An indexed model of recursive types for foundational proof-carrying code

Appel, Andrew W.; McAllester, David

doi:10.1145/504709.504712

Cited by 261 publications

(292 citation statements)

References 9 publications

Supporting

Mentioning

288

Contrasting

Order By: Relevance

“…We could omit these rules if we do not need or want to distinguish divergence from getting stuck, and this is often done with big-step semantics. 2 However, for the purposes of this paper, we are primarily interested in the (many) situations where the distinction is important -that is where the functional big-step approach has the largest benefit.…”

Section: Relational Big-step Semanticsmentioning

confidence: 99%

“…The technique of step-indexed logical relations [2] supports reasoning about programs that have recursive types, higher-order state, or other features that introduce aspects of circularity into a language's semantics [1,12]. The soundness of these relations is usually proved with respect to a small-step semantics, because the length of a small-step trace can be used to make the relation well-founded when following the structure of the language's cyclic constructs (e.g., when following a pointer cycle in the heap or unfolding a recursive type).…”

Section: Logical Relationsmentioning

confidence: 99%

See 1 more Smart Citation

Functional Big-Step Semantics

Owens

Myreen

Kumar

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. When doing an interactive proof about a piece of software, it is important that the underlying programming language's semantics does not make the proof unnecessarily difficult or unwieldy. Both smallstep and big-step semantics are commonly used, and the latter is typically given by an inductively defined relation. In this paper, we consider an alternative: using a recursive function akin to an interpreter for the language. The advantages include a better induction theorem, less duplication, accessibility to ordinary functional programmers, and the ease of doing symbolic simulation in proofs via rewriting. We believe that this style of semantics is well suited for compiler verification, including proofs of divergence preservation. We do not claim the invention of this style of semantics: our contribution here is to clarify its value, and to explain how it supports several language features that might appear to require a relational or small-step approach. We illustrate the technique on a simple imperative language with C-like for-loops and a break statement, and compare it to a variety of other approaches. We also provide ML and lambda-calculus based examples to illustrate its generality.

show abstract

Section: Relational Big-step Semanticsmentioning

confidence: 99%

Section: Logical Relationsmentioning

confidence: 99%

Functional Big-Step Semantics

Owens

Myreen

Kumar

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…If we wished to use these results to reason about Haskell implementations of gcast, we must extend our model to include more-in particular, general recursion and recursive types (Melliès & Vouillon, 2005;Johann & Voigtländer, 2004;Appel & McAllester, 2001;Ahmed, 2006b;Crary & Harper, 2007a). We believe that the techniques developed here are independent of those for advanced language features.…”

Section: Future Work and Conclusionmentioning

confidence: 99%

Parametricity, type equality, and higher-order polymorphism

Vytiniotis¹,

Weirich²

2010

J. Funct. Prog.

View full text Add to dashboard Cite

Propositions that express type equality are a frequent ingredient of modern functional programming|they can encode generic functions, dynamic types, and GADTs. Via the Curry-Howard correspondence, these propositions are ordinary types inhabited by proof terms, computed using runtime type representations. In this paper we show that two examples of type equality propositions actually do re ect type equality; they are only inhabited when their arguments are equal and their proofs are unique (up to equivalence.) We show this result in the context of a strongly normalizing language with higher-order polymorphism and primitive recursion over runtime type representations by proving Reynolds's abstraction theorem. We then use this theorem to derive \free" theorems about equality types. STEPHANIE WEIRICH University of Pennsylvania AbstractPropositions that express type equality are a frequent ingredient of modern functional programming-they can encode generic functions, dynamic types, and GADTs. Via the Curry-Howard correspondence, these propositions are ordinary types inhabited by proof terms, computed using runtime type representations. In this paper we show that two examples of type equality propositions actually do reflect type equality; they are only inhabited when their arguments are equal and their proofs are unique (up to equivalence.) We show this result in the context of a strongly normalizing language with higher-order polymorphism and primitive recursion over runtime type representations by proving Reynolds's abstraction theorem. We then use this theorem to derive "free" theorems about equality types.

show abstract

“…Appel and Felty [8] applied this idea to PCC and gave a semantic model to types and machine instructions in higher-order logic. In the following years, semantic models of types have been extended to include recursive types [9] and mutable references [10]. With these models, it is possible to reason locally about types and operations on values, but unfortunately no model has been provided to typing judgments such as Ψ; ∆; Γ jmp r and no method is provided to construct the safety proof for an entire program.…”

Section: A Foundational Approachmentioning

confidence: 99%

“…The material in these three sections has been described by other papers [11,6,9] as part of the foundational PCC project; we briefly sketch them to set up a framework within which our proof method can be formally presented in section 5.…”

Section: Model Of Talsmentioning

confidence: 99%

Construction of a Semantic Model for a Typed Assembly Language

Tan

Appel

Swadi

et al. 2004

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Typed Assembly Languages (TALs) can be used to validate the safety of assembly-language programs. However, typing rules are usually trusted as axioms. In this paper, we show how to build semantic models for typing judgments in TALs based on an induction technique, so that both the type-safety theorem and the typing rules can be proved as lemmas in a simple logic. We demonstrate this technique by giving a complete model to a sample TAL. This model allows a typing derivation to be interpreted as a machine-checkable safety proof at the machine level.

show abstract

An indexed model of recursive types for foundational proof-carrying code

Cited by 261 publications

References 9 publications

Functional Big-Step Semantics

Functional Big-Step Semantics

Parametricity, type equality, and higher-order polymorphism

Construction of a Semantic Model for a Typed Assembly Language

Contact Info

Product

Resources

About