Dynamic opacity for abstract types

Existential types are the standard formalisation of abstract types. While this formulation is sufficient in entirely statically typed languages, it proves to be too weak for languages enriched with forms of dynamic typing: in the presence of operations performing type analysis, the abstraction barrier erected by the static typing rules for existential types is no longer impassable, because parametricity is violated. We present a light-weight calculus for polymorphic languages with abstract types that addresses this shortcoming. It features a variation of existential types that retains most of the simplicity of standard existentials. It relies on modified scoping rules and explicit coercions between the quantified variable and its witness type

Generativity and dynamic opacity for abstract types (extended version)

The standard formalism for explaining abstract types is existential quantification. While it provides a sufficient model for type abstraction in entirely statically typed languages, it proves to be too weak for languages enriched with forms of dynamic typing, where parametricity is violated. As an alternative approach to type abstraction that addresses this shortcoming we present a calculus for dynamic type generation. It features an explicit construct for generating new type names and relies on coercions for managing abstraction boundaries between generated types and their designated representation. Sealing is represented as a generalized form of these coercions. The calculus maintains abstractions dynamically without restricting type analysis

Typed open programming : a higher-order, typed approach to dynamic modularity and distribution

In this dissertation we develop an approach for reconciling open programming the development of programs that support dynamic exchange of higher-order values with other processes with strong static typing in programming languages. We present the design of a concrete programming language, Alice ML, that consists of a conventional functional language extended with a set of orthogonal features like higher-order modules, dynamic type checking, higher-order serialisation, and concurrency. On top of these a flexible system of dynamic components and a simple but expressive notion of distribution is realised. The central concept in this design is the package, a first-class value embedding a module along with its interface type, which is dynamically checked whenever the module is extracted. Furthermore, we develop a formal model for abstract types that is not invalidated by the presence of primitives for dynamic type inspection, as is the case for the standard model based on existential quantification. For that purpose, we present an idealised language in form of an extended -calculus, which can express dynamic generation of types. This calculus is the first to combine and explore the interference of sealing and type inspection with higher-order singleton kinds, a feature for expressing sharing constraints on abstract types. A novel notion of abstracton kinds classifies abstract types. Higher-order type and kind coercions allow for modular translucent encapsulation of values at arbitrary type.In dieser Dissertation entwickeln wir einen programmiersprachlichen Ansatz zur Verbindung offener Programmierung der Entwicklung von Programmen, die das dynamische Laden und Austauschen höherstufiger Werte mit anderen Prozessen erlauben mit starker statischer Typisierung. Wir stellen das Design einer konkreten Programmiersprache namens Alice ML vor. Sie besteht aus einer konventionellen funktionalen Sprache, die um einen Satz orthogonaler Konzepte wie höherstufige Modularisierung, dynamische Typüberprüfung, höherstufige Serialisierung und Nebenläufigkeit erweitert wurde. Darauf aufbauend ist ein flexibles System dynamischer Komponenten sowie ein einfacher aber expressiver Ansatz fur Verteilung verwirklicht. Zentral ist dabei das Konzept eines Pakets (package), welches ein Modul in Kombination mit seinem Schnittstellentyp in einen Wert einbettet, und bei der Extraktion des Moduls eine dynamische Typüberprüfung vornimmt. Weiterhin entwickeln wir einen theoretischen Ansatz zur Modellierung von abstrakten Typen, welcher im Gegensatz zum herkömmlichen formalen Modell existentieller Quantifizierung auch in Gegenwart dynamischer Typinspektion gültig ist. Zu diesem Zweck definieren wir eine idealisierte Sprache in Form eines erweiterten λ-Kalküls, der dynamische Typgenerierung ausdrucken kann. Der Kalkül kombiniert diese erstmals mit höherstufigen Singleton Kinds, einem Sprachkonstrukt, welches Gleichheit von Typen ausdrücken kann. Zur Klassifizierung abstrakter Typen werden Abstraktions-Kinds als verwandtes Konzept entwickelt. Höherstufige Konversionen auf Term- und Typebene erlauben zudem die nachträgliche modulare Enkapsulierung von Werten beliebigen Typs

Generativity and dynamic opacity for abstract types

The standard formalism for explaining abstract types is existential quantification. While it provides a sufficient model for type abstraction in entirely statically typed languages, it proves to be too weak for languages enriched with forms of dynamic typing, where parametricity is violated. As an alternative approach to type abstraction that addresses this shortcoming we present a calculus for dynamic type generation. It features an explicit construct for generating new type names and relies on coercions for managing abstraction boundaries between generated types and their designated representation. Sealing is represented as a generalized form of these coercions. The calculus maintains abstractions dynamically without restricting type analysis

Weakening WebAssembly

WebAssembly (Wasm) is a safe, portable virtual instruction set that can be hosted in a wide range of environments, such as a Web browser. It is a low-level language whose instructions are intended to compile directly to bare hardware. While the initial version of Wasm focussed on single-threaded computation, a recent proposal extends it with low-level support for multiple threads and atomic instructions for synchronised access to shared memory. To support the correct compilation of concurrent programs, it is necessary to give a suitable specification of its memory model. Wasm’s language definition is based on a fully formalised specification that carefully avoids undefined behaviour. We present a substantial extension to this semantics, incorporating a relaxed memory model, along with a few proposed operational extensions. Wasm’s memory model is unique in that its linear address space can be dynamically grown during execution, while all accesses are bounds-checked. This leads to the novel problem of specifying how observations about the size of the memory can propagate between threads. We argue that, considering desirable compilation schemes, we cannot give a sequentially consistent semantics to memory growth. We show that our model guarantees Sequential Consistency of Data-Race-Free programs (SC-DRF). However, because Wasm is to run on the Web, we must also consider interoperability of its model with that of JavaScript. We show, by counter-example, that JavaScript’s memory model is not SC-DRF, in contrast to what is claimed in its specification. We propose two axiomatic conditions that should be added to the JavaScript model to correct this difference. We also describe a prototype SMT-based litmus tool which acts as an oracle for our axiomatic model, visualising its behaviours, including memory resizing

Continuing WebAssembly with Effect Handlers

WebAssembly (Wasm) is a low-level portable code format offering near native performance. It is intended as a compilation target for a wide variety of source languages. However, Wasm provides no direct support for non-local control flow features such as async/await, generators/iterators, lightweight threads, first-class continuations, etc. This means that compilers for source languages with such features must ceremoniously transform whole source programs in order to target Wasm. We present WasmFX an extension to Wasm which provides a universal target for non-local control features via effect handlers, enabling compilers to translate such features directly into Wasm. Our extension is minimal and only adds three main instructions for creating, suspending, and resuming continuations. Moreover, our primitive instructions are type-safe providing typed continuations which are well-aligned with the design principles of Wasm whose stacks are typed. We present a formal specification of WasmFX and show that the extension is sound. We have implemented WasmFX as an extension to the Wasm reference interpreter and also built a prototype WasmFX extension for Wasmtime, a production-grade Wasm engine, piggybacking on Wasmtime's existing fibers API. The preliminary performance results for our prototype are encouraging, and we outline future plans to realise a native implementation

Wasm SpecTec: Engineering a Formal Language Standard

WebAssembly (Wasm) is a low-level bytecode language and virtual machine, intended as a compilation target for a wide range of programming languages, which is seeing increasing adoption across diverse ecosystems. As a young technology, Wasm continues to evolve -- it reached version 2.0 last year and another major update is expected soon. For a new feature to be standardised in Wasm, four key artefacts must be presented: a formal (mathematical) specification of the feature, an accompanying prose pseudocode description, an implementation in the official reference interpreter, and a suite of unit tests. This rigorous process helps to avoid errors in the design and implementation of new Wasm features, and Wasm's distinctive formal specification in particular has facilitated machine-checked proofs of various correctness properties for the language. However, manually crafting all of these artefacts requires expert knowledge combined with repetitive and tedious labor, which is a burden on the language's standardization process and authoring of the specification. This paper presents Wasm SpecTec, a technology to express the formal specification of Wasm through a domain-specific language. This DSL allows all of Wasm's currently handwritten specification artefacts to be error-checked and generated automatically from a single source of truth, and is designed to be easy to write, read, compare, and review. We believe that Wasm SpecTec's automation and meta-level error checking will significantly ease the current burden of the language's specification authors. We demonstrate the current capabilities of Wasm SpecTec by showcasing its proficiency in generating various artefacts, and describe our work towards replacing the manually written official Wasm specification document with specifications generated by Wasm SpecTec.Comment: 5 pages, 7 figure

Immobilization of technetium by iron corrosion phases: lessons learned and future perspectives

Technetium-99 (99Tc) is a long-lived fission product (2.13×105 years) of uranium-235 (235U) and plutonium-239 (239Pu) and, therefore, of great concern for the long-term safe management of nuclear waste. The migration of Tc in the environment is highly influenced by the redox conditions, since Tc may be present in various oxidation states. Depending on the chemical properties of environmentally relevant systems, Tc is expected to mainly occur as Tc(VII) and as Tc(IV) under oxidizing and reducing conditions, respectively. The anion pertechnetate (Tc(VII)O ) is known to barely interact with mineral surfaces; this, in turn, enhances its migration in groundwater and favors its entry into the biosphere. On the contrary, the formation of Tc(IV) limits the migration of Tc, since it forms a low soluble solid (TcO2) and/or species, whose interaction with minerals is more favorable. In the last few decades Tc migration has been focused on the reduction of Tc(VII) to Tc(IV) by various reductants, such as Fe(II), Sn(II), or S(-II), which are either present in solution, taking part in mineral structures (Pearce et al., 2019), or metabolically induced by microbial cascades (Newsome et al., 2014). We have studied the immobilization of technetium (Tc) by various Fe(II)-containing phases, including Fe2+ pre-sorbed on alumina nanoparticles (Mayordomo et al., 2020), Fe(II)-Al(III)-layered double hydroxide (Mayordomo et al., 2021), and Fe(II) sulfides (Rodríguez et al., 2020; Rodríguez et al., 2021). We have combined sorption experiments with microscopic and spectroscopic techniques (scanning electron microscopy, Raman microscopy, X-ray photoelectron spectroscopy, infrared spectroscopy, and X-ray absorption spectroscopy) to elucidate the mechanisms responsible for Tc(VII) reductive immobilization. Those works have been focused on binary systems (i.e., studies of the interaction of Tc with a given reductant). However, the environment is a complex system, where different components often depend on and modify each other. Thus, Tc migration is susceptible and varies, depending on environmental conditions, and should not be studied in an isolated manner. The young investigator group TecRad (HZDR, 2022), funded by the German Federal Ministry of Education and Research, aims at analyzing Tc chemistry from a wider perspective. Our goal is to study the biogeochemical behavior of Tc when it interacts with (i) microorganisms, (ii) metabolites, (iii) Fe(II) minerals, and (iv) Fe(II) minerals in presence of metabolites. An important part of this project deals with implementing new spectro-electrochemical methods to monitor the in situ the behavior of Tc in solution and at interfaces as a function of the redox potential. With these tools, we aspire to characterize the molecular structures of Tc species under a variable range of redox conditions to broaden the understanding of the chemical behavior of the pollutant. We aim at generating valuable thermodynamic data (complex formation constants, solubility constants of minerals, redox potentials, and Tc distribution coefficients) that will be used to implement a geochemical modeling able to explain Tc\u27s environmental fate, even under different redox conditions