16 research outputs found
Recommended from our members
Recovering purity with comonads and capabilities
© 2020 Owner/Author. In this paper, we take a pervasively effectful (in the style of ML) typed lambda calculus, and show how to extend it to permit capturing pure expressions with types. Our key observation is that, just as the pure simply-typed lambda calculus can be extended to support effects with a monadic type discipline, an impure typed lambda calculus can be extended to support purity with a comonadic type discipline. We establish the correctness of our type system via a simple denotational model, which we call the capability space model. Our model formalises the intuition common to systems programmers that the ability to perform effects should be controlled via access to a permission or capability, and that a program is capability-safe if it performs no effects that it does not have a runtime capability for. We then identify the axiomatic categorical structure that the capability space model validates, and use these axioms to give a categorical semantics for our comonadic type system. We then give an equational theory (substitution and the call-by-value ß and • laws) for the imperative lambda calculus, and show its soundness relative to this semantics. Finally, we give a translation of the pure simply-typed lambda calculus into our comonadic imperative calculus, and show that any two terms which are ß•-equal in the STLC are equal in the equational theory of the comonadic calculus, establishing that pure programs can be mapped in an equation-preserving way into our imperative calculus
flap: A Deterministic Parser with Fused Lexing
Lexers and parsers are typically defined separately and connected by a token
stream. This separate definition is important for modularity and reduces the
potential for parsing ambiguity. However, materializing tokens as data
structures and case-switching on tokens comes with a cost. We show how to fuse
separately-defined lexers and parsers, drastically improving performance
without compromising modularity or increasing ambiguity. We propose a
deterministic variant of Greibach Normal Form that ensures deterministic
parsing with a single token of lookahead and makes fusion strikingly simple,
and prove that normalizing context free expressions into the deterministic
normal form is semantics-preserving. Our staged parser combinator library,
flap, provides a standard interface, but generates specialized token-free code
that runs two to six times faster than ocamlyacc on a range of benchmarks.Comment: PLDI 2023 with appendi
Focusing on Refinement Typing
We present a logically principled foundation for systematizing, in a way that
works with any computational effect and evaluation order, SMT constraint
generation seen in refinement type systems for functional programming
languages. By carefully combining a focalized variant of call-by-push-value,
bidirectional typing, and our novel technique of value-determined indexes, our
system generates solvable SMT constraints without existential (unification)
variables. We design a polarized subtyping relation allowing us to prove our
logically focused typing algorithm is sound, complete, and decidable. We prove
type soundness of our declarative system with respect to an elementary
domain-theoretic denotational semantics. Type soundness implies, relatively
simply, the total correctness and logical consistency of our system. The
relative ease with which we obtain both algorithmic and semantic results
ultimately stems from the proof-theoretic technique of focalization.Comment: 61 pages + appendix with proofs, Just Accepted version of paper (with
new title) at ACM Transactions on Programming Languages and System
Recommended from our members
Sound and complete bidirectional typechecking for higher-rank polymorphism with existentials and indexed types
Bidirectional typechecking, in which terms either synthesize a type or are checked against a known type, has become popular for its applicability to a variety of type systems, its error reporting, and its ease of implementation. Following principles from proof theory, bidirectional typing can be applied to many type constructs. The principles underlying a bidirectional approach to indexed types (generalized algebraic datatypes) are less clear. Building on proof-theoretic treatments of equality, we give a declarative specification of typing based on focalization. This approach permits declarative rules for coverage of pattern matching, as well as support for first-class existential types using a focalized subtyping judgment. We use refinement types to avoid explicitly passing equality proofs in our term syntax, making our calculus similar to languages such as Haskell and OCaml. We also extend the declarative specification with an explicit rules for deducing when a type is principal, permitting us to give a complete declarative specification for a rich type system with significant type inference. We also give a set of algorithmic typing rules, and prove that it is sound and complete with respect to the declarative system. The proof requires a number of technical innovations, including proving soundness and completeness in a mutually recursive fashion.EPSRC grant EP/N02706X/
Recommended from our members
CN: Verifying Systems C Code with Separation-Logic Refinement Types
Despite significant progress in the verification of hypervisors, operating systems, and compilers, and in verification tooling, there exists a wide gap between the approaches used in verification projects and conventional development of systems software. We see two main challenges in bringing these closer together: verification handling the complexity of code and semantics of conventional systems software, and verification usability.
We describe an experiment in verification tool design aimed at addressing some aspects of both: we design and implement CN, a separation-logic refinement type system for C systems software, aimed at predictable proof automation, based on a realistic semantics of ISO C. CN reduces refinement typing to decidable propositional logic reasoning, uses first-class resources to support pointer aliasing and pointer arithmetic, features resource inference for iterated separating conjunction, and uses a novel syntactic restriction of ghost variables in specifications to guarantee their successful inference. We implement CN and formalise key aspects of the type system, including a soundness proof of type checking. To demonstrate the usability of CN we use it to verify a substantial component of Google's pKVM hypervisor for Android.a European Research Council (ERC) Consolidator Grant for the project “TypeFoundry”, funded under the European Union’s Horizon 2020 Framework Programme (grant agreement no. 101002277);
a European Research Council (ERC) Advanced Grant “ELVER” under the European Union’s Horizon 2020 research and innovation programme (grant agreement no. 789108);
an EPSRC Doctoral Training studentship;
funding from Google Researc