Project-Gallium:Semantics and type systems for imperative programs

Inria / Raweb 2009
Presentation of the Project Gallium

Section: New Results

Semantics and type systems for imperative programs

Semantic analysis of hidden state in imperative programs

Participants : François Pottier, Lars Birkedal [ IT Univ. of Copenhagen ] , Jan Schwinghammer [ Saarland Univ. ] , Hongseok Yang [ Queen Mary Univ. of London ] , Bernhard Reus [ Univ. of Sussex ] .

In collaboration with Lars Birkedal, Jan Schwinghammer, Hongseok Yang, and Bernhard Reus, François Pottier studied a semantic model of a separation logic equipped with higher-order frame and anti-frame rules. The purpose of these rules is to enable local reasoning on functions and higher-order functions that maintain and operate upon hidden state : mutable data structures that persist between function invocations and are used only internally by the function, but not directly exposed to the caller.

The anti-frame rule was introduced by Pottier in earlier work [6] . At the time, a syntactic proof of its soundness was only sketched. This new work uses a very different proof technique, namely the construction of a semantic model, in order to establish the soundness of the rule. A paper describing this result was accepted for presentation at the FoSSaCS 2010 conference [23] .

Semantic analysis of general references

Participant : François Pottier.

The construction of a semantic model for a typed programming language implicitly contains a translation of this language into a mathematical meta-language. In some cases, it is possible to make this translation explicit and to view it as a type-preserving translation of the programming language into a well-defined, typed core calculus.

Inspired by this idea, which arose from his collaborative work with Schwinghammer et al. , François Pottier developed a type-preserving translation of System F , equipped with general references, into a typed core calculus, baptised Fork , which can be defined as an extension of System $Im1 $F_\#969 $$ with certain recursive kinds. The translation is a type-preserving, store-passing translation. It is analogous to the classic monadic translation, but is significantly more complex, because it deals with dynamic memory allocation and higher-order store. It is in fact the first type-preserving store-passing translation that deals with these features. A prototype Fork type-checker was developed and used to check the validity of the translation.

A type sytem for monotonicity

Participants : Alexandre Pilkiewicz, François Pottier.

Alexandre Pilkiewicz and François Pottier studied the notion of monotonicity in type systems.

Last year, Charguéraud and Pottier designed a type system, based on capabilities, allowing a powerful management of mutable locations in imperative programs [1] . The type of such locations can be freely modified at the cost of a fine-grained control of aliasing, thus prohibiting a function from having a private hidden state. Then, Pottier presented a extension of this type system—the anti-frame rule—allowing hidden state [6] . Mutable state can be seen as freely aliased at the cost of an immutable type.

This year, Alexandre Pilkiewicz and François Pottier explored a middle ground that allows to modify the type of an aliased location, provided this is done in a monotonic way. The new value can only have a type that is more precise that the one of the old value, so that any assumption made by other clients of the mutable location remains correct.

To achieve this, they developed a notion of fates that can be viewed as ghost logical references whose contents can only evolve monotonically according to a user-defined law. A fate can be associated with a run-time variable, forcing its content to follow the same law. It is then possible to state logical properties about the future evolutions of this run time variable through predictions over its fate. A paper describing this approach was submitted [32] .

Logo Inria