The Practice of Type Theory CMU Computer Science类型理论 CMU计算机科学实践.pptVIP

The Practice of Type Theory in Programming Languages Robert Harper Carnegie Mellon University August, 2000 Acknowledgements Thanks to Reinhard Wilhelm for inviting me to speak! Thanks to my colleagues, former, and current students at Carnegie Mellon. An Old Story Once upon a time (es war einmal), there were those who thought that typed high-level programming languages would save the world. Ensure safety of executed code. Support reasoning and verification. Run efficiently (enough) on stock hardware. “If we all programmed in Pascal (or Algol or Simula or …), all of our problems would be solved.” What Happened Instead Things didn’t worked out quite as expected or predicted. COTS software is mostly written in low-level, unsafe languages (ie, C, C++) Some ideas have been adopted (eg, objects and classes), most haven’t. Developers have learned to work with less-than-perfect languages, achieving astonishing results. Languages Ride Again But the world has changed: strong safety assurances are more important than ever. Mobile code on the internet. Increasing reliance on software in “real life”. Schneider made a strong case for language-based security mechanisms. “Languages aren’t just languages any more.” Rich body of work on logics, semantics, type systems, verification, compilation. Language-Based Security Key idea: program analysis is more powerful than execution monitoring. This talk is about one approach to taking this view seriously, typed certifying compilation. Type Theory and Languages Type theory has emerged as the central organizing principle for language … Design: genericity, abstraction, and modularity mechanisms. Implementation: type inference, flow analysis. Semantics: domain theory, logical relations. What is a Type System? A type system is a syntactic discipline for enforcing levels of abstraction. Ensures that bad things do not happen. A type system rules out programs. Adding a function to a string Interpreting an integer as a pointer Violating interfac