed object files and a set of inference rules that are sufficient to guarantee that type safety is preserved by the linking process.
Deciding Type Equivalence in a Language with Singleton Kinds
 In TwentySeventh ACM Symposium on Principles of Programming Languages
, 2000
"... Work on the TILT compiler for Standard ML led us to study a language with singleton kinds: S(A) is the kind of all types provably equivalent to the type A. Singletons are interesting because they provide a very general form of definitions for type variables, allow finegrained control of type comput ..."
Abstract

Cited by 45 (7 self)
 Add to MetaCart
Work on the TILT compiler for Standard ML led us to study a language with singleton kinds: S(A) is the kind of all types provably equivalent to the type A. Singletons are interesting because they provide a very general form of definitions for type variables, allow finegrained control of type computations, and allow many equational constraints to be expressed within the type system.
Extensional equivalence and singleton types
 ACM Transactions on Computational Logic
"... We study the λΠΣS ≤ calculus, which contains singleton types S(M) classifying terms of base type provably equivalent to the term M. The system includes dependent types for pairs and functions (Σ and Π) and a subtyping relation induced by regarding singletons as subtypes of the base type. The decidab ..."
Abstract

Cited by 38 (8 self)
 Add to MetaCart
We study the λΠΣS ≤ calculus, which contains singleton types S(M) classifying terms of base type provably equivalent to the term M. The system includes dependent types for pairs and functions (Σ and Π) and a subtyping relation induced by regarding singletons as subtypes of the base type. The decidability of type checking for this language is nonobvious, since to type check we must be able to determine equivalence of wellformed terms. But in the presence of singleton types, the provability of an equivalence judgment Γ ⊢ M1 ≡ M2: A can depend both on the typing context Γ and on the particular type A at which M1 and M2 are compared. We show how to prove decidability of term equivalence, hence of type checking, in λΠΣS ≤ by exhibiting a typedirected algorithm for directly computing normal forms. The correctness of normalization is shown using an unusual variant of Kripke logical relations organized around sets; rather than defining a logical equivalence relation, we work directly with (subsets of) the corresponding equivalence classes. We then provide a more efficient algorithm for checking type equivalence without constructing normal forms. We also show that type checking, subtyping, and all other judgments of the system are decidable.
NuPRL’s class theory and its applications
 Foundations of Secure Computation, NATO ASI Series, Series F: Computer & System Sciences
, 2000
"... This article presents a theory of classes and inheritance built on top of constructive type theory. Classes are defined using dependent and very dependent function types that are found in the Nuprl constructive type theory. Inheritance is defined in terms of a general subtyping relation over the und ..."
Abstract

Cited by 15 (7 self)
 Add to MetaCart
(Show Context)
This article presents a theory of classes and inheritance built on top of constructive type theory. Classes are defined using dependent and very dependent function types that are found in the Nuprl constructive type theory. Inheritance is defined in terms of a general subtyping relation over the underlying types. Among the basic types is the intersection type which plays a critical role in the applications because it provides a method of composing program components. The class theory is applied to defining algebraic structures such as monoids, groups, rings, etc. and relating them. It is also used to define communications protocols as infinite state automata. The article illustrates the role of these formal automata in defining the services of a distributed group communications system. In both applications the inheritance mechanisms allow reuse of proofs and the statement of general properties of system composition. 1
Computational Complexity and Induction for Partial Computable Functions in Type Theory
 In Preprint
, 1999
"... An adequate theory of partial computable functions should provide a basis for defining computational complexity measures and should justify the principle of computational induction for reasoning about programs on the basis of their recursive calls. There is no practical account of these notions in ..."
Abstract

Cited by 12 (7 self)
 Add to MetaCart
(Show Context)
An adequate theory of partial computable functions should provide a basis for defining computational complexity measures and should justify the principle of computational induction for reasoning about programs on the basis of their recursive calls. There is no practical account of these notions in type theory, and consequently such concepts are not available in applications of type theory where they are greatly needed. It is also not clear how to provide a practical and adequate account in programming logics based on set theory. This paper provides a practical theory supporting all these concepts in the setting of constructive type theories. We first introduce an extensional theory of partial computable functions in type theory. We then add support for intensional reasoning about programs by explicitly reflecting the essential properties of the underlying computation system. We use the resulting intensional reasoning tools to justify computational induction and to define computationa...
Subtyping with Power Types
 of Lecture Notes in Computer Science
, 2000
"... This paper introduces a typed #calculus called # Power , a predicative reformulation of part of Cardelli's power type system. Power types integrate subtyping into the typing judgement, allowing bounded abstraction and bounded quantification over both types and terms. This gives a powerful a ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
This paper introduces a typed #calculus called # Power , a predicative reformulation of part of Cardelli's power type system. Power types integrate subtyping into the typing judgement, allowing bounded abstraction and bounded quantification over both types and terms. This gives a powerful and concise system of dependent types, but leads to di#culty in the metatheory and semantics which has impeded the application of power types so far. Basic properties of # Power are proved here, and it is given a model definition using a form of applicative structures. A particular novelty is the auxiliary system for rough typing, which assigns simple types to terms in # Power . These "rough" types are used to prove strong normalization of the calculus and to structure models, allowing a novel form of containment semantics without a universal domain.
Näıve computational type theory
 Proof and SystemReliability, Proceedings of International Summer School Marktoberdorf, July 24 to August 5, 2001, volume 62 of NATO Science Series III
, 2002
"... ..."
(Show Context)
Admissibility of Fixpoint Induction over Partial Types
 Automated deduction  CADE15. Lect. Notes in Comp. Sci
, 1998
"... Partial types allow the reasoning about partial functions in type theory. The partial functions of main interest are recursively computed functions, which are commonly assigned types using fixpoint induction. However, fixpoint induction is valid only on admissible types. Previous work has shown many ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
Partial types allow the reasoning about partial functions in type theory. The partial functions of main interest are recursively computed functions, which are commonly assigned types using fixpoint induction. However, fixpoint induction is valid only on admissible types. Previous work has shown many types to be admissible, but has not shown any dependent products to be admissible. Disallowing recursion on dependent product types substantially reduces the expressiveness of the logic; for example, it prevents much reasoning about modules, objects and algebras. In this paper I present two new tools, predicateadmissibility and monotonicity, for showing types to be admissible. These tools show a wide class of types to be admissible; in particular, they show many dependent products to be admissible. This alleviates difficulties in applying partial types to theorem proving in practice. I also present a general least upper bound theorem for fixed points with regard to a computational approxim...
StepIndexed Normalization for a Language with General Recursion
"... The TRELLYS project has produced several designs for practical dependently typed languages. These languages are broken into two fragments—a logical fragment where every term normalizes and which is consistent when interpreted as a logic, and a programmatic fragment with general recursion and other c ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
(Show Context)
The TRELLYS project has produced several designs for practical dependently typed languages. These languages are broken into two fragments—a logical fragment where every term normalizes and which is consistent when interpreted as a logic, and a programmatic fragment with general recursion and other convenient but unsound features. In this paper, we present a small example language in this style. Our design allows the programmer to explicitly mention and pass information between the two fragments. We show that this feature substantially complicates the metatheory and present a new technique, combining the traditional Girard–Tait method with stepindexed logical relations, which we use to show normalization for the logical fragment. 1