Results 1  10
of
12
FlowSensitive Type Qualifiers
, 2002
"... We present a system for extending standard type systems with flowsensitive type qualifiers. Users annotate their programs with type qualifiers, and inference checks that the annotations are correct. In our system only the type qualifiers are modeled flowsensitively  the underlying standard types ..."
Abstract

Cited by 407 (29 self)
 Add to MetaCart
We present a system for extending standard type systems with flowsensitive type qualifiers. Users annotate their programs with type qualifiers, and inference checks that the annotations are correct. In our system only the type qualifiers are modeled flowsensitively  the underlying standard types are unchanged, which allows us to obtain an efficient constraintbased inference algorithm that integrates flowinsensitive alias analysis, effect inference, and ideas from linear type systems to support strong updates. We demonstrate the usefulness of flowsensitive type qualifiers by finding a number of new locking bugs in the Linux kernel.
Tackling the awkward squad: monadic input/output, concurrency, exceptions, and foreignlanguage calls in Haskell
 Engineering theories of software construction
, 2001
"... Functional programming may be beautiful, but to write real applications we must grapple with awkward realworld issues: input/output, robustness, concurrency, and interfacing to programs written in other languages. These lecture notes give an overview of the techniques that have been developed by th ..."
Abstract

Cited by 111 (1 self)
 Add to MetaCart
(Show Context)
Functional programming may be beautiful, but to write real applications we must grapple with awkward realworld issues: input/output, robustness, concurrency, and interfacing to programs written in other languages. These lecture notes give an overview of the techniques that have been developed by the Haskell community to address these problems. I introduce various proposed extensions to Haskell along the way, and I offer an operational semantics that explains what these extensions mean. This tutorial was given at the Marktoberdorf Summer School 2000. It will appears in the book “Engineering theories of software construction, Marktoberdorf Summer School 2000”, ed CAR Hoare, M Broy, and R Steinbrueggen, NATO ASI Series, IOS Press, 2001, pp4796. This version has a few errors corrected compared with the published version. Change summary: Apr 2005: some examples added to Section 5.2.2, to clarifyevaluate. March 2002: substantial revision 1
A Systematic Approach to Static Access Control
, 2001
"... ... This paper develops type systems which can statically guarantee the success of these checks. Our systems allow security properties of programs to be clearly expressed within the types themselves, which thus serve as static declarations of the security policy. We develop these systems using a sys ..."
Abstract

Cited by 69 (10 self)
 Add to MetaCart
... This paper develops type systems which can statically guarantee the success of these checks. Our systems allow security properties of programs to be clearly expressed within the types themselves, which thus serve as static declarations of the security policy. We develop these systems using a systematic methodology: we show that the securitypassing style translation, proposed by Wallach, Appel and Felten as a dynamic implementation technique, also gives rise to static securityaware type systems, by composition with conventional type systems. To de ne the latter, we use the general HM(X) framework, and easily construct several constraint and unificationbased type systems.
Verification of NonFunctional Programs using Interpretations in Type Theory
"... We study the problem of certifying programs combining imperative and functional features within the general framework of type theory. Type theory constitutes a powerful specification language, which is naturally suited for the proof of purely functional programs. To deal with imperative programs, we ..."
Abstract

Cited by 63 (4 self)
 Add to MetaCart
We study the problem of certifying programs combining imperative and functional features within the general framework of type theory. Type theory constitutes a powerful specification language, which is naturally suited for the proof of purely functional programs. To deal with imperative programs, we propose a logical interpretation of an annotated program as a partial proof of its specification. The construction of the corresponding partial proof term is based on a static analysis of the effects of the program, and on the use of monads. The usual notion of monads is refined in order to account for the notion of effect. The missing subterms in the partial proof term are seen as proof obligations, whose actual proofs are left to the user. We show that the validity of those proof obligations implies the total correctness of the program. We also establish a result of partial completeness. This work has been implemented in the Coq proof assistant. It appears as a tactic taking an ann...
Monadic Encapsulation of Effects: A Revised Approach (Extended Version)
 Journal of Functional Programming
, 1999
"... Launchbury and Peyton Jones came up with an ingenious idea for embedding regions of imperative programming in a pure functional language like Haskell. The key idea was based on a simple modification of HindleyMilner's type system. Our first contribution is to propose a more natural encapsulati ..."
Abstract

Cited by 30 (5 self)
 Add to MetaCart
Launchbury and Peyton Jones came up with an ingenious idea for embedding regions of imperative programming in a pure functional language like Haskell. The key idea was based on a simple modification of HindleyMilner's type system. Our first contribution is to propose a more natural encapsulation construct exploiting higherorder kinds, which achieves the same encapsulation effect, but avoids the ad hoc type parameter of the original proposal. The second contribution is a type safety result for encapsulation of strict state using both the original encapsulation construct and the newly introduced one. We establish this result in a more expressive context than the original proposal, namely in the context of the higherorder lambdacalculus. The third contribution is a type safety result for encapsulation of lazy state in the higherorder lambdacalculus. This result resolves an outstanding open problem on which previous proof attempts failed. In all cases, we formalize the intended implementations as simple bigstep operational semantics on untyped terms, which capture interesting implementation details not captured by the reduction semantics proposed previously. 1
Variations on Algebra: monadicity and generalisations of equational theories
 Formal Aspects of Computing
, 2001
"... this paper the author was partially supported by an SERC/EPSRC Advanced Research Fellowship, EPSRC Research grant GR/L54639, and EU Working Group APPSEM ..."
Abstract

Cited by 24 (0 self)
 Add to MetaCart
this paper the author was partially supported by an SERC/EPSRC Advanced Research Fellowship, EPSRC Research grant GR/L54639, and EU Working Group APPSEM
Effects and effect inference for a core Java calculus
, 2003
"... An effects system can be used to delimit the scope of computational effects within a program. This information is not only useful for the programmer, but also can be used in the definition of a number of optimizations. Most effects systems have been defined for functional languages with simple state ..."
Abstract

Cited by 11 (3 self)
 Add to MetaCart
An effects system can be used to delimit the scope of computational effects within a program. This information is not only useful for the programmer, but also can be used in the definition of a number of optimizations. Most effects systems have been defined for functional languages with simple state. Greenhouse and Boyland have recently suggested how an effects system could be used within Java. In this paper we take a core imperative calculus for Java, and consider its extension with an effects system, following the suggestions of Greenhouse and Boyland. We define formally the effects system and an instrumented operational semantics and prove the correctness of the effects system; a question left open by Greenhouse and Boyland. We also consider the question of effect inference for our calculus, detailing an algorithm for inferring effects information and prove it correct.
A Modal Calculus for Effect Handling
, 2003
"... In their purest formulation, monads are used in functional programming for two purposes: (1) to hygienically propagate effects, and (2) to globalize the effect scope  once an effect occurs, the purity of the surrounding computation cannot be restored. As a consequence, monadic typing does not prov ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
In their purest formulation, monads are used in functional programming for two purposes: (1) to hygienically propagate effects, and (2) to globalize the effect scope  once an effect occurs, the purity of the surrounding computation cannot be restored. As a consequence, monadic typing does not provide very naturally for the practically important ability to handle effects, and there is a number of previous works directed toward remedying this deficiency. It is mostly based on extending the monadic framework with further extralogical constructs to support handling. In this paper we adopt...
A Theory of Monads Parameterized By Effects
, 1999
"... Monads were introduced in computer science to express the semantics of programs with computational effects, while type and e ect inference was introduced to mark out those effects. In this article, we propose a combination of the notions of effects and monads, where the monadic operators are paramet ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Monads were introduced in computer science to express the semantics of programs with computational effects, while type and e ect inference was introduced to mark out those effects. In this article, we propose a combination of the notions of effects and monads, where the monadic operators are parameterized by effects. We establish some relationships between those generalized monads and the classical ones. Then we use a generalized monad to translate imperative programs into purely functional ones. We establish the correctness of that translation. This work has been put into practice in the Coq proof assistant to establish the correctness of imperative programs.
Monads and eects
 Lecture Notes in Computer Science
, 2002
"... Abstract. A tension in language design has been between simple semantics on the one hand, and rich possibilities for sideeects, exception handling and so on on the other. The introduction of monads has made a large step towards reconciling these alternatives. First proposed by Moggi as a way of st ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. A tension in language design has been between simple semantics on the one hand, and rich possibilities for sideeects, exception handling and so on on the other. The introduction of monads has made a large step towards reconciling these alternatives. First proposed by Moggi as a way of structuring semantic descriptions, they were adopted by Wadler to structure Haskell programs, and now oer a general technique for delimiting the scope of eects, thus reconciling referential transparency and imperative operations within one programming language. Monads have been used to solve longstanding problems such as adding pointers and assignment, interlanguage working, and exception handling to Haskell, without compromising its purely functional semantics. The course will introduce monads, eects and related notions, and exemplify their applications in programming (Haskell) and in compilation (MLj). The course will present typed metalanguages for monads and related categorical notions, and describe how they can be further rened by introducing eects.