substructural typestates
play

Substructural Typestates Filipe Milito (CMU & UNL) Jonathan - PowerPoint PPT Presentation

Aug 26, 2023 •205 likes •1.19k views

Programming Languages meets Program Verification 2014 Substructural Typestates Filipe Milito (CMU & UNL) Jonathan Aldrich (CMU) Lus Caires (UNL) Motivation File file = new File( out.txt ); file

  1. Programming Languages meets Program Verification 2014 Substructural Typestates Filipe Militão (CMU & UNL) Jonathan Aldrich (CMU) Luís Caires (UNL)

  2. Motivation � File file = new File( “out.txt” ); � file .write( “stuff” ); � file .close(); � file .write( “more stuff” ); Note: consider a simplified File object, similar to Java’s FileOutputStream . 2

  3. Motivation � File file = new File( “out.txt” ); � file .write( “stuff” ); � file .close(); � file .write( “more stuff” ); FAILS with runtime exception (“invalid file descriptor”) 3

  4. Motivation class File { FileDescriptor fd ; File( string filename ){ fd = OS.createFile( filename ); } void write( string s ){ if ( fd == null ) throw Exception( “invalid file descriptor” ); fd .write( s ); } void close(){ fd = null ; } } 4

  5. Motivation class File { FileDescriptor fd ; File( string filename ){ fd = OS.createFile( filename ); } File void write( string s ){ File if ( fd == null ) throw Exception( “invalid file descriptor” ); fd .write( s ); File } The File type abstraction does not precisely File void close(){ express the changing properties of fd = null ; File ’s internal state ( fd ). File } } 4

  6. Motivation class File { FileDescriptor fd ; File( string filename ){ fd = OS.createFile( filename ); } Open void write( string s ){ Open if ( fd == null ) throw Exception( “invalid file descriptor” ); fd .write( s ); Open } Superfluous if statically ensured to Open void close(){ only be used when File is open. fd = null ; Closed } } 5

  7. Motivation class File { FileDescriptor fd ; File( string filename ){ fd = OS.createFile( filename ); } Open void write( string s ){ Open if ( fd == null ) throw Exception( “invalid file descriptor” ); fd .write( s ); Open } Superfluous if statically ensured to Open void close(){ only be used when File is open. fd = null ; Closed } } Open and Close are typestates . 5

  8. Contributions 1. Reconstruct typestate features from standard type-theoretic programming language primitives. We focus on the following set of typestate features: a) state abstraction, hiding an object representation while expressing the type of the state; b) state “dimensions”, enabling multiple orthogonal typestates over the same object; c) “dynamic state tests”, allowing a case analysis over the abstract state. 2. We show how to idiomatically support both state-based ( typestate ) and transition-based ( behavioral types ) specifications of abstract state evolution. 6

  9. Language • Polymorphic λ -calculus with mutable references (and immutable records, tagged sums, ...). • Technically, we use a variant of L 3 adapted for usability (by simplifying the handling of capabilities, adding support for sum types, universal/existential type quantification, alternatives, labeled records, ...). Ahmed, Fluet, and Morrisett. L 3 : A linear language with locations . Fundam. Inform. 2007. 7

  10. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. 8

  11. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. ref A 8

  12. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. type of contents of cell ref A 8

  13. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. type of contents of cell becomes ref A ref p rw p A 8

  14. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. type of contents of cell becomes ref A ref p rw p A location p links ref to r ead+ w rite capability that tracks the contents of that cell 8

  15. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. type of contents of cell p type of contents of cell (linear - cannot be duplicated) becomes ref A ref p rw p A location p links ref to r ead+ w rite capability that tracks the contents of that cell 8

  16. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. type of contents of cell p can be freely copied (pure) type of contents of cell (linear - cannot be duplicated) becomes ref A ref p rw p A location p links ref to r ead+ w rite capability that tracks the contents of that cell 8

  17. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. 9

  18. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. y : ref p x : ref p z : ref q 9

  19. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. rw q B y : ref p x : ref p z : ref q rw p A 9

  20. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. rw q B y : ref p x : ref p z : ref q rw p A ! x (“de-reference x”) 9

  21. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. rw q B y : ref p x : ref p z : ref q rw p A ! x (“de-reference x”) 9

  22. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. rw q B y : ref p x : ref p z : ref q rw p A ! x (“de-reference x”) 9

  23. Language • Mutable state handled as a linear resource: - split in pure references and linear capabilities. - use location-dependent types to link both. rw q B y : ref p x : ref p z : ref q rw p A A ! x (“de-reference x”) 9

  24. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: 10

  25. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: Lexical Typing Environment 10

  26. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: Lexical Typing Environment Initial Linear Typing Environment 10

  27. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: Lexical Typing Environment Type of Expression Initial Linear Typing Environment 10

  28. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: Resulting Effects Lexical Typing Environment Type of Expression Initial Linear Typing Environment 10

  29. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: resources are either consumed 11

  30. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: resources are either consumed 11

  31. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: or, threaded through 12

  32. Language • Capabilities are (linear) typing artifacts (not values) that are threaded and stacked implicitly. • For that, we use a Type -and- Effect system. • Typing judgement format: or, threaded through 12

  33. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  34. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  35. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  36. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  37. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  38. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  39. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  40. Language • Capabilities can be stacked and unstacked on top of some type, allowing them to accompany that type. 13

  41. Types 14

  42. Syntax 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Collection Frames for Substructural Logics Greg Restall lancog workshop on substructural logic

Collection Frames for Substructural Logics Greg Restall lancog workshop on substructural logic

Collection Frames for Substructural Logics Greg Restall lancog workshop on substructural logic lisbon 26 september 2019 Joint work with Shawn Standefer Our Aims To better understand , to simplify and to generalise the ternary relational

1.39k views • 120 slides
. While several substructural type systems have been proposed and implemented, these either

. While several substructural type systems have been proposed and implemented, these either

. . Substructural logics provide a framework for designing resource-aware type systems. . While several substructural type systems have been proposed and implemented, these either have been developed for a special purpose or have been too

991 views • 74 slides
Fuzzy logics among substructural logics Libor B ehounek and Petr H ajek Institute of

Fuzzy logics among substructural logics Libor B ehounek and Petr H ajek Institute of

2nd School on Universal Logic Xian 2007 Fuzzy logics among substructural logics Libor B ehounek and Petr H ajek Institute of Computer Science Academy of Sciences of the Czech Republic Contents Substructural logics and residuated

1.42k views • 108 slides
: Programming with Typestates and Permissions Jonathan Aldrich 15-214 December 2013 School of

: Programming with Typestates and Permissions Jonathan Aldrich 15-214 December 2013 School of

: Programming with Typestates and Permissions Jonathan Aldrich 15-214 December 2013 School of Computer Science APIs Define Protocols APIs often define object protocols Protocols restrict possible orderings of method calls

417 views • 24 slides
Substructural Epistemic Logics Igor Sedlr Comenius University in Bratislava, Slovakia

Substructural Epistemic Logics Igor Sedlr Comenius University in Bratislava, Slovakia

Substructural Epistemic Logics Igor Sedlr Comenius University in Bratislava, Slovakia Workshop on Resource-Bounded Agents, ESSLLI 2015, Barcelona, 13. 8. 2015 Main Points A substructural epistemic logic of belief supported by

830 views • 37 slides
Substructural Logics - Part 1 Hiroakira Ono Japan Advanced Institute of Science and Technology

Substructural Logics - Part 1 Hiroakira Ono Japan Advanced Institute of Science and Technology

Nonclassical Logics Sequent system LJ Roles of structural rules Substructural Logics Substructural Logics - Part 1 Hiroakira Ono Japan Advanced Institute of Science and Technology Tbilisi Summer School (September 22-23, 2011) Hiroakira Ono

1.47k views • 120 slides
Collection Frames for Substructural Logics Greg Restall melbourne logic seminar / 15 march 2019

Collection Frames for Substructural Logics Greg Restall melbourne logic seminar / 15 march 2019

Collection Frames for Substructural Logics Greg Restall melbourne logic seminar / 15 march 2019 J oint work with Shawn Standefer Our Aims T o better understand , to simplify and to generalise the ternary relational semantics for substructural

1.35k views • 120 slides
Group Representation and Hahn - type Embedding for a class of Involutive Residuated Chains with

Group Representation and Hahn - type Embedding for a class of Involutive Residuated Chains with

Group Representation and Hahn - type Embedding for a class of Involutive Residuated Chains with an Application in Substructural Fuzzy Logic Sndor Jenei University of Pcs, Hung ary Substructural Logics Substructural logics encompass among

516 views • 30 slides
Compiler Generation for Substructural Operational Semantics Anand Subramanian

Compiler Generation for Substructural Operational Semantics Anand Subramanian

Compiler Generation for Substructural Operational Semantics Masters Thesis Presentation Compiler Generation for Substructural Operational Semantics Anand Subramanian <asubrama@andrew.cmu.edu> 2012-12-18 Thesis Committee: Frank

1.36k views • 97 slides
Open Reading for Free Choice Permission A Perspective from Substructural Logics Colloquium

Open Reading for Free Choice Permission A Perspective from Substructural Logics Colloquium

Huimin Dong Norbert Gratzl Open Reading for Free Choice Permission A Perspective from Substructural Logics Colloquium Logicum 2016, Universitt Hamburg September 12th 2016, Hamburg Outlines Motivations Open Reading Substructural Logics An

399 views • 38 slides
A Fibrational Framework for Substructural and Modal Logics Dan Licata Michael Shulman Wesleyan

A Fibrational Framework for Substructural and Modal Logics Dan Licata Michael Shulman Wesleyan

A Fibrational Framework for Substructural and Modal Logics Dan Licata Michael Shulman Wesleyan University University of San Diego Mitchell Riley Wesleyan University 1 Substructural Logic B Weakening ,x:A B ,y:B,x:A B

1.17k views • 98 slides
Substructural Fuzzy Logics George Metcalfe Department of Mathematics, Vanderbilt University July

Substructural Fuzzy Logics George Metcalfe Department of Mathematics, Vanderbilt University July

Substructural Fuzzy Logics George Metcalfe Department of Mathematics, Vanderbilt University July 2007 Fuzzy Logics / Substructural Logics Roughly speaking. . . Fuzzy logics have truth values in [0 , 1] and con- nectives interpreted by

399 views • 21 slides
Multiplicative quantifiers in fuzzy and substructural logics Libor B ehounek Joint work with

Multiplicative quantifiers in fuzzy and substructural logics Libor B ehounek Joint work with

Logic Colloquium Wroclaw 2007 Multiplicative quantifiers in fuzzy and substructural logics Libor B ehounek Joint work with Petr Cintula and Rostislav Hor c k Institute of Computer Science Academy of Sciences of the Czech Republic

330 views • 15 slides
SYSMICS Methods, Interactions, and Connections in Substructural logics. Contents Quick

SYSMICS Methods, Interactions, and Connections in Substructural logics. Contents Quick

Luca Spada (University of Salerno) SYntax meets Semantics: SYSMICS Methods, Interactions, and Connections in Substructural logics. Contents Quick facts. Scientific description. Financial description. Implementation.

483 views • 30 slides
Higher-Order Categorical Substructural Logics Yoshihiro Maruyama Oxford University and Kyoto

Higher-Order Categorical Substructural Logics Yoshihiro Maruyama Oxford University and Kyoto

Full Lambek Hyperdoctrine Full Lambek Tripos Higher-Order Categorical Substructural Logics Yoshihiro Maruyama Oxford University and Kyoto University CT 2015, Aveiro, 18 June Yoshihiro Maruyama Higher-Order Categorical Substructural Logics CT

611 views • 27 slides
Developments on higher levels of the substructural hierarchy Nick Galatos University of Denver

Developments on higher levels of the substructural hierarchy Nick Galatos University of Denver

Developments on higher levels of the substructural hierarchy Nick Galatos University of Denver ngalatos@du.edu August, 2013 Nick Galatos, BLAST, August 2013 Developments on higher levels of the substructural hierarchy 1 / 20 Residuated

908 views • 69 slides
Specification and Analysis of Contracts Lecture 7 Specification of Deontic Contracts Using

Specification and Analysis of Contracts Lecture 7 Specification of Deontic Contracts Using

Specification and Analysis of Contracts Lecture 7 Specification of Deontic Contracts Using CL Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov. 7,

873 views • 54 slides
Learning Learning Re Regular gular Languages Languages over er Lar Large ge Alphabets

Learning Learning Re Regular gular Languages Languages over er Lar Large ge Alphabets

Irini-Eleftheria Irini-Eleftheria Mens Mens V ERIMAG , University of Grenoble-Alpes Learning Learning Re Regular gular Languages Languages over er Lar Large ge Alphabets Alphabets 10 October 2017 Jury Members Oded Maler Directeur de

896 views • 68 slides
Quiz I What is the coordinate representation of [1 , 2 , 3] in terms of the vectors [1 , 0 , 0] ,

Quiz I What is the coordinate representation of [1 , 2 , 3] in terms of the vectors [1 , 0 , 0] ,

Quiz I What is the coordinate representation of [1 , 2 , 3] in terms of the vectors [1 , 0 , 0] , [1 , 1 , 0] , [1 , 1 , 1]? I Let v 1 , v 2 , v 3 , v 4 , v 5 be vectors. Let v be a vector in Span { v 1 , v 2 , v 3 , v 4 , v 5 } . Suppose you are

497 views • 22 slides
Globally Coherent Text Generation with Neural Checklist Models Chloe Kiddon, Luke

Globally Coherent Text Generation with Neural Checklist Models Chloe Kiddon, Luke

Globally Coherent Text Generation with Neural Checklist Models Chloe Kiddon, Luke Zettlemoyer, Yejin Choi Computer Science & Engineering University of Washington Presenter: Webber Lee March 29, 2018 Outline

519 views • 23 slides
The Coq Proof Script Visualiser (coq-psv) Coq Workshop 2020, Virtual Mario Frank

The Coq Proof Script Visualiser (coq-psv) Coq Workshop 2020, Virtual Mario Frank

The Coq Proof Script Visualiser (coq-psv) Coq Workshop 2020, Virtual Mario Frank mario.frank@uni-potsdam.de Potsdam University Institute for Computer Science July 5, 2020 Inhaltsverzeichnis Motivation and Aims 1 Realisation 2

465 views • 32 slides
[5] The Basis Ren e Descartes Born 1596. After studying law in college,.... I entirely

[5] The Basis Ren e Descartes Born 1596. After studying law in college,.... I entirely

The Basis [5] The Basis Ren e Descartes Born 1596. After studying law in college,.... I entirely abandoned the study of letters. Resolving to seek no knowledge other than that of which could be found in myself or else in the great book of

1.11k views • 92 slides
BRAHMS The Classical Protagonist An informance by The Saint Michael Trio and friends I find

BRAHMS The Classical Protagonist An informance by The Saint Michael Trio and friends I find

Grappling with BRAHMS The Classical Protagonist An informance by The Saint Michael Trio and friends I find Brahms music is turgid and graceless . Igor Stravinsky I play through Brahms music every few years to remind myself how bad it

595 views • 35 slides
The Simpson-Bowles Social Security Framework: A Bipartisan Compromise Worthy of Support Charles

The Simpson-Bowles Social Security Framework: A Bipartisan Compromise Worthy of Support Charles

The Simpson-Bowles Social Security Framework: A Bipartisan Compromise Worthy of Support Charles Blahous Presentation to NASI Conference National Press Club January 27, 2010 Point #1: Simpson-Bowles strikes a reasonable compromise between

336 views • 11 slides

More recommend