Tweet
Tweet

Slide 1

Slide 1 text

A GENERIC APPROACH TO FLOW- SENSITIVE POLYMORPHIC EFFECTS COLIN S. GORDON ECOOP 2017 BARCELONA, SPAIN

Slide 2

Slide 2 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS TODAY’S TALK

Slide 3

Slide 3 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS TODAY’S TALK ▸ Goal: Give an algebraic characterization of sequential effect systems, sufficient to model prior systems

Slide 4

Slide 4 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS TODAY’S TALK ▸ Goal: Give an algebraic characterization of sequential effect systems, sufficient to model prior systems ▸ Guide design, implementation, communication

Slide 5

Slide 5 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS TODAY’S TALK ▸ Goal: Give an algebraic characterization of sequential effect systems, sufficient to model prior systems ▸ Guide design, implementation, communication ▸ A new algebraic characterization of sequential effects

Slide 6

Slide 6 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS TODAY’S TALK ▸ Goal: Give an algebraic characterization of sequential effect systems, sufficient to model prior systems ▸ Guide design, implementation, communication ▸ A new algebraic characterization of sequential effects ▸ Derivation of a free effect iteration for most sequential effect systems

Slide 7

Slide 7 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS TODAY’S TALK ▸ Goal: Give an algebraic characterization of sequential effect systems, sufficient to model prior systems ▸ Guide design, implementation, communication ▸ A new algebraic characterization of sequential effects ▸ Derivation of a free effect iteration for most sequential effect systems ▸ Mention of other results in the paper

Slide 8

Slide 8 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS

Slide 9

Slide 9 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS ▸ Extend type systems to describe internals of computations as well as shape of data:

Slide 10

Slide 10 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS ▸ Extend type systems to describe internals of computations as well as shape of data: ▸ ⊢ e : ⟹ ⊢ e : |

Slide 11

Slide 11 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS ▸ Extend type systems to describe internals of computations as well as shape of data: ▸ ⊢ e : ⟹ ⊢ e : | ▸ Locking, memory access, non-termination, Java’s checked exceptions…

Slide 12

Slide 12 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS ▸ Extend type systems to describe internals of computations as well as shape of data: ▸ ⊢ e : ⟹ ⊢ e : | ▸ Locking, memory access, non-termination, Java’s checked exceptions… ▸ For most effect systems, we have a concise formulation:

Slide 13

Slide 13 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS ▸ Extend type systems to describe internals of computations as well as shape of data: ▸ ⊢ e : ⟹ ⊢ e : | ▸ Locking, memory access, non-termination, Java’s checked exceptions… ▸ For most effect systems, we have a concise formulation: ▸ A join semilattice of effects (partial order w/ LUB)

Slide 14

Slide 14 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS REVIEW: EFFECT SYSTEMS ▸ Extend type systems to describe internals of computations as well as shape of data: ▸ ⊢ e : ⟹ ⊢ e : | ▸ Locking, memory access, non-termination, Java’s checked exceptions… ▸ For most effect systems, we have a concise formulation: ▸ A join semilattice of effects (partial order w/ LUB) ▸ (More needed for effect masking)

Slide 15

Slide 15 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT SYSTEMS, GENERICALLY

Slide 16

Slide 16 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT SYSTEMS, GENERICALLY ⊢ e : | ⊢ e’ : ’ | ’
 ⊢ e; e’ : ’ | ⊔ ’ T-Seq

Slide 17

Slide 17 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT SYSTEMS, GENERICALLY ⊢ e : | ⊢ e’ : ’ | ’
 ⊢ e; e’ : ’ | ⊔ ’ T-Seq + plugin for checked exceptions

Slide 18

Slide 18 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT SYSTEMS, GENERICALLY ⊢ e : | {IOException} ⊢ e’ : ’ | {InvalidArgumentException}
 ⊢ e; e’ : ’ | {IOException, InvalidArgumentException} ⊢ e : | ⊢ e’ : ’ | ’
 ⊢ e; e’ : ’ | ⊔ ’ T-Seq + plugin for checked exceptions

Slide 19

Slide 19 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS

Slide 20

Slide 20 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom)

Slide 21

Slide 21 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions

Slide 22

Slide 22 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions ▸ Memory access (regions)

Slide 23

Slide 23 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions ▸ Memory access (regions) ▸ Use of capabilities

Slide 24

Slide 24 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions ▸ Memory access (regions) ▸ Use of capabilities ▸ Access to UI elements

Slide 25

Slide 25 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions ▸ Memory access (regions) ▸ Use of capabilities ▸ Access to UI elements ▸ Blocking calls

Slide 26

Slide 26 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions ▸ Memory access (regions) ▸ Use of capabilities ▸ Access to UI elements ▸ Blocking calls ▸ …

Slide 27

Slide 27 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS “MOST” EFFECT SYSTEMS: COMMUTATIVE EFFECT SYSTEMS ▸ Block-structured lock ownership (e.g., for data race freedom) ▸ Checked exceptions ▸ Memory access (regions) ▸ Use of capabilities ▸ Access to UI elements ▸ Blocking calls ▸ … ORDER DOESN’T MATTER!

Slide 28

Slide 28 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING?

Slide 29

Slide 29 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING? ▸ Unstructured locking

Slide 30

Slide 30 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING? ▸ Unstructured locking ▸ Unstructured memory accesses (regions)

Slide 31

Slide 31 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING? ▸ Unstructured locking ▸ Unstructured memory accesses (regions) ▸ Heap-shape-dependent locking

Slide 32

Slide 32 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING? ▸ Unstructured locking ▸ Unstructured memory accesses (regions) ▸ Heap-shape-dependent locking ▸ …

Slide 33

Slide 33 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING? ▸ Unstructured locking ▸ Unstructured memory accesses (regions) ▸ Heap-shape-dependent locking ▸ … ▸ We call such systems “sequential” (following Tate)

Slide 34

Slide 34 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT ABOUT EFFECT SYSTEMS *WITH* ORDERING? ▸ Unstructured locking ▸ Unstructured memory accesses (regions) ▸ Heap-shape-dependent locking ▸ … ▸ We call such systems “sequential” (following Tate) ▸ These systems lack a common algebraic characterization

Slide 35

Slide 35 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT DO WE NEED TO MODEL PRIOR SEQUENTIAL EFFECT SYSTEMS?

Slide 36

Slide 36 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT DO WE NEED TO MODEL PRIOR SEQUENTIAL EFFECT SYSTEMS? ▸ Still need a join semilattice

Slide 37

Slide 37 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT DO WE NEED TO MODEL PRIOR SEQUENTIAL EFFECT SYSTEMS? ▸ Still need a join semilattice ▸ Need (partial) sequencing of effects

Slide 38

Slide 38 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT DO WE NEED TO MODEL PRIOR SEQUENTIAL EFFECT SYSTEMS? ▸ Still need a join semilattice ▸ Need (partial) sequencing of effects ▸ Need iteration of effects

Slide 39

Slide 39 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS WHAT DO WE NEED TO MODEL PRIOR SEQUENTIAL EFFECT SYSTEMS? ▸ Still need a join semilattice ▸ Need (partial) sequencing of effects ▸ Need iteration of effects ▸ Need equational theory for simplifying complex effects with effect variables

Slide 40

Slide 40 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES

Slide 41

Slide 41 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES ▸ A relaxation of quantales (see paper for references)

Slide 42

Slide 42 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES ▸ A relaxation of quantales (see paper for references) ▸ A set E with binary join ⊔, binary sequence Ὂ, top ⊤, seq- unit I

Slide 43

Slide 43 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES ▸ A relaxation of quantales (see paper for references) ▸ A set E with binary join ⊔, binary sequence Ὂ, top ⊤, seq- unit I ▸ Ὂ distributes over ⊔ on both sides:
 a Ὂ(b ⊔ c) = (aὊb) ⊔ (aὊc)
 (b ⊔ c)Ὂa = (bὊa) ⊔ (cὊa)

Slide 44

Slide 44 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES ▸ A relaxation of quantales (see paper for references) ▸ A set E with binary join ⊔, binary sequence Ὂ, top ⊤, seq- unit I ▸ Ὂ distributes over ⊔ on both sides:
 a Ὂ(b ⊔ c) = (aὊb) ⊔ (aὊc)
 (b ⊔ c)Ὂa = (bὊa) ⊔ (cὊa) ▸ ⊤ is nilpotent for Ὂ (aὊ⊤= ⊤= ⊤Ὂa)

Slide 45

Slide 45 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES ▸ A relaxation of quantales (see paper for references) ▸ A set E with binary join ⊔, binary sequence Ὂ, top ⊤, seq- unit I ▸ Ὂ distributes over ⊔ on both sides:
 a Ὂ(b ⊔ c) = (aὊb) ⊔ (aὊc)
 (b ⊔ c)Ὂa = (bὊa) ⊔ (cὊa) ▸ ⊤ is nilpotent for Ὂ (aὊ⊤= ⊤= ⊤Ὂa) MANY USEFUL PROPERTIES FOLLOW FROM THIS DEFINITION. E.G., A PARTIAL ORDER ⊑ MONOTONICITY OF Ὂ

Slide 46

Slide 46 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT QUANTALES ▸ A relaxation of quantales (see paper for references) ▸ A set E with binary join ⊔, binary sequence Ὂ, top ⊤, seq- unit I ▸ Ὂ distributes over ⊔ on both sides:
 a Ὂ(b ⊔ c) = (aὊb) ⊔ (aὊc)
 (b ⊔ c)Ὂa = (bὊa) ⊔ (cὊa) ▸ ⊤ is nilpotent for Ὂ (aὊ⊤= ⊤= ⊤Ὂa) MANY USEFUL PROPERTIES FOLLOW FROM THIS DEFINITION. E.G., A PARTIAL ORDER ⊑ MONOTONICITY OF Ὂ THIS IS ENOUGH TO MODEL PRIOR SYSTEMS!

Slide 47

Slide 47 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN EFFECT SYSTEM FOR ATOMICITY

Slide 48

Slide 48 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN EFFECT SYSTEM FOR ATOMICITY ▸ Flanagan and Qadeer wrote two atomicity effect systems — let’s model the simpler one (TLDI 2003)

Slide 49

Slide 49 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN EFFECT SYSTEM FOR ATOMICITY ▸ Flanagan and Qadeer wrote two atomicity effect systems — let’s model the simpler one (TLDI 2003) ▸ Movers (Lipton ’75) are a way to reason about atomicity by considering how local actions commute with interference:
 
 


Slide 50

Slide 50 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN EFFECT SYSTEM FOR ATOMICITY ▸ Flanagan and Qadeer wrote two atomicity effect systems — let’s model the simpler one (TLDI 2003) ▸ Movers (Lipton ’75) are a way to reason about atomicity by considering how local actions commute with interference:
 
 
 ▸ The mover types become effects (B, L, R, A, C), with requisite sequencing

Slide 51

Slide 51 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN ATOMICITY EFFECT QUANTALE

Slide 52

Slide 52 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN ATOMICITY EFFECT QUANTALE

Slide 53

Slide 53 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN ATOMICITY EFFECT QUANTALE ▸ The set is the mover effects + ERR

Slide 54

Slide 54 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN ATOMICITY EFFECT QUANTALE ▸ The set is the mover effects + ERR ▸ Join follows Flanagan and Qadeer (plus ERR) X

Slide 55

Slide 55 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN ATOMICITY EFFECT QUANTALE ▸ The set is the mover effects + ERR ▸ Join follows Flanagan and Qadeer (plus ERR) ▸ Sequencing follows Flanagan and Qadeer (plus ERR) X X X X X X X X X X X X X X

Slide 56

Slide 56 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EXAMPLE: AN ATOMICITY EFFECT QUANTALE ▸ The set is the mover effects + ERR ▸ Join follows Flanagan and Qadeer (plus ERR) ▸ Sequencing follows Flanagan and Qadeer (plus ERR) ▸ Flanagan and Qadeer already proved the EQ laws X X X X X X X X X X X X X X

Slide 57

Slide 57 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES?

Slide 58

Slide 58 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES? ▸ EQs cover more than just Flanagan and Qadeer’s atomicity

Slide 59

Slide 59 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES? ▸ EQs cover more than just Flanagan and Qadeer’s atomicity ▸ Derived from prior systems’ type judgments (see paper)

Slide 60

Slide 60 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES? ▸ EQs cover more than just Flanagan and Qadeer’s atomicity ▸ Derived from prior systems’ type judgments (see paper) ▸ Trickier examples: unstructured locking with recursive acquisition, product of effect quantales

Slide 61

Slide 61 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES? ▸ EQs cover more than just Flanagan and Qadeer’s atomicity ▸ Derived from prior systems’ type judgments (see paper) ▸ Trickier examples: unstructured locking with recursive acquisition, product of effect quantales ▸ Clear relationship to more “foundational” work

Slide 62

Slide 62 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES? ▸ EQs cover more than just Flanagan and Qadeer’s atomicity ▸ Derived from prior systems’ type judgments (see paper) ▸ Trickier examples: unstructured locking with recursive acquisition, product of effect quantales ▸ Clear relationship to more “foundational” work ▸ Short version: similar algebras, EQs are slightly more restrictive, EQs induce the other algebras

Slide 63

Slide 63 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS HOW GENERAL ARE EFFECT QUANTALES? ▸ EQs cover more than just Flanagan and Qadeer’s atomicity ▸ Derived from prior systems’ type judgments (see paper) ▸ Trickier examples: unstructured locking with recursive acquisition, product of effect quantales ▸ Clear relationship to more “foundational” work ▸ Short version: similar algebras, EQs are slightly more restrictive, EQs induce the other algebras ▸ Free iteration construct for most EQs!

Slide 64

Slide 64 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATING SEQUENTIAL EFFECTS: HARDER THAN IT LOOKS ⊢ e : bool | ⊢ e’ : | ’
 ⊢ while (e) e’ : | ▷(’Ὂ)*

Slide 65

Slide 65 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATING SEQUENTIAL EFFECTS: HARDER THAN IT LOOKS ▸ Prior abstract work on sequential effects defers iteration ⊢ e : bool | ⊢ e’ : | ’
 ⊢ while (e) e’ : | ▷(’Ὂ)*

Slide 66

Slide 66 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATING SEQUENTIAL EFFECTS: HARDER THAN IT LOOKS ▸ Prior abstract work on sequential effects defers iteration ▸ Mycroft et al. note that a naive fixed point operator makes every effect idempotent (∀X, XὊX=X), which is too strong ⊢ e : bool | ⊢ e’ : | ’
 ⊢ while (e) e’ : | ▷(’Ὂ)*

Slide 67

Slide 67 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATING SEQUENTIAL EFFECTS: HARDER THAN IT LOOKS ▸ Prior abstract work on sequential effects defers iteration ▸ Mycroft et al. note that a naive fixed point operator makes every effect idempotent (∀X, XὊX=X), which is too strong ▸ Many prior sequential effect systems with iteration are incompatible with that: e.g., Flanagan and Qadeer’s work:
 BὊB=B LὊL=L RὊR=R AὊA=C CὊC=C ⊢ e : bool | ⊢ e’ : | ’
 ⊢ while (e) e’ : | ▷(’Ὂ)*

Slide 68

Slide 68 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATING SEQUENTIAL EFFECTS: HARDER THAN IT LOOKS ▸ Prior abstract work on sequential effects defers iteration ▸ Mycroft et al. note that a naive fixed point operator makes every effect idempotent (∀X, XὊX=X), which is too strong ▸ Many prior sequential effect systems with iteration are incompatible with that: e.g., Flanagan and Qadeer’s work:
 BὊB=B LὊL=L RὊR=R AὊA=C CὊC=C EFFECT QUANTALES INDUCE AN ITERATION OPERATOR COMPATIBLE WITH PRIOR WORK! ⊢ e : bool | ⊢ e’ : | ’
 ⊢ while (e) e’ : | ▷(’Ὂ)*

Slide 69

Slide 69 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS A LITTLE BIT OF LATTICE THEORY: CLOSURE OPERATORS

Slide 70

Slide 70 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS A LITTLE BIT OF LATTICE THEORY: CLOSURE OPERATORS ▸ A closure operator on a poset P is a function f:P→P that is ▸ Extensive: ∀e, e ⊑ f(e) ▸ Idempotent: ∀e, f(f(e)) ⊑ f(e) ▸ Monotone: ∀e,e’, e ⊑ e’ => f(e) ⊑ f(e’)

Slide 71

Slide 71 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS A LITTLE BIT OF LATTICE THEORY: CLOSURE OPERATORS ▸ A closure operator on a poset P is a function f:P→P that is ▸ Extensive: ∀e, e ⊑ f(e) ▸ Idempotent: ∀e, f(f(e)) ⊑ f(e) ▸ Monotone: ∀e,e’, e ⊑ e’ => f(e) ⊑ f(e’) ▸ Codomain(f) is also the set of fixed points of f

Slide 72

Slide 72 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS A LITTLE BIT OF LATTICE THEORY: CLOSURE OPERATORS ▸ A closure operator on a poset P is a function f:P→P that is ▸ Extensive: ∀e, e ⊑ f(e) ▸ Idempotent: ∀e, f(f(e)) ⊑ f(e) ▸ Monotone: ∀e,e’, e ⊑ e’ => f(e) ⊑ f(e’) ▸ Codomain(f) is also the set of fixed points of f ▸ A closure operator (if it exists) is uniquely defined by its range ▸ Simple check, constructive proof

Slide 73

Slide 73 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS A LITTLE BIT OF LATTICE THEORY: CLOSURE OPERATORS ▸ A closure operator on a poset P is a function f:P→P that is ▸ Extensive: ∀e, e ⊑ f(e) ▸ Idempotent: ∀e, f(f(e)) ⊑ f(e) ▸ Monotone: ∀e,e’, e ⊑ e’ => f(e) ⊑ f(e’) ▸ Codomain(f) is also the set of fixed points of f ▸ A closure operator (if it exists) is uniquely defined by its range ▸ Simple check, constructive proof } 2/5 laws required for iteration!

Slide 74

Slide 74 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATION VIA CLOSURE OPERATORS

Slide 75

Slide 75 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATION VIA CLOSURE OPERATORS ▸ Picking the results of iteration is easier to think about, constrained by properties

Slide 76

Slide 76 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATION VIA CLOSURE OPERATORS ▸ Picking the results of iteration is easier to think about, constrained by properties ▸ Other 3/5 iteration laws require the range elements are idempotent, closed under joins, and above I

Slide 77

Slide 77 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATION VIA CLOSURE OPERATORS ▸ Picking the results of iteration is easier to think about, constrained by properties ▸ Other 3/5 iteration laws require the range elements are idempotent, closed under joins, and above I ▸ Taking X to the least idempotent element above X⊔I is a valid closure operator satisfying all 5 iteration laws

Slide 78

Slide 78 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATION VIA CLOSURE OPERATORS ▸ Picking the results of iteration is easier to think about, constrained by properties ▸ Other 3/5 iteration laws require the range elements are idempotent, closed under joins, and above I ▸ Taking X to the least idempotent element above X⊔I is a valid closure operator satisfying all 5 iteration laws ▸ Under some mild conditions

Slide 79

Slide 79 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ITERATION VIA CLOSURE OPERATORS ▸ Picking the results of iteration is easier to think about, constrained by properties ▸ Other 3/5 iteration laws require the range elements are idempotent, closed under joins, and above I ▸ Taking X to the least idempotent element above X⊔I is a valid closure operator satisfying all 5 iteration laws ▸ Under some mild conditions CLOSURE OPERATORS ALSO APPLY TO SEMANTIC APPROACHES

Slide 80

Slide 80 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DOES ITERATION DO WHAT WE WANT? YES!

Slide 81

Slide 81 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DOES ITERATION DO WHAT WE WANT? YES! ▸ For the EQ induced by a commutative system (i.e., reuse join as sequencing), iteration is the identity function, as expected

Slide 82

Slide 82 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DOES ITERATION DO WHAT WE WANT? YES! ▸ For the EQ induced by a commutative system (i.e., reuse join as sequencing), iteration is the identity function, as expected ▸ For the atomicity EQ, the derived operator coincides with Flanagan and Qadeer’s hand-constructed version

Slide 83

Slide 83 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DOES ITERATION DO WHAT WE WANT? YES! ▸ For the EQ induced by a commutative system (i.e., reuse join as sequencing), iteration is the identity function, as expected ▸ For the atomicity EQ, the derived operator coincides with Flanagan and Qadeer’s hand-constructed version ▸ For lock ownership: ▸ Iterating acquire/release is an error ▸ Iterating something that preserves lock ownership is the identity ▸ i.e., iteration is valid only for loop-invariant lock ownership

Slide 84

Slide 84 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ALSO IN THE PAPER

Slide 85

Slide 85 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ALSO IN THE PAPER ▸ An abstract core language with singleton effects and effect polymorphism, parameterized by effect quantale and primitives

Slide 86

Slide 86 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ALSO IN THE PAPER ▸ An abstract core language with singleton effects and effect polymorphism, parameterized by effect quantale and primitives ▸ Effect-preserving translation between Flanagan-Qadeer calculus and (instantiation of) our abstract core language

Slide 87

Slide 87 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ALSO IN THE PAPER ▸ An abstract core language with singleton effects and effect polymorphism, parameterized by effect quantale and primitives ▸ Effect-preserving translation between Flanagan-Qadeer calculus and (instantiation of) our abstract core language ▸ Precise (formal) relationship to prior semantic work

Slide 88

Slide 88 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ALSO IN THE PAPER ▸ An abstract core language with singleton effects and effect polymorphism, parameterized by effect quantale and primitives ▸ Effect-preserving translation between Flanagan-Qadeer calculus and (instantiation of) our abstract core language ▸ Precise (formal) relationship to prior semantic work ▸ Subtleties related to substitution with singleton effects

Slide 89

Slide 89 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS ALSO IN THE PAPER ▸ An abstract core language with singleton effects and effect polymorphism, parameterized by effect quantale and primitives ▸ Effect-preserving translation between Flanagan-Qadeer calculus and (instantiation of) our abstract core language ▸ Precise (formal) relationship to prior semantic work ▸ Subtleties related to substitution with singleton effects THANKS! QUESTIONS?

Slide 90

Slide 90 text

BACKUP SLIDES

Slide 91

Slide 91 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS SEQUENTIAL EFFECT SYSTEMS

Slide 92

Slide 92 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS SEQUENTIAL EFFECT SYSTEMS ⊢ e : | ⊢ e’ : ’ | ’
 ⊢ e; e’ : ’ | ▷’

Slide 93

Slide 93 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS SEQUENTIAL EFFECT SYSTEMS ⊢ e : | ⊢ e’ : ’ | ’
 ⊢ e; e’ : ’ | ▷’ ⊢ e : bool | ⊢ e’ : | ’
 ⊢ while (e) e’ : | ▷(’Ὂ)*

Slide 94

Slide 94 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS

Slide 95

Slide 95 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS ▸ Some effect systems have “pre” and “post” states Δ, like lock sets, or heap shapes

Slide 96

Slide 96 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS ;Δ ⊢ e : ⊣ Δ’ | ;Δ’ ⊢ e’ : ’ ⊣ Δ’’ | ’
 ;Δ ⊢ e; e’ : ’ ⊣ Δ’’ | ▷’ ▸ Some effect systems have “pre” and “post” states Δ, like lock sets, or heap shapes

Slide 97

Slide 97 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS ;Δ ⊢ e : ⊣ Δ’ | ;Δ’ ⊢ e’ : ’ ⊣ Δ’’ | ’
 ;Δ ⊢ e; e’ : ’ ⊣ Δ’’ | ▷’ ;Δ ⊢ e : bool ⊣ Δ’ | ;Δ’ ⊢ e’ : ⊣ Δ | ’
 ;Δ ⊢ while (e) e’ : ⊣ Δ’ | ▷(’Ὂ)* ▸ Some effect systems have “pre” and “post” states Δ, like lock sets, or heap shapes

Slide 98

Slide 98 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS ;Δ ⊢ e : ⊣ Δ’ | ;Δ’ ⊢ e’ : ’ ⊣ Δ’’ | ’
 ;Δ ⊢ e; e’ : ’ ⊣ Δ’’ | ▷’ ;Δ ⊢ e : bool ⊣ Δ’ | ;Δ’ ⊢ e’ : ⊣ Δ | ’
 ;Δ ⊢ while (e) e’ : ⊣ Δ’ | ▷(’Ὂ)* ▸ Some effect systems have “pre” and “post” states Δ, like lock sets, or heap shapes ▸ This obscures the fact that Δ and are managed the same way!

Slide 99

Slide 99 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS — REWRITTEN

Slide 100

Slide 100 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS — REWRITTEN ⊢ e : | (Δ⤳Δ’)⊗ ⊢ e’ : ’ | (Δ’⤳Δ’’)⊗’
 ⊢ e; e’ : ’ | ((Δ⤳Δ’)Ὂ(Δ’⤳Δ’’))⊗(▷’)

Slide 101

Slide 101 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS — REWRITTEN ⊢ e : | (Δ⤳Δ’)⊗ ⊢ e’ : ’ | (Δ’⤳Δ’’)⊗’
 ⊢ e; e’ : ’ | ((Δ⤳Δ’)Ὂ(Δ’⤳Δ’’))⊗(▷’) ⊢ e : bool | (Δ⤳Δ’)⊗ ⊢ e’ : | (Δ’⤳Δ)⊗’
 ⊢ while (e) e’ : | ((Δ⤳Δ’)Ὂ((Δ’⤳Δ)Ὂ(Δ⤳Δ’))*)⊗(▷(’Ὂ)*)

Slide 102

Slide 102 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS OTHER SEQUENTIAL EFFECT SYSTEMS — REWRITTEN ⊢ e : | (Δ⤳Δ’)⊗ ⊢ e’ : ’ | (Δ’⤳Δ’’)⊗’
 ⊢ e; e’ : ’ | ((Δ⤳Δ’)Ὂ(Δ’⤳Δ’’))⊗(▷’) ⊢ e : bool | (Δ⤳Δ’)⊗ ⊢ e’ : | (Δ’⤳Δ)⊗’
 ⊢ while (e) e’ : | ((Δ⤳Δ’)Ὂ((Δ’⤳Δ)Ὂ(Δ⤳Δ’))*)⊗(▷(’Ὂ)*) ‣ We can run two effect systems at once! ‣ Look at the (Δ⤳Δ’) effects — there is no natural bottom for their lattice!

Slide 103

Slide 103 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X*

Slide 104

Slide 104 text

▸ P1: ∀e, e ⊑ e* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE

Slide 105

Slide 105 text

▸ P1: ∀e, e ⊑ e* ▸ P2: ∀e, eὊe* ⊑ e* and e*Ὂe ⊑ e* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE FOLDING

Slide 106

Slide 106 text

▸ P1: ∀e, e ⊑ e* ▸ P2: ∀e, eὊe* ⊑ e* and e*Ὂe ⊑ e* ▸ P3: ∀e, (e*)* = e* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE FOLDING IDEMPOTENT

Slide 107

Slide 107 text

▸ P1: ∀e, e ⊑ e* ▸ P2: ∀e, eὊe* ⊑ e* and e*Ὂe ⊑ e* ▸ P3: ∀e, (e*)* = e* ▸ P4: ∀e,f, (e ⊔ f)* = e* ⊔ f* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE FOLDING IDEMPOTENT DISTRIBUTIVE

Slide 108

Slide 108 text

▸ P1: ∀e, e ⊑ e* ▸ P2: ∀e, eὊe* ⊑ e* and e*Ὂe ⊑ e* ▸ P3: ∀e, (e*)* = e* ▸ P4: ∀e,f, (e ⊔ f)* = e* ⊔ f* ▸ P5: ∀e, I ⊑ e* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE FOLDING IDEMPOTENT DISTRIBUTIVE “SIMPLE”

Slide 109

Slide 109 text

▸ P1: ∀e, e ⊑ e* ▸ P2: ∀e, eὊe* ⊑ e* and e*Ὂe ⊑ e* ▸ P3: ∀e, (e*)* = e* ▸ P4: ∀e,f, (e ⊔ f)* = e* ⊔ f* ▸ P5: ∀e, I ⊑ e* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE FOLDING IDEMPOTENT DISTRIBUTIVE “SIMPLE” } Hand-IDed by 
 Flanagan & Qadeer

Slide 110

Slide 110 text

▸ P1: ∀e, e ⊑ e* ▸ P2: ∀e, eὊe* ⊑ e* and e*Ὂe ⊑ e* ▸ P3: ∀e, (e*)* = e* ▸ P4: ∀e,f, (e ⊔ f)* = e* ⊔ f* ▸ P5: ∀e, I ⊑ e* A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS DESIDERATA FOR ITERATED EFFECTS: X* EXTENSIVE FOLDING IDEMPOTENT DISTRIBUTIVE “SIMPLE” } Hand-IDed by 
 Flanagan & Qadeer <— Byproduct of I=⊥
 in Flanagan and Qadeer

Slide 111

Slide 111 text

BRING ON THE MONADS!

Slide 112

Slide 112 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS THE SEQUENTIAL SEMANTICS OF PRODUCER EFFECT SYSTEMS ▸ Ross Tate, POPL 2013 ▸ Derived effectoids: algebraic structure with sequencing, “subeffecting” ▸ Non-deterministic sequencing operation ▸ Coherence condition ~ “non-determinism respects subeffects” ▸ Every effect quantale induces an effectoid ▸ Effectoids lack an explicit join ▸ Many (most reasonable) effectoids induce an effect quantale

Slide 113

Slide 113 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS PARAMETRIC EFFECT MONADS AND SEMANTICS OF EFFECT SYSTEMS ▸ Shin-ya Katsumata, POPL 2014 ▸ Index a monad by an algebra for sequencing: a partially- ordered monoid ▸ Now called “graded monads” ▸ “Most of the time” equivalent to effectoids ▸ Every effect quantale induces a graded monad ▸ Most partially-ordered monoids induce an effect quantale

Slide 114

Slide 114 text

A GENERIC APPROACH TO SEQUENTIAL EFFECT SYSTEMS EFFECT SYSTEMS REVISITED — CONTROL-FLOW ALGEBRA AND SEMANTICS ▸ Mycroft, Orchard, & Petricek, Semantics, Logics, and Calculi, 2016 ▸ Extend graded monads to graded joinads: index by a joinoid rather than a po-monoid ▸ monoid + parallel composition + ordered-conditional ?(-,-,-) ▸ ?(I,-,-) induces a form of join ▸ Similar, but weaker equations to effect quantales (only right distributive laws for ?(-,-,-) ▸ Every total effect quantale induces a joinoid (w/ degenerate parallelism) ▸ Joinoids can model control effects (effect quantales can’t)