Syntactic soundness proof of a type-and-capability system with hidden state

Pottier, François

doi:10.1017/s0956796812000366

Cited by 20 publications

(16 citation statements)

References 87 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Soundness proofs of the anti-frame rule have been given in both semantic [34] and (significantly more complex) syntactic [32] forms. Based on this experience, we chose to use a semantic model in our work, and have been very satisfied with its simplicity.…”

Section: Related Workmentioning

confidence: 99%

Superficially substructural types

Krishnaswami

Turon

Dreyer

et al. 2012

Proceedings of the 17th ACM SIGPLAN International Conference on Functional Programming

View full text Add to dashboard Cite

Many substructural type systems have been proposed for controlling access to shared state in higher-order languages. Central to these systems is the notion of a resource, which may be split into disjoint pieces that different parts of a program can manipulate independently without worrying about interfering with one another. Some systems support a logical notion of resource (such as permissions), under which two resources may be considered disjoint even if they govern the same piece of state. However, in nearly all existing systems, the notions of resource and disjointness are fixed at the outset, baked into the model of the language, and fairly coarsegrained in the kinds of sharing they enable.In this paper, inspired by recent work on "fictional disjointness" in separation logic, we propose a simple and flexible way of enabling any module in a program to create its own custom type of splittable resource (represented as a commutative monoid), thus providing fine-grained control over how the module's private state is shared with its clients. This functionality can be incorporated into an otherwise standard substructural type system by means of a new typing rule we call the sharing rule, whose soundness we prove semantically via a novel resource-oriented Kripke logical relation.

show abstract

Section: Related Workmentioning

confidence: 99%

Superficially substructural types

Krishnaswami

Turon

Dreyer

et al. 2012

Proceedings of the 17th ACM SIGPLAN International Conference on Functional Programming

View full text Add to dashboard Cite

show abstract

“…Similarly, the calculus of capabilities of Pottier [37] represents another approach towards integrating linear capabilities with a programming language. As with ATS, capabilities are linear and irrelevant, and this system also includes support for advanced features such as the anti-frame rule.…”

Section: Polarization Value Dependency and Proof Irrelevancementioning

confidence: 99%

Integrating Linear and Dependent Types

Krishnaswami

Pradic

Benton

2015

Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

View full text Add to dashboard Cite

“…The rule allows strong update: the type of x changes to ref X T , where T is the type of v . All three operations are harmless: there is no adverse interaction between polymorphism and uniquely-owned references [4,11].…”

Section: Theorem 2 (Progress) C Implies That C Is Acceptablementioning

confidence: 99%

“…Although the formalization of Mezzo was carried out independently, and in part grew out of earlier work by the second author [11], it is in several ways closely related to the Views framework [7]. In both cases, an abstract calculus is equipped with a notion of machine state; a commutative semigroup of views, or resources; and a projection, or correspondence, between the two levels.…”

Section: Related Workmentioning

confidence: 99%

Type Soundness and Race Freedom for Mezzo

Balabonski

Pottier

Protzenko

2014

Functional and Logic Programming

Self Cite

View full text Add to dashboard Cite

Abstract. The programming language Mezzo is equipped with a rich type system that controls aliasing and access to mutable memory. We incorporate shared-memory concurrency into Mezzo and present a modular formalization of its core type system, in the form of a concurrent λ-calculus, which we extend with references and locks. We prove that welltyped programs do not go wrong and are data-race free. Our definitions and proofs are machine-checked.

show abstract

Syntactic soundness proof of a type-and-capability system with hidden state

Cited by 20 publications

References 87 publications

Superficially substructural types

Superficially substructural types

Integrating Linear and Dependent Types

Type Soundness and Race Freedom for Mezzo

Contact Info

Product

Resources

About