Kohei Suenaga

Resource Usage Analysis for the Pi-Calculus

We propose a type-based resource usage analysis for the π-calculusnextended with resource creation/access primitives. The goal of the resourcenusage analysis is to statically check that a program accesses resources such asnfiles and memory in a valid manner. Our type system is an extension of previousnbehavioral type systems for the π-calculus, and can guarantee the safetynproperty that no invalid access is performed, as well as the property thatnnecessary accesses (such as the close operation for a file) are eventuallynperformed unless the program diverges. A sound type inference algorithm for thentype system is also developed to free the programmer from the burden of writingncomplex type annotations. Based on the algorithm, we have implemented anprototype resource usage analyzer for the π-calculus. To the authorsnknowledge, ours is the first type-based resource usage analysis that deals withnan expressive concurrent language like the pi-calculus.

Type-Based Deadlock-Freedom Verification for Non-Block-Structured Lock Primitives and Mutable References

We present a type-based deadlock-freedom verification for concurrent programs with non-block-structured lock primitives and mutable references. Though those two features are frequently used, they are not dealt with in a sufficient manner by previous verification methods. Our type system uses a novel combination of lock levels, obligations and ownerships . Lock levels are used to guarantee that locks are acquired in a specific order. Obligations and ownerships guarantee that an acquired lock is released exactly once.

Resource usage analysis for the π-calculus

We propose a type-based resource usage analysis for the (pi)-calculus extended with resource creation/access primitives. The goal of the resource usage analysis is to statically check that a program accesses resources such as files and memory in a valid manner. Our type system is an extension of previous behavioral type systems for the pi-calculus, and can guarantee the safety property that no invalid access is performed, as well as the property that necessary accesses (such as the close operation for a file) are eventually performed unless the program diverges. A sound type inference algorithm for the type system is also developed to free the programmer from the burden of writing complex type annotations. Based on the algorithm, we have implemented a prototype resource usage analyzer for the π-calculus. To the authors knowledge, ours is the first type-based resource usage analysis that deals with an expressive concurrent language like the π-calculus.

Type-based analysis of deadlock for a concurrent calculus with interrupts

The goal of our research project is to establish a type-based method for verification of certain critical properties (such as deadlock-and race-freedom) of operating system kernels. As operating system kernels make heavy use of threads and interrupts, it is important that the method can properly deal with both of the two features. As a first step towards the goal, we formalize a concurrent calculus equipped with primitives for threads and interrupts handling.We also propose a type system that guarantees deadlock-freedom in the presence of interrupts. To our knowledge, ours is the first type system for deadlock-freedom that can deal with both thread and interrupt primitives.

Translation of Tree-Processing Programs into Stream-Processing Programs Based on Ordered Linear Type

There are two ways to write a program for manipulating tree-structured data such as XML documents and S-expressions: One is to write a tree-processing program focusing on the logical structure of the data and the other is to write a stream-processing program focusing on the physical structure. While tree-processing programs are easier to write than stream-processing programs, tree-processing programs are less efficient in memory usage since they use trees as intermediate data. Our aim is to establish a method for automatically translating a tree-processing program to a stream-processing one in order to take the best of both worlds. We define a programming language for processing binary trees and a type system based on ordered linear type, and show that every well-typed program can be translated to an equivalent stream-processing program.

Extension of type-based approach to generation of stream-processing programs by automatic insertion of buffering primitives

In our previous paper, we have proposed a framework for automatically translating tree-processing programs into stream-processing programs. However, in writing programs that require buffering of input data, a user has to explicitly use buffering primitives which copy data from input stream to memory or copy constructed trees from memory to an output stream. Such explicit insertion of buffering primitives is often cumbersome and worsens the readability of the program. We overcome the above-mentioned problems by developing an algorithm which, given any simply-typed tree-processing program, automatically inserts buffering primitives. The resulting program is guaranteed to be well-typed under our previous ordered-linear type system, so that the program can be further transformed into an equivalent stream-processing program using our previous framework.

Fractional Ownerships for Safe Memory Deallocation

We propose a type system for a programming language with memory allocation/deallocation primitives, which prevents memory- related errors such as double-frees and memory leaks. The main idea is to augment pointer types with fractional ownerships, which express both capabilities and obligations to access or deallocate memory cells. By assigning an ownership to each pointer type constructor (rather than to a variable), our type system can properly reason about list/tree-manipulating programs. Furthermore, thanks to the use of fractions as ownerships, the type system admits a polynomial-time type inference algorithm, which serves as an algorithm for automatic verification of lack of memory-related errors. A prototype verifier has been implemented and tested for C programs.

Translation of tree-processing programs into stream-processing programs based on ordered linear type1

There are two ways to write a program for manipulating tree-structured data such as XML documents: One is to write a tree-processing program focusing on the logical structure of the data and the other is to write a stream-processing program focusing on the physical structure. While tree-processing programs are easier to write than stream-processing programs, tree-processing programs are less efficient in memory usage since they use trees as intermediate data. Our aim is to establish a method for automatically translating a tree-processing program to a stream-processing one in order to take the best of both worlds. We first define a programming language for processing binary trees and a type system based on ordered linear type, and show that every well-typed program can be translated to an equivalent stream-processing program. We then extend the language and the type system to deal with XML documents. We have implemented an XML stream processor generator based on our algorithm, and obtained promising experimental results.

The Interface Definition Language for Fail-Safe C

Fail-Safe C is a safe implementation of full ANSI-C being developed by Oiwa and Sekiguchi. It uses its own internal data representations such as 2-word pointers and memory blocks with headers describing their contents. Because of this, calls to external functions compiled by conventional compilers require conversion of data representations. Moreover, for safety, many of those functions need additional checks on their arguments and return values. This paper presents a method of semi-automatically generating a wrapper doing such work. Our approach is to develop an Interface Definition Language to describe what the wrappers have to do before and after function calls. Our language is based on CamlIDL, which was developed for a similar purpose between Objective Caml and C. Our IDL processor generates code by using the types and attributes of functions. The attributes are additional information describing properties which cannot be expressed only by ordinary types, such as whether a pointer can be NULL, what range of memory can be safely accessed via a pointer, etc. We examined Linux system calls as test cases and designed a set of attributes required for generating their wrapper.

Ordered Types for Stream Processing of Tree-Structured Data

Suenaga et al. have developed a type-based framework for automatically translating tree-processing programs into streamprocessing ones. The key ingredient of the framework was the use of ordered linear types to guarantee that a treeprocessing program traverses an input tree just once in the depth-first, left-to-right order (so that the input tree can be read from a stream). Their translation, however, sometimes introduces redundant buffering of input data. This paper extends their framework by introducing ordered, non-linear types in addition to ordered linear types. The resulting transformation framework reduces the redundant buffering, generating more efficient stream-processing programs.