linear regions are all you need

Linear Regions Are All You Need

Matthew Fluet

Cornell University

Greg Morrisett & Amal Ahmed

Harvard University

Memory Management

Dynamic allocation pervasive in computation

Memory Management

Dynamic allocation pervasive in computation

Region-based Memory Management– Memory is divided into regions– Objects are individually allocated in a region

constant-time operation

– All objects in a region are deallocated together constant-time operation

Application: Cyclone

Cyclone Safe-C Project– type-safety– with the “virtues” of C

low-level interface with manifest cost model

– range of memory management options regions are an organizing principle

Cyclone: Regions

Region varietyAllocation

(objects)

DeallocationAliasing

(objects)(what) (when)

Stack static

whole region

exit of lexical scope

unrestricted

Lexical

dynamic

Dynamicmanual

Dynamic seq.

Heap (`H)

single objects

automatic(BDW GC)

Unique (`U)

manual restrictedRef-counted (`RC)

MediaNET– TCP benchmark (packet forwarding)– Cyclone v.0.1 (lexical regions & garbage collector)

High water mark: 840 KB 130 collections Basic throughput: 50 MB/s

– Cyclone v.0.5 (unique pointers & dynamic regions) High water mark: 8 KB 0 collections Basic throughput: 74MB/s

MediaNET– TCP benchmark (packet forwarding)– Cyclone v.0.1 (lexical regions & garbage collector)

High water mark: 840 KB 130 collections Basic throughput: 50 MB/s

– Cyclone v.0.5 (unique pointers & dynamic regions) High water mark: 8 KB 0 collections Basic throughput: 74MB/s

Cyclone: Regions

(objects)

Stack static

whole region

unrestricted

Lexical

dynamic

Dynamicmanual

Dynamic seq.

Heap (`H)

single objects

automatic(BDW GC)

Unique (`U)

Proving type safety of Cyclone is a nightmare!!

Cyclone: Regions

(objects)

Stack static

whole region

unrestricted

Lexical

dynamic

Dynamicmanual

Dynamic seq.

Heap (`H)

single objects

automatic(BDW GC)

Unique (`U)

Goal: simple model where we can easily encode the key features of Cyclone in a target language with

a simpler type system.

Cyclone: Regions

(objects)

Stack static

whole region

unrestricted

Lexical

dynamic

Dynamicmanual

Dynamic seq.

Heap (`H)

single objects

automatic(BDW GC)

Unique (`U)

Linear RegionsAre All You Need

Outline

Introduction

Monadic Type System (FRGN) [ICFP’04]

Substructural Type System (rgnUL)– Translation Sketch

Conclusion

Monadic Type System for Regions [ICFP’04]

Extend the runST “trick” to nested regions [L-PJ ’94]

– Polymorphic type system ensures safety

Key insights (FRGN):– Effects map to an indexed monadic type– Region subtyping witnessed by types– Sufficient for encoding Tofte-Talpin region calculus

and “core” Cyclone region features

RGN monad: Types

Monadic type

RGN computations in stack of regions returning values of type ;a “stack” transformer

RGN monad: Operations

Monadic unit and bind

returnRGN ::

8,. ! RGN

thenRGN ::

8,,. RGN ! ( ! RGN ) ! RGN

returnRGN ::

8,. ! RGN

thenRGN ::

8,,. RGN ! ( ! RGN ) ! RGN

returnRGN ::

8,. ! RGN

thenRGN ::

8,,. RGN ! ( ! RGN ) ! RGN

RGN monad: Types

Reference type

Ref values of type allocated in region

at the top of the stack of regions

Create and read region allocated values

new ::

8,. ! RGN (Ref )

read ::

8,. Ref ! RGN

Create and read region allocated values

new ::

8,. ! RGN (Ref )

read ::

8,. Ref ! RGN

RGN monad: Encapsulation

Encapsulate and run a monadic computation

runRGN ::

8. (8. RGN ) !

runRGN ::

8. (8. RGN ) !

runRGN ::

8. (8. RGN ) !

“for all stacks” ) no assumptions about

stack of regions

runRGN ::

8. (8. RGN ) !

stack of regions

runRGN ::

8. (8. RGN ) !

result is independent of stack ) 62 frv() )

region values don’t escape

stack of regions

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

1 a : 1

inputallocated in first region

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

input allocated in first region

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

temporary allocated in second region

inputallocated in first region

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

input and outputallocated in first region

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

1 a : 1

input and outputallocated in first region

RGN monad: Example

runRGN ( 1.

do a Ã new [1] 1

c Ã runRGN ( 2.

do b Ã new [2] 7

… z = …

new [1] z )

… c … )

allocating in older region

requires RGN 1 type

allocating in younger region

requires RGN 2 type

RGN monad: Witnesses

Witness type

Pf(1 · 2) –

type-level proof that the stack of regions 1

is a substack of the stack of regions 2

RGN monad: Witnesses

Witness operations

coerceRGN ::

81,2,. Pf(1 · 2) ! RGN 1 ! RGN 2

transSub ::

81,2,3. Pf(1 · 2) ! Pf(2 · 3) ! Pf(1 · 3)

RGN monad: Regions

Regions are created and destroyedwith a lexically scoped construct

letRGN ::

81,. (82. Pf(1 · 2) ! RGN 2 ) ! RGN 1

RGN monad: Regions

Regions are created and destroyedwith a lexically scoped construct

letRGN ::

81,. (82. Pf(1 · 2) ! RGN 2 ) ! RGN 1

RGN monad: Example

letRGN ( 1. pf1.

do a Ã new [1] 1

c Ã letRGN ( 2. pf2.

do b Ã new [2] 7

… z = …

coerceRgn pf (new [1] z ))

… c … )

Limitations of LIFO Regions

Lexical scope is ill-suited for– iterative computations

Conway’s Game of Life; copying GC

– CPS-based computations– event-based computations

Limitations of LIFO Regions

Lexical scope is ill-suited for– iterative computations

Conway’s Game of Life; copying GC

– CPS-based computations– event-based computations

But, lexical scope was ensuring that the stack of regions was used in a single-threaded manner

Substructural Type Systems

Provide core mechanisms to restrict the number and order of uses of data and operations– generalization of linear type systems

Substructural Type System: UL

Qualifiers

q ::= U j L

PreTypes

::= 1 j 1 £ 2 j 1 ! 2 j 8. j 9.

Qualifiers

q ::= U j L

PreTypes

::= 1 j 1 £ 2 j 1 ! 2 j 8. j 9.

How maythe value be used?

Qualifiers

q ::= U j L

PreTypes

::= 1 j 1 £ 2 j 1 ! 2 j 8. j 9.

How maythe value be used?

How often maythe value be used?

Substructural Qualifiers

UnrestrictedDrop Copy

Linear

must be “used” exactly once

may be “used” an arbitrary # of times

Substructural Type System for Regions

Provide core mechanisms to restrict the number and order of uses of data and operations– generalization of linear type systems

Key insights (rgnUL):– Separate region names from region liveness– Region liveness witnessed by types– Sufficient for encoding FRGN calculus

and “advanced” Cyclone region features

rgnUL = UL + Regions

PreTypes

::= … j cap j ref j 8. j 9.

“capability” for region ;mediates all access to a region

for allocating, reading, and writing

rgnUL: Region Primitives

Regions are created and destroyedwith separate operations

newrgn ::U1 ! (9. Lcap )

freergn ::

8. (Lcap ! U1)

freergn ::

8. (Lcap ! U1)

Produces a capability.

Consumes a capability.

freergn ::

8. (Lcap ! U1)

new ::

8,. ((Lcap £ U) !(Lcap £ Uref U))

read ::

8,. ((Lcap £ Uref U) !(Lcap £ U))

new ::

8,. ((Lcap £ U) !(Lcap £ Uref U))

read ::

8,. ((Lcap £ Uref U) !(Lcap £ U))

Returns a capability.

Requires a capability.

new ::

8,. ((Lcap £ U) !(Lcap £ Uref U)

read ::

8,. ((Lcap £ Uref U) !(Lcap £ U)

Translation: FRGN to rgnUL, Types

« RGN ¬ = U( ! L( £ «¬))

« RGN ¬ = ! ( £ «¬)

– operational behavior of monad is store/stack-passing

« RGN ¬ = ! ( £ «¬)

– operational behavior of monad is store/stack-passing

« RGN ¬ = ! ( £ «¬)

– operational behavior of monad is store/stack-passing– represent “stack of regions”

as a sequence of linear capabilities,formed out of nested linear tuples

« RGN ¬ = ! ( £ «¬)

– operational behavior of monad is store/stack-passing– represent “stack of regions”

as a sequence of linear capabilities,formed out of nested linear tuples

Translation: FRGN to rgnUL, Ops

« returnRGN [] [] e ¬ =let res : «¬ = «e¬ inUstk:. Lhstk,resi

« thenRGN [] [a] [b] e1 e2 ¬ =let f : «RGN a¬= «e1¬ inlet g : «a ! RGN b¬ = «e2¬ inUstk:. let hstk,resi = f stk in g res stk

« returnRGN [] [] e ¬ =let res : «¬ = «e¬ inUstk:. Lhstk,resi

« thenRGN [] [a] [b] e1 e2 ¬ =let f : «RGN a¬= «e1¬ inlet g : «a ! RGN b¬ = «e2¬ inUstk:. let hstk,resi = f stk in g res stk

Store-passing

encoding

« Pf(1 · 2) ¬ = U(9’. Iso(2, L(1 £ ’)))

– Isomorphism between 2 and L(1 £ ’), for some “slack” ’

« Pf(1 · 2) ¬ = U(9’. Iso(2, L(1 £ ’)))

– Isomorphism between 2 and L(1 £ ’), for some “slack” ’

– Proof that 1 is a substack of 2 is persistent

– Liveness of 1 and 2 is ephemeral

« Ref ¬ = U(9. U(U(9’. Iso(, L(’ £ Lcap )))« Ref ¬ = U(9. U(£ Uref «¬))

« Ref ¬ = 9. (9’. Iso(, L(’ £ Lcap ))« Ref ¬ = 9. (£ Uref «¬)

Existential fixes region

« Ref ¬ = 9. (9’. Iso(, L(’ £ Lcap ))« Ref ¬ = 9. (£ Uref «¬)

Existential fixes region Isomorphism witnesses membership of in

« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! Hnd 2 ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,hcap,hndi) = newrgn Lhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let phnd = Upack(,UhUpack(1,Uhid,idi),hndi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit phnd stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] Lhcap,hndi inUstk1:1.Lhstk1,resi

« letRGN [1] [] e ¬ = let f : «82. Pf(1·2) ! RGN 2 ¬ = «e¬ inUstk1:1.let pack(,cap) = newrgn Uhi inUstk1:1.let stk2 = Lhstk1,capi inUstk1:1.let id = Ustk: L(1 Lcap ).stk inUstk1:1.let pwit = Upack(Lcap ,Uhid,idi) inUstk1:1.let hstk2,resi = f [L(1 Lcap )] pwit stk2 inUstk1:1.let hstk1,capi = stk2 inUstk1:1.let hi = freergn [] cap inUstk1:1.Lhstk1,resi

Stack-passing encoding

Create & destroy a new region

Construct rep.of new stack

Run comp. and recover old stack

and new cap

Construct isomorphism

Encoding Cyclone Features

Many of Cyclone’s features fit into this framework– Lexical Regions– Dynamic Regions– Heap– Reaps– Unique Pointers

See paper for more details.

Future Work

In practice, capabilities shouldn’t be values

Encode results of region analyses– Aiken et.al. [PLDI’95], Henglein et.al. [PPDP’01]

Combine convenience of monadic encapsulation with power of substructural threading

Conclusion

Substructural type systems applicable to encoding region-based memory management– target-level language exposes commonalities

in source-level language features

Scope vs. Lifetime– Lexical scope of region name– Un-scoped lifetime of region capability

Unrestricted witnesses vs. Linear capabilities

linear regions are all you need

rgn s ref s aread

rgn s athenrgn

rgn s argn monad

rgn s brgn monad

stack of regions srgn

stack of regionsrgn

stack transformerrgn

monadic computationrunrgn

Documents

what amazonia does the world need? · what amazonia does...

solve linear systems by graphing - weebly · day 1 solve...

a (terse) introduction to linear algebraproof: Φ is clearly...

hough transform - universitetet i oslo · an image with...

everything you need to know about the linear model

a regional approach to economic development€¦ · high...

linear algebra refresher -...

graphing linear inequalities notes - math with mrs....

statistical inference for the linear regression...

inequalities and linear...

atmospheric correction for turbid waters in coastal regions:...

optimising reinforcement design in d regions using non...

the general linear model and statistical parametric...

cable extension transducers cale ash cee 398kuc. measurement...

linear referencing tutorial -...

wandering through linear types, capabilities, and...

high resolution melts · melting curves-normalized by...

chapter 5 notes lesson 5.1 – write linear … lesson 5.2...

special regulatory issues in different regions: south...

orf 522 linear programming and convex analysis · • the...