Functional Object Calculus

Transcription

1 Notations a, b Ter terms d D, e E iterators over some finite sets f, g, h F field names i, j, k N indices (usually i < j < k) l Loc locations m, m d, m e M method names u, v, w Val values x, y, z Var variables C evaluation context F, G, H functionals S store α, β, τ semantic types σ, γ substitutions (γ is ground ) Ψ store typing Γ type environment 1

2 Functional Object Calculus Syntax Values a, b ::= x variable [m d = ς(x d )b d ] d D object creation a.m method invocation (field selection) a.m := ς(x)b method update (field update) Λ.a type abstraction a [] type application pack a creating existential package open a as x in b opening package Free Variables v Val ::= [m d = ς(x d )b d ] d D Λ.a pack v Closed Values FV : Ter P fin (Var) FV(x) = {x} FV([m d = ς(x d )b d ] d D ) = d D (FV(b d) \ {x d }) FV(a.m) = FV(a) FV(a.m := ς(x)b) = FV(a) (FV(b) \ {x}) FV(Λ.a) = FV(a) FV(a []) = FV(a) FV(pack a) = FV(a) FV(open a as x in b) = FV(a) (FV(b) \ {x}) CVal = {v Val FV(v) = } 2

3 Applying Ground Substitutions sub : Ter (Var fin Val) Ter Notation: sub a σ = σ(a) σ(x) = σ(x) σ([m d = ς(x d )b d ] d D ) = [m d = ς(x d )σ[x d ](b d )] d D σ(a.m) = σ(a).m σ(a.m := ς(x)b) = (σ(a)).m := ς(x)σ[x ](b) σ(λ.a) = Λ.σ(a) σ(a []) = σ(a) [] σ(pack a) = pack σ(a) σ(open a as x in b) = open σ(a) as x in σ[x ](b) Small-step Operational Semantics Reduction Contexts C[ ] = C.m C.m := ς(x)b C [] pack C open C as x in b Reduction (Red-Sel) (Red-Upd) v = [m d = ς(x d )b d ] d D ] v.m e [x e v](b e ) e D e D v = [m e = ς(x)b, m d = ς(x d )b d ] d D\{e}] [m d = ς(x d )b d ] d D ].m e := ς(x)b v (Red-TApp) (Λ.a) [] a (Red-Open) open (pack v) as x in b [x v](b) (Red-Ctx) a b C[a] C[b] Properties Reduction is deterministic. Notation irred(a) = b.a b 3

4 Step-indexed Semantics Safety Safe k = {a j < k. a j b b Val irred(b)} Safe = k 0 Safe k Types Sets of index-value pairs closed under descending index. Type = {τ N Val k 0. j k. v Val. k, v τ j, v τ} Expr: k Type a : k τ : FV(a) = j < k. (a j b irred(b)) k j, b τ Substitution: k Environment Γ : Var fin Type (type environment) σ : Var fin CVal (ground substitution) σ : k Γ : x Dom(Γ). σ(x) : k Γ(x) Semantic Type Judgement Γ = k a : α : FV(a) Dom(Γ) σ : k Γ. σ(a) : k α Γ = a : α : k 0. Γ = k a : α = a : α : = a : α Properties 1. j k. a : k τ a : j τ 2. v Val. v : k τ k, v τ 3. a : k τ a Safe k 4. = a : α a Safe (type soundness) Approximation τ k = { j, v j < k} F : Type Type contractive if τ Type, k 0 we have: F (τ) k+1 = F ( τ k ) k+1 4

5 Semantic Types = = { k, v k N, v Val} [m d : τ d ] d D = { k, v v = [m e = ς(x e )b e ] e E, D E, α = [m d : τ d ] d D, d D. j < k. ([x d v](b d ) : j τ d ς(x)b. j, ς(x)b α τ d j, [m d = ς(x)b, m e = ς(x e )b e ] e E\{d} α)} where α τ = { j, ς(x)b i < j. i, v α [x v](b) : i τ} 1 µf = { k, v k, v F k+1 ( )} 2 α F = { k, Λ.a j < k. τ. τ j Type τ j α j a : j F (τ)} α F = { k, pack v τ Type. τ k α k j < k. j, k F (τ)} 1 α τ is just a set, and not a type, because methods are not values (not even terms) in the functional object calculus. 2 F is a function from types to types (functional) 5

6 Imperative Object Calculus Syntax Examples 1. Factorial a, b ::= x variables {m d = l d } d D object value [m d = ς(x d )b d ] d D object creation clone a object cloning a.m method invocation a.m := ς(x)b method update λx. b procedures a b procedure application Λ.a type abstraction a [] type application pack a creating existential package open a as x in b opening package 2. Euclid s GCD Algorithm [fac = ς(y)λn. if n = 0 then 1 else n y.fac(n 1)] [gcd = ς(y)λx. λz. if x < z then y.gcd x (z x) else if z < x then y.gcd (x z) z else x] 3. Factorial through field (could be used for explaining what higher-order store is, even though there are simpler examples to show this) Values let x = [f = ς(y)λn. n] in let z = [f = x, fac = ς(y)λn. if n = 0 then 1 else n y.f.fac(n 1)] in z.f := z v Val ::= {m d = l d } d D λx. b Λ.a pack v Programs CVal = {v Val FV(v) = } Prog = {v CVal Labels(v) = } 6

7 Small-step Operational Semantics Reduction Contexts C[ ] = C.m C.m := ς(x)b C b v C C [] pack C open C as x in b Reduction (Red-Obj) d D. l d Dom(S) S, [m d = ς(x d )b d ] d D S[l d λx d. b d ] d D, {m d = l d } d D d D. l d Dom(S) (Red-Clone) S, clone {m d = l d } d D S[l d S(l d )] d D, {m d = l d} d D (Red-Sel 3 ) (Red-Upd) (Red-Beta) (Red-Ctx) e D S, {m d = l d } d D.m e S, S(l e ) {m d = l d } d D e D S, {m d = l d } d D.m e := ς(x)b S[l e λx. b], {m d = l d } d D S, (λx. b) v S, [x v](b) S, a S, b S, C[a] S, C[b] Examples TODO: Redo examples from ioc.tex 3 This rule is not standard (basically a selection step is always succeeded by a beta reduction), but it allows us to reuse Ahmed s model, which is nice. 7

8 Step-indexed Semantics 4 Safety Safe k = {(S, a) j < k. S, b. S, a j S, b b Val irred(s, b)} Safe = k 0 Safe k Circular definition PreType = P(N StoreType Val) StoreType = Loc fin PreType Approximation τ k = { j, Ψ, v τ j < k} Ψ k = λl Loc. Ψ(l) k Stratification Invariant For all types τ, τ k+1 cannot depend on any type beyond approximation k. This invariant assures the well-foundness of the whole construction. PreType 0 = { } PreType k+1 = {τ j, Ψ, v τ. j k Ψ StoreType j } StoreType k = {Ψ l Dom(Ψ). Ψ(l) Type k } PreType = {τ k 0. τ k PreType k } StoryType = {Ψ k 0. Ψ k StoreType k } State Extension (k, Ψ) (j, Ψ ) : j k l Dom(Ψ). Ψ j (l) = Ψ j (l) Types PreTypes closed under state extension. Type = {τ PreType k, j 0. Ψ, Ψ. v Val. ((k, Ψ) (j, Ψ ) k, Ψ, v τ) j, Ψ, v τ} Well-typed Store (S : k Ψ) (S : k Ψ : Dom(Ψ) Dom(S) j < k. l Dom(Ψ). j, Ψ j, S(l) Ψ k (l) 4 All the definitions are the same as in Ahmed s thesis, modulo small notational differences. 8

9 Expr: k,ψ Type a : k,ψ τ : FV(a) = j < k, S, S, b. (S : k Ψ S, a j S, b irred(s, b)) Ψ. (k, Ψ) (k j, Ψ ) S : k j Ψ k j, Ψ, b τ Value Env.: k,ψ Type Env. Γ : Var fin Type (type environment) γ : Var fin CVal (value environment = closed-value substitution) γ : k,ψ Γ : x Dom(Γ). γ(x) : k,ψ Γ(x) Semantic Type Judgement Let a such that Labels(a) =. Γ = k a : α : FV(a) Dom(Γ) Ψ. γ : k,ψ Γ. γ(a) : k,ψ α Γ = a : α : k 0. Γ = k a : α = a : α : = a : α Properties 1. j k (k, Ψ) (j, Ψ j ) 2. (j k a : k,ψ α) a : j, Ψ j α 3. v Val. v : k,ψ τ k, Ψ, v τ 4. = a : α S. (S, a) Safe (type soundness) Semantic Types = = { k, Ψ, v k N, Ψ StoreType, v Val} α β = { k, Ψ, λx. b j < k. Ψ, v Val. ((k, Ψ) (j, Ψ ) j, Ψ, v α) [x v](b) : j,ψ τ} α = [m d : τ d ] d D = { k, Ψ, {m e = l e } e E D E α. α k Type α k α k j < k. j, Ψ, {m e = l e } e E α d D. Ψ k (l d ) = α τ d k } µf = { k, Ψ, v k, Ψ, v F k+1 ( )} α F = { k, Ψ, Λ.a j, Ψ. τ. (k, Ψ) (j, Ψ ) τ j Type τ j α j i < j. a : i, Ψ i F (τ)} (where F is non-expansive) α F = { k, Ψ, pack v τ. τ k Type τ k α k j < k. j, Ψ j, v F (τ)} (where F is non-expansive) 9

10 Semantic Typing Rules 56 (Var) Γ = x : Γ(x) Procedures Types Γ[x : α] = b : β (Lam) Γ = λx. b : α β (App) Γ = a : β α Γ Γ = a b : α = b : β Object Types Let α = [m d : τ d ] d D (Obj) d D. Γ[x d : α] = b d : τ d Γ = [m d = ς(x d )b d ] d D : α (Sel) Γ = a : α e D Γ = a.m e : τ e (Upd) Γ = a : α e D Γ[x : α] = b : τ e Γ = a.m e := ς(x)b : α (Clone) Γ = a : α Γ = clone a : α Polymorphic Types τ Type. τ α Γ = a : F (τ) (TAbs) Γ = Λ.a : α F (TApp) Γ = a : αf τ Type τ α Γ = a [] : F (τ) (Pack) τ Type. τ α Γ = a : F (τ) Γ = pack a : α F 5 Common for both calculi 6 Proved as derived lemmata from the definitions. 10

11 (Open) Γ = a : αf τ Type. τ α Γ[x : F (τ)] = b : β Γ = open a as x in b : β Recursive Types (Unfold) Γ = a : µf F contractive Γ = a : F (µf ) (Fold) Γ = a : F (µf ) F Γ = a : µf contractive Subtyping (SubSub) Γ = a : α α β Γ = a : β (SubRefl) α α (SubTrans) α τ τ β α β (SubTop) α (SubBot) α (SubArrow) α α β β α β α β (SubObj) E D [m d : τ d ] d D [m e : τ e ] e E 7 (SubRec) α, β Type. α β F (α) G(β) µf µg (SubUniv) β α τ Type. τ β F (τ) G(τ) α F β G (SubExist) α β τ Type. τ α F (τ) G(τ) α F β G 7 Still only in width without variance annotations. 11

12 Self Quantifier The self quantifier allows recursive types with proper subtyping, and is used together with object types in order to define self types. ςf = µ(λα Type. α F ) τ Type. τ ςf Γ = a : F (τ) (Wrap) Γ = pack a : ςf (Use) Γ = a : ςf τ Type. τ ςf Γ[x : F (τ)] = b : β Γ = open a as x in b : β (SubSelf) τ Type. F (τ) G(τ) ςf ςg Self Types Self types are recursive object types with proper subtyping 8. Self types have the form ς(λτ Type. [m d : F d (τ)] d D ). They have the restriction that the recursion only happens covariantly, which we formalize by requiring all F d to be monotonic. Without this additional condition the rule for selection would be unsound, while the rules for object creation and selection have this condition built in their usual preconditions. d D. α, β Type. α β F d (α) F d (β) Self object creation: pack [m d = ς(x d )b d ] d D Selection: a m d open a as x in x.m d Update: a m d := ς(x)b open a as x in pack (x.m d := ς(x)b) Let α = ς(λτ Type. [m d : F d (τ)] d D ) (SelfObj) τ Type. τ α d D. Γ[x d : τ] = b d : F d (τ) Γ = pack [m d = ς(x d )b d ] d D : α (SelfSel) Γ = a : α e D Γ = a m e : F e (α) (SelfUpd) Γ = a : α e D τ Type. τ α Γ[x : [m d : F d (τ)] d D ] = b : F e (τ) Γ = a m e := ς(x)b : α (SubSelfObj) E D ς(λτ Type. [m d : F d (τ)] d D ) ς(λτ Type. [m e : F e (τ)] e E ) 8 Please note that if we would replace ς with µ in the subtyping rule for self types, the resulting rule would be unsound. 12

13 Variance Annotations 9 In order to have subtyping in depth for objects, method selection and update can be tracked using object types with variance annotations: ν {0, +, }. Methods annotated with zero can be both selected and updated, but as before they need to be invariant when subtyping. Methods annotated with plus can only be selected but not updated, so they are covariant when subtyping. Similarly, methods annotated with minus can only be updated, and are thus contravariant. These annotations extend the usual object types, which can now be seen as a special case where all methods are invariant 10. Let α = [m d : νd τ d ] d D α = def { k, v v = [m e = ς(x e )b e ] e E, D E, d D. j < k. ((ν d {+, 0} [x d v](b d ) : j τ d ) (ν d {, 0} ς(x)b. j, ς(x)b α τ d j, [m d = ς(x)b, m e = ς(x e )b e ] e E\{d} α))} (VarObj) d D. Γ[x : α] = b d : τ d Γ = [m d = ς(x d )b d ] d D : α (VarSel) Γ = a : α e D ν e {+, 0} Γ = a.m e : τ e (VarUpd) Γ = a : α e D ν e {, 0} Γ[x : α] = b : τ e Γ = a.m e := ς(x)b : α (VarSubObj) E D e E. (ν e {+, 0} α e β e ) (ν e {, 0} β e α e ) [m d : νd α d ] d D [m e : νe β e ] e E 9 For now only for the functional calculus since we did not find a way to describe writeonly references 10 We could even go one step further and define object types with variance annotations from the start, and then allowing the invariance annotation to be omitted for the same effect as our object types without annotations. We would only have to change the (Sem-SObj), (Sem-Sel) and (Sem-Upd) rules with the ones in this section, and also the definition of self types and the (Sem-SelfSObj) rule. Actually this would make perfect sense, since it would remove a couple of useless rules and proofs. 13

14 Misc Semantic vs. Syntactic Typing Rules (Pack) τ Type. τ α Γ = a : F (τ) Γ = pack a : α F (Syn-Pack) Ψ, Γ C A Ψ, Γ a[x := C] : B[X := C] Ψ, Γ pack X A=C a : X A. B Example of what it means to belong to a type [f = ς(x)[]] : 1 [f : int] 14