## The implicit calculus of constructions as a programming language with dependent types

Venue: | In Amadio [6 |

Citations: | 30 - 1 self |

### BibTeX

@INPROCEEDINGS{Barras_theimplicit,

author = {Bruno Barras and Bruno Bernardo},

title = {The implicit calculus of constructions as a programming language with dependent types},

booktitle = {In Amadio [6},

year = {},

pages = {365--379}

}

### OpenURL

### Abstract

Abstract. In this paper, we show how Miquel’s Implicit Calculus of Constructions (ICC) can be used as a programming language featuring dependent types. Since this system has an undecidable type-checking, we introduce a more verbose variant, called ICC ∗ which fixes this issue. Datatypes and program specifications are enriched with logical assertions (such as preconditions, postconditions, invariants) and programs are decorated with proofs of those assertions. The point of using ICC ∗ rather than the Calculus of Constructions (the core formalism of the Coq proof assistant) is that all of the static information (types and proof objects) is transparent, in the sense that it does not affect the computational behavior. This is concretized by a built-in extraction procedure that removes this static information. We also illustrate the main features of ICC ∗ on classical examples of dependently typed programs. 1

### Citations

544 | Lambda Calculi with Types
- Barendregt
- 1992
(Show Context)
Citation Context ...head reduction of ⊲R - reduction occurs in the left subterm of applications (implicit or explicit applications in the case of decorated terms). As in the traditional presentation of Pure Type Systems =-=[1]-=-, we define two sets Axiom ⊂S2 and Rule ⊂S3 by Axiom = {(Prop, Type0); (Typei, Typei+1) | i ∈ N} Rule = {(Prop,s,s); (s, Prop, Prop) | s ∈S} ∪{(Typei, Typej, Type max(i,j) ) | i, j, ∈ N} We will also ... |

298 | Dependent types in practical programming
- Xi, Pfenning
- 1999
(Show Context)
Citation Context ...an evidence of that claim. Still, in those systems, typing is not expressive enough to address problems such as array bound checks. Such issue can be alleviated by using dependent types. Dependent ML =-=[19]-=- is an extension of SML implementing a restricted form of dependent types. The idea is to annotate datatype specifications and program types with expressions in a given constraint domain. Type-checkin... |

183 | Towards a Practical Programming Language based on Dependent Type Theory
- Norell
- 2007
(Show Context)
Citation Context ...the automatic solver fails. It lets the programmer prove simple invariants (there is very little support for proof construction). Proofs systems (let us name a small number of them: Epigram [8], Agda =-=[13]-=-, NuPRL [5] and Coq [17]) provide better tools for proof automation, but in most of them, the distinction between statics (logical and typing arguments) and dynamics (actual code) raises problems. To ... |

160 |
The view from the left
- McBride, McKinna
(Show Context)
Citation Context ...e in case the automatic solver fails. It lets the programmer prove simple invariants (there is very little support for proof construction). Proofs systems (let us name a small number of them: Epigram =-=[8]-=-, Agda [13], NuPRL [5] and Coq [17]) provide better tools for proof automation, but in most of them, the distinction between statics (logical and typing arguments) and dynamics (actual code) raises pr... |

87 | Combining Programming with Theorem Proving
- Chen, Xi
- 2005
(Show Context)
Citation Context ...e satifiability of constraints. The main point of having restricted dependent types is that it applies to programming languages with non-pure features (side-effects, input/output,...). The system ATS =-=[4]-=- is an evolution of DML that integrates theorem proving in the LF style in case the automatic solver fails. It lets the programmer prove simple invariants (there is very little support for proof const... |

86 | ECC an Extended Calculus of Constructions
- Luo
- 1989
(Show Context)
Citation Context ...the same syntactic class, and special constants called sorts represent the types of types. Sorts (Type i )i∈N denote the usual predicative universe hierarchy of the Extended Calculus of Constructions =-=[7]-=-. There is only one impredicative sort, Prop, because the distinction between propositional types and data types will be made by defining a term as being explicit (data types) or implicit (proposition... |

39 | Inductive families need not store their indices
- Brady, McBride, et al.
- 2004
(Show Context)
Citation Context ... (in the tradition of Martin Löf theories). A number of techniques are developed in order to optimize the evaluation: – in the case of vectors, the length argument can be removed from the constructor =-=[3]-=-. Unfortunately, only information that is uniquely recoverable can be erased. For instance, in the example of terms with their set of variables, the proof that variables belong to the set cannot be ma... |

39 | Subset coercions in Coq
- Sozeau
- 2007
(Show Context)
Citation Context ...ven → nat and equalities such as (4,π1) =(4,π2) are proven by reflexivity. These facts generalize to any predicate over any type since no particular property of natural numbers has been used here. In =-=[16]-=-, Sozeau introduces a feature of Coq similar to the predicate subtyping of PVS, including the possibility to prove claimed invariants by generating proof obligations. Subset types are coded by a pair ... |

30 | Practical Implementation of a Dependently Typed Functional Programming Language
- Brady
- 2005
(Show Context)
Citation Context ...ables, the proof that variables belong to the set cannot be made implicit. – A notion of compilation stages is introduced and an erasure function removes parts that belong to the most “static” stages =-=[2]-=-. However, this process faces the same problems that the extraction of Coq: the conversion rule applies on the fully decorated term, so the erased parts are still compared. We emphasize on the fact th... |

24 | The Formal Semantics of PVS
- Owre, Shankar
- 1999
(Show Context)
Citation Context ... λ-calculus, but all the typing information (here P and the vector size) does not get in the way, since objects are compared modulo extraction. 5.3 Predicate Subtyping a la PVS One key feature of PVS =-=[14]-=- is predicate subtyping, which corresponds to the comprehension axiom in set theory. For instance, one can define the type of even number as a subtype of the natural numbers satisfying the appropriate... |

20 |
Le Calcul des Constructions Implicite: Syntaxe et Sémantique
- Miquel
- 2001
(Show Context)
Citation Context ... different proofs. Since there is no proof-irrelevance, such objects cannot be proven equal in spite of having the same runtime counterparts. The Implicit Calculus of Constructions (ICC, see [10] and =-=[11]-=-) offers a more satisfying alternative to the distinction between Prop and Set. It is a Curry-style presentation of the Calculus of Constructions. 1 It features a so-called implicit product that corre... |

15 |
Programmation fonctionnelle certifiée – L’extraction de programmes dans l’assistant Coq
- Letouzey
- 2004
(Show Context)
Citation Context ...onstructions is quite coarse: programs have arguments that are indeed only static information (type decorations, proof objects, dependencies). There exists a procedure called extraction (described in =-=[6]-=-) that produces source code for a number of functional languages from intuitionistic proofs. It tries to remove this static information. The decision of keeping or removing an argument is made by the ... |

13 | The Implicit Calculus of Constructions: Extending Pure Type Systems with an Intersection Type Binder and Subtyping. Typed Lambda Calculi and Applications
- Miquel
- 2001
(Show Context)
Citation Context ...ontaining different proofs. Since there is no proof-irrelevance, such objects cannot be proven equal in spite of having the same runtime counterparts. The Implicit Calculus of Constructions (ICC, see =-=[10]-=- and [11]) offers a more satisfying alternative to the distinction between Prop and Set. It is a Curry-style presentation of the Calculus of Constructions. 1 It features a so-called implicit product t... |

10 | The Not So Simple Proof-Irrelevant Model of CC
- Miquel, Werner
- 2002
(Show Context)
Citation Context ...iven proposition are always convertible. On the one hand, this does not require a complicated model since proof-irrelevance is a valid property in the classical model of the Calculus of Constructions =-=[12]-=-. On the other hand, this approach does not address the problem of other extra arguments (types, domains of abstractions, dependencies belonging to Set). 7 Future Work We have shown that the Implicit ... |

8 | On the strength of proof-irrelevant type theories
- Werner
- 2006
(Show Context)
Citation Context ...f programs can always be made implicit (as for False_elim and eq_elim) and thus never compared. Note that this was an important motivation for considering a proof irrelevant Calculus of Constructions =-=[18]-=-. One might want not just axiom eq_elim, but also a reduction associated to it (witnessing the fact that it can be interpreted by the identity). Unfortunately we see no way to do this since this axiom... |

5 |
Arguments implicites dans le calcul des constructions: étude d’un formalisme à la curry
- Miquel
- 1998
(Show Context)
Citation Context ...ss result saying that, given M a well-typed term of ICC∗ and N ′ a term of ICC such that M ∗ →β N ′, there exists a term N of ICC∗ such that N ∗ = N ′ and M → + βie N. It is proved as in Lemma 3.4 of =-=[9]-=- except that we use the fact that every well-typed term has a βi-weak head normal form (WHNF) - instead of a βi-normal form in [9]. The last result that we need is the existence of a βie-WHNF for ever... |

3 |
Interprétation de l’analyse statique en théorie des types
- Prost
- 1999
(Show Context)
Citation Context ...f Set are the actual datatypes (like nat and vect). In the example, the proof argument of get would be erased, but the length n would not. This issue could be alleviated by doing a dead-code analysis =-=[15]-=-, but it would not allow the user to specify aprioriarguments that shall not be used in the algorithmic part of the proof. Another drawback of the extraction approach is that it is external to the sys... |