Functional Concepts in C++

Transcription

1 Trends in Functional Programming 2006 Nottingham Functional Concepts in C++ Rose H. Abdul Rauf, Anton Setzer, Ulrich Berger Swansea 1

2 Goal: Integrating Functional and Object-Oriented Programming A first step: Implementing the simply typed λ-calculus in C++. Novelty: Formal correctness proof. Extensions - recursion, - Lazy evaluation - λ-terms with side effects. 2

3 The simply typed λ-calculus with arithmetic functions Γ, x : A x : A Γ n : nat Γ, x : A r : B Γ λx A r : A B Γ r : A B Γ s : A Γ r s : B Γ r 1 : nat... Γ r k : nat Γ f[r 1,..., r k ] : nat (f a name for k-ary arithmetic function [f ]) 3

4 Implementing types The base type nat is implemented by the native C++ type int. If the types A, B are implemented by C++ types A, B, then the type A B is implemented by the C++ type CA_BD defined as follows: class CA_BD_aux { public : virtual B operator() (A x) = 0; }; typedef CA_BD_aux* CA_BD; 4

5 Implementing λ-terms Example: λx nat.f (f x) with free variable f nat nat. class lambda1 : public Cint_intD_aux{ public :Cint_intD f; lambda1( Cint_intD f) { this-> f = f;}; virtual int operator () (int x) { return (*(f))((*(f))(x)); }; }; Abstracting f: λf nat nat λx nat.f(fx) class lambda0 : public CCint_intD_Cint_intDD_aux{ public : lambda0( ) { }; virtual Cint_intD operator () (Cint_intD f) { return new lambda1( f); } }; 5

6 Implementing λ-terms (ctd.) λx nat.2 + x class lambda2 : public Cint_intD_aux{ public : lambda2( ) { }; virtual int operator () (int x) { return x + 2; }; }; t = (λf nat nat λx nat.f (f x)) (λx nat. x + 2) 3 int t = (*((*( new lambda0( )))( new lambda2( ))))(3); 6

7 Proof of Correctness Our goal is to formally prove: If a closed term t nat has value n, then our implementation evaluates t to n. This requires: - A formal definition of the value of a term. - A formal model of our C++ implementation. 7

8 What is the value of a λ-term? Operational semantics: Normal form w.r.t. β-reduction: (λx.r)s r[s/x] f-reduction: f[n 1,..., n k ] [f ](n 1,..., n k ) Denotational semantics: [r ] D where D is a domain of higher type functionals. Luckily, at base type the two semantics coincide. We will use the denotational semantics and logical relations to prove correctness. 8

9 Naïve denotational semantics N = {0, 1, 2,...}, X Y = {f f : X Y } D(nat) = N, D(A B) = D(A) D(B), D = Functional environment: ξ : Var D, ξ : Γ means x dom(γ).ξ(x) D(Γ(x)). A Type D(A) For Γ r : A and ξ : Γ, we define [r ]ξ D(A): [x]ξ = ξ(x), [n]ξ = n [r s]ξ = [r ]ξ([s]ξ) [λx A.r ]ξ(a) = [r ]ξ[x a] [f[ r]] = [f ]([ r ]ξ) 9

10 The state monad M X (Y ) := X Y X do{y 1 e 1 ; y 2 e 2 (y 1 ) ; e 3 (y 1, y 2 )} x =g let {(y 1, x 1 ) = e 1 x, (y 2, x 2 ) = e 2 (y 1 ) x 1 } in e 3 (y 1, y 2 ) x 2 return : Y M X (Y ), return y x = (y, x) mapm : (Z M X (Y )) Z M X (Y ) mapm f a = do{y 1 f a 1 ;... ; return (y 1,...)} get : M X (X), get x = (x, x) put : X M X ({ }), put x x = (, x) 10

11 Modelling the implementation Addr = a set addresses of classes on the heap Constr = a set of constructors, i.e. class names Val = N + Addr F = a set of names for arithmetic C++ functions App = N + Var + F App + App App + Constr App Class = Context Var Type App VEnv = Var fin Val Heap = Addr fin Constr Val CEnv = Constr fin Class 11

12 Parsing (Implementing λ-terms) P : Context Term M CEnv (App) Evaluating λ-terms eval : apply : CEnv VEnv App M Heap (Val) CEnv Val Val M Heap (Val) 12

13 P : Context Term M CEnv (App) P Γ u = return u, if u is a numeral or a variable P Γ f[ r] = do{ a mapm (P Γ) r ; return f[ a]} P Γ (r s) = do{(a, b) mapm (P Γ) (r, s) ; return (a b)} P Γ (λx A.r) = do{a P Γ[x A] r ; C get ; let c = fresh(c) ; put(c[c (Γ; x : A; a)]) ; return(c[dom(γ)])} 13

14 eval : CEnv VEnv App M Heap (Val) eval C η n = return n eval C η x = return (η x) eval C η f[ a] = do{ n mapm (eval C η) a ; return [f ]( n)} eval C η (a b) = do{(v, w) mapm(eval C η) (a, b) ; apply C v w} eval C η c[ a] = do{ v mapm (eval C η) a ; H get ; let h = fresh(h) ; put(h[h (c, v)]) ; return(h)} 14

15 apply : CEnv Val Val M Heap (Val) apply C h v = do{h get ; let (c, w) = H h ; let ( y : B; x : A; a) = C c ; eval C [ y, x w, v] a} 15

16 Linking C++ with higher type functionals The Kripke logical relation C A (Val Heap) D(A), is defined by recursion on A as follows: (v, H) C nat n : v = n (v, H) C A B f : C C, H H, (w, d) Val D(A) : (w, H ) C A d apply C v w H C B f(d) (η, H) C Γ ξ : x dom(γ)(η(x), H) C Γ(x) ξ(x) 16

17 Adequacy Theorem Assume η : VEnv, ξ : FEnv, Γ r : A. Assume ξ : Γ, P Γ r C = (a, C ), C C, (η, H) C Γ ξ, and H H. Then eval C η a H C A [r ]ξ. Proof. Induction on the typing judgement Γ r : A. Correctness of the implementation Assume r : nat, P r C = (a, C ) and C C. Then for any heap H and environment η we have eval C η a H = ([r ], H ) for some H H. 17

18 Further work Study the C++ implementation of recursion, lazy evaluation, and λ-terms with side effects more systematically and prove correctness. Construct a less ad-hoc model of a suitable fragment of C++ (similar to Featherweight Java [IPW99]). Give a monadic proof of the Adequacy Theorem. Study related work, e.g.: Läufer [Läu95] (1995) Kiselyov [Kis98] (1998) B. McNamara and Y. Smaragdakis [MS00] (2000) Schupp [Sch00] (2000) 18

19 Conclusion The implementation of functional concepts in object-oriented (imperative) languages is feasible. Denotational semantics and logical relations are very useful tools for proving correctness of the implementation. 19

20 References [ASS85] H. Abelson, G. J. Sussman, and J. Sussman. Structure and interpretation of computer programs. MIT Press, [IPW99] Atshushi Igarashi, Benjamin Pierce, and Philip Wadler. Featherweight Java: A minimal core calculus for Java and GJ. In Loren Meissner, editor, Proceedings of the 1999 ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA 99), volume 34(10), pages , N. Y., [Kel97] R. M. Keller. The Polya C++ Library. Version

21 [Kis98] Available via keller/polya/, O. Kiselyov. Functional style in C++: Closures, late binding, and lambda abstractions. In ICFP 98: Proceedings of the third ACM SIGPLAN International conference on Functional programming, page 337, New York, NY, USA, ACM Press. [Läu95] K. Läufer. A framework for higher-order functions in C++. In COOTS, [Mog91] E. Moggi. Notions of computation and monads. Information and Computation, 93(3):55 2,

22 [MS00] [Plo77] [Plo80] B. McNamara and Y. Smaragdakis. Functional programming in C++. In ICFP 00: Proceedings of the fifth ACM SIGPLAN international conference on Functional programming, pages , New York, NY, USA, ACM Press. G. D. Plotkin. LCF considered as a programming language. Theoretical Computer Science, 5: , G. D. Plotkin. Lambda definability in the full type hierarchy. In R. Hindley and J. Seldin, editors, To H.B. Curry: Essays in Combinatory Logic, lambda calculus and Formalisms, pages Academic Press,

23 [Pol81] W. Polak. Program verification based on denotation semantics. In POPL 81: Proceedings of the 8th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages , New York, NY, USA, ACM Press. [Sch00] S. Schupp. Lazy lists in C++. SIGPLAN Not., 35(6):47 54, [Set03] A. Setzer. Java as a functional programming language. In Herman Geuvers and Freek Wiedijk, editors, Types for Proofs and Programs: International Workshop, TYPES 2002, Berg en Dal, The Netherlands, April 24-28, Selected Papers., pages LNCS 2646,