Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001."— Presentation transcript:

1 A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001

2 Jeff Foster, OSQ Retreat, May 9-10, 20012 Introduction Aliasing: A long-standing problem –Pointers are hard to analyze...*p = 3... what is updated? –We need to know for compilers (optimization) software analysis tools (OSQ)

3 Jeff Foster, OSQ Retreat, May 9-10, 20013 Alias Analysis Research: Fully-automatic alias analysis –Type systems All aliases have same type –Points-to analysis e1 = e2 e1 points to whatever e2 points to Results –Type systems work well –May-alias analysis scales to big programs Usefulness of results?

4 Jeff Foster, OSQ Retreat, May 9-10, 20014 Too Important for Compiler C, C++, Java, ML, etc. –The compiler discovers all aliasing FORTRAN –The compiler can assume non-aliasing C99 –Have the user help the compiler

5 Jeff Foster, OSQ Retreat, May 9-10, 20015 Restrict C99 Standard int *restrict p =...; –Let p point to object o –Within p’s scope, all access to o are through p void f(int n, int *restrict p, int *restrict q) { while (n-- > 0) *p++ = *q++;// no aliasing }[ex. from C99 standard]

6 Jeff Foster, OSQ Retreat, May 9-10, 20016 This Work C99 does not check restrict –Low-level definition of safe use of restrict Goals of this work –Semantics for restrict –Type system for safe restrict –Soundness proof

7 Jeff Foster, OSQ Retreat, May 9-10, 20017 Examples { int *restrict p =...; { int *restrict r = p;...*r...// valid...*p...// invalid } } { int *restrict p = q;...*p... // valid...*q... // invalid } { int *restrict p =...; int *r = p;...*r...// valid }

8 Jeff Foster, OSQ Retreat, May 9-10, 20018 Source Language Lambda-calculus with restrict e ::= x | n | ref e | *e | e1 := e2 | \x.e | e1 e2 | restrict x = e1 in e2 restrict x = e1 in e2 –x is in scope only within e2 –x is a pointer –x is initialized to e1 –within e2, only x can be used to access *x

9 Jeff Foster, OSQ Retreat, May 9-10, 20019 [loc’  error, loc  S’’(loc’)] v; S’’ Big-Step Semantics S e1  loc; S’, loc  errorS’ e2  v; S’’ [loc’  S’(loc) ] [x  loc’] loc’ fresh S e  loc; S’ loc  dom(S’) S *e  S’(loc); S’ S restrict x = e1 in e2 

10 Jeff Foster, OSQ Retreat, May 9-10, 200110 Type System Type and Effect system  ::=  base type | ref  (  )pointer to abstract loc  |  1  L  2function with effect L L ::= Øno effect |  access to location  | L1  L2 effect union | L -  effect difference

11 Jeff Foster, OSQ Retreat, May 9-10, 200111 Type Rules A e :  ; L –In environment A, expression e has type  –evaluating e has effect L A e1 :  1  L  2; L1A e2 :  1; L2 A e1 e2 :  ; L1  L2  L A e : ref  (  ); L A *e :  ; L  

12 Jeff Foster, OSQ Retreat, May 9-10, 200112 Restrict Rule A e1 : ref  (  ); L1 A restrict x = e1 in e2 : A[x  ref  ’ (  )] e2 :  2; L2   L2  ’  A    ’  2; L1  (L2 -  ’)  

13 Jeff Foster, OSQ Retreat, May 9-10, 200113 Soundness Theorem: If Ø e :  ; L, then S e  r; S’ where r is not error Proof: Show subject-reduction property

14 Jeff Foster, OSQ Retreat, May 9-10, 200114 Type Inference Given program, compute types, locs, effects –Naive algorithm obvious Add effect variables ranging over L Perform type inference, ignore ,  constraints Check ,  at end –Polynomial-time algorithm –Efficiency in practice? Future work: polymorphic recursion –The  constraints make things interesting

15 Jeff Foster, OSQ Retreat, May 9-10, 200115 Applications: Optimization C99: Restrict used for optimizations –Can treat restricted pointer like stack location (whose address isn’t taken) –Optimizations sound with checked restrict Type system not complete –C99 standard allows hard-to-check uses of restrict Dead code that access restricted locations allowed Strange use of restrict in data structures Multiple restrict pointers into same array allowed

16 Jeff Foster, OSQ Retreat, May 9-10, 200116 Application: Flow-Sensitive Type Qualifiers Apply Alias Types, Vault techniques to type qualifiers for flow-sensitivity Problem: Elements of data structures FILE a[...]; spin_lock(a[i]);... spin_unlock(a[i]); Goal: Avoid dependent type systems

17 Jeff Foster, OSQ Retreat, May 9-10, 200117 Applications: Strong-Update Two rules for assignment foo(x) {...  *x = e ...} –If |PTSet(x)| = 1[[*x]]  = [[e]] –If |PTSet(x)| > 1 [[*x]]  = [[*x]]   [[e]] Standard Alias Analysis –Points-to sets only grow –Once |PTSet(x)| > 1, lose precision

18 Jeff Foster, OSQ Retreat, May 9-10, 200118 Applications: Strong-Update (2) Restrict recovers singleton points-to sets foo(int *restrict x) {... } –Can assume |PTSet(x)| = 1 at beginning of foo –Other aliases of *x cannot be used in foo Can recover even from complicated aliasing foo(a->b[c].d->f->g[h->i])

19 Jeff Foster, OSQ Retreat, May 9-10, 200119 Summary Alias analysis too important to leave to the compiler Restrict tells compiler where to assume non- aliasing Use of restrict can be type checked –Type and effect system –Soundness proof uses standard subject-reduction

Download ppt "A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001."

Similar presentations

Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.

Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.
CPSC 388 – Compiler Design and Construction

CPSC 388 – Compiler Design and Construction
Kathleen Fisher cs242 Reading: “Concepts in Programming Languages”, Chapter 6.

Kathleen Fisher cs242 Reading: “Concepts in Programming Languages”, Chapter 6.
Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.

Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Programming Languages and Paradigms

Programming Languages and Paradigms
Compilation 2011 Static Analysis Johnni Winther Michael I. Schwartzbach Aarhus University.

Compilation 2011 Static Analysis Johnni Winther Michael I. Schwartzbach Aarhus University.
Adapted from Scott, 20061 Chapter 6:: Control Flow Programming Language Pragmatics Michael L. Scott.

Adapted from Scott, Chapter 6:: Control Flow Programming Language Pragmatics Michael L. Scott.
Programming Paradigms Introduction. 6/15/2005 Copyright 2005, by the authors of these slides, and Ateneo de Manila University. All rights reserved. L1:

Programming Paradigms Introduction. 6/15/2005 Copyright 2005, by the authors of these slides, and Ateneo de Manila University. All rights reserved. L1:
Current Techniques in Language-based Security David Walker COS 597B With slides stolen from: Steve Zdancewic University of Pennsylvania.

Current Techniques in Language-based Security David Walker COS 597B With slides stolen from: Steve Zdancewic University of Pennsylvania.
1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.

1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.
Getting started with ML ML is a functional programming language. ML is statically typed: The types of literals, values, expressions and functions in a.

Getting started with ML ML is a functional programming language. ML is statically typed: The types of literals, values, expressions and functions in a.
Names and Bindings.

Names and Bindings.
A Type System for Well-Founded Recursion Derek Dreyer Carnegie Mellon University POPL 2004 Venice, Italy.

A Type System for Well-Founded Recursion Derek Dreyer Carnegie Mellon University POPL 2004 Venice, Italy.
Checking and Inferring Local Non-Aliasing Alex AikenJeffrey S. Foster UC BerkeleyUMD College Park John KodumalTachio Terauchi UC Berkeley.

Checking and Inferring Local Non-Aliasing Alex AikenJeffrey S. Foster UC BerkeleyUMD College Park John KodumalTachio Terauchi UC Berkeley.
Variables Names Bindings Type Scope. L-Value versus R-Value Not complicated Associated with assignment statements Left hand side represents an address.

Variables Names Bindings Type Scope. L-Value versus R-Value Not complicated Associated with assignment statements Left hand side represents an address.
Introduction The Approach ’ s Overview A Language of Pointers The Type System Operational Semantics Type Safety Type Inference The Rest of C Experiments.

Introduction The Approach ’ s Overview A Language of Pointers The Type System Operational Semantics Type Safety Type Inference The Rest of C Experiments.
Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification.

Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification.
Program analysis Mooly Sagiv html://www.cs.tau.ac.il/~msagiv/courses/wcc06.html.

Program analysis Mooly Sagiv html://
Refining Abstract Locations Tachio Terauchi Jeff Foster Alex Aiken.

Refining Abstract Locations Tachio Terauchi Jeff Foster Alex Aiken.

Similar presentations

Ads by Google