A dependently typed multi-stage calculus

Programming Languages and Systems: 17th Asian Symposium, APLAS 2019, Nusa Dua, Bali, Indonesia, December 1–4, 2019. Part of the Lecture Notes in Computer Science book series (LNCS, volume 11893). Also part of the Programming and Software Engineering book sub series (LNPSE, volume 11893).We study a dependently typed extension of a multi-stage programming language à la MetaOCaml, which supports quasi-quotation and cross-stage persistence for manipulation of code fragments as first-class values and an evaluation construct for execution of programs dynamically generated by this code manipulation. Dependent types are expected to bring to multi-stage programming enforcement of strong invariant—beyond simple type safety—on the behavior of dynamically generated code. An extension is, however, not trivial because such a type system would have to take stages of types—roughly speaking, the number of surrounding quotations—into account. To rigorously study properties of such an extension, we develop λMD, which is an extension of Hanada and Igarashi’s typed calculus λ▹% with dependent types, and prove its properties including preservation, confluence, strong normalization for full reduction, and progress for staged reduction. Motivated by code generators that generate code whose type depends on a value from outside of the quotations, we argue the significance of cross-stage persistence in dependently typed multi-stage programming and certain type equivalences that are not directly derived from reduction rules

Combining behavioural types with security analysis

Today's software systems are highly distributed and interconnected, and they increasingly rely on communication to achieve their goals; due to their societal importance, security and trustworthiness are crucial aspects for the correctness of these systems. Behavioural types, which extend data types by describing also the structured behaviour of programs, are a widely studied approach to the enforcement of correctness properties in communicating systems. This paper offers a unified overview of proposals based on behavioural types which are aimed at the analysis of security properties

A Categorical Normalization Proof for the Modal Lambda-Calculus

We investigate a simply typed modal $\lambda$-calculus, $\lambda^{\to\square}$, due to Pfenning, Wong and Davies, where we define a well-typed term with respect to a context stack that captures the possible world semantics in a syntactic way. It provides logical foundation for multi-staged meta-programming. Our main contribution in this paper is a normalization by evaluation (NbE) algorithm for $\lambda^{\to\square}$ which we prove sound and complete. The NbE algorithm is a moderate extension to the standard presheaf model of simply typed $\lambda$-calculus. However, central to the model construction and the NbE algorithm is the observation of Kripke-style substitutions on context stacks which brings together two previously separate concepts, structural modal transformations on context stacks and substitutions for individual assumptions. Moreover, Kripke-style substitutions allow us to give a formulation for contextual types, which can represent open code in a meta-programming setting. Our work lays the foundation for extending the logical foundation by Pfenning, Wong, and Davies towards building a practical, dependently typed foundation for meta-programming

Type‐Preserving CPS Translation of Σ and Π Types is Not Not Possible

International audienceDependently typed languages like Coq are used to specify and prove functional correctness of source programs,but what we ultimately need are guarantees about correctness of compiled code. By preserving dependenttypes through each compiler pass, we could preserve source-level specifications and correctness proofs intothe generated target-language programs. Unfortunately, type-preserving compilation of dependent types isnontrivial. In 2002, Barthe and Uustalu showed that type-preserving CPS is not possible for languages likeCoq. Specifically, they showed that for strong dependent pairs (Σ types), the standard typed call-by-name CPSis not type preserving. They further proved that for dependent case analysis on sums, a class of typed CPStranslations—including the standard translation—is not possible. In 2016, Morrisett noticed a similar problemwith the standard call-by-value CPS translation for dependent functions (Π types). In essence, the problem isthat the standard typed CPS translation by double-negation, in which computations are assigned types of theform (A → ⊥) → ⊥, disrupts the term/type equivalence that is used during type checking in a dependentlytyped language.In this paper, we prove that type-preserving CPS translation for dependently typed languages is not notpossible. We develop both call-by-name and call-by-value CPS translations from the Calculus of Constructionswith both Π and Σ types (CC) to a dependently typed target language, and prove type preservation andcompiler correctness of each translation. Our target language is CC extended with an additional equivalencerule and an additional typing rule, which we prove consistent by giving a model in the extensional Calculus ofConstructions. Our key observation is that we can use a CPS translation that employs answer-type polymorphism,where CPS-translated computations have type ∀α.(A → α) → α. This type justifies, by a free theorem,the new equality rule in our target language and allows us to recover the term/type equivalences that CPStranslation disrupts. Finally, we conjecture that our translation extends to dependent case analysis on sums,despite the impossibility result, and provide a proof sketch

Meta-F*: Proof Automation with SMT, Tactics, and Metaprograms

We introduce Meta-F*, a tactics and metaprogramming framework for the F* program verifier. The main novelty of Meta-F* is allowing the use of tactics and metaprogramming to discharge assertions not solvable by SMT, or to just simplify them into well-behaved SMT fragments. Plus, Meta-F* can be used to generate verified code automatically. Meta-F* is implemented as an F* effect, which, given the powerful effect system of F*, heavily increases code reuse and even enables the lightweight verification of metaprograms. Metaprograms can be either interpreted, or compiled to efficient native code that can be dynamically loaded into the F* type-checker and can interoperate with interpreted code. Evaluation on realistic case studies shows that Meta-F* provides substantial gains in proof development, efficiency, and robustness.Comment: Full version of ESOP'19 pape

A Foundation for Embedded Languages

Recent work on embedding object languages into Haskell use ``phantom types'' (i.e., parameterized types whose parameter does not occur on the right-hand side of the type definition) to ensure that the embedded object-language terms are simply typed. But is it a safe assumption that only simply-typed terms can be represented in Haskell using phantom types? And conversely, can all simply-typed terms be represented in Haskell under the restrictions imposed by phantom types? In this article we investigate the conditions under which these assumptions are true: We show that these questions can be answered affirmatively for an idealized Haskell-like language and discuss to which extent Haskell can be used as a meta-language

A Dependently-Typed Linear π -Calculus in Agda

Session types have consolidated as a formalism for the specification and static enforcement of communication protocols. Many different theories of dependent session types have been proposed, some enabling refined specifications on the content of messages, others allowing the structure of the protocols to depend on data exchanged in the protocol itself. In this work we continue a line of research studying the foundations of binary session types. In particular, we propose a variant of the linear π-calculus whose type structure encompasses virtually all dependent session types using just two type constructors: linear channel types and linear dependent pairs. We use Agda not only to formalize the metatheory of the calculus and obtain machine-checked proofs of type soundness, but also as host language in which we implement data-dependent protocols