Project Team Gallium

Members
Overall Objectives
Software
Contracts and Grants with Industry
Partnerships and Cooperations
Bibliography

## Section: New Results

### Type systems

#### A type-and-capability calculus with hidden state

Participants : François Pottier, Jan Schwinghammer [Saarland University, Saarbrücken] , Lars Birkedal [IT University of Copenhagen] , Bernhard Reus [University of Sussex, Brighton] , Kristian Støvring [University of Copenhagen] , Hongseok Yang [University of Oxford] .

During the year 2010, François Pottier developed a machine-checked proof of an expressive type-and-capability system. Such a system can be used to type-check and prove properties of imperative ML programs. The proof, which follows a “syntactic” method, is carried out in Coq and takes up roughly 20,000 lines of code. It confirms that earlier publications by Charguéraud and Pottier [1] , [7] were indeed correct, offers insights into the design of the type-and-capability system, and provides a firm foundation for further research. In the first half of 2011, François Pottier wrote a paper that describes the system and its proof in detail. This paper has been submitted for publication [37] .

Together with Jan Schwinghammer and other co-authors, François Pottier also worked on a (pencil-and-paper) proof of this type-and-capability system. This proof is based on a “semantic” method and is quite different from the proof mentioned in the previous paragraph. It offers somewhat different insights, and proves (for the first time) that the ideas presented in an unpublished note by Pottier (“Generalizing the higher-order frame and anti-frame rules”, 2009) were correct. A paper that describes this proof has been submitted for publication [39] .

#### Fine-grained static control of side effects in HaMLet

Participants : Jonathan Protzenko, François Pottier.

In the past ten years, the type systems community and the separation logic community, among others, have developed highly expressive formalisms for describing ownership policies and controlling side effects in imperative programming languages. In spite of this extensive knowledge, it remains very difficult to come up with a programming language design that is simple, effective (it actually controls side effects!) and expressive (it does not force programmers to alter the design of their data structures and algorithms). Jonathan Protzenko and François Pottier have recently made significant progress on this topic. They are designing a programming language, tentatively called HaMLet, in the tradition of ML and Caml-Light. The language offers immutable and mutable algebraic data structures and first-class functions. It allows very fine-grained control of ownership and side effects. The project is still at a preliminary stage and no publications have appeared yet.

#### Partial type inference with first-class polymorphism

Participants : Didier Rémy, Boris Yakobowski [CEA, LIST laboratory] , Gabriel Scherer.

The language MLF uses optional type annotations of function parameters and instance bounded polymorphism—quantification over all types that are instances of a given type—to smoothly combine the simple type inference mechanism of ML with the expressive types of System F. In MLF, programs need only type annotations on parameters of functions that are used polymorphically in their body.

While the surface language requires just these very few type annotations, MLF also comes with an internal language, called xMLF, where all type manipulations become explicit so that they it can traced during program transformations and symbolic evaluation. The internal language is described in a journal paper [13] .

Gabriel Scherer has maintained and improved a prototype implementation of MLF including the elaboration of MLF into xMLF and an extension to higher-order types.

#### First-class module systems

Participants : Benoît Montagu [University of Pennsylvania] , Didier Rémy, Gabriel Scherer.

Singleton kinds are used to handle type definitions in modules. They accurately model the propagation of type definitions through higher-order functor applications. However, type equivalence in the presence of singleton types is hard to formalize and to implement. In his PhD dissertation  [48] , Benoît Montagu has proposed a new way of checking equivalence in the presence of singleton types, based on expansors. Expansors are eta-expansion constants that are inserted in the source program in such a way that equivalence of two programs becomes equality of their normal forms after insertion of expansors. This approach was described in an article to be submitted to a conference.

Since October, Gabriel Scherer has been working on mixin modules. Mixin modules are an attractive generalization of modules with horizontal composition, a mechanism that allows more flexible construction of modules.

Gabriel Scherer has been studying whether the use of open existential types introduced earlier by Benoît Montagu for first-class modules can be used to simplify the presentation of mixin modules, hoping that they could be given a direct semantics, instead of one by means of elaboration into another language with recursive modules.

#### Coercion abstraction

Participants : Julien Cretin, Didier Rémy.

Expressive type systems often allow non trivial conversions between types, which may lead to complex, challenging, and sometimes ad hoc type systems. Such examples are the extension of System F with type equalities to model GADT and type families of Haskell, or the extension of System F with explicit contracts. A useful technique to simplify the meta-theoretical studies of such systems is to make type conversions explicit in terms using “coercions”.

We studied F${}_{\iota }^{p}$, a language where all type transformations are represented as coercions. This language provides polymorphism as in System F, (upper) bounded polymorphism as in F${}_{<:}$, lower bounded polymorphism as in MLF, and $\eta$-expansion as in F${}_{\eta }$. Hence, F${}_{\iota }^{p}$ unifies these four languages in a generic framework.

We showed that F${}_{\iota }^{p}$ has a type erasing semantics by bisimulation with the lambda calculus. This means that coercions can be dropped before evaluation without changing the meaning of programs.

This work is described in a paper to be presented at the POPL 2012 conference [21] and in a technical report [33] .

#### Kind-level typing in Haskell

Participants : Julien Cretin, Brent Yorgey [University of Pennsylvania] , Stephanie Weirich [University of Pennsylvania] , José Pedro Magalhães [Utrecht University] , Simon Peyton Jones [Microsoft Research Cambridge] , Dimitrios Vytiniotis [Microsoft Research Cambridge] .

Haskell is a functional programming language with a rich static type system. Programmers use advanced type features to enforce invariants over data structures. This quickly leads to the need for computation in types. Until now, computation at the type level was untyped in Haskell and therefore prone to errors and hard to debug.

We extended the kind level of Haskell with two features already present at the type level: data types and polymorphism. These features are already well-known at the type level, and should remain easy to understand for programmers at the kind level.

Kind polymorphism is now implemented and used in the core language of the

Glasgow Haskell Compiler (GHC). Promotion of data-types is implemented in a branch of GHC. Both extensions are described in a paper to be presented at the TLDI 2012 workshop [31] .