Verifying message-passing programs with dependent behavioural typesAlceste Scalas, Nobuko Yoshida and Elias Benussi30
DTRS19-1.pdf
Concurrent and distributed programming is notoriously hard. Modern
languages and toolkits address the challenge by offering message-passing
abstractions, such as actors (e.g., Erlang, Akka, Orleans) or processes
(e.g., Go): they allow for simpler reasoning w.r.t. shared-memory
concurrency, but do not ensure that a program implements a given
specification.
To address this challenge, it would be desirable to specify and verify
the intended behaviour of message-passing applications using types, and
ensure that, if a program type-checks and compiles, then it will run and
communicate as desired.
We develop this idea in theory and practice. We formalise a concurrent
functional language with a new blend of behavioural types (from
pi-calculus theory), and dependent function types (from the Dotty
programming language, a.k.a. the future Scala 3). Our theory yields four
main payoffs:
it verifies safety and liveness properties of programs via
type-level model checking;
unlike previous work, it accurately verifies channel-passing
(covering a typical pattern of actor programs) and higher-order
interaction (i.e., sending/receiving mobile code);
it is directly embedded in Dotty, as a toolkit called Effpi,
offering a simplified actor-based API;
it enables an efficient runtime system for Effpi, for highly
concurrent programs with millions of processes/actors.
]]>Polymorphic Session Processes as MorphismsBernardo Toninho and Nobuko Yoshida33
DTRS19-2.pdf
The study of expressiveness of concurrent processes via session
types opens a connection between linear logic and mobile processes,
grounded in the rigorous logical background of
propositions-as-types. One such study includes a notion of
parametric session polymorphism, which connects session typed
processes with rich higher-order functional computations. This work
proposes a novel and non-trivial application of session
parametricity -- an encoding of inductive and coinductive session
types, justified via the theory of initial algebras and final
co-algebras using a processes-as-morphisms viewpoint. The
correctness of the encoding (i.e. universality) relies crucially on
parametricity and the associated relational lifting of sessions.
]]>Game Semantics: Easy as PiSimon Castellan and Léo Stefanesco and Nobuko Yoshida 35
DTRS19-3.pdf
Game semantics has proven to be a robust method to give compositional
semantics for a variety of higher-order programming languages.
However, due to the complexity of most game models, game semantics
has remained unapproachable for non-experts.
In this paper, we aim at making game semantics more accessible
by viewing it as a syntactic translation to a dialect of the
pi-calculus, referred to as metalanguage, followed by a semantic
interpretation of the metalanguage into a particular game model. The
semantic interpretation is done once and for all; while the syntactic
translation can be defined for a wide range of programming languages without knowledge of the
particular game model used. Reasoning on the interpretation (soundness and
adequacy) can be done at the level of the metalanguage through a
sound equational theory, escaping tedious technical proofs
usually found in game semantics. We call this methodology
programming game semantics.
We expose the methodology in three steps of increasing expressivity,
building on concurrent game semantics based on event structures. By
developing an extension of the existing models to deal with
non-angelic nondeterminism, and nonlinear computation, we can give
very accurate models of complex languages by a simple translation into
a typed variant of the pi-calculus inspired by Differential Linear
Logic. We illustrate this expressivity on IPA, a higher-order
programming language with shared-memory concurrency. By simply
translating it into the metalanguage, we give the first model of
IPA, which is (1) causal and (2) adequate for the usual
operational notion of bisimulation --- a novel result.
To make the development more concrete, we have built a simple
prototype to compute the interpretation of the target programming
language into the metalanguage and games strategies.
]]>Engineering the Meta-Theory of Session TypesDavid Castro, Francisco Ferreira and Nobuko Yoshida26
DTRS19-4.pdf
Session types provide a principled programming discipline for structured interactions. They are used to statically check the
safety of protocol composition and the absence of communication
errors. These properties depend upon the meta-theory of the typing
discipline, usually a type safety proof. These proofs, while
conceptually simple, are very delicate and error prone due to the
presence of linearity and name passing and have been falsified in
several works in the literature. In this work, we explore mechanised
proofs in theorem assistants as tools to develop trustworthy
proofs, and at the same time to guide extensions that do not violate
type safety. To that end, we study the meta-theory of two of the most
used binary session types systems, the Honda-Vasconcelos-Kubo system
and the more flexible revisited system by Yoshida and
Vasconcelos. Additionally, we show the subtlety of representing the
first system in α-equivalent representations. We develop these
proofs in the Coq proof assistant, using a locally nameless
representation for binders, and small scale reflection and
overloaded lemmas to simplify the handling of linear typing
environments.
]]>