Christopher A. Stone

TIL: a type-directed optimizing compiler for ML

The goal of the TIL project was to explore the use of Typed Intermediate Languages to produce high-performance native code from Standard ML (SML). We believed that existing SML compilers were doing a good job of conventional functional language optimizations, as one might find in a LISP compiler, but that inadequate use was made of the rich type information present in the source language. Our goal was to show that we could get much greater performance by propagating type information through to the back end of the compiler, without sacrificing the advantages afforded by loop-oriented and other optimizations.We also confirmed that using typed intermediate languages dramatically improved the reliability and maintainability of the compiler itself. In particular, we were able to use the type system to express critical invariants, and enforce those invariants through type checking. In this respect, TIL introduced and popularized the notion of a certifying compiler, which attaches a checkable certificate of safety to its generated code. In turn, this led directly to the idea of certified object code, inspiring the development of Proof-Carrying Code and Typed Assembly Language as certified object code formats.

Deciding type equivalence in a language with singleton kinds

Work on the TILT compiler for Standard ML led us to study a language with singleton kinds: S(A) is the kind of all types provably equivalent to the type A. Singletons are interesting because they provide a very general form of definitions for type variables, allow fine-grained control of type computations, and allow many equational constraints to be expressed within the type system. Internally, TILT represents programs using a predicative variant of Girards Fω enriched with singleton kinds, dependent product and function kinds (&Sgr; and &Pgr;), and a sub-kinding relation. An important benefit of using a typed language as the representation of programs is that typechecking can detect many common compiler implementation errors. However, the decidability of typechecking for our particular representation is not obvious. In order to typecheck a term, we must be able to determine whether two type constructors are provably equivalent. But in the presence of singleton kinds, the equivalence of type constructors depends both on the typing context in which they are compared and on the kind at which they are compared. In this paper we concentrate on the key issue for decidability of typechecking: determining the equivalence of well-formed type constructors. We define the λ&Pgr;&Sgr;S< calculus, a model of the constructors and kinds of TILTs intermediate language. Inspired by Coquands result for type theory, we prove decidability of constructor equivalence for λ&Pgr;&Sgr;S≤ by exhibiting a novel — though slightly inefficient — type-directed comparison algorithm. The correctness of this algorithm is proved using an interesting variant of Kripke-style logical relations: unary relations are indexed by a single possible world (in our case, a typing context), but binary relations are indexed by two worlds. Using this result we can then show the correctness of a natural, practical algorithm used by the TILT compiler.

Extensional equivalence and singleton types

We study the &lamda;^ΠΣ<i>S</i>_≤ calculus, which contains singleton types <i>S</i>(<i>M</i>) classifying terms of base type provably equivalent to the term <i>M</i>. The system includes dependent types for pairs and functions (Σ and Π) and a subtyping relation induced by regarding singletons as subtypes of the base type. The decidability of type checking for this language is non-obvious, since to type check we must be able to determine equivalence of well-formed terms. But in the presence of singleton types, the provability of an equivalence judgment Γ ⊢ <i>M</i>₁ &eqiv;<i>M</i>₂ : <i>A</i> can depend both on the typing context Γ and on the particular type <i>A</i> at which <i>M</i>₁ and <i>M</i>₂ are compared.We show how to prove decidability of term equivalence, hence of type checking, in &lamda;^ΠΣ<i>S</i>_≤ by exhibiting a type-directed algorithm for directly computing normal forms. The correctness of normalization is shown using an unusual variant of Kripke logical relations organized around sets; rather than defining a logical equivalence relation, we work directly with (subsets of) the corresponding equivalence classes.We then provide a more efficient algorithm for checking type equivalence without constructing normal forms. We also show that type checking, subtyping, and all other judgments of the system are decidable.The &lamda;^ΠΣ<i>S</i>_≤ calculus models type constructors and kinds in the intermediate language used by the TILT compiler for Standard ML to implement the SML module system. The decidability of &lamda;^ΠΣ<i>S</i>_≤ term equivalence allows us to show decidability of type checking for TILTs intermediate language. We also obtain a consistency result that allows us to prove type safety for the intermediate language. The algorithms derived here form the core of the type checker used for internal type checking in TILT.

RZ: a Tool for Bringing Constructive and Computable Mathematics Closer to Programming Practice

Realizability theory is not just a fundamental tool in logic and computability. It also has direct application to the design and implementation of programs, since it can produce code interfaces for the data structure corresponding to a mathematical theory. Our tool, called RZ, serves as a bridge between the worlds of constructive mathematics and programming. By using the realizability interpretation of constructive mathematics, RZ translates specifications in constructive logic into annotated interface code in Objective Caml. The system supports a rich input language allowing descriptions of complex mathematical structures. RZ does not extract code from proofs, but allows any implementation method, from handwritten code to code extracted from proofs by other tools.

The Donation Paradox for Peremptory Challenges

A donation paradox occurs when a player gives an apparently valuable prerogative to another player, but ‘does better’, according to some criterion. Peremptory challenges, used in choosing a American jury, permit each side to veto a certain number of potential jurors. With even a very simple model of jury selection, it is shown that for one side to give a peremptory challenge to the other side may lead to a more favorable jury, an instance of the donation paradox. Both a theorem and examples are given concerning the existence of the donation paradox in the optimal use of peremptory challenges.

RZ: A Tool for Bringing Constructive and Computable Mathematics Closer to Programming Practice

Realizability theory can produce interfaces for the data structure corresponding to a mathematical theory. Our tool, called RZ, serves as a bridge between constructive mathematics and programming by translating specifications in constructive logic into annotated interface code in Objective Caml. The system supports a rich input language allowing descriptions of complex mathematical structures. RZ does not extract code from proofs, but allows any implementation method, from handwritten code to code extracted from proofs by other tools.

Systematic detection of subtle spatio‐temporal patterns in time‐lapse imaging: II. Particle migrations

A recent article introduced a method for detecting subtle spatio-temporal patterns within a dataset of mitotic processes. The method is based on permutation tests, and involves (1) permuting process parameters (e.g., division angle in the earlier case of mitosis), (2) calculating the effects, and (3) checking for distributional changes in a set of measures based on simple considerations of geometry. This paper examines the method’s application to a more common dataset: particles that undergo migration in three or fewer dimensions. The method is further extended in another direction: multiple types of particle are allowed. Exploiting these distinct types significantly enlarges the set of detectable patterns. Monte Carlo simulations are performed to illustrate the new capabilities. The resulting contribution is an increasingly systematic basis for the inference of patterned behavior from imaging datasets.

Observationally cooperative multithreading

Observationally Cooperative Multithreading (OCM) is a new approach to shared-memory parallelism. It addresses a key problem of mainstream concurrency control mechanisms - they can be prohibitively hard to reason about and debug. Programmers using OCM simply write code as if they were using the cooperative multithreading model (CM) for uniprocessors. The underlying OCM implementation then optimizes execution - running threads in parallel when possible - in such a way that the results are consistent with CM. In addition to providing easier reasoning and debugging, OCM is also highly adaptable in terms of its underlying concurrency-control mechanism. Programmers using OCM have the capability to take a finished program and choose the strategy (e.g., locks or transactions) that provides optimal performance.

Specifications via Realizability

We present a system, called RZ, for automatic generation of program specifications from mathemat- ical theories. We translate mathematical theories to specifications by computing their realizability interpretations in the ML language augmented with assertions (as comments). While the system is best suited for descriptions of those data structures that can be easily described in mathemat- ical language (e.g., finitely presented groups, real arithmetic, graphs, etc.), it also elucidates the relationship between data structures and constructive mathematics.