a mechanized proof of type safety for the polymorphic
play

A Mechanized Proof of Type Safety for the Polymorphic -Calculus - PowerPoint PPT Presentation

Oct 26, 2022 •207 likes •613 views

A Mechanized Proof of Type Safety for the Polymorphic -Calculus with References Michalis A. Papakyriakou Prodromos E. Gerakios Nikolaos S. Papaspyrou National Technical University of Athens School of Electrical and Computer Engineering

  1. A Mechanized Proof of Type Safety for the Polymorphic λ -Calculus with References Michalis A. Papakyriakou Prodromos E. Gerakios Nikolaos S. Papaspyrou National Technical University of Athens School of Electrical and Computer Engineering Software Engineering Laboratory {mpapakyr, pgerakios, nickie}@softlab.ntua.gr 6th Panhellenic Logic Symposium Volos, Greece, 5-8 July 2007 Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  2. Outline Introduction Type systems and type safety Polymorphic λ -calculus References Mechanized proof The language λ ∀ , ref Encoding λ ∀ , ref in Isabelle/HOL A tour of the proof Conclusions and future work Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  3. What is this paper about? ◮ The language Polymorphic λ -calculus with references ◮ The goal A proof of type safety ◮ The method Mechanized proof Using Isabelle/HOL Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  4. Type systems ◮ A type system defines: ◮ how a programming language classifies values and expressions into types ◮ how elements of these types can be manipulated ◮ how these types can interact ◮ A type indicates a set of values that have the same generic meaning or intended purpose ◮ The purpose of type systems: to prevent certain forms of erroneous or undesirable program behaviour Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  5. Type safety ◮ If a program is free of static type errors, then its execution is free of dynamic type errors ◮ Kinds of dynamic errors that can be avoided: ◮ programs can only access appropriate memory locations (memory safety) ◮ programs can only transfer control to appropriate program points (control safety) Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  6. Type safety ◮ If a program is free of static type errors, then its execution is free of dynamic type errors ◮ Kinds of dynamic errors that can be avoided: ◮ programs can only access appropriate memory locations (memory safety) ◮ programs can only transfer control to appropriate program points (control safety) ◮ The standard procedure ◮ Syntax ◮ Operational semantics ◮ Typing rules ◮ Safety = preservation + progress Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  7. Polymorphic λ -calculus ◮ System F , F 2 ◮ Girard, 1971; Reynolds, 1974 ◮ First-class polymorphism ◮ Useful for code reuse and modular type checking Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  8. Polymorphic λ -calculus ◮ System F , F 2 ◮ Girard, 1971; Reynolds, 1974 ◮ First-class polymorphism ◮ Useful for code reuse and modular type checking ◮ Polymorphic types and functions ∀ α . α → α id : = Λ α . λ x : α . x Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  9. Polymorphic λ -calculus ◮ System F , F 2 ◮ Girard, 1971; Reynolds, 1974 ◮ First-class polymorphism ◮ Useful for code reuse and modular type checking ◮ Polymorphic types and functions ∀ α . α → α id : = Λ α . λ x : α . x ◮ Explicit type application ∀ α . list α → list α → list α append : . . . append [ int ] [ 1, 2, 3 ] [ 4, 5 ] . . . Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  10. ML-style references Imperative programming in functional style ◮ Reference allocation let r = new 7 . . . r : Ref int Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  11. ML-style references Imperative programming in functional style ◮ Reference allocation let r = new 7 . . . r : Ref int ◮ Assignment . . . in r : = 42; . . . destructive update! Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  12. ML-style references Imperative programming in functional style ◮ Reference allocation let r = new 7 . . . r : Ref int ◮ Assignment . . . in r : = 42; . . . destructive update! ◮ Dereference . . . print ( deref r ) ; prints 42 Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  13. ML-style references Imperative programming in functional style ◮ Reference allocation let r = new 7 . . . r : Ref int ◮ Assignment . . . in r : = 42; . . . destructive update! ◮ Dereference . . . print ( deref r ) ; prints 42 ◮ No reference deallocation! . . . free r use garbage collection! Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  14. Polymorphic references ◮ The problem let r = Λ α . new ( λ x : α . x ) in r : ∀ α . Ref ( α → α ) r [ int ] : = succ ; deref ( r [ bool ]) true dynamic type error Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  15. Polymorphic references ◮ The problem let r = Λ α . new ( λ x : α . x ) in r : ∀ α . Ref ( α → α ) r [ int ] : = succ ; deref ( r [ bool ]) true dynamic type error ◮ A solution: value restriction In Λ α . v , the term v must be a value Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  16. Mechanized proof (i) ◮ Why not with pencil and paper? ◮ easy to make a mistake ◮ easy to “fix” a mistake ◮ if one is willing to spend time and effort to write a thorough proof with pencil and paper, why not use a proof assistant? Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  17. Mechanized proof (i) ◮ Why not with pencil and paper? ◮ easy to make a mistake ◮ easy to “fix” a mistake ◮ if one is willing to spend time and effort to write a thorough proof with pencil and paper, why not use a proof assistant? ◮ Proof assistants ◮ tools to develop formal proofs by man-machine collaboration ◮ interactive proof editor, with which a human can guide the search for proofs ◮ some steps of the proofs can be provided by the computer ◮ not (necessarily) automatic theorem proving! Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  18. Mechanized proof (ii) ◮ Some available proof assistants: Isabelle/HOL, Coq, Twelf, NuPRL, PVS, PhoX, MINLOG, . . . ◮ Isabelle/HOL ◮ Larry Paulson, Cambridge University ◮ Tobias Nipkow, TU München ◮ ❤tt♣✿✴✴✐s❛❜❡❧❧❡✳✐♥✳t✉♠✳❞❡✴ Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  19. Syntax of λ ∀ , ref τ :: = Unit | α | τ → τ | ∀ α . τ | Ref τ e :: = unit | x | λ x : τ . e | Λ α . e | e 1 e 2 | e [ τ ] | new e | deref e | e 1 : = e 2 | loc l v :: = unit | λ x : τ . e | Λ α . v | loc l Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  20. Typing rules of λ ∀ , ref Γ ; ∆ ; M ⊢ unit : Unit Γ , x : τ ; ∆ ; M ⊢ x : τ Γ , x : τ ; ∆ ; M ⊢ e : τ ′ ∆ | = τ Γ ; ∆ , α ; M ⊢ v : τ Γ ; ∆ ; M ⊢ λ x : τ . e : τ → τ ′ Γ ; ∆ ; M ⊢ Λ α . v : ∀ α . τ Γ ; ∆ ; M ⊢ e 1 : τ → τ ′ Γ ; ∆ ; M ⊢ e 2 : τ Γ ; ∆ ; M ⊢ e 1 e 2 : τ ′ = τ ′ Γ ; ∆ ; M ⊢ e : ∀ α . τ ∆ | Γ ; ∆ ; M ⊢ e : τ Γ ; ∆ ; M ⊢ e [ τ ′ ] : τ { α �→ τ ′ } Γ ; ∆ ; M ⊢ new e : Ref τ Γ ; ∆ ; M ⊢ e : Ref τ Γ ; ∆ ; M ⊢ deref e : τ Γ ; ∆ ; M ⊢ e 1 : Ref τ Γ ; ∆ ; M ⊢ e 2 : τ Γ ; ∆ ; M ⊢ e 1 : = e 2 : Unit Γ ; ∆ ; M, l : τ ⊢ loc l : Ref τ Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  21. Operational semantics of λ ∀ , ref → S ′ ; e ′ → S ′ ; e ′ S ; e 1 − S ; e 2 − 1 2 → S ′ ; e ′ → S ′ ; v 1 e ′ S ; e 1 e 2 − S ; v 1 e 2 − 1 e 2 2 → S ′ ; e ′ S ; e − → S ′ ; e ′ [ τ ] S ; e [ τ ] − → S ′ ; e ′ → S ′ ; e ′ S ; e − S ; e − → S ′ ; new e ′ → S ′ ; deref e ′ S ; new e − S ; deref e − → S ′ ; e ′ → S ′ ; e ′ S ; e 1 − S ; e 2 − 1 2 → S ′ ; e ′ → S ′ ; v 1 : = e ′ S ; e 1 : = e 2 − 1 : = e 2 S ; v 1 : = e 2 − 2 S ; ( λ x : τ . e ) v − → S ; e { x �→ v } S ; ( Λ α . v ) [ τ ] − → S ; v { α �→ τ } S ; new v − → S , l �→ v ; loc l S , l �→ v ; deref ( loc l ) − → S , l �→ v ; v S , l �→ v ′ ; loc l : = v − → S , l �→ v ; v Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

  22. Encoding λ ∀ , ref in Isabelle/HOL ◮ Main problems ◮ The representation of bound variables ◮ The representation of type environments ◮ The details are usually ignored in pencil and paper proofs Mechanized Proof of Type Safety for λ ∀ , ref M. A. Papakyriakou, P . E. Gerakios, N. S. Papaspyrou

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Mechanized Type Soundness Proofs using Definitional Interpreters Hannes Saffrich University of

Mechanized Type Soundness Proofs using Definitional Interpreters Hannes Saffrich University of

Masters Thesis Mechanized Type Soundness Proofs using Definitional Interpreters Hannes Saffrich University of Freiburg Department of Computer Science Programming Languages Chair September 1, 2019 Hannes Saffrich Mechanized Type

1.03k views • 39 slides
This time on Types ... Polymorphic -calculus (polymorphic -binding). Lets us type: f ((

This time on Types ... Polymorphic -calculus (polymorphic -binding). Lets us type: f ((

This time on Types ... Polymorphic -calculus (polymorphic -binding). Lets us type: f (( f true ) :: ( f nil )) -bound variables in ML cannot be used polymorphically within a function abstraction E.g. f (( f true ) :: ( f nil ))

945 views • 23 slides
Polymorphic types Polymorphic -calculus (System F) Simply typed -calculus is

Polymorphic types Polymorphic -calculus (System F) Simply typed -calculus is

Polymorphic types Polymorphic -calculus (System F) Simply typed -calculus is monomorphic, Extends simply-typed : i.e. a type has no flexible pieces ::= * | type syntax expression/value syntax

328 views • 4 slides
Polymorphic type inference Example fun sum lst = ML infers types of functions (etc.)

Polymorphic type inference Example fun sum lst = ML infers types of functions (etc.)

Polymorphic type inference Example fun sum lst = ML infers types of functions (etc.) automatically, as follows: 1. Assign each bound variable & subexpression a fresh type variable if null lst then 0 plus fresh type variables for

347 views • 7 slides
A Mechanized Proof of Higmans Lemma by Open Induction Christian Sternagel University of

A Mechanized Proof of Higmans Lemma by Open Induction Christian Sternagel University of

A Mechanized Proof of Higmans Lemma by Open Induction Christian Sternagel University of Innsbruck, Austria January 18, 2016 Dagstuhl Seminar 16031 Well-Quasi-Orders in Computer Science Supported by the Austrian Science Fund (FWF):

833 views • 69 slides
How much is a mechanized proof worth, certification-wise? Xavier Leroy Inria Paris-Rocquencourt

How much is a mechanized proof worth, certification-wise? Xavier Leroy Inria Paris-Rocquencourt

How much is a mechanized proof worth, certification-wise? Xavier Leroy Inria Paris-Rocquencourt PiP 2014: Principles in Practice In this talk. . . Some feedback from the aircraft industry concerning the potential usefulness of the CompCert

890 views • 36 slides
Mechanized Formal Analysis for Safety-Critical Systems: The Convergence of Need and Opportunity

Mechanized Formal Analysis for Safety-Critical Systems: The Convergence of Need and Opportunity

Mechanized Formal Analysis for Safety-Critical Systems: The Convergence of Need and Opportunity John Rushby Computer Science Laboratory SRI International Menlo Park, California, USA John Rushby, SRI Mechanized Analysis: 1

433 views • 20 slides
A Mechanized Proof of the Curve Length of a Rectifiable Curve Jagadish Bapanapally and Ruben

A Mechanized Proof of the Curve Length of a Rectifiable Curve Jagadish Bapanapally and Ruben

A Mechanized Proof of the Curve Length of a Rectifiable Curve Jagadish Bapanapally and Ruben Gamboa ACL2 Workshop 2017 May 23, 2017 Theory L n i =1 | P i P i 1 | Deriving length of a continuously differentiable curve n L =

568 views • 24 slides
Instant Polymorphic Type Systems for Mobile Process Calculi: Just Add Reduction Rules and Close

Instant Polymorphic Type Systems for Mobile Process Calculi: Just Add Reduction Rules and Close

Instant Polymorphic Type Systems for Mobile Process Calculi: Just Add Reduction Rules and Close Henning Makholm and Joe Wells Heriot-Watt University ESOP05 April 8, 2005 U seful L ogics, T ypes, Work supported by EU/IST/FET grant

537 views • 29 slides
Complexity Analysis by Polymorphic Sized Type Inference and Constraint Solving. ELICA meeting

Complexity Analysis by Polymorphic Sized Type Inference and Constraint Solving. ELICA meeting

Complexity Analysis by Polymorphic Sized Type Inference and Constraint Solving. ELICA meeting Martin Avanzini 1 (Joint work with Ugo Dal Lago 2 ) 1 University of Innsbruck 2 Universit di Bologna & INRIA, Sophia Antipolis Motivation

850 views • 57 slides
Mechanized semantics for Clight Sandrine Blaxy, Xavier Leroy Pim Jager - Type Theory and Coq The

Mechanized semantics for Clight Sandrine Blaxy, Xavier Leroy Pim Jager - Type Theory and Coq The

Mechanized semantics for Clight Sandrine Blaxy, Xavier Leroy Pim Jager - Type Theory and Coq The CompCert C project Formally proving a compiler The CompCert project investigates the formal verification of realistic compilers usable

948 views • 26 slides
polymorphic lambda calculus type theory week 09 2006 04 10 0 overview the course 1st

polymorphic lambda calculus type theory week 09 2006 04 10 0 overview the course 1st

polymorphic lambda calculus type theory week 09 2006 04 10 0 overview the course 1st order propositional logic simple type theory 1st order predicate logic type theory with dependent types P 2nd order propositional

482 views • 37 slides
Once Upon a Polymorphic Type CAMBRIDGE Keith Wansbrough Computer Laboratory University of

Once Upon a Polymorphic Type CAMBRIDGE Keith Wansbrough Computer Laboratory University of

UNIVERSITY OF Once Upon a Polymorphic Type CAMBRIDGE Keith Wansbrough Computer Laboratory University of Cambridge kw217@cl.cam.ac.uk http://www.cl.cam.ac.uk/users/kw217/ Simon Peyton Jones Microsoft Research Cambridge 20 January, 1999

665 views • 45 slides
Once Upon a Polymorphic Type CAMBRIDGE Keith Wansbrough Computer Laboratory University of

Once Upon a Polymorphic Type CAMBRIDGE Keith Wansbrough Computer Laboratory University of

UNIVERSITY OF Once Upon a Polymorphic Type CAMBRIDGE Keith Wansbrough Computer Laboratory University of Cambridge kw217@cl.cam.ac.uk http://www.cl.cam.ac.uk/users/kw217/ Simon Peyton Jones Microsoft Research Cambridge 20 January, 1999

604 views • 27 slides
CryptoVerif: A Computationally Sound Mechanized Prover for Cryptographic Protocols Bruno

CryptoVerif: A Computationally Sound Mechanized Prover for Cryptographic Protocols Bruno

Introduction Using CryptoVerif Proof technique Enc-then-MAC example FDH example Conclusion CryptoVerif: A Computationally Sound Mechanized Prover for Cryptographic Protocols Bruno Blanchet CNRS, Ecole Normale Sup erieure, INRIA,

972 views • 78 slides
Untyped general polymorphic functions Martin Pettai February 5, 2010 Introduction We would

Untyped general polymorphic functions Martin Pettai February 5, 2010 Introduction We would

Untyped general polymorphic functions Martin Pettai February 5, 2010 Introduction We would like to have a functional language where it is possible to define general polymorphic functions Return type of a function is uniquely determined

476 views • 22 slides
Solving Systems of Linear Equations There are two basic methods we will use to solve systems of

Solving Systems of Linear Equations There are two basic methods we will use to solve systems of

Solving Systems of Linear Equations There are two basic methods we will use to solve systems of linear equations: Alan H. SteinUniversity of Connecticut Solving Systems of Linear Equations There are two basic methods we will use to solve

1.47k views • 121 slides
MATH 12002 - CALCULUS I 4.5: Integration by Substitution Professor Donald L. White Department

MATH 12002 - CALCULUS I 4.5: Integration by Substitution Professor Donald L. White Department

MATH 12002 - CALCULUS I 4.5: Integration by Substitution Professor Donald L. White Department of Mathematical Sciences Kent State University D.L. White (Kent State University) 1 / 4 Reversing the Chain Rule Recall the Chain Rule for

1.01k views • 4 slides
MATH 12002 - CALCULUS I 4.5: Integration by Substitution Definite Integrals Professor

MATH 12002 - CALCULUS I 4.5: Integration by Substitution Definite Integrals Professor

MATH 12002 - CALCULUS I 4.5: Integration by Substitution Definite Integrals Professor Donald L. White Department of Mathematical Sciences Kent State University D.L. White (Kent State University) 1 / 6 Substitution and Definite Integrals

438 views • 6 slides
JUST THE MATHS SLIDES NUMBER 12.4 INTEGRATION 4 (Integration by substitution in general)

JUST THE MATHS SLIDES NUMBER 12.4 INTEGRATION 4 (Integration by substitution in general)

JUST THE MATHS SLIDES NUMBER 12.4 INTEGRATION 4 (Integration by substitution in general) by A.J.Hobson 12.4.1 Examples using the standard formula 12.4.2 Integrals involving a function and its derivative UNIT 12.4 - INTEGRATION 4

313 views • 7 slides
and Equity Year in Review Mark Harris Executive Director Vision Better, fairer health and

and Equity Year in Review Mark Harris Executive Director Vision Better, fairer health and

Centre for Primary Health Care and Equity Year in Review Mark Harris Executive Director Vision Better, fairer health and health care in the community through research, evaluation and development that strengthens primary health care and

239 views • 12 slides
Innovation and Pollution 5 th July 2017 1 The aims of this seminar Explore challenges

Innovation and Pollution 5 th July 2017 1 The aims of this seminar Explore challenges

Innovation and Pollution 5 th July 2017 1 The aims of this seminar Explore challenges of air pollution Understand how innovative business models, ideas and technologies are helping tackle pollution Develop new ideas and solid

394 views • 17 slides
Universidade Federal do Paran Setor de Cincias da Terra Departamento de Geomtica THE ROLE OF

Universidade Federal do Paran Setor de Cincias da Terra Departamento de Geomtica THE ROLE OF

Universidade Federal do Paran Setor de Cincias da Terra Departamento de Geomtica THE ROLE OF UNIVERSITIES IN THE BRAZILIAN NSDI CAPACITY BUILDING PLAN THE CASE OF THE OPEN GEOSPATIAL LABORATORY AT UFPR Silvana Philippi Camboim, Maria

635 views • 28 slides
Main Issues for Stirlings Local Development Plan 2012-2032 Presented & discussed at

Main Issues for Stirlings Local Development Plan 2012-2032 Presented & discussed at

Main Issues for Stirlings Local Development Plan 2012-2032 Presented & discussed at SPECIAL MEETING MONDAY 5th JULY 2010 AT 7-30PM AT THE KIRK ROOMS 1 Stirlings Local Development Plan Do we agree that Stirling should plan for

315 views • 12 slides

More recommend