Call-by-Value and Call-by-Name Dual Calculi with Inductive and Coinductive Types

This paper extends the dual calculus with inductive types and coinductive types. The paper first introduces a non-deterministic dual calculus with inductive and coinductive types. Besides the same duality of the original dual calculus, it has the duality of inductive and coinductive types, that is, the duality of terms and coterms for inductive and coinductive types, and the duality of their reduction rules. Its strong normalization is also proved, which is shown by translating it into a second-order dual calculus. The strong normalization of the second-order dual calculus is proved by translating it into the second-order symmetric lambda calculus. This paper then introduces a call-by-value system and a call-by-name system of the dual calculus with inductive and coinductive types, and shows the duality of call-by-value and call-by-name, their Church-Rosser properties, and their strong normalization. Their strong normalization is proved by translating them into the non-deterministic dual calculus with inductive and coinductive types.Comment: The conference version of this paper has appeared in RTA 200

Probabilistic Operational Semantics for the Lambda Calculus

Probabilistic operational semantics for a nondeterministic extension of pure lambda calculus is studied. In this semantics, a term evaluates to a (finite or infinite) distribution of values. Small-step and big-step semantics are both inductively and coinductively defined. Moreover, small-step and big-step semantics are shown to produce identical outcomes, both in call-by- value and in call-by-name. Plotkin's CPS translation is extended to accommodate the choice operator and shown correct with respect to the operational semantics. Finally, the expressive power of the obtained system is studied: the calculus is shown to be sound and complete with respect to computable probability distributions.Comment: 35 page

Relational Parametricity and Control

We study the equational theory of Parigot's second-order λμ-calculus in connection with a call-by-name continuation-passing style (CPS) translation into a fragment of the second-order λ-calculus. It is observed that the relational parametricity on the target calculus induces a natural notion of equivalence on the λμ-terms. On the other hand, the unconstrained relational parametricity on the λμ-calculus turns out to be inconsistent with this CPS semantics. Following these facts, we propose to formulate the relational parametricity on the λμ-calculus in a constrained way, which might be called ``focal parametricity''.Comment: 22 pages, for Logical Methods in Computer Scienc

Probabilistic Operational Semantics for the Lambda Calculus

Probabilistic operational semantics for a nondeterministic extension of pure \u3bb-calculus is studied. In this semantics, a term evaluates to a (finite or infinite) distribution of values. Small-step and big-step semantics, inductively and coinductively defined, are given. Moreover, small-step and big-step semantics are shown to produce identical outcomes, both in call-by-value and in call-by-name. Plotkin\u2019s CPS translation is extended to accommodate the choice operator and shown correct with respect to the operational semantics. Finally, the expressive power of the obtained system is studied: the calculus is shown to be sound and complete with respect to computable probability distributions

A verified compiler for a linear imperative / functional intermediate language

This thesis describes the design of the verified compiler LVC. LVC's main novelty is the way its first-order, term-based intermediate language IL realizes the advantages of static single assignment (SSA) for verified compilation. IL is a term-based language not based on a control-flow graph (CFG) but defined in terms of an inductively defined syntax with lexically scoped mutually recursive function definitions. IL replaces the usual dominance-based SSA definition found in unverified and verified compilers with the novel notion of coherence. The main research question this thesis studies is whether IL with coherence offers a faithful implementation of SSA, and how the design influences the correctness invariants and the proofs in the verified compiler LVC. To study this question, we verify dead code elimination, several SSA-based value optimizations including sparse conditional constant propagation and SSA-based register allocation approach including spilling. In these case studies, IL with coherence provides the usual advantages of SSA and improves modularity of proofs. Furthermore, we propose a novel SSA construction algorithm based on coherence, and leverage the term structure of IL to obtain an inductive proof method for simulation proofs. LVC is implemented and verified with over 50,000 lines of code using the proof assistant Coq. To underline practicability of our approach, we integrate LVC with CompCert to obtain an executable compiler that generates PowerPC assembly code.Diese Arbeit beschreibt das Design des verifizierten Compilers LVC. Die Hauptneuerung von LVC ist seine term-basierte Zwischensprache IL, die die Vorteile von static single assignment (SSA) für Verifikation nutzbar macht. IL ist eine term-basierte Sprache, die nicht auf einem Kontrollflussgraphen basiert, sondern auf einer induktiv definierten Syntax mit lexikalischen Variablen und verschränkt rekursiven Funktionen. IL ersetzt die übliche, dominanz-basierte SSA-Definition, die man in verifizierten und unverifizierten Compilern gleichermaßen findet, durch das neuartige Konzept der \emph{Kohärenz (coherence)}. Die Hauptforschungsfragen dieser Arbeit sind, ob IL zusammen mit Kohärenz als Implementierung von SSA geeignet ist, und wie ein IL-basiertes Design Korrektheitsinvarianten und Beweise am Beispiel von LVC beeinflusst. Um diese Fragen zu klären verifizieren wir verschiedene SSA-basierte Wertoptimierungen, wie beispielsweise sparse conditional constant propagation, und einen SSA-basierten Registerallokationsansatz mit spilling. In diesen Fallbeispielen bietet IL mit Kohärenz die üblichen Vorteile von SSA und verbessert die Modularität der Beweise. Darüberhinaus schlagen wir einen neuen, kohärenzbasierten SSA Aufbaualgorithmus vor und nutzen die Struktur von IL aus, um ein induktives Beweisverfahren für Simulationsbeweise zu entwickeln. LVC ist mit über 50.000 Zeilen mithilfe des Beweisassistenten Coq implementiert und verifiziert. Um die praktische Anwendbarkeit unseres Ansatzes zu zeigen, integrieren wir LVC mit dem verifizierten Compiler CompCert, wodurch wir einen ausführbaren Compiler erhalten, der PowerPC assembly code generiert.Google European Doctoral Fellowship 201

Type‐Preserving CPS Translation of Σ and Π Types is Not Not Possible

International audienceDependently typed languages like Coq are used to specify and prove functional correctness of source programs,but what we ultimately need are guarantees about correctness of compiled code. By preserving dependenttypes through each compiler pass, we could preserve source-level specifications and correctness proofs intothe generated target-language programs. Unfortunately, type-preserving compilation of dependent types isnontrivial. In 2002, Barthe and Uustalu showed that type-preserving CPS is not possible for languages likeCoq. Specifically, they showed that for strong dependent pairs (Σ types), the standard typed call-by-name CPSis not type preserving. They further proved that for dependent case analysis on sums, a class of typed CPStranslations—including the standard translation—is not possible. In 2016, Morrisett noticed a similar problemwith the standard call-by-value CPS translation for dependent functions (Π types). In essence, the problem isthat the standard typed CPS translation by double-negation, in which computations are assigned types of theform (A → ⊥) → ⊥, disrupts the term/type equivalence that is used during type checking in a dependentlytyped language.In this paper, we prove that type-preserving CPS translation for dependently typed languages is not notpossible. We develop both call-by-name and call-by-value CPS translations from the Calculus of Constructionswith both Π and Σ types (CC) to a dependently typed target language, and prove type preservation andcompiler correctness of each translation. Our target language is CC extended with an additional equivalencerule and an additional typing rule, which we prove consistent by giving a model in the extensional Calculus ofConstructions. Our key observation is that we can use a CPS translation that employs answer-type polymorphism,where CPS-translated computations have type ∀α.(A → α) → α. This type justifies, by a free theorem,the new equality rule in our target language and allows us to recover the term/type equivalences that CPStranslation disrupts. Finally, we conjecture that our translation extends to dependent case analysis on sums,despite the impossibility result, and provide a proof sketch