A type system for certified binaries

Shao, Zhong; Trifonov, Valery; Saha, Badal C.; Papaspyrou, Nikolaos

doi:10.1145/1053468.1053469

Cited by 42 publications

(42 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our initial motivation came from several papers that justify advanced type systems, in particular GADTs, by embedded interpreters (Pašalić et al 2002;Peyton Jones et al 2006;Taha et al 2001;Xi et al 2003) and CPS transformations Guillemette and Monnier 2006;Shao et al 2005). We admire all this technical machinery, but these motivating examples do not need it.…”

Section: Related Workmentioning

confidence: 99%

“…In contrast, our CPS transformations use simpler types than GADTs and assure type preservation at the (terminating) type level rather than the term level of the metalanguage. Guillemette and Monnier review other type-preserving CPS transformations (mainly in the context of typed intermediate languages), in particular Shao et al's (2005) and Chen and Xi's (2003). These approaches use de Bruijn indices and fancier type systems with type-level functions, GADTs, or type-equality proofs.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Finally tagless, partially evaluated: Tagless staged interpreters for simpler typed languages

Carette¹,

Kiselyov²,

Shan³

2009

J. Funct. Prog.

232

216

View full text Add to dashboard Cite

We have built the first family of tagless interpretations for a higher-order typed object language in a typed metalanguage (Haskell or ML) that require no dependent types, generalized algebraic data types, or postprocessing to eliminate tags. The statically type-preserving interpretations include an evaluator, a compiler (or staged evaluator), a partial evaluator, and call-by-name and call-by-value CPS transformers.Our principal technique is to encode de Bruijn or higher-order abstract syntax using combinator functions rather than data constructors. In other words, we represent object terms not in an initial algebra but using the coalgebraic structure of the λ -calculus. Our representation also simulates inductive maps from types to types, which are required for typed partial evaluation and CPS transformations. Our encoding of an object term abstracts uniformly over the family of ways to interpret it, yet statically assures that the interpreters never get stuck. This family of interpreters thus demonstrates again that it is useful to abstract over higher-kinded types.It should also be possible to define languages with a highly refined syntactic type structure.Ideally, such a treatment should be metacircular, in the sense that the type structure used in the defined language should be adequate for the defining language.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Finally tagless, partially evaluated: Tagless staged interpreters for simpler typed languages

Carette¹,

Kiselyov²,

Shan³

2009

J. Funct. Prog.

232

216

View full text Add to dashboard Cite

show abstract

“…Following Shao et al [30], the type system of LITL is embedded in the Calculus of Inductive Constructions [12]. Our reliance on CIC permits flexible reasoning about the offsets of methods, which are now first-class values with singleton types constructed from natural numbers.…”

Section: Discussionmentioning

confidence: 99%

“…We adopt the 'certified binaries' framework of Shao et al e ::= x | n | e 1 + e 2 | λ x.e | e 1 e 2 | e 1 , ..., e n | e 1 @ e 2 | e 1 @ e 2 ← e 3 | e e 1 , ..., e n | {l 1 = e 1 , ..., l n = e n } | e # l [ 30], in which the types and proofs that govern computations are defined within the Calculus of Inductive Constructions [11,12]. Our language has the same primitive operators as Links, so it is an appropriate target for efficient, type-preserving compilation of various forms of inheritance, even when the base class is unknown at compile time.…”

Section: Motivationmentioning

confidence: 99%

Typed Compilation Against Non-manifest Base Classes

League

Monnier

2006

Construction and Analysis of Safe, Secure, and Interoperable Smart Devices

View full text Add to dashboard Cite

Abstract. Much recent work on proof-carrying code aims to build certifying compilers for single-inheritance object-oriented languages, such as Java or C#. Some advanced object-oriented languages support compiling a derived class without complete information about its base class. This strategy-though necessary for supporting features such as mixins, traits, and first-class classes-is not wellsupported by existing typed intermediate languages. We present a low-level IL with a type system based on the Calculus of Inductive Constructions. It is an appropriate target for efficient, type-preserving compilation of various forms of inheritance, even when the base class is unknown at compile time. Languages (such as Java) that do not require such flexibility are not penalized for it at run time. MotivationIn most object-oriented languages, programmers factor their solutions over a hierarchy of classes. Since the classes in a hierarchy may appear in different compilation units, one question that the language designer (or implementer) must address is: how much information about a base class is needed to compile its derived class?With its emphasis on efficient object layout and method dispatch, C++ [32] requires complete information about the base class: the number, locations, and types of all its fields and methods. Indeed, it is because C++ depends on this information that a seemingly minor change to a base class triggers recompilation of all its descendents. Java [23] is somewhat more flexible. To support binary compatibility, its class files are not committed to a particular object layout. A derived class depends only on the names and types of the base class fields and methods that it uses. Nevertheless, most Java implementations ultimately compile classes to lower-level code using the same layouts and techniques as C++.A few modern object-oriented languages allow classes as module parameters (Moby [15], OCaml [28]) or as first-class values (Loom [5]). Other languages support more flexible forms of inheritance, such as mixins [24,3] and traits [29]. If a base class is not available for inspection when a derived class is compiled, we say the base class is not manifest. Implementations of these languages use a dictionary data structure to map method and field names to their locations in the object layout. The dictionary may be applied at link time or at run time, as required by the language.Here is a simple example in OCaml (although it could be expressed just as easily in Moby). We declare a signature for modules containing a circle class that implements Below, CircleBBox declares a class bbox that inherits from a (non-manifest) base class circle, overrides the area method (using a super call), and defines a new method bounds.module CircleBBox = functor (C : CIRCLE) -> struct class bbox arg = object (self) inherit C.circle arg as super method area = super#area * 4.0 / pi (* area of bbox *) method bounds = let (x,y) = self#center in let r = self#radius in ((x-r,y-r), (x+r,y+r)) end endTo compile this functor, we must mak...

show abstract

“…Since method invocations are no longer atomic in JFlint, these optimizations readily lift and merge vtable accesses. A future version of the JFlint type system will even have support for optimizing array bounds checks [23].…”

Section: Introductionmentioning

confidence: 99%

Precision in Practice: A Type-Preserving Java Compiler

League¹,

Shao²,

Trifonov³

2005

Self Cite

View full text Add to dashboard Cite

Abstract. Popular mobile code architectures (Java and .NET) include verifiers to check for memory safety and other security properties. Since their formats are relatively high level, supporting a wide range of source language features is awkward. Further compilation and optimization, necessary for efficiency, must be trusted. We describe the design and implementation of a fully type-preserving compiler for Java and ML. Its strongly-typed intermediate language provides a low-level abstract machine model and a type system general enough to prove the safety of a variety of implementation techniques. We show that precise type preservation is within reach for real-world Java systems.

show abstract

A type system for certified binaries

Cited by 42 publications

References 5 publications

Finally tagless, partially evaluated: Tagless staged interpreters for simpler typed languages

Finally tagless, partially evaluated: Tagless staged interpreters for simpler typed languages

Typed Compilation Against Non-manifest Base Classes

Precision in Practice: A Type-Preserving Java Compiler

Contact Info

Product

Resources

About