Ur is a programming language in the tradition of ML and Haskellbut featuring a significantly richer type system.
Keywords Dependent Types, imperative programming, Xanadu, DTAL We propose to enrich practical imperative programming with a type discipline that allows for specification and inference of significantly more precise information on programs than those enforced in languages such as Java and Standard ML SML.
The primary motivation for developing such a type discipline is to enable the programmer to express more program properties with types and then enforce these properties through type-checking.
It is well-known that a type discipline such as the one enforced in Java or SML can effectively facilitate program error detection. Therefore, it can be expected that a stronger type discipline can help detect more program errors, leading to the production of more robust software.
In general, there are two directions for extending a Hindley-Milner style of type system such as the one in SML. One is to extend it so that more programs can be admitted as type-correct and the other is to extend it so that programs can be assigned more accurate types.
We are primarily interested in the latter. The notion of dependent types, which was largely invented for modeling programs with more accuracy, has been studied for at least three decades. However, the use of dependent types in practical programming has been rare if there is any, and this, we think, is mainly caused by some great difficulty in designing a practically useful type inference algorithm for a dependent type system.
We have presented an approach to addressing the difficulty in the design of Dependent ML DMLwhich extends ML with a notion of restricted form of dependent types. It is also demonstrated that dependent types in DML can facilitate array bound check elimination, redundant pattern matching clause removal, tag check elimination and tagless representation of datatypes.
Evidently, an immediate question is whether we can reap some similar benefits by incorporating dependent types into imperative programming.
We propose to address this question by designing a dependently typed imperative programming language. There is yet another motivation for incorporating dependent types into practical programming.
In an untrusted computing environment such as Internet, mobile code received from an unknown source may not be trusted. We have designed a dependently typed assembly language DTAL in which the type system can guarantee the memory safety of DTAL code, where memory safety consists of both type safety and safe array subscripting.
It is, however, difficult to compile into DTAL code a program written in a language such as Java since it often seems ineffective to synthesize from such a program the type information needed in DTAL code. With a dependently typed imperative programming language, we expect to implement a compiler that can translate dependent types at source level into dependent types at assembly level, effectively producing DTAL code.
In short, we propose to design a dependently typed imperative programming language for studying the use of dependent types in practical imperative programming at both source level and assembly level. We expect this study can eventually lead to the production of software that is not only more robust but also less costly to maintain.
Xanadu is a dependently typed imperative programming language. Here is a brief introduction ppt. Program Examples in Xanadu: We present some realistic examples in Xanadu in support of the practicality of Xanadu.
The following is an implementation of binary search on an integer array in Xanadu. The novelty in the implemenation is the annotation following the keyword invariant.
This annotation is a dependent type that asserts some information at the entrance point of the loop. This is a loop invariant, which can guarantee the array subscripting operation vec[mid] in the body of the loop is safe, that is, it can never go out of bounds.
The crucial point is that type-checking in Xanadu can automatically verify whether a program invariant like this, which is provided by the programmer, is indeed a correct program invariant. In addition, it is also automatically checked in Xanadu whether a variable is already initialized before it is read.
This example demonstrates that it can be verified in the type system of Xanadu that a list reverse function is length preserving. The following declaration declares a polymorphic union type.Dependent Types for Safe Systems Software by Jeremy Paul Condit A.B.
(Harvard University) M.S. (University of California, Berkeley) A dissertation submitted in partial satisfaction of the. Turnitin provides instructors with the tools to prevent plagiarism, engage students in the writing process, and provide personalized feedback.
Certified Programming with Dependent Types Adam Chlipala. This is the web site for a textbook about practical engineering with the Coq proof assistant. The focus is on building programs with proofs of correctness, using dependent types and scripted proof automation.
thesis we demonstrate that dependent types and computational effects admit a math- ematically natural combination, in which well-known concepts and results from the simply typed setting can be reused and adapted, but which also reveals new and inter-. We show the practical benefits that dependent types bring, the trade-offs associated with them, and the powerful interactive programming experience they enable.
Finally, we discuss how these systems can serve as a source of inspiration for our work on Scala, guiding us to improve both the static guarantees and user experience of the language. These can be typed with the dependent types discussed above if one adds a type of all types. Unfortunately, a single type of all types is known to make the theory inconsistent [36, 27, 70, 52], so instead the type theory includes a predicative hierarchy of universes, 1I.h, 1Ih, 1Lh, etc.