Stefan Monnier's research while affiliated with Université de Montréal and other places

Publications (29)

Article
We describe the foundation of the metaprogramming language, Mœbius, which supports the generation of polymorphic code and, more importantly, the analysis of polymorphic code via pattern matching. Mœbius has two main ingredients: 1) we exploit contextual modal types to describe open code together with the context in which it is meaningful. In Mœbius...
Preprint
Full-text available
We describe the foundation of the metaprogramming language, Moebius, which supports the generation of polymorphic code and, more importantly the analysis of polymorphic code via pattern matching. Moebius has two main ingredients: 1) we exploit contextual modal types to describe open code together with the context in which it is meaningful. In Moebi...
Preprint
Full-text available
Automatic indentation of source code is fundamentally a simple matter of parsing the code and then applying language- and style-specific rules about relative indentation of the various constructs. Yet, in practice, full parsing is not always an option, either because of quirks of the language, or because the code is temporarily syntactically incorr...
Conference Paper
Algebraic data types and inductive types like those of the Calculus of Inductive Constructions (CIC) are the bread and butter of statically typed functional programming languages. They conveniently combine in a single package product types, sum types, recursive types, and indexed types. But this also makes them somewhat heavyweight: for example, tu...
Article
Full-text available
When verifying that compiler phases preserve some property of the compiled program, a major difficulty resides in how to represent and manipulate variable bindings, often imposing extra complexity both on the compiler writer and the verification effort.In this paper, we show how Beluga's dependent contextual types let us use higher-order abstract s...
Conference Paper
Compiling syntax to native code requires complex code transformations which rearrange the abstract syntax tree. This can be particularly challenging for languages containing binding constructs, and often leads to subtle, hard to find errors. In this paper, we exploit higherorder abstract syntax (HOAS) to implement a type-preserving compiler for the...
Conference Paper
Binders in data-structures representing code or proofs can be represented in a variety of ways, from low-level first-order representations such as de Bruijn indices to higher-order abstract syntax (HOAS), with nominal logic somewhere in-between. HOAS is arguably the cleanest and highest-level representation but comes with significant problems in ex...
Conference Paper
Singleton types are often considered a poor man's substitute for dependent types. But their generalization in the form of GADTs has found quite a following. The main advantage of singleton types and GADTs is to preserve the so-called phase distinction, which seems to be so important to make use of the usual compilation techniques. Of course, they c...
Article
Singleton types are often considered a poor man's substitute for dependent types. But their generalization in the form of GADTs has found quite a following. The main advantage of singleton types and GADTs is to preserve the so-called phase distinction, which seems to be so important to make use of the usual compilation techniques. Of course, they c...
Conference Paper
Multi-parameter type classes, functional dependencies, and re- cently GADTs and open type families open up opportunities to use complex type-level programming to let GHC's type checker verify various properties of your programs. But type-level code is special in that its correctness is crucial to the safety of the program; so except in those cases...
Conference Paper
There has been a lot of interest of late for programming languages that incorporate features from dependent type systems and proof assistants, in order to capture important invariants of the program in the types. This allows type-based program verification and is a promising compromise between plain old types and full blown Hoare logic proofs. The...
Article
Generalized Algebraic DataTypes (GADTs) allow programmers to capture invariants of their data structures through type annotations on data con-structors. However, when working with GADTs, it is often difficult to concisely and precisely express the way data manipulations maintain those invariants. One can use GADTs or multi-parameter type classes to...
Conference Paper
Recent type systems allow the programmer to use types that de- scribe more precisely the invariants on which the program relies. But in order to satisfy the type system, it often becomes necessary to help the type checker with extra annotations that justify why a piece of code is indeed well-formed. Such annotations take the form of term-level type...
Conference Paper
The use of typed intermediate languages can significantly increase the reliability of a compiler. By type-checking the code produced at each transformation stage, one can identify bugs in the compiler that would otherwise be much harder to find. Also it guarantees that any property that was enforced by the source-level type-system is holds also for...
Article
Full-text available
The use of typed intermediate languages can significantly increase the reliability of a compiler. By type- checking the code produced at each transformation stage, one can identify bugs in the compiler that would otherwise be much harder to find. We propose to take the use of types in compilation a step further by verifying that the transformation...
Conference Paper
Much recent work on proof-carrying code aims to build certifying compilers for single-inheritance object-oriented languages, such as Java or C#. Some advanced object-oriented languages (such as Loom, Moby, and OCaml) support compiling a derived class without complete information about its base class. This strategy is necessary for supporting featur...
Article
Standard type systems are not sufficiently expressive when applied to low-level memory-management code. Such code often requires some form of strong update (i.e. assignments that change the type of the affected location) and needs to reason about the relative position of objects in memory. We present a novel type system which, like alias types, pro...
Article
Proof-carrying code (PCC) is a general framework for verifying the safety properties of machine-language programs. PCC proofs are usually written in a logic extended with language-specific typing rules; they certify safety but only if there is no bug in the typing rules. In foundational proof-carrying code (FPCC), on the other hand, proofs are cons...
Article
Inlining and specialization appear in various forms throughout the implementation of modern pro- gramming languages. From mere compiler optimizations to sophisticated techniques in partial eval- uation, they are omnipresent, yet each application is treated differently. This paper is an attempt at uncovering the relations between inlining (as done i...
Article
the benefits of using strongly typed intermediate languages to compile richly typed source languages (e.g., ML). A typepreserving compiler can use types to guide advanced optimizations and to help generate provably secure mobile code. Types, unfortunately, are very hard to represent and manipulate efficiently; a naive implementation can easily add...
Conference Paper
Proof-carrying code (PCC) is a general framework for verifying the safety properties of machine-language programs. PCC proofs are usually written in a logic extended with language-specific typing rules. In foundational proof-carrying code (FPCC), on the other hand, proofs are constructed and verified using strictly the foundations of mathematical l...
Article
This paper describes an approach to the implementation and the operation of a Simultaneous Multithreaded processor. We propose an architecture which integrates a software mechanism to handle contexts, a rapid communication system, as well as a locking system to ensure mutual exclusion. We explain how the architecture manages the running threads as...
Article
Proof-carrying code and typed assembly languages aim to minimize the trusted computing base by directly certifying the actual machine code. Unfortunately, these systems cannot get rid of the dependency on a trusted garbage collector. Indeed, constructing a provably type-safe garbage collector is one of the major open problems in the area of certify...
Conference Paper
Proof-carrying code and typed assembly languages aim to mini- mize the trusted computing base by directly certifying the actual machine code. Unfortunately, these systems cannot get rid of the dependency on a trusted garbage collector. Indeed, constructing a provably type-safe garbage collector is one of the major open prob- lems in the area of cer...
Conference Paper
This paper describes an approach to the implementation and the operation of a Simultaneous Multithreaded processor. We propose an architecture which integrates a software mechanism to handle contexts, a rapid communication system, as well as a locking system to ensure mutual exclusion. We explain how the architecture manages the running threads as...
Article
Full-text available
Termite is a language and system offering a simple and pow-erful tool for expressing distributed computation. It is based on a message-passing model of concurrency inspired by Er-lang, and on a variant of the functional language Scheme. Our system is an appropriate tool for building custom proto-cols and abstractions for distributed computation. It...

Citations

... In recent years, modal type systems based on this dual-context style have received renewed attention and provided insights into a wide range of seemingly unconnected areas: from reasoning about universes in homotopy type theory [30,38] to mechanizing meta-theory [36,37], to reasoning about effects [40], and meta-programming [27]. This line of work builds on the dual-context formulation of Pfenning and Davies. ...
... A related body of work has used regions as a low-level primitive on which to build type-safe garbage collectors [20][21][22]. Each of these approaches requires non-lexical regions, since, in a copying collector, the from-and to-spaces have non-nested lifetimes. ...
... subst. in a neutral producing a neutral term. (Belanger et al., 2013), or normalization by evaluation for the simply typed λ-calculus (Cave and Pientka, 2012). ...
... Another interesting implementation has been carried out in Beluga [22], a functional programming language that is based on contextual modal type theory and that supports higher-order abstract syntax [21]. Rich properties of programs can be embedded in types in Beluga and [5] shows how this feature can be exploited to ensure type preservation. It remains to be seen if types can also be used to encode semantics preservation. ...
... Here, we can (potentially) exploit code generation via the Autosubst framework to ease the definition of the initial infrastructure. In fact, contextual objects may be viewed as an abstraction of well-typed de Bruijn encodings (Hofmann, 1999) and can actually be compiled to well-typed de Bruijn (Ferreira et al., 2013). Thus one could approximate some of Beluga's features through code generation (Kaiser et al., 2017) and Coq's rewriting facilities. ...
... Typically, artifacts of later phases are created from higher-level artifacts of the previous phases, but dependencies are not linear and difficult to trace: Diverse analysis requirements, platform constraints and modeling acts such as architectural decisions , pattern applications, etc. manifest themselves in later artifacts. While the knowledge about these manifestations is available at the point of decision-making, this information often is not part of a SE process [10]. Instead, such information has to be recorded in additional documentation which accompanies the process. ...
... Although the ideas behind the encodings are inspired by dependently typed programs, the code does not look like code in any full-spectrum dependently typed language, such as Cayenne [Augustsson 1998], Coq [Coq development team 2004], Epigram [McBride 2004], or Agda [Norell 2007]. As a result, several authors [Guillemette and Monnier 2008b; McBride 2002; Neubauer and Thiemann 2002] have pushed for more direct mechanisms , and GHC implementors have responded with Generalized Algebraic Datatypes (GADTs) [Cheney and Hinze 2002; Peyton Jones et al. 2006; Schrijvers et al. 2009; Xi et al. 2003] , typelevel functions [Chakravarty et al. 2005], and type-level datatypes with kind polymorphism [Yorgey et al. 2012]. These additions provide native support for constrained data (replacing the use of phantom types, nested datatypes, and type equality encodings) and type-level computation (replacing the use of logic programming with type classes and functional dependencies). ...
... It is not clear to us whether, in practice, one can get away with only, say, homogeneous regions. Monnier (2008) introduces an interesting hybrid that subsumes homogeneous and heterogeneous regions. Boyland (2010) describes nesting, a mechanism by which one permission can become (irreversibly) nested within another permission. ...
... However, it is not always easy that a Simple Scalar model can be made to implement latest parallel micro architectures without doing any modifications in the underlying morphology. Still two Simple Scalar Siddons were developed to adapt multithreading in the SSMT [9] and M-Sim [10] simulators. These tools are suitable to fabricate designs stationed on simultaneous multithreaded processors, with the constraint of implementing a set of workloads progressively. ...
... To demonstrate the macro system, consider the desugaring of the n-ary And (&&) function as implemented within the compiler: [18] is also performed as part of the binding analysis. Escaped variables are annotated and are used during closure conversion [35,73]. ...