Type Systems for Region-based Memory Management
Matthew Fluet
Greg Morrisett & Amal Ahmed
Harvard University
2
Memory Management
Dynamic allocation pervasive in computation
3
Memory Management
Dynamic allocation pervasive in computation Range of methods for managing memory
4
Memory Management
Dynamic allocation pervasive in computation Range of methods for managing memory
– malloc/free efficient, but tedious and error prone
5
Memory Management
Dynamic allocation pervasive in computation Range of methods for managing memory
– malloc/free efficient, but tedious and error prone
– garbage collection transparent and safe, but (can be) inefficient
6
Memory Management
Dynamic allocation pervasive in computation Range of methods for managing memory
– malloc/free efficient, but tedious and error prone
– regions
– garbage collection transparent and safe, but (can be) inefficient
7
Region-based Memory Management
Operationally– Memory is divided regions (denoted by r, , …)– Objects are individually allocated in a region– All objects in a region are deallocated together
8
Region-based Memory Management
Runtime Organization– Regions are linked lists of pages– Arbitrary intra- and inter-region references– Similar to arena-style allocators
r1
r2
r3
Region handles
9
Application: Cyclone
Cyclone Safe-C Project– type-safety– with the “virtues” of C
low-level interface with manifest cost model
10
Application: Cyclone
Cyclone Safe-C Project– type-safety– with the “virtues” of C
low-level interface with manifest cost model
– range of memory management options regions are an organizing principle
11
Application: Cyclone
MediaNET– TCP benchmark (packet forwarding)– Cyclone v.0.1
High water mark: 840 KB 130 collections Basic throughput: 50 MB/s
– Cyclone v.0.5 High water mark: 8 KB 0 collections Basic throughput: 74MB/s
12
Cyclone: Regions
Region varietyAllocation
(objects)
DeallocationAliasing
(objects)(what) (when)
Stack static
whole region
exit of lexical scope
unrestricted
Lexical
dynamic
Dynamic manual
Heap (`H)
single objects
automatic(BDW GC)
Unique (`U)manual restricted
Ref-counted (`RC)
13
Cyclone: Regions
Region varietyAllocation
(objects)
DeallocationAliasing
(objects)(what) (when)
Stack static
whole region
exit of lexical scope
unrestricted
Lexical
dynamic
Dynamic manual
Heap (`H)
single objects
automatic (BDW GC)
Unique (`U)manual restricted
Ref-counted (`RC)
Meta-theory of Cyclone is a nightmare!!
14
Cyclone: Regions
Region varietyAllocation
(objects)
DeallocationAliasing
(objects)(what) (when)
Stack static
whole region
exit of lexical scope
unrestricted
Lexical
dynamic
Dynamic manual
Heap (`H)
single objects
automatic (BDW GC)
Unique (`U)manual restricted
Ref-counted (`RC)
Ultimate Goal: simple model where we can easily encode the key features of Cyclone in a target
language with simpler meta-theory
15
Cyclone: Regions
Region varietyAllocation
(objects)
DeallocationAliasing
(objects)(what) (when)
Stack static
whole region
exit of lexical scope
unrestricted
Lexical
dynamic
Dynamic manual
Heap (`H)
single objects
automatic (BDW GC)
Unique (`U)manual restricted
Ref-counted (`RC)
Today’s Goal: Three type systems for region-based languages,
culminating with a fairly good approximation of Cyclone’s features
16
Outline
Introduction Type-and-Effect System (Tofte-Talpin) Monadic Type System (FRGN)
– Translation Sketch
Substructural Type System (rgnURAL)– Translation Sketch
Conclusion
17
Type Systems for Regions
Memory is divided into regions– type of handle for region r
hnd r
18
Type Systems for Regions
Memory is divided into regions– type of handle for region r
hnd r
Objects are individually allocated in a region– operations: new, read, write– type of object of type allocated in region r
ref r
19
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct:
letregion ,h in e All objects in region are deallocated
together at the end of ’s scope
20
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct:
letregion ,h in e All objects in region are deallocated
together at the end of ’s scope
Regions have LIFO lifetimes Live regions can be organized as a stack
21
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
22
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
1
letregion 1,h1 in
let a = new h1 1 in
let c = letregion 2,h2 in
let b = new h2 7 in
new h1 (read a + read b) in
… c …
23
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
1 a : 1
letregion 1,h1 in
let a = new h1 1 in
let c = letregion 2,h2 in
let b = new h2 7 in
new h1 (read a + read b) in
… c … input allocated in first region
24
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
1 a : 1
2
letregion 1,h1 in
let a = new h1 1 in
let c = letregion 2,h2 in
let b = new h2 7 in
new h1 (read a + read b) in
… c … input allocated in first region
25
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
1 a : 1
2 b : 7letregion 1,h1 in
let a = new h1 1 in
let c = letregion 2,h2 in
let b = new h2 7 in
new h1 (read a + read b) in
… c …
temporary allocated in second region
inputallocated in first region
26
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
1
2
a : 1
c : 8
b : 7letregion 1,h1 in
let a = new h1 1 in
let c = letregion 2,h2 in
let b = new h2 7 in
new h1 (read a + read b) in
… c …
temporary allocated in second region
input and outputallocated in first region
27
Tofte-Talpin Region Calculus [’94]
Regions are created and destroyedwith a lexically scoped construct
1 a : 1
c : 8
temporary allocated in second region
input and outputallocated in first region
letregion 1,h1 in
let a = new h1 1 in
let c = letregion 2,h2 in
let b = new h2 7 in
new h1 (read a + read b) in
… c …
28
Type-and-Effect System
Track the set of regions accessed by a computation:
` e : ,
Function types include a latent effect:
1 ! 2
The role of is to tell us when it is not safe to deallocate a region
29
Type-and-Effect System
Typing rule for letregion is subtle:
,h:hnd ` e : , ∉ frv(,) ` letregion ,h in e : , \ {}
30
Type-and-Effect System
Typing rule for letregion is subtle:
,h:hnd ` e : , ∉ frv(,) ` letregion ,h in e : , \ {}
Typing rule for effect weakening:
` e : , µ ’
` e : , ’
31
Type-and-Effect System
Effects are pervasive in typing rules:
` e1 : int, 1 ` e2 : int, 2
` e1 + e2 : int, 1 [ 2
` eh : hnd , h ` e : ,
` new eh e : ref , h [ [ {}
32
Type-and-Effect System
Type-and-effects system ensures safety
33
Type-and-Effect System
Type-and-effects system ensures safety But adds complications:
– Typing rule for letregion is subtle(due to the interplay of dangling pointers and effects)
– Effect weakening and region subtyping– Effects correspond to sets of regions
(term equality no longer suffices for type checking)
34
Monadic Type Systems
Monadic encapsulation of effects [L-PJ 94]– Embed imperative features in pure languages
35
Monadic Type Systems
Monadic encapsulation of effects [L-PJ 94]– Embed imperative features in pure languages
Types
ST s STRef s Operations
returnST :: 8s,. ! ST s thenST :: 8s,, ST s ! ( ! ST s !ST s newSTRef :: 8s,. ! ST s (STRef s )
readSTRef :: 8s,. STRef s ! ST s writeSTRef :: 8s,. STRef s ! ! ST s 1
36
Monadic Type Systems
Monadic encapsulation of effects [L-PJ 94]– Embed imperative features in pure languages
runST :: 8. (8s. ST s ) !
Polymorphism over store index type ensures that the computation (and the result) are independent of the initial (and final) store
37
Monadic Type Systems
Monadic encapsulation of effects [L-PJ 94]– Embed imperative features in pure languages– Polymorphic type system ensures safety
Well understood meta-theory Simplicity of System F type system
38
FRGN = System F + RGN monad
System F
Monadic sub-language
39
RGN monad: Types
Monadic types
40
RGN monad: Types
Monadic types
RGN –
computations in stack of regions returning values of type ;a “stack” transformer
41
RGN monad: Types
Monadic types
Hnd –
handles for the region
at the top of the stack of regions
42
RGN monad: Types
Monadic types
Ref –
values of type allocated in region
at the top of the stack of regions
43
RGN monad: Operations
Monadic unit and bind
returnRGN ::
8,. ! RGN
thenRGN ::
8,,. RGN ! ( ! RGN ) ! RGN
44
RGN monad: Operations
Monadic unit and bind
returnRGN ::
8,. ! RGN
thenRGN ::
8,,. RGN ! ( ! RGN ) ! RGN
45
RGN monad: Operations
Monadic unit and bind
returnRGN ::
8,. ! RGN
thenRGN ::
8,,. RGN ! ( ! RGN ) ! RGN
46
RGN monad: Operations
Create and read region allocated values
new ::
8,. Hnd ! ! RGN (Ref )
read ::
8,. Ref ! RGN
47
RGN monad: Operations
Create and read region allocated values
new ::
8,. Hnd ! ! RGN (Ref )
read ::
8,. Ref ! RGN
48
RGN monad: Encapsulation
Encapsulate and run a monadic computation
runRGN ::
8. (8. RGN ) !
49
RGN monad: Encapsulation
Encapsulate and run a monadic computation
runRGN ::
8. (8. RGN ) !
50
RGN monad: Encapsulation
Encapsulate and run a monadic computation
runRGN ::
8. (8. RGN ) !
“for all stacks” ) no assumptions about
stack of regions
51
RGN monad: Encapsulation
Encapsulate and run a monadic computation
runRGN ::
8. (8. RGN ) !
“for all stacks” ) no assumptions about
stack of regions
52
RGN monad: Encapsulation
Encapsulate and run a monadic computation
runRGN ::
8. (8. RGN ) !
result is independent of stack ) 62 frv() )
region values don’t escape
“for all stacks” ) no assumptions about
stack of regions
53
RGN monad: Regions
Regions are created and destroyedwith a lexically scoped construct
letRGN ::
81,. (82. Hnd 2 ! RGN 2 ) ! RGN 1
54
RGN monad: Regions
Regions are created and destroyedwith a lexically scoped construct
letRGN ::
81,. (82. Hnd 2 ! RGN 2 ) ! RGN 1
result is independent of stack ) 2 62 frv(RGN 1 ) )
region values don’t escape
“for all stacks” ) no assumptions about
stack of regions
55
RGN monad: Regions
Regions are created and destroyedwith a lexically scoped construct
letRGN ::
81,. (82. Hnd 2 ! RGN 2 ) ! RGN 1
result is independent of stack ) 2 62 frv(RGN 1 ) )
region values don’t escape
“for all stacks” ) no assumptions about
stack of regions
But, want to assume that 1 · 2 (1:: == 2)
56
RGN monad: Witnesses
Witness type
Pf(1 · 2) –
proof that the stack of regions 1
is a substack of the stack of regions 2
57
RGN monad: Witnesses
Witness operations
coerceRGN ::
81,2,. Pf(1 · 2) ! RGN 1 ! RGN 2
transSub ::
81,2,3. Pf(1 · 2) ! Pf(2 · 3)
! Pf(1 · 3)
58
RGN monad: Regions
Regions are created and destroyedwith a lexically scoped construct
letRGN ::
81,. (82. Pf(1 · 2) ! Hnd 2 ! RGN 2 )! RGN 1
59
RGN monad: Regions
Regions are created and destroyedwith a lexically scoped construct
letRGN ::
81,. (82. Pf(1 · 2) ! Hnd 2 ! RGN 2 )! RGN 1
60
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
61
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
62
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
63
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
64
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
65
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
?
66
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
67
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
« (ref 1 int) ! (ref 3 int) ¬ )
8. (Pf(1 · ) £ Pf(2 · ) £ Pf(3 · )) !
Ref 1 int ! RGN (Ref 3 int)
{1,2,3}
68
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
«letregion ,h in e¬ )
69
Translation: TTRC to FRGN
Type- and meaning-preserving translation from Tofte-Talpin Region Calculus to FRGN
«letregion ,h in e¬ )
letRGN (.w.h. «e¬)
70
Limitations of LIFO Regions
Lexical scope is ill-suited for– iterative computations
Conway’s Game of Life; copying GC
– CPS-based computations– event-based computations
71
Limitations of LIFO Regions
Lexical scope is ill-suited for– iterative computations
Conway’s Game of Life; copying GC
– CPS-based computations– event-based computations
But, lexical scope was ensuring thatthe stack of regions was threaded linearly
72
Substructural Type Systems
Provide core mechanisms to restrict the number and order of uses of data and operations– generalization of linear type systems
73
Structural Properties
Conventional type systems satisfy
– Exchange use typing assumptions in any order
– Contraction use typing assumptions more than once
– Weakening use typing assumptions less than once
74
Structural Properties
Conventional type systems satisfy
– Exchange use typing assumptions in any order
– Contraction – Copy use typing assumptions more than once
– Weakening – Drop use typing assumptions less than once
75
Structural Properties
Substructural type systems fail to satisfy
– Exchange use typing assumptions in any order
– Contraction – Copy use typing assumptions more than once
– Weakening – Drop use typing assumptions less than once
76
Structural Properties
Substructural type systems fail to satisfy
– Exchange use typing assumptions in any order
– Contraction – Copy use typing assumptions more than once
– Weakening – Drop use typing assumptions less than once
77
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
78
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Unique objects – may be “used”at most once
Shared objects –may be “used” more than once
79
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Unique objects – may be “used”at most once
Shared objects –may be “used” more than once
80
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Unique objects – may be “used”at most once
Shared objects –may be “used” more than once
81
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Unique objects – may be “used”at most once
Shared objects –may be “used” more than once
82
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Essential objects – must be “used”at least once
Inessential objects –may be “used” less than once
83
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Essential objects – must be “used”at least once
Inessential objects –may be “used” less than once
84
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Essential objects – must be “used”at least once
Inessential objects –may be “used” less than once
85
Substructural Qualifiers
AffineDrop
RelevantCopy
UnrestrictedDrop Copy
Linear
Essential objects – must be “used”at least once
Inessential objects –may be “used” less than once
86
Substructural Type System: URAL
Qualifiers
q ::= U j R j A j L
PreTypes
::= 1 j 1 2 j 1 ( 2 j 8. j 9.
Types
::= q
87
Substructural Type System: URAL
Qualifiers
q ::= U j R j A j L
PreTypes
::= 1 j 1 2 j 1 ( 2 j 8. j 9.
Types
::= q
How maythe value be used?
88
Substructural Type System: URAL
Qualifiers
q ::= U j R j A j L
PreTypes
::= 1 j 1 2 j 1 ( 2 j 8. j 9.
Types
::= q
How maythe value be used?
How often maythe value be used?
89
rgnURAL = URAL + Regions
PreTypes
::= … j cap j hnd j ref j 8. j 9.
“capability” for region
90
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( L(9.L(Lcap Uhnd ))
freergn ::U8.U(L(Lcap Uhnd ) ( U1)
91
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( L(9.L(Lcap Uhnd ))
freergn ::U8.U(L(Lcap Uhnd ) ( U1)
92
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( L(9.L(Lcap Uhnd ))
freergn ::U8.U(L(Lcap Uhnd ) ( U1)
93
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( L(9.L(Lcap Uhnd ))
freergn ::U8.U(L(Lcap Uhnd ) ( U1)
94
rgnURAL: Region Primitives
new ::U8,.U(L(Lcap Uhnd U) (
L(Lcap Uref U)
read ::U8,.U(L(Lcap Uref U) (
L(Lcap U)
95
rgnURAL: Region Primitives
new ::U8,.U(L(Lcap Uhnd U) (
L(Lcap Uref U)
read ::U8,.U(L(Lcap Uref U) (
L(Lcap U)
96
rgnURAL: Region Primitives
new ::U8,.U(L(Lcap Uhnd U) (
L(Lcap Uref U)
read ::U8,.U(L(Lcap Uref U) (
L(Lcap U)
97
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( L(9.L(Lcap Uhnd ))
freergn ::U8.U(L(Lcap Uhnd ) ( U1)
98
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( q(9.q(qcap Uhnd ))
freergn ::U8.U(q(qcap Uhnd ) ( U1)
99
rgnURAL: Region Primitives
Regions are created and destroyedwith separate operations
newrgn ::U(U1 ( q(9.q(qcap Uhnd ))
freergn :: A ¹qU8.U(q(qcap Uhnd ) ( U1)
100
rgnURAL: Region Primitives
new ::U8,.U(q(qcap Uhnd U) (
q(qcap Uref U)
read ::U8,.U(q(qcap Uref U) (
q(qcap U)
101
Translation: FRGN to rgnURAL, Types
« RGN ¬ = U( ( L( «¬))
102
Translation: FRGN to rgnURAL, Types
« RGN ¬ = U( ( L( «¬))
– operational behavior of monad is store-passing
103
Translation: FRGN to rgnURAL, Types
« RGN ¬ = U( ( L( «¬))
– operational behavior of monad is store-passing
104
Translation: FRGN to rgnURAL, Types
« RGN ¬ = U( ( L( «¬))
– operational behavior of monad is store-passing
105
Translation: FRGN to rgnURAL, Types
« Pf(1 · 2) ¬ = U(9’. U(U(2 ( L(1 ’))
« Pf(1 · 2) ¬ = U(9’. U( U(L(1 ’) ( 2))
– Isomorphism between 2 and L(1 ’), for some “slack” ’
106
Translation: FRGN to rgnURAL, Types
« Pf(1 · 2) ¬ = U(9’. U(U(2 ( L(1 ’))
« Pf(1 · 2) ¬ = U(9’. U( U(L(1 ’) ( 2))
– Isomorphism between 2 and L(1 ’), for some “slack” ’
– Proof that 1 is a substack of 2 is persistent
– Existence of 1 and 2 is ephemeral
107
Translation: FRGN to rgnURAL, Types
« Pf(1 · 2) ¬ = U(9’. U(U(2 ( L(1 ’))
« Pf(1 · 2) ¬ = U(9’. U( U(L(1 ’) ( 2))
– Isomorphism between 2 and L(1 ’), for some “slack” ’
– Proof that 1 is a substack of 2 is persistent
– Existence of 1 and 2 is ephemeral
108
Translation: FRGN to rgnURAL, Types
« Pf(1 · 2) ¬ = U(9’. Iso(2, L(1 ’))) (
« Pf(1 · 2) ¬ = U(9’. U(U(L(1 ’) ( 2))
– Isomorphism between 2 and L(1 ’), for some “slack” ’
– Proof that 1 is a substack of 2 is persistent
– Existence of 1 and 2 is ephemeral
109
Translation: FRGN to rgnURAL, Types
« Hnd ¬ = U(9. U(U(9’. Iso(, L(’ Lcap )))« Hnd ¬ = U(9. U( Uhnd ))
« Ref ¬ = U(9. U(U(9’. Iso(, L(’ Lcap )))« Ref ¬ = U(9. U( Uref «¬))
110
Translation: FRGN to rgnURAL, Types
« Hnd ¬ = U(9. U(U(9’. Iso(, L(’ Lcap )))« Hnd ¬ = U(9. U( Uhnd ))
« Ref ¬ = U(9. U(U(9’. Iso(, L(’ Lcap )))« Ref ¬ = U(9. U( Uref «¬))
Existential fixes region
111
Translation: FRGN to rgnURAL, Types
« Hnd ¬ = U(9. U(U(9’. Iso(, L(’ Lcap )))« Hnd ¬ = U(9. U( Uhnd ))
« Ref ¬ = U(9. U(U(9’. Iso(, L(’ Lcap )))« Ref ¬ = U(9. U( Uref «¬))
Existential fixes region Isomorphism witnesses membership of in
112
Translation: FRGN to rgnURAL, Ops
« returnRGN [] [] e ¬ =let res : «¬ = «e¬ inUstk:. Lhstk,resi
« thenRGN [] [a] [b] e1 e2 ¬ =let f : «RGN a¬= «e1¬ inlet g : «a ! RGN b¬ = «e2¬ inUstk:. let hstk,resi = f stk in g res stk
113
Translation: FRGN to rgnURAL, Ops
« returnRGN [] [] e ¬ =let res : «¬ = «e¬ inUstk:. Lhstk,resi
« thenRGN [] [a] [b] e1 e2 ¬ =let f : «RGN a¬= «e1¬ inlet g : «a ! RGN b¬ = «e2¬ inUstk:. let hstk,resi = f stk in g res stk
Store-passing
encoding
114
Translation: FRGN to rgnURAL, Ops
« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Lhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi
115
Translation: FRGN to rgnURAL, Ops
« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Lhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi
116
Translation: FRGN to rgnURAL, Ops
« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Uhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi
117
Translation: FRGN to rgnURAL, Ops
« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Uhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi
118
Translation: FRGN to rgnURAL, Ops
« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Uhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi
119
Translation: FRGN to rgnURAL, Ops
« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Uhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi
120
Translation: FRGN to rgnURAL, Ops
« new [] [] eh e ¬ =let phnd : «Hnd ¬ = «eh¬ in let x : «¬ = «e¬ in Ustk:.let pack(,hpack(’,hprj,inji),hndi) = phnd in Ustk:.let hstk’,capi = prj stk inUstk:.let hcap,refi = new [] [«¬] Lhcap,hnd,xi in Ustk:.let pref = Upack(,UhUpack(’,Uhprj,inji),refi) in Ustk:.let stk = inj Lhstk’,capi inUstk:.Lhstk,prefi
121
Cyclone Features
Dynamic Regions– 1st class regions without LIFO restriction– represented by a linear/affine key:
L/Akey = L/A(L/Acap Uhnd )– must be opened to allocate or access
openDRgn :: 8,,. key ( 8,,. (hnd ( rgn ( cap ) ) ( 8,,. rgn ( key )
122
Cyclone Features
Heap– globally scoped, garbage collected region
Ucap heap Uhnd heap
123
Cyclone Features
Heap– globally scoped, garbage collected region
Ucap heap Uhnd heap
Reaps– regions with individual object deallocation
L/Aref
124
Cyclone Features
Unique Pointers– anonymous dynamic regions without the handle
Luptr = L(9. L(Lcap Uref ))
– or, unique references in the heapLuptr = Lref heap
125
Future Work
In practice, need to phase-split capabilities
Encode results of region analyses– Aiken et.al. [PLDI’95], Henglein et.al. [PPDP’01]
Modeling other language features– Cyclone, Cqual, Vault
126
Final Thoughts
Type-and-effect · Monadic · Substructural– would be a nice story
127
Final Thoughts
Type-and-effect · Monadic · Substructural– would be a nice story– better picture (??)
Type-and effect Monadic
Substructural
Region-basedmemory management
128
Final Thoughts
Advantage of Substructural TS for RBMM– Encode results of region analyses
Aiken et.al. [PLDI’95], Henglein et.al. [PPDP’01]
– Previous work introduced features in type-system exclusively for supporting non-LIFO regions
– This work introduces primitives, but reuses features of type-system to encode non-LIFO regions
129
Final Thoughts
Advantage of Substructural TS for RBMM– Encode results of region analyses
Aiken et.al. [PLDI’95], Henglein et.al. [PPDP’01]
– Previous work introduced features in type-system exclusively for supporting non-LIFO regions
– This work introduces primitives, but reuses features of type-system to encode non-LIFO regions
– Substructural type-systems are good for supporting other features, so it is an economical use
130
Final Thoughts
Scope vs. Lifetime– Lexical scope of region name
universal and existential quantification
– Un-scoped lifetime of region capability late allocation / early deallocation
131
Final Thoughts
Scope vs. Lifetime– Lexical scope of region name
universal and existential quantification
– Un-scoped lifetime of region capability late allocation / early deallocation
newrgn ::U(U1 ( L(9.L(Lcap Uhnd ))
132
Final Thoughts
Scope vs. Lifetime– Lexical scope of region name
universal and existential quantification
– Un-scoped lifetime of region capability late allocation / early deallocation
newrgn ::U(U1 ( L(9.L(U1 ( L(Lcap Uhnd )))
133
References
http://www.cs.cornell.edu/People/fluet
– FRGN : ICFP’04, JFP’06
– URAL and refURAL: ICFP’05
– rgnURAL : ESOP’06 (submitted)