Blame for All. Amal Ahmed, Robert Bruce Findler, Jeremy Siek, Philip Wadler

Similar documents
CMSC 631 Program Analysis and Understanding Fall Type Systems

Blame and Coercion: Together Again for the First Time

Threesomes, With and Without Blame

1 Problem 1. (20 pts)

State-Dependent Representation Independence (Technical Appendix)

Typed Arithmetic Expressions

Formal Methods Lecture 6. (B. Pierce's slides for the book Types and Programming Languages )

Formal Methods Lecture 6. (B. Pierce's slides for the book Types and Programming Languages )

Typing λ-terms. Types. Typed λ-terms. Base Types. The Typing Relation. Advanced Formal Methods. Lecture 3: Simply Typed Lambda calculus

Non-Parametric Parametricity

CIS 500 Software Foundations Final Exam Answer key December 20, 2004

Non-Parametric Parametricity

Type Systems Winter Semester 2006

Type Systems Winter Semester 2006

Logical Step-Indexed Logical Relations

Realizability Semantics of Parametric Polymorphism, General References, and Recursive Types

Normalization by Evaluation

Local Representations of Binding

1 Introduction. 2 Recap The Typed λ-calculus λ. 3 Simple Data Structures

Contracts made manifest

Contracts Made Manifest

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

CS 4110 Programming Languages & Logics. Lecture 16 Programming in the λ-calculus

Extending the Lambda Calculus: An Eager Functional Language

Command = Value Context. Hans-Dieter Hiep. 15th of June, /17

An Introduction to Logical Relations Proving Program Properties Using Logical Relations

Monads for Relations. Jeremy G. Siek University of Colorado at Boulder SPLS, June Jeremy Siek Monads for Relations 1 / 20

(2) (15pts) Using Prolog, implement a type-checker for the following small subset of System F:

Safety Analysis versus Type Inference

Introduction to lambda calculus Part 2

Simply Typed Lambda Calculus

LOGICAL STEP-INDEXED LOGICAL RELATIONS

Beyond First-Order Logic

Static Program Analysis

Consequence Relations and Natural Deduction

Lambda calculus. (Advanced Functional Programming) Jeremy Yallop. January Computer Laboratory University of Cambridge 1/ 29

The Girard-Reynolds Isomorphism. Philip Wadler, University of Edinburgh

3 Polymorphic Manifest Contracts, Revised and Resolved

CIS 500 Software Foundations Final Exam. Answer key. December 20, 2006

Justifying Algorithms for βη-conversion

5. The Logical Framework

Manifest Contracts. ScholarlyCommons. University of Pennsylvania. Michael Greenberg University of Pennsylvania,

Programming Languages

Step-Indexed Biorthogonality: a Tutorial Example

Programming Languages Fall 2013

A Bisimulation for Type Abstraction and Recursion

CSE 505, Fall 2009, Midterm Examination 5 November Please do not turn the page until everyone is ready.

3. The λ-calculus and Implication

The Greek Alphabet. (a) The Untyped λ-calculus

Advanced Lambda Calculus. Henk Barendregt & Giulio Manzonetto ICIS Faculty of Science Radboud University Nijmegen, The Netherlands

arxiv: v2 [cs.pl] 13 Jul 2018

Boxes Go Bananas: Encoding Higher-Order Abstract Syntax with Parametric Polymorphism (Extended Version)

NICTA Advanced Course. Theorem Proving Principles, Techniques, Applications

A bisimulation for dynamic sealing

System F. Proofs and Types. Bow-Yaw Wang. Academia Sinica. Spring 2012

CIS 500 Software Foundations Final Exam Answer key December 14, 2005

Strong normalization of a symmetric lambda calculus for second order classical logic

Consequence Relations and Natural Deduction

Review. Principles of Programming Languages. Equality. The Diamond Property. The Church-Rosser Theorem. Corollaries. CSE 230: Winter 2007

Taming Selective Strictness

Notes from Yesterday s Discussion. Big Picture. CIS 500 Software Foundations Fall November 1. Some lessons.

Principal types Robustness to program transformations Practice. Type constraints for simple types Type constraints for ML Type inference in ML F

CMSC 336: Type Systems for Programming Languages Lecture 10: Polymorphism Acar & Ahmed 19 February 2008

Lambda-Calculus (I) 2nd Asian-Pacific Summer School on Formal Methods Tsinghua University, August 23, 2010

Typage et déduction dans le calcul de

System E: Expansion Variables for Flexible Typing with Linear and Non-linear Types and Intersection Types

Subtyping and Intersection Types Revisited

Subtyping and Parametricity

The arrow calculus. SAM LINDLEY, PHILIP WADLER and JEREMY YALLOP. Abstract

Alonzo Church ( ) Lambda Calculus. λ-calculus : syntax. Grammar for terms : Inductive denition for λ-terms

Extensional Equivalence and Singleton Types

The lambda calculus with constructors

Local computation of β-reduction A concrete presentation of Game Semantics

Extending Abramsky s Lazy Lambda Calculus: (Non)-Conservativity of Embeddings

Code Generation for a Simple First-Order Prover

CSCI 490 problem set 6

Formal Methods Lecture 8. (B. Pierce's slides for the book Types and Programming Languages )

Infinite λ-calculus and non-sensible models

Lecture Notes on Combinatory Modal Logic

Information Flow Inference for ML

Programming Languages and Types

Type Systems. Lecture 2 Oct. 27th, 2004 Sebastian Maneth.

Erasable Contracts. Abstract. 1. Introduction. Harvard University {jchinlee,

Interpreting the Second-Order Lambda Calculus using Qualitative Domains

A Judgmental Reconstruction of Modal Logic

A Bisimulation for Type Abstraction and Recursion

Jones-Optimal Partial Evaluation by Specialization-Safe Normalization

Kleene realizability and negative translations

Normalisation by evaluation

Logical Preliminaries

The Lambda Calculus. Stephen A. Edwards. Fall Columbia University

Functional Database Query Languages as. Typed Lambda Calculi of Fixed Order. Gerd G. Hillebrand and Paris C. Kanellakis

Lecture Notes on Data Abstraction

Models of computation

List of errors in and suggested modifications for First-Order Modal Logic Melvin Fitting and Richard L. Mendelsohn August 11, 2013

The Locally Nameless Representation

Non-parametric parametricity

Fully-Abstract Compilation by Approximate Back-Translation Technical Appendix

State-Dependent Representation Independence

Operationally-Based Theories of Program Equivalence

Transcription:

Blame for All Amal Ahmed, Robert Bruce Findler, Jeremy Siek, Philip Wadler

Vs.

Part I The bit you know from before with a twist

A simple untyped program let inc = λx. x + 1 in let app = λf. λx. f x in app inc 41 42 :

A simple typed program let inc = λx:int. x + 1 in let app = ΛX. ΛY. λf:x Y. λx:x. f x in app Int Int inc 41 42 : Int

Widening: casting from typed to untyped let inc = λx. x + 1 in let app = ΛX. ΛY. λf:x Y. λx:x. f x in let app = app : X. Y. (X Y ) X Y p in app inc 41 42 :

Widening: casting from typed to untyped let inc = λx. x + 1 in let app = ΛX. ΛY. λf:x Y. λx:x. f x in let app = app : X. Y. (X Y ) X Y p in app 41 inc blame p A cast from more-precise to less-precise type may blame the context containing the cast, but never the term contained in the cast.

Narrowing: casting from untyped to typed let inc = λx:int. x + 1 in let app = λf. λx. f x in let app = app : p X. Y. (X Y ) X Y in app Int Int inc 41 42 : Int

Narrowing: casting from untyped to typed let inc = λx:int. x + 1 in let app = λf. λx. x in let app = app : p X. Y. (X Y ) X Y in app Int Int inc 41 blame p A cast from less-precise to more-precise type may blame the term contained in the cast, but never the context containing the cast.

Part II The fairly straightforward bit

Explicit binding Γ, X:=A t : B Γ A X / ftv(b) Γ νx:=a. t : B Γ t : B (X:=A) Γ Γ t : B[X:=A] Γ t : B[X:=A] (X:=A) Γ Γ t : B Global store vs. Local bindings (ΛX. v) A νx:=a. v George Neis, Derek Dreyer, and Andreas Rossberg. Non-parametric parametricity. ICFP 2009, Edinburgh.

Polymorphic blame calculus Γ s : A A B Γ (s : A p B) : B This is a contract. The contained term promises to provide a B. The containing context promises to require an A.

Compatibility and reductions A B A A B B A B A B A B A X. B X / ftv(a) A[X:= ] B X. A B v : A B p A B λx:a. v (x : A p A) : B p B v : A p ( X. B) ΛX. v : A p B if X / ftva v : ( X. A) p B v : A[X:= ] p B v : X p q X v v : X p q Y blame q if X Y

Part III The bit with the cute name

The Jack-of-All-Trades Principle Proposition 1 (Jack-of-All-Trades Principle). If v : X. A and A[X:=C] B (and hence A[X:= ] B) then (v C : A[X:=C] p B) (v : A[X:= ] p B).

s p t A A s : A p B p t : A p B s p t A A s : B p A p t : B p A blame q p t s p t ΛY.s p t s p t s : A P B p t v p λx :A. v (x : A P A) : B P B p w w v p w ΛX. (v X : B P B ) p w v p w v p w : G v p w v p w : Y q

c p c x p x s p t λx.s p λx.t s p t ΛY.s p ΛY.t s p t s is G p t is G s p t s : A q B p t : A q B s 1 p t 1 s 2 p t 2 s 1 s 2 p t 1 t 2 s p t A A s A p t A blame q p blame q v p w v : G p w : G s p t A A C C s : A X:=C B p t : A X:=C B s p t B B C C s : A X:=C B p t : A X:=C B

Part IV The dauntingly complicated but rewarding bit <: <: + <: <: n

Subtyping A <: A B <: B A B <: A B A <: B A <: X. B X / ftv(a) A[X:=C] <: B X. A <: B Proposition 2 (Subtyping). Let t be a program with a subterm s : A p B where the cast is labelled by the only occurrence of p in t, and p does not appear in t. If A <: B, then t blame p and t blame p. Proof depends on Jack-of-All-Trades.

Positive and negative subtyping A <: + A <: A B <: + B A B <: + A B A <: + B A <: + X. B X / ftv(a) A[X:= ] <: + B X. A <: + B <: B A <: + A B <: B A B <: A B A <: B A <: X. B X / ftv(a) A[X:= ] <: B X. A <: B Proposition 3 (Blame). Let t be a program with a subterm s : A p B where the cast is labelled by the only occurrence of p in t, and p does not appear in t. If A <: + B, then t blame p. If A <: B, then t blame p.

Naive subtyping A <: n A <: n A B <: n B A B <: n A B A <: n B A <: n X. B X / ftv(a) A[X:= ] <: n B X. A <: n B Proposition 4 (Factoring). A <: n B iff A <: + B and B <: A. Proposition 5 (Blame). Let t be a program with a subterm s : A p B where the cast is labelled by the only occurrence of p in t, and p does not appear in t. If A <: n B, then t blame p. If B <: n A, then t blame p.

Part V Abstract types are existential types

Pair and existential types A B = Z. (A B Z) Z (v, w) A B = ΛZ. λk:a B Z. k v w fst A B u = u A (λx:a. λy:b. x) snd A B u = u B (λx:a. λy:b. y) X. B = Z. ( X. B Z) Z pack (A, v) as X. B = ΛZ. λk:( X. B Z). k A v unpack (X, y) = v in t : C = v C (ΛX. λy:b. t)

Type abstraction Sem = X. X (X X) (X Bool) impl 1 = pack (Bool, (true, λx:bool. x, λx:bool. x)) as Sem impl 2 = pack (Int, (1, λx:int. 1 x, λx:int. x 0)) as Sem unpack (X, (sem, toggle, poll)) = impl i in (poll sem, poll (toggle sem)) (true, false) unpack (X, (sem, toggle, poll)) = impl i in (poll 666, poll (toggle 666)) (static type error)

Pair and existential types, untyped (v, w) = λk. k v w fst t = t (λx. λy. x) snd t = t (λx. λy. y) pack p v as X. B = λk. k v : p Z. ( X. B Z) Z p unpack y = v in t = v (λy. t)

Type abstraction, untyped Sem = X. X (X X) (X Bool) impl 1 = pack p (Bool, (true, λx:bool. x, λx:bool. x)) as Sem impl 2 = pack p (Int, (1, λx:int. 1 x, λx:int. x 0)) as Sem unpack (X, (sem, toggle, poll)) = impl i (true, false) in (poll sem, poll (toggle sem)) unpack (X, (sem, toggle, poll)) = impl i blame p in (poll 666, poll (toggle 666))

Part VI The surprise ending

Static

Polymorphic lambda calculus with static casts Γ t : B (X:=A) Γ Γ (t : B X B[X:=A]) : B[X:=A] Γ t : B[X:=A] (X:=A) Γ Γ (t : B[X:=A] X B) : B (ΛX. v) A νx:=a. (v : B X B[X:=A]) when ΛX. v : X. B Proposition 6 (Canonical forms). If v : C then either v = c and C = ι for some c and ι, or v = λx:a. t and C = A B for some x, t, A, and B, or v = ΛX. w and C = X. A for some w, X, and A. v = w : A X X and C = X for some w, X, and A. Dan Grossman, Greg Morrisett, and Steve Zdancewic. Principals in programming languages: a syntactic proof technique. ICFP 1999, Paris.

Roadmap Simply-typed Simply-typed lambda calculus blame calculus Polymorphic Polymorphic lambda calculus blame calculus with explicit bindings Polymorphic Polymorphic lambda calculus blame calculus with static casts with static casts

Notation It took us four years to find the right notation! A B p s B A p s s : A p B We want composition to be easy to read: B C q A B p s C B q B A p s s : A p B : B q C And there is a convenient abbreviation: s : A p B q C

Appendix All the reduction rules

Simply-typed lambda calculus (λx:a. t) v t[x:=v] op( v ) δ(op, v ) s t E[s] E[t]

Simply-typed blame calculus v : A B p A B λx:a. (v (x : A p A) : B p B ) v : G p G v if G v : A p v : A p G if A G and A v : G p A v : G p A if G A v : G p A blame p if G A

Polymorphic lambda calculus with type binding (ΛX. v) A νx:=a. v νx:=a. c c νx:=a. (λy:b. t) λy:b[x:=a]. (νx:=a. t) νx:=a. (ΛY. v) ΛY. (νx:=a. v)

Polymorphic blame calculus νx:=a. (v : G ) (νx:=a. v) : G if G X νx:=a. (v : X ) blame p ν v : A p ( X. B) ΛX. (v : A p B) if X / ftva v : ( X. A) p B (v ) : A[X:= ] p B if B and B X. B for any X, B

Polymorphic lambda calculus with static casts (ΛX. v) A νx:=a. (v : B X B[X:=A]) when ΛX. v : X. B νx:=a. (v : B Y Y ) (νx:=a. v) : B Y Y v : ι P ι v (λx : A. t) : A B P A B λx:a. (t[x:=(x : A P A)] : B P B ) (ΛX. v) : X. B P X. B ΛX. (v : B P B ) if X P and X P v : X P X v if X P and X P v : A X X X A v

Polymorphic blame calculus with static casts v : P v

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback