Flowsensitive Types

1
Flow-sensitive Types

• Yichen Xie and Junfeng Yang

2
Background

• Isomorphism between logic and type system
• Logic
• Type system
• Linear logic
• A logic of resources
• Linear assumptions do not allow duplicating and
  discarding, must be used exactly once

Philip Wadler, A taste of linear logic
3
Comparison

• Traditional Logic
• We have both facts B and C
• Linear Logic
• 
  Wrong!A is linear

4
Real Life Example

• Example
• A I have 10 bucks
• B I have a pizza C I have a book
• For ten bucks I can buy a pizza or a book
• A-gtB, A gt B A-gtC, A gt C
• We can choose to have a pizza or a book, but we
  cant have both.

We can not duplicate 10 to get 20!
5
Linear And
Linear And Pronounced tensor, means both A and
B, but we can not duplicate A or B.
6
Linear Type System

• If X Linear Type F(X, X) is not allowed
• Advantages
• F(x, y) free(x) free(y)
• Destructive acess
• Restrictions
• F(x, y) return x y
• Non destructive access

7
What is this paper about?

• What is TAL? What are they trying to accomplish?
• Typed Assembly Language group _at_ Cornell
• Use type system to prove safety of
  low-level/binary code
• Why take all the trouble?
• Issue of trust
• Java with reduced runtime-environment type
  checking is cheap!

8
Alias Types
F. Smith, D. Walker, and G. Morrisett
9
Problem

• Linear type system allows destructive operations.
  But each value can only be used exactly once. Too
  restrictive.
• Type system for low level language must support
  alias.
• Need to add alias support for traditional linear
  type system

10
Observation

• Pointer value can be copied, as long as one
  pointer can see the updates made through other
  pointers

p-gt(int, int) Sp0 true p-gt(bool,
int) R10 is true at this point
11
Real Life Example
Bank Account
ATM
PHONE
Online banking
12
Solution

• Decouple pointer value and the location it points
  to.
• The type for a pointer value is ptr(l), where l
  is the location it points to
• Location constraints may be linear, but pointer
  value can be freely reused.
• A constraint here is similar to a key in
  Vault. It is used to describe the store shape
  p-gt(bool, int)

13
An Example
malloc sp, p1, 2
r1
sp
sp1 1
malloc r1, p2, 1
junk
int
junk
P1
sp2 r1
junk
Ptr(p2)
junk
r11 2
free r1
junk
int
junk
P2
free sp
14
Polymorphism

• Location polymorphism
• Functions can operate on any locations, not only
  a specific location
• deref p -gt t, p can be any location
• Store polymorphism
• Functions do not care about irrelevant store.
• deref e p -gt t, e describes irrelevant
  store shapes
• Similar to key polymorphism in Vault

15
A Typing Rule
Polymorphic function instantiation
4 wf h
4 G v v 8r,4C.(t1,tn)!0
4 G v vh 84C.(t1,tn)!0h/r
h is a free location meta-var. v represents a
function. h/r a-conversion Instantiate r by h
in v we get vh
16
Linear Constraints

• Cant be duplicated

Store Invariant destructive operations on one
location dont affect other locations
p-gt(int, int), q-gt(int, int) Sp0
true p-gt(bool, int), q-gt(int, int) p and q can
not be aliases
17
Linear Constraints(Cont.)

• Weak alias (may point-to)?
• Joint points? (Vault)

Answer No weak alias. No joint points CPS
(Continuation Passing Style)
18
Continuation Semantics

• Consider sequence of commands (c1c2)
• Direct Semantics c2 determines the final result
  of the computation
• c1 c2 c2 ? c1
• Continuation Semantics c1 has the final say!
• c1 c2 (rest of the computation)
• c1 ? c2 (rest of the
  computation)
• Program understood as current computation
  (c1) and the rest (c2)

19
Continuation Semantics

• What does it look like?
• Direct Semantics
• x 1 print x s print x ( x 1
  s)
• print x (sx à 1)
• What if we have abort print x s ? Whats
  abort s?
• Continuation Semantics
• x 1 print x s? x 1 ? (??.
  print x ??)
• (? ?1.? ?1. ?1 ?1x à 1) ? (??. print
  x ??)
• Semantics of Abort is now easy !
• abort (??. ??. FAILURE)

20
CPS Transformation

• CPS Transformation essentially computes
  continuation semantics of a program
• if (a 1) x 3 else x 4
• if (b 2) y 5 else y 6
• ...
• ?
• let x if a 1then 3 else 4
• in let y if b 2 then 5 else 6
• in rest of computation
• ? To be continued...

a 1?
x 4
x 3
b 2?
y 6
y 5
x? y?
21
CPS Transformation

• f1 ? ? if (?(a)1) then ?(3) else ?(4)
• f2 ? ? if (?(b)2) then ?(5) else ?(6)
• f3 ? ? f2 ? (? v. rest (?yÃv) ?)
• f4 ? ? f1 ? (? v. f3 (?xÃv) ?)
• let ... in let ... in rest f4

22
Non-linear Constraints

• Dont allow destructive operations
• Update is allowed, but can only update the value,
  not the type.
• Thus we can convert a linear constraint to a
  non-linear constraint (e.g. param passing).
• Need to convert it back in the continuation (they
  havent implemented this)

23
Non-linear Constraints(Cont.)

• For generality, if a function doesnt do
  destructive
• operations on a location, it should declare the
  constraint
• for this location as a non-linear constraint

Current constraints p-gtltintgt linear Function
foo p1-gtltintgt, p2-gtltintgt free(ptr(p1))
free(ptr(p2)) Function bar p1-gtltintgt,
p2-gtltintgtw deref(ptr(p1)) deref(ptr(p2))

24
Dynamic Test

• Cont() ( p-gt?ltintgt )
• ifnull(r) then halt
• else ( p-gtltintgt )

r ptr (p) If(x) free(p) cont () Else
cont()
Cont() is the continuation
25
Alias types for recursive Data Structures
26
Recursive Data Structure

• Linked list in C
• struct node int element struct node next
• Linked list in ML/?-calculus
• type IntList Nil Node of (int IntList)
• Type for Linked List and Binary Trees
• IntList µ a. ( unit (int a))
• Tree µ a. ( unit (a a))
• folding/unfolding recursive types (roll/unroll)

27
Existential Types

• Existential Types and Type Abstraction
• Consider Type of (string -gt int) Dictionary
• Implementation 1 Association List
• type AssocList (string int) list
• empty AssocList
• add string -gt int -gt AssocList -gt AssocList
  ...
• Implementation 2 Binary Search Tree
• type BinTree Nil
• Node of ((string int) BinTree BinTree)
• empty BinTree Nil
• add string -gt int -gt BinTree -gt BinTree

28
Existential Types (cont)

• Shall we allow this?
• fun check_n_add d name id match d with
• Nil -gt add name id d
• _ -gt d
• NO!!! What if we decide to use implementation 2?
• The Right type for Dictionary
• ? a. empty a, add string-gtint-gt a-gt a, ...
• When type checking, instantiate a with new fresh
  type constant (recall ?-elim rule in logic...)
• Pack/Unpack

29
Alias Types for Recursive Data Structure

• Singly linked list without Alias Types
• list µa. unit (int a)
• tree µa. unit (int a a)

• With Alias Types
• list µa. unit
• ??Loc ?-gta.
• (int ptr(?))
• tree µa. unit
• ??1, ?2 ?1-gta,?2-gta.
• (int ptr(?1) ptr(?2))