Types and Programming Languages. Lecture 6. Normalization, references, and exceptions

Transcription

1 Types and Programming Languages Lecture 6. Normalization, references, and exceptions Xiaojuan Cai BASICS Lab, Shanghai Jiao Tong University Fall, 2016

2 Coming soon One more language features: normalizaion: the evaluation of a well-typed program in pure simply typed λ-calculus is guaranteed to halt in a finite number of steps. Two more extensions: mutable references exceptions and non-local transfer of control

3 Outline Normalization References Formalization Exceptions

4 Normalization The evaluation of a well-typed program in pure simply typed λ-calculus is guaranteed to halt in a finite number of steps. Normalization property does not extend to full-blown programming languages.

5 Normalization The evaluation of a well-typed program in pure simply typed λ-calculus is guaranteed to halt in a finite number of steps. Normalization property does not extend to full-blown programming languages. Theorem [Normalization]: If t : T, then t is normalizable.

6 Normalization The evaluation of a well-typed program in pure simply typed λ-calculus is guaranteed to halt in a finite number of steps. Normalization property does not extend to full-blown programming languages. Theorem [Normalization]: If t : T, then t is normalizable. Quiz. Where do we fail if we attempt to prove normalization by a straightforward induction on the size of a well-typed term?

7 Normalization The evaluation of a well-typed program in pure simply typed λ-calculus is guaranteed to halt in a finite number of steps. Normalization property does not extend to full-blown programming languages. Theorem [Normalization]: If t : T, then t is normalizable. Quiz. Where do we fail if we attempt to prove normalization by a straightforward induction on the size of a well-typed term? We need to strengthen induction hypothesis.

8 Proof by induction on types Definition : For each type T, a set R T of closed terms of type T: R A (t) iff t halts, where A is a base type. R T1 T 2 (t) iff t halts and, whenever R T1 (s), we have R T2 (t s). We will carry out the proof of normalization in two steps: every element of every set R T is normalizable every well-typed term of type T is an element of R T.

9 The proof Lemma : If R T (t), then t halts. Lemma : If t : T and t t, then R T (t) iff R T (t ). Lemma : If x 1 : T 1,..., x n : T n t : T and v 1,..., v n are closed values of types T 1,..., T n with R Ti (v i ) for each i, then R T ([x 1 v 1 ],..., [x n v n ]t). Theorem [Normalization]: If t : T, then t is normalizable.

10 Outline Normalization References Formalization Exceptions

11 Pure and impure features of PLs We have considered a variety of pure language features: functional abstraction, basics types, structured types These features form the backbone of most purely functional languages, e.g. ML, Haskell.

12 Pure and impure features of PLs We have considered a variety of pure language features: functional abstraction, basics types, structured types These features form the backbone of most purely functional languages, e.g. ML, Haskell. However, most PLs include impure features: mutable variables, I/O, files, network connection, non-local jumps, continuation, synchronization and communication.

13 Pure and impure features of PLs We have considered a variety of pure language features: functional abstraction, basics types, structured types These features form the backbone of most purely functional languages, e.g. ML, Haskell. However, most PLs include impure features: mutable variables, I/O, files, network connection, non-local jumps, continuation, synchronization and communication. Impure features are called side effects, or more generally, computatoinal effects.

14 Reference and deference In nearly every PL, we have variable whose value is a reference (or pointer) to a mutable cell.

15 Reference and deference In nearly every PL, we have variable whose value is a reference (or pointer) to a mutable cell. There are two ways for dereference: explicitly, such as ML family implicitly,such as C/C++ and java

16 Reference and deference In nearly every PL, we have variable whose value is a reference (or pointer) to a mutable cell. There are two ways for dereference: explicitly, such as ML family implicitly,such as C/C++ and java In ML family, basic operations o references are allocation: r = ref 5; dereferencing:!r; assignment: r := 7;

17 Basics The result of side effects is unit, which fits nicely with Sequencing. For example (r := succ(!r);!r)

18 Basics The result of side effects is unit, which fits nicely with Sequencing. For example (r := succ(!r);!r) Two references are aliases if they are pointing to the same cell. The result is 82. r = ref 5; s = r; s := 82;!r;

19 Shared state Aliasing can make programs with references quite tricky to reason about. (r:=1; r:=!s) equal to? r:=!s

20 Shared state Aliasing can make programs with references quite tricky to reason about. (r:=1; r:=!s) equal to? r:=!s Aliasing makes references useful: it allows us to set up implicit communication channels - shared state. c = ref 0; incc = λ x:unit. (c := succ (!c);!c); decc = λ x:unit. (c := pred (!c);!c); o = {i = incc, d = decc};

21 Garbage collection A last issue is storage deallocation. Many modern languages (including ML and Java) rely on the run-time system to perform garbage collection.

22 Garbage collection A last issue is storage deallocation. Many modern languages (including ML and Java) rely on the run-time system to perform garbage collection. Garbage collection is NOT a question of taste: it is extremely difficult to achieve type safety in the presence of an explicit deallocation operation.

23 Syntax New terms New values New types t ::= ref t allocation!t dereference t := t assignment v ::= ref v T ::= Ref T

24 Semantics Quiz. Try to evaluate (λx : Ref Nat.x := 5)(ref 3).

25 Semantics Quiz. Try to evaluate (λx : Ref Nat.x := 5)(ref 3). What is a reference?

26 Semantics Quiz. Try to evaluate (λx : Ref Nat.x := 5)(ref 3). What is a reference? It is a pointer to a run-time store: Concretely, run-time store is a big array of bytes, and references are indices.

27 Semantics Quiz. Try to evaluate (λx : Ref Nat.x := 5)(ref 3). What is a reference? It is a pointer to a run-time store: Concretely, run-time store is a big array of bytes, and references are indices. Abstractly, we take references to be elements of some uninterpreted set of store locations, and take the store to be a partial function µ from locations to values.

28 Semantics Quiz. Try to evaluate (λx : Ref Nat.x := 5)(ref 3). What is a reference? It is a pointer to a run-time store: Concretely, run-time store is a big array of bytes, and references are indices. Abstractly, we take references to be elements of some uninterpreted set of store locations, and take the store to be a partial function µ from locations to values. The evaluation form changes from t t to t µ t µ We add a new form of value l denoting the locations.

29 Evaluation rules E-Deref t 1 µ t 1 µ!t 1 µ!t 1 µ E-DerefLoc µ(l) = v!l µ v µ E-Assign1 t 1 µ t 1 µ t 1 :=t 2 µ t 1 :=t 2 µ E-Assign2 t 2 µ t 2 µ v 1 :=t 2 µ v 1 :=t 2 µ E-Assign l:=v2 µ unit [l v 2 ]µ E-Ref t 1 µ t 1 µ ref t 1 µ ref t 1 µ E-RefV l dom(µ) ref v 1 µ l (µ, l v 1

30 Store typing, first attempt How to get the type for a location?

31 Store typing, first attempt How to get the type for a location? Calculate from the run-time store. Γ µ µ(l) : T T-Loc Γ l : Ref T

32 Store typing, first attempt How to get the type for a location? Calculate from the run-time store. Γ µ µ(l) : T T-Loc Γ l : Ref T The type checking will be inefficient: µ = (l 1 λ x:nat. 999, l 2 λ x:nat. (!l 1 ) x, l 3 λ x:nat. (!l 2 ) x, l 4 λ x:nat. (!l 3 ) x, l 5 λ x:nat. (!l 4 ) x)

33 Store typing, first attempt How to get the type for a location? Calculate from the run-time store. Γ µ µ(l) : T T-Loc Γ l : Ref T The type checking will be inefficient: µ = (l 1 λ x:nat. 999, l 2 λ x:nat. (!l 1 ) x, l 3 λ x:nat. (!l 2 ) x, l 4 λ x:nat. (!l 3 ) x, l 5 λ x:nat. (!l 4 ) x) It becomes worse if there are mutual recursion: (l 1 λx:nat. (!l 2 ) x, l 2 λx:nat. (!l 1 ) x),

34 Store typing, second attempt How to get the type for a location?

35 Store typing, second attempt How to get the type for a location? Store the types after generated. T-Loc Σ(l) = T Γ Σ l : Ref T T-Ref Γ Σ t : T Γ Σ ref t : Ref T T-Deref Γ Σ t : Ref T Γ Σ!t : T T-Assign Γ Σ t 1 : Ref T, Γ Σ t 2 : T Γ Σ t 1 :=t 2 : Unit

36 Outline Normalization References Formalization Exceptions

37 Exceptions An exceptional condition causes a direct transfer of control to an exception handler defined at some higher-level in the program.

38 Exceptions An exceptional condition causes a direct transfer of control to an exception handler defined at some higher-level in the program. Coming soon: we investigate exception handling in three settings. an exception is a whole-program abort, trapping and recovering from exceptions extra programmer-specified data being passed between exception sites and handlers

39 Raising exceptions t ::= error E-AppErr1 E-AppErr2 error t2 error v 1 error error T-Err Γ error : T

40 Raising exceptions t ::= error E-AppErr1 E-AppErr2 error t2 error v 1 error error T-Err Γ error : T Why not put error as a value? Why E-AppErr2 waits until the first part to be a value? Why allow error to have any type?

41 Error Why not put error as a value? Answer: to ensure the evaluation relation remains deterministic. (λx : Nat.0)error 0 or (λx : Nat.0)error error Why E-AppErr2 waits until the first part to be a value? Answer: to ensure the evaluation relation remains deterministic. (fix(λx : Nat.x))error diverge or (fix(λx : Nat.x))error error Why allow error to have any type? Answer: we may want to raise an exception in any context.

42 Handling exceptions t ::= error try t with t

43 Handling exceptions t ::= error try t with t E-AppTryv try v1 with t 2 v 1 E-AppTryErr try error with t2 t 2 E-AppTry t 1 t 1 try t 1 with t 2 try t 1 with t 2

44 Handling exceptions t ::= error try t with t E-AppTryv try v1 with t 2 v 1 E-AppTryErr try error with t2 t 2 E-AppTry t 1 t 1 try t 1 with t 2 try t 1 with t 2 Typing rule:

45 Handling exceptions t ::= error try t with t E-AppTryv try v1 with t 2 v 1 E-AppTryErr try error with t2 t 2 E-AppTry t 1 t 1 try t 1 with t 2 try t 1 with t 2 Typing rule:t-try Γ t 1 : T, Γ t 2 : T Γ try t 1 with t 2 : T

46 Exceptions carrying values t ::= raise t try t with t

47 Exceptions carrying values t ::= raise t try t with t E-AppR1 (raise v1 ) t 2 (raise v 1 ) E-AppR2 v1 (raise v 2 ) (raise v 2 ) E-AppTryR try (raise v1 ) with t 2 t 2 v 1 E-R t 1 t 1 raise t 1 raise t 1 E-RR raise (raise v1 ) raise v 1

48 Exceptions carrying values t ::= raise t try t with t E-AppR1 (raise v1 ) t 2 (raise v 1 ) E-AppR2 v1 (raise v 2 ) (raise v 2 ) E-AppTryR try (raise v1 ) with t 2 t 2 v 1 E-R t 1 t 1 raise t 1 raise t 1 E-RR raise (raise v1 ) raise v 1 T-R Γ t 1 : T exn Γ raise t 1 : T T-Try Γ t 1 : T Γ t 2 : T exn T Γ try t 1 with t 2 : T

49 About T exn Some other alternatives: T exn = Nat;

50 About T exn Some other alternatives: T exn = Nat; T exn = String;

51 About T exn Some other alternatives: T exn = Nat; T exn = String; T exn is a variant type: T exn = < dividebyzero : Unit overflow : Unit filenotfound : String filenotreadable : String... >

52 About T exn Some other alternatives: T exn = Nat; T exn = String; T exn is a variant type: T exn = < dividebyzero : Unit overflow : Unit filenotfound : String filenotreadable : String... > T exn is an extensible variant type: raise l(t) try t with l(t) h def = raise (< l = t > as T exn ) def = try t with λe : T exn.case e of < l = x > h raise e

53 Conclusion Normalization is an important property for simply typed λ-calculus. Mutations are not encouraged in functional programming. However, almost every PL has mutations. We need to formalize the storage (Σ, µ) when considering reference type and values. Exception is one of non-local jumps. We can use the same strategy for other non-local jumps, such as call with current continuation (call/cc in Scheme).

54 Homework , , , , ,