Clamp Type Classes for Substructural Types Edward Gan Advisors: - - PowerPoint PPT Presentation

Clamp

Type Classes for Substructural Types Edward Gan

Advisors: Greg Morrisett and Jesse Tov

April 16, 2013

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 1 / 16

Statically Tracking State

A common bug:

Incorrect File Handle Usage

let filetest () = let fhd = open "testfile" in write "initial output" fhd; close fhd; write "final output" fhd File Handles are state-ful resources, not substitutable values. How to track the fact that the handle is “consumed”?

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 2 / 16

Substructural Types

Lambda Calculus with Substructural Rules

Var x : τ ⊢ x : τ Lam

Γ, x : τ1 ⊢ e : τ2 Γ ⊢ λx.e : τ1 → τ2

App Γ1 ⊢ e1 : τ1 → τ2

Γ2 ⊢ e2 : τ1 Γ1, Γ2 ⊢ e1 e2 : τ2

Weakening

Γ ⊢ e : τ Γ, x : τ ′ ⊢ e : τ

Contraction

Γ, x : τ ′ ⊢ e : τ Γ, x : τ ′, x : τ ′ ⊢ e : τ Restricting Substructural Operations Unlimited Weakening and Contraction, arbitrary usage Affine Weakening, used at most once Relevant Contraction, used at least once Linear Neither Weakening nor Contraction, used exactly once

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 3 / 16

A Stateful File-I/O Library

Suppose we have a type system with linear types

File I/O Library Interface

type filehandle : linear val open : string -> filehandle val write : string -> filehandle -> filehandle val close : filehandle -> unit File Handle Misuse → File Handle Reuse

Statically Incorrect File Usage

let filetest () = let fhd = open "testfile" in let fhd2 = write "initial output" fhd; close fhd2; write "final output" fhd2

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 4 / 16

Existing Substructural Languages

Qualifier Based: λURAL, ATAPL

◮ Break types τ into qualifier ξ and pretype τ, τ ::=ξ τ. ◮ ξ determines substructural properties. ◮ Verbose Polymorphism

pair : ∀ξ1 : Q. ∀τ1 : ⋆, τ2 : ⋆.

• ξ1τ1

U ⊸

• ξ1τ2

U ⊸ξ1

• ξ1τ1
• ⊗
• ξ1τ2
• Kind Based: Alms, F ◦, Clean

◮ Assign types τ a kind κ that determines substructural properties, e.g.

⊢ int : U

◮ Polymorphism through subkinding, dependent kinds

Alms-K-Prod

⊢ Γ Γ ⊢ (⊗) : Πα+.Πβ+. α ⊔ β pair : ∀α : L, β : L. α → β → α ⊗ β

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 5 / 16

The Clamp Programming Language

Encode the different “kinds” of substructural types in terms of the supported substructural operations

Substructural Type Classes

class Dup a where dup :: a -> (a,a) class Drop a where drop :: (a,b) -> b Benefits

◮ Uniform Meta-theory ◮ Cheap Polymorphism over U,R,A,L ◮ Easy to add-on stateful built-ins (s/w references) ◮ Orthogonal Implementation ◮ Type Classes! Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 6 / 16

Clamp Examples

dup and drop operations implicit Annotated arrows α

x

− → β for x = U, R, A, L

Substructural Restrictions

let mygold = @minegold unit in (fun a -L> (a,a)) (1,mygold) //Invalid fst : ∀α, β [Drop β] .α × β

U

− → α

Polymorphism and Datatypes

let fst = fun p -U> letp (p1, p2) = p in p1

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 7 / 16

Strong and Weak references

Weak update: update contents of mutable reference with another of same type

◮ Always type safe

Strong update: update contents to value with different type

◮ Can be unsound if aliased

Key operations

◮ swap: ref rqα × α

U

− → ref rqα × α

◮ sswap: ref sα × β

U

− → ref sβ × α

◮ release: ref rqα

U

− → unit + α

◮ srelease: ref sα

U

− → α

Need U,R,A,L: weak reference to linear data can aliased but not arbitrarily disposed

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 8 / 16

λcl Syntax

e ::= x | λaq (x : τ) .e | e1 e2 | Λαi [P] .v | e [τi] | (e1, e2) | inl e | inr e | () | letp (x1, x2) = e in e2 | match e with inl x1 → e1; inr x2 → e2 | ℓ | newrq e | releaserq e | swaprq e1 with e2 | dup e1 as x1, x2 in e2 | drop e1 in e2 rq ::= s (strong) | w (weak) aq ::= U (unlimited) | R (relevant) | A (affine) | L (linear) τ ::= α | τ1

aq

− → τ2 | τ1 × τ2 | τ1 + τ2 | ref rqτ | ∀αi [P] .τ P ::= Pred1, . . . , Predn Pred ::= Kτ K ::= Dup | Drop

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 9 / 16

λcl Type System

Core

Lam P; Γ, x : τ1; Σ ⊢ e : τ2

P Constrainaq (Γ, Σ) P; Γ; Σ ⊢ λaq (x : τ1) .e : τ1

aq

− → τ2

App P; Γ1; Σ1 ⊢ e1 : τ2

aq

− → τ P; Γ2; Σ2 ⊢ e2 : τ2 P; Γ1 ◦ Γ2; Σ1 + Σ2 ⊢ e1 e2 : τ Type Class Constraints

TAbs P1, P2; Γ; Σ ⊢ v : τ

Dom (P2) ⊂ αi P1; Γ; Σ ⊢ Λαi [P2] .v : ∀αi [P2] .τ

TApp P1; Γ; Σ ⊢ e : ∀αi [P2] .τ

P1 P2{τi/αi} P1; Γ; Σ ⊢ e [τi] : τ{τi/αi}

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 10 / 16

λcl Type System continued

Substructural

Dup

P; Γ1; Σ1 ⊢ e1 : τ1 P; Γ2, x1 : τ1, x2 : τ1; Σ2 ⊢ e2 : τ2 P Dup τ1 P; Γ1 ◦ Γ2; Σ1 + Σ2 ⊢ dup e1 as x1, x2 in e2 : τ2

Drop P; Γ1; Σ1 ⊢ e1 : τ1

P; Γ2; Σ2 ⊢ e2 : τ2 P Drop τ1 P; Γ1 ◦ Γ2; Σ1 + Σ2 ⊢ drop e1 in e2 : τ2 Linear Variable environments Γ, Reference counted location environments Σ Γ ::= x1 : τ1, . . . , xn : τn Σs ::= ℓ1 →s τ1, . . . , ℓn →s τn Σw ::= ℓ1 →j1

w τ1, . . . , ℓn →jn w τn

ji > 0 Σ ::= Σs, Σw Dom (Σs) ∩ Dom (Σw) = ∅

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 11 / 16

Type Class Instances

Dup a, Dup b = ⇒ Dup (a × b) Drop a, Drop b = ⇒ Drop (a × b) Dup a, Dup b = ⇒ Dup (a + b) Drop a, Drop b = ⇒ Drop (a + b) nil = ⇒ Dup

• a

U

− → b

• nil =

⇒ Drop

• a

U

− → b

• nil =

⇒ Dup

• a

R

− → b

• nil =

⇒ Drop

• a

A

− → b

• nil =

⇒ Dup unit nil = ⇒ Drop unit nil = ⇒ Dup (ref wa) Drop a = ⇒ Drop (ref rqa) Very compact representation of kinding rules, reference qualifier restrictions, etc...

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 12 / 16

Type Soundness

Two Key Lemmas to prove Preservation

Theorem

Constraints Capture Locations: Consider P; Γ; Σ ⊢ v : τ. If P Dup τ then P Dup Σ, Dup Γ. Similarly if P Drop τ then P Drop Σ, Drop Γ.

Theorem

Substitution: If P; Γ, x : τx; Σ1 ⊢ e : τ and P; ·; Σ2 ⊢ v : τx and Σ1 ⌣ Σ2 then P; Γ; Σ1 + Σ2 ⊢ e {v/x} : τ

Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 13 / 16

Dup/Drop Insertion

Writing dup and drop operations by hand a pain What would we like an automated insertion algorithm to do?

◮ Use memory efficiently ◮ Assume minimum number of Dup/Drop constraints

Optimal Algorithm

◮ Bottom up recursive ◮ Annotate to minimize number of assumptions required at each level ◮ Can prove: global memory usage minimized, no extraneous constraints Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 14 / 16

Implementation

Overall Design

User Code Dup/Drop Insertion Type Inference Typeclass Instances Constraint Solving Generalized Type Scheme

Based off of a Haskell Type-checker with a few additions:

◮ A dup/drop insertion pass ◮ Substructural type class instances ◮ Constraints to closure environments in the type inference step Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 15 / 16

Summary

Why Clamp is interesting

◮ Simple theory and metatheory built on established tools ◮ Rich enough to encode URAL and strong/weak references easily ◮ Implementation piggybacks off Haskell

Other Aspects of Research

◮ Substructural inference algorithm independently interesting ◮ Type Classes are fun

Future work

◮ Custom dup/drop ◮ Arrow Polymorphism ◮ Runtime Considerations Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 16 / 16