Clamp Type Classes for Substructural Types Edward Gan Advisors: - PowerPoint PPT Presentation

Clamp Type Classes for Substructural Types Edward Gan Advisors: Greg Morrisett and Jesse Tov April 16, 2013 Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 1 / 16

Statically Tracking State A common bug: Incorrect File Handle Usage let filetest () = let fhd = open "testfile" in write "initial output" fhd; close fhd; write "final output" fhd File Handles are state-ful resources, not substitutable values. How to track the fact that the handle is “consumed”? Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 2 / 16

Substructural Types Lambda Calculus with Substructural Rules Γ , x : τ 1 ⊢ e : τ 2 Var x : τ ⊢ x : τ Lam Γ ⊢ λ x . e : τ 1 → τ 2 App Γ 1 ⊢ e 1 : τ 1 → τ 2 Γ 2 ⊢ e 2 : τ 1 Γ 1 , Γ 2 ⊢ e 1 e 2 : τ 2 Γ , x : τ ′ ⊢ e : τ Γ ⊢ e : τ Weakening Contraction Γ , x : τ ′ ⊢ e : τ Γ , x : τ ′ , x : τ ′ ⊢ e : τ Restricting Substructural Operations Unlimited Weakening and Contraction, arbitrary usage Affine Weakening, used at most once Relevant Contraction, used at least once Linear Neither Weakening nor Contraction, used exactly once Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 3 / 16

A Stateful File-I/O Library Suppose we have a type system with linear types File I/O Library Interface type filehandle : linear val open : string -> filehandle val write : string -> filehandle -> filehandle val close : filehandle -> unit File Handle Misuse �→ File Handle Reuse Statically Incorrect File Usage let filetest () = let fhd = open "testfile" in let fhd2 = write "initial output" fhd; close fhd2; write "final output" fhd2 Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 4 / 16

Existing Substructural Languages Qualifier Based: λ URAL , ATAPL ◮ Break types τ into qualifier ξ and pretype τ , τ ::= ξ τ . ◮ ξ determines substructural properties. ◮ Verbose Polymorphism � U � U � � �� � � �� ξ 1 τ 1 ξ 1 τ 2 ⊸ ξ 1 ξ 1 τ 1 ξ 1 τ 2 pair : ∀ ξ 1 : Q . ∀ τ 1 : ⋆, τ 2 : ⋆. ⊗ ⊸ Kind Based: Alms, F ◦ , Clean ◮ Assign types τ a kind κ that determines substructural properties, e.g. ⊢ int : U ◮ Polymorphism through subkinding, dependent kinds Alms-K-Prod ⊢ Γ Γ ⊢ ( ⊗ ) : Π α + . Π β + . � α � ⊔ � β � pair : ∀ α : L , β : L . α → β → α ⊗ β Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 5 / 16

The Clamp Programming Language Encode the different “kinds” of substructural types in terms of the supported substructural operations Substructural Type Classes class Dup a where dup :: a -> (a,a) class Drop a where drop :: (a,b) -> b Benefits ◮ Uniform Meta-theory ◮ Cheap Polymorphism over U,R,A,L ◮ Easy to add-on stateful built-ins (s/w references) ◮ Orthogonal Implementation ◮ Type Classes! Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 6 / 16

Clamp Examples dup and drop operations implicit x Annotated arrows α − → β for x = U , R , A , L Substructural Restrictions let mygold = @minegold unit in (fun a -L> (a,a)) (1,mygold) //Invalid U fst : ∀ α, β [ Drop β ] .α × β − → α Polymorphism and Datatypes let fst = fun p -U> letp (p1, p2) = p in p1 Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 7 / 16

Strong and Weak references Weak update: update contents of mutable reference with another of same type ◮ Always type safe Strong update: update contents to value with different type ◮ Can be unsound if aliased Key operations U ◮ swap: ref rq α × α → ref rq α × α − U ◮ sswap: ref s α × β − → ref s β × α U ◮ release: ref rq α − → unit + α U ◮ srelease: ref s α − → α Need U,R,A,L: weak reference to linear data can aliased but not arbitrarily disposed Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 8 / 16

λ cl Syntax e ::= x | λ aq ( x : τ ) . e | e 1 e 2 | Λ α i [ P ] . v | e [ τ i ] | ( e 1 , e 2 ) | inl e | inr e | () | letp ( x 1 , x 2 ) = e in e 2 | match e with inl x 1 → e 1 ; inr x 2 → e 2 | ℓ | new rq e | release rq e | swap rq e 1 with e 2 | dup e 1 as x 1 , x 2 in e 2 | drop e 1 in e 2 rq ::= s (strong) | w (weak) aq ::= U (unlimited) | R (relevant) | A (affine) | L (linear) aq → τ 2 | τ 1 × τ 2 | τ 1 + τ 2 | ref rq τ | ∀ α i [ P ] .τ τ ::= α | τ 1 − P ::= Pred 1 , . . . , Pred n Pred ::= K τ K ::= Dup | Drop Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 9 / 16

λ cl Type System Core P � Constrain aq (Γ , Σ) Lam P ; Γ , x : τ 1 ; Σ ⊢ e : τ 2 P ; Γ; Σ ⊢ λ aq ( x : τ 1 ) . e : τ 1 aq − → τ 2 aq App P ; Γ 1 ; Σ 1 ⊢ e 1 : τ 2 − → τ P ; Γ 2 ; Σ 2 ⊢ e 2 : τ 2 P ; Γ 1 ◦ Γ 2 ; Σ 1 + Σ 2 ⊢ e 1 e 2 : τ Type Class Constraints TAbs P 1 , P 2 ; Γ; Σ ⊢ v : τ Dom ( P 2 ) ⊂ α i P 1 ; Γ; Σ ⊢ Λ α i [ P 2 ] . v : ∀ α i [ P 2 ] .τ TApp P 1 ; Γ; Σ ⊢ e : ∀ α i [ P 2 ] .τ P 1 � P 2 { τ i /α i } P 1 ; Γ; Σ ⊢ e [ τ i ] : τ { τ i /α i } Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 10 / 16

λ cl Type System continued Substructural P ; Γ 1 ; Σ 1 ⊢ e 1 : τ 1 P ; Γ 2 , x 1 : τ 1 , x 2 : τ 1 ; Σ 2 ⊢ e 2 : τ 2 P � Dup τ 1 Dup P ; Γ 1 ◦ Γ 2 ; Σ 1 + Σ 2 ⊢ dup e 1 as x 1 , x 2 in e 2 : τ 2 Drop P ; Γ 1 ; Σ 1 ⊢ e 1 : τ 1 P ; Γ 2 ; Σ 2 ⊢ e 2 : τ 2 P � Drop τ 1 P ; Γ 1 ◦ Γ 2 ; Σ 1 + Σ 2 ⊢ drop e 1 in e 2 : τ 2 Linear Variable environments Γ , Reference counted location environments Σ Γ ::= x 1 : τ 1 , . . . , x n : τ n Σ s ::= ℓ 1 �→ s τ 1 , . . . , ℓ n �→ s τ n Σ w ::= ℓ 1 �→ j 1 w τ 1 , . . . , ℓ n �→ j n w τ n j i > 0 Σ ::= Σ s , Σ w Dom (Σ s ) ∩ Dom (Σ w ) = ∅ Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 11 / 16

Type Class Instances Dup a , Dup b = ⇒ Dup ( a × b ) Drop a , Drop b = ⇒ Drop ( a × b ) Dup a , Dup b = ⇒ Dup ( a + b ) Drop a , Drop b = ⇒ Drop ( a + b ) � � � � U U nil = ⇒ Dup a − → b nil = ⇒ Drop a − → b � � � � R A nil = ⇒ Dup a − → b nil = ⇒ Drop a − → b nil = ⇒ Dup unit nil = ⇒ Drop unit ⇒ Dup ( ref w a ) ⇒ Drop ( ref rq a ) nil = Drop a = Very compact representation of kinding rules, reference qualifier restrictions, etc... Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 12 / 16

Type Soundness Two Key Lemmas to prove Preservation Theorem Constraints Capture Locations: Consider P ; Γ; Σ ⊢ v : τ . If P � Dup τ then P � Dup Σ , Dup Γ . Similarly if P � Drop τ then P � Drop Σ , Drop Γ . Theorem Substitution: If P ; Γ , x : τ x ; Σ 1 ⊢ e : τ and P ; · ; Σ 2 ⊢ v : τ x and Σ 1 ⌣ Σ 2 then P ; Γ; Σ 1 + Σ 2 ⊢ e { v / x } : τ Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 13 / 16

Dup/Drop Insertion Writing dup and drop operations by hand a pain What would we like an automated insertion algorithm to do? ◮ Use memory efficiently ◮ Assume minimum number of Dup/Drop constraints Optimal Algorithm ◮ Bottom up recursive ◮ Annotate to minimize number of assumptions required at each level ◮ Can prove: global memory usage minimized, no extraneous constraints Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 14 / 16

Implementation Overall Design Dup/Drop Type Generalized User Code Insertion Inference Type Scheme Typeclass Constraint Instances Solving Based off of a Haskell Type-checker with a few additions: ◮ A dup/drop insertion pass ◮ Substructural type class instances ◮ Constraints to closure environments in the type inference step Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 15 / 16

Summary Why Clamp is interesting ◮ Simple theory and metatheory built on established tools ◮ Rich enough to encode URAL and strong/weak references easily ◮ Implementation piggybacks off Haskell Other Aspects of Research ◮ Substructural inference algorithm independently interesting ◮ Type Classes are fun Future work ◮ Custom dup/drop ◮ Arrow Polymorphism ◮ Runtime Considerations Edward Gan (Advisors: Greg Morrisett and Jesse Tov) Clamp April 16, 2013 16 / 16