Practical Programming with Substructural Types A dissertation presented by Jesse A. Tov to the Faculty of the Graduate School of the College of Computer and Information Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy Northeastern University Boston, Massachusetts February, 2012 Abstract Substructural logics remove from classical logic rules for reordering, duplica- tion, or dropping of assumptions. Because propositions in such a logic may no longer be freely copied or ignored, this suggests understanding propositions in substructural logics as representing resources rather than truth. For the programming language designer, substructural logics thus provide a framework for considering type systems that can track the changing states of logical and physical resources. While several substructural type systems have been proposed and im- plemented, many of these have targeted substructural types at a particular purpose, rather than offering them as a general facility. The more general substructural type systems have been theoretical in nature and too unwieldy for practical use. This dissertation presents the design of a general purpose language with substructural types, and discusses several language design problems that had to be solved in order to make substructural types useful in practice. i So design is a constant challenge to balance comfort with luxe, the practical with the desirable. — Donna Karan iii Acknowledgments Thanks go first to my advisor, Riccardo Pucella, for his steady support and guidance. His suggestions and criticism have improved this dissertation in ways too numerous to list. I am also grateful to the rest of my thesis committee: Mitchell Wand, from whom I learned to think like a semanticist; Matthew Fluet, whose work prompted and shaped my own; and Matthias Felleisen, whose example and high expectations are an inspiration. I owe much gratitude to the faculty and the present and former students at the Northeastern University College of Computer and Information Science, who together create a collegial, intellectual environment that I am sad to leave: Ahmed Abdelmeged, Jay Aslam, Dan Brown, Bryan Chadwick, Agnes Chan, Stephen Chang, Will Clinger, Richard Cobbe, Ryan Culpepper, Christos Dimoulas, Carl Eastlund, Felix Klock, Tony Garnock-Jones, Dave Herman, Ian Johnson, Karl Lieberherr, Olin Shivers, Vincent St-Amour, Paul Stansifer, Stevie Strickland, Asumu Takikawa, Sam Tobin-Hochstadt, Aaron Turon, David Van Horn, and Dimitris Vardoulakis. Alec Heller’s insights and demands for clarity have been especially valuable. This journey began when Norman Ramsey first introduced me to the study of programming languages as an academic discipline, and for that I am forever grateful. I would also like to thank Henry Leitner, Radhika Nagpal, Margo Seltzer, and Chris Thorpe, from whom I learned much about teaching; Chung- chieh Shan, who first told me to listen to the types; and my colleagues at FNMOC, Oleg Kiselyov and Andrew Pimlott. Last but not in the least least, I would like to thank my family: Yaron, Shoshanah, Sarah, Michael, Maryann, Lau, Evelyn, and my infinitely patient wife, Elizabeth, without whom nothing is possible. v vi ACKNOWLEDGMENTS This research was supported in part by AFOSR grant FA9550-09-1-0110. Contents Abstracti Acknowledgmentsv List of Figures xi 1 Practical Substructural Types1 1.1 The Structure of This Dissertation................ 3 2 Background: Stateful Type Systems5 2.1 Substructural Logics and ¸ Calculi................ 6 2.2 Typestate............................... 16 2.3 Region-Based Memory Management............... 22 2.4 Session Types............................. 28 3 Programming in Alms 39 3.1 Alms by Example .......................... 39 3.2 Syntax Matters............................ 52 4 Expressiveness of Alms 59 4.1 Typestate............................... 59 4.2 Regions ................................ 69 4.3 Session Types............................. 75 4.4 Discussion............................... 94 5 A Model of Alms 97 vii viii CONTENTS a 5.1 Syntax and Semantics of ¸ms ................... 98 5.2 Theoretical Results ......................... 116 6 Implementation of Alms 123 6.1 Core Alms............................... 123 6.2 A Type Inference Algorithm.................... 132 6.3 Solving Subtype Constraints.................... 135 6.4 Solving Subqualifier Constraints . 146 7 Mixing Affine and Conventional Types 153 7.1 Related Work............................. 154 7.2 A Model of Affine Contracts.................... 155 A 7.3 Type Soundness for FC . 174 7.4 Implementing Affine Contracts.................. 186 8 Substructural Types and Control 197 8.1 Related Work............................. 201 8.2 Syntax and Semantics of ¸URAL . 203 8.3 Generic Control Effects in ¸URAL(C) . 211 8.4 The Generic Theory......................... 219 8.5 Example Control Effects...................... 231 8.6 Discussion............................... 242 9 Related Work and Design Rationale 245 9.1 Substructural Type Systems.................... 245 9.2 The Spirit of ML........................... 250 9.3 From ILL to Alms.......................... 253 10 Conclusion 257 10.1 Contributions............................. 257 10.2 Future Work ............................. 258 A Proofs: A Model of Alms 263 A.1 Preliminaries............................. 263 A.2 Principal Qualifiers......................... 268 CONTENTS ix A.3 Type Soundness........................... 272 B Proofs: Mixing Affine and Conventional Types 331 B.1 Properties of Types and Stores .................. 331 B.2 Evaluation Contexts and Substitution . 335 B.3 Preservation ............................. 357 B.4 Progress................................ 375 C Proofs: Substructural Types and Control 385 C.1 Properties of ¸URAL . 385 C.2 Properties of ¸URAL(C) ....................... 396 C.3 Proofs for Example Control Effects . 424 List of Definitions and Propositions 449 Bibliography 455 List of Figures 2.1 Term assignment for ILL........................ 10 2.2 States and transitions for TCP (simplified)............. 17 2.3 Vault interface to TCP (server only) ................. 18 2.4 Sockets API in a dependent ILL.................... 21 2.5 Sockets API in ¸URAL .......................... 23 2.6 Vault region API............................. 27 2.7 Vault region client example ...................... 27 2.8 ¸rgnUL region API............................. 27 2.9 State diagram for ATM–bank protocol................ 30 2.10 Message type for ATM protocol in CML............... 31 2.11 ATM client code for getting the balance in CML.......... 31 2.12 Session type duality........................... 32 2.13 ATM client code in Vasconcelos et al.’s (2004) language . 34 2.14 Session types in ¸URAL ......................... 34 3.1 Affine array interface in Alms..................... 40 3.2 Affine array implementation in Alms................. 41 3.3 Interface for unlimited arrays with affine capabilities . 42 3.4 Implementation of unlimited arrays with affine capabilities . 43 3.5 Some type definitions and inferred qualifier kinds......... 45 3.6 Interface for arrays with potentially affine elements . 48 3.7 Interface to arrays with capabilities and locks........... 49 3.8 Interface to mvars (synchronized variables)............. 50 3.9 Implementation of to arrays with capabilities and locks . 50 xi xii LIST OF FIGURES 3.10 Reader-writer locks with capabilities................. 51 3.11 Fractional reader-writer capabilities................. 51 3.12 Comparison of missing-means-U rule to actual rule . 57 4.1 States and transitions for Berkeley sockets TCP.......... 60 4.2 Alms interface to Berkeley sockets TCP (i): basic operations . 60 4.3 Alms interface for TCP (ii): error handling............. 62 4.4 Alms implementation of TCP (i): basic operations......... 64 4.5 Alms implementation of TCP (ii): error handling ......... 66 4.6 Alternate, untrusted implementation of error handling . 67 4.7 An echo server using SocketCap .................... 68 4.8 Simple, Vault-style regions....................... 70 4.9 Regions with fractional capabilities.................. 71 4.10 Simple homogeneous regions ..................... 73 4.11 Homogeneous regions with adoption and focus........... 74 4.12 Binary session types........................... 75 4.13 Duality for binary session types.................... 76 4.14 Interface for binary session types................... 77 4.15 Monomorphic, synchronous channels................. 78 4.16 Implementation of binary session types............... 78 4.17 Interface for k-ary session types.................... 80 4.18 ATM–bank protocol in k-ary session types ............. 81 4.19 Client for ATM–bank protocol..................... 81 4.20 Implementation of k-ary session types................ 82 4.21 Example of polygon clipping...................... 83 4.22 Interface for a simple 3-D geometry library............. 84 4.23 Implementation of polygon clipping (part 1 of 3).......... 85 4.24 Implementation of polygon clipping (part 2 of 3).......... 87 4.25 Implementation of polygon clipping (part 3 of 3).......... 88 4.26 Interface to session types with regions................ 90 4.27 Implementation of session types with regions ........... 91 4.28 Broadcasting using session type regions (part 1 of 2) . 93 4.29 Broadcasting using session type regions (part 2 of 2) . 95 LIST OF FIGURES xiii 5.1 Syntax (i): expressions ......................... 99 5.2 Syntax (ii): types............................. 99 5.3 Syntax (iii): Qualifier constants,