Based on earlier work on monads, we present a way of securely encapsulating stateful computations that manipulate multiple, named, mutable objects, in the context of a non-strict, purely-functional language. Some algorithms make critical internal use of updatable state, even though their external specification is purely functional. Most definitions in this article make essential use of the expressive strength of dependent We introduce a bisimulation relation between interactive programs, with respect to which we prove the monad We define new looping constructs (while and repeat), and a new refinement construct (redirect), which permits the implementation The second isĭefinable within (ordinary) normalising type theory and we identify programs written in it as ‘normalising I/O-programs’. Suitable for Turing-complete functional programming languages with general recursion, but is non-normalising. Notion is not confined to functional programming. I/O-trees represent strategies for one of the parties in a command/response interaction - the The fundamental notion is an I/O-tree its definition is parameterised over a general notion of dependently typed, command-response The inspiration is the ‘I/O-monad’ of Haskell. This is meant as a basis for an execution environmentįor dependently typed programs, and for reasoning about their construction. We propose a representation of interactive systems in dependent type theory. I will report on our progress thus far, both in using Ynot to construct modular, extensible libraries for imperative programs, as well as our new compiler infrastructure for generating Programs in a style quite close to Haskell. In the Ynot project, we are attempting to address this problem by extending Coq with a new type constructor (the Hoare-triple type), and a few carefully chosen axioms that can be used to build imperative Unfortunately, the languageĪt the core of Coq is limited to purely functional programming. That can combine deep insights from humans with automation to discharge deep proof obligations. In contrast, the Coq proof development environment provides a powerful program logic (CiC) coupled with an extensible, interactive environment Logics used in these systems, nor the decision procedures used to discharge verification conditions, are sufficient for establishing However, we argue that neither the program Already, in the imperative world, languages such as ESC/Java and Spec# integrate Hoare- style pre- and post-conditions into the underlying type system. Mechanically- checked proofs of adherence to those requirements. Next-generation programming languages will move beyond simple type systems to include support for formal specifications and
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |