PPL

Static Verification: Type Inference

Lecture Notes: Chapter 2

Midterm 2011הפרוצדורות -fooנתונות :gooו

(define foo (lambda (x) (display x) (newline) (+ x 2)))(define goo (lambda (x) (display 5) (newline) (+ x 1)))

א. בחישוב של הביטוי > (foo (goo 0))

התקבל הפלט הבא על המסך:5153

מהי שיטת החישוב של האינטרפרטר? סמן בעיגול תשובה יחידה.1.applicative order 2. normal order

Type Inference

• Based on

S. Krishnamurthi. Programming Languages: Application and Interpretation 2007.Chapters 24-26

Lecture notes chapter 2.3

Program Correctness• Type correctness– Verify that the types of expressions in the program

are “correct” – well-typing– E.g. + is applied to numbers– In other languages: we should also check that the

type of value stored in a variable correspond to the variable declared type

• Program Verification– Verify that the program halts and produces the

“correct” output– Somewhat easier with design-by-contract, where it

can be done in a modular fashion

Languages and Types

• Fully typed (every value has a type)– C, Pascal, Java..

• Semi-typed (allow typeless structures of values)– Scheme

• Untyped– Prolog

• Well-typing rules– Define relationships between types

Static/Dynamic Type Check

• Static– Based on program code – can be applied off-line

• Dynamic– Needs concrete data – done at runtime

Type Checking and Inference

Type Checking. Given an expression, and a “goal” type T, verify that the expression type is T.

Example: Given the expression (+ (f 3) 7), we need to verify that (f 3) is a number.Type Inference. Infer the type of an expression Example: (f 3)

Type Language

• We need a way to specify types– We know: Number, booleans, symbol– New: Union, Void, Tuple– Type polymorphism

Union

What is the type of(if (= y 0) 'error (/ 1 y)) ?

Symbol union Number

Union

• No value constructor• Type Constrcutor is union• Simplification rules– S union S = S– S union T = T union S

Void

What is the type of(λ (x) (display (+ 1 x))) ?

[Number -> Void]

Void

• Singleton set {void}• Cannot be embedded in a composite

expression

Tuples

What is the type of:(λ (x y) (+ x y)) ?

We know that: [Number * Number -> Number]

What about (λ () 5) ?

Types in Scheme (cnt’)

• Tuple Type– Procedures with any number of parameters: n-

tuples.– Empty for 0-tuples.– T1*…*Tn for n-tuples.– * is type constructor– Cannot be a returned type

Procedures and Type Polymorphism

• What is the type of:(lambda (x) x) ?

[Number -> Number][Boolean -> Boolean][[Empty -> Number] -> [Empty -> Number]]

...[T -> T]

Procedures and Type Polymorphism

• What is the type of:(lambda (f x) (f x))[[T1 -> T2]*T1 -> T2]

(lambda (f x) ( (f x) x))[[T1 -> [T1 -> T2]]*T1 -> T2]

• Instantiations, type variables renaming...

Type Language

Type -> ’Void’ | Non-voidNon-Void -> Atomic | Composite | Type-variableAtomic -> ’Number’ | ’Boolean’ | ’Symbol’Composite -> Procedure | Tuple | UnionProcedure -> ’[’ Tuple ’->’ Type ’]’Tuple -> (Non-void ’*’ )* Non-void | ’Empty’Union -> Type ’union’ TypeType-variable -> A symbol

Static Type Inference

• Infers the type of an expression• Checks for correctness of types (well-typeness) • Example: type inference for (+ x 5) states

that given x is a Number, the type is Number.• Similar to logic inference:– Definitions– Axioms– Rules– Algorithm

Terms

• Type Environment– Mapping variables to types– Example: Tenv = {x:Number, y:[Number –> T]}– Notation: Tenv(x) = Number– Can be extended: {x:Number, y:[Number –> T]} ◦ {z:boolean} =

{x:Number, y:[Number –> T], z:boolean}{} ◦ {x1:T1,...,xn:Tn} = {x1:T1,...,xn:Tn}

– Extension pre-condition: new variables are different from old ones.

Terms

• Typing statement– Tenv |- e:T– Under Tenv, the expression e has the type T

• {x<-Number} |- (+ x 5):Number

– Type variables (as well as unbound variables) used in such statements are defined to be universally quantified• {x:[T1 –> T2], y:T1} |- (x y):T2

– A typing statement can be instantiated by consistent replacement of type variables

Restricted Scheme (syntax)

<scheme-exp> -> <exp><exp> -> <atomic> | <composite><atomic> -> <number> | <boolean> | <variable><composite> -> <special> | <form><number> -> Numbers<boolean> -> ’#t’ | ’#f’<variable> -> sequences of letters<special> -> <lambda> | <quote><form> -> ’(’ <exp>+ ’)’<lambda> -> ’(’ ’lambda’ ’(’ <variable>* ’)’ <exp>+ ’)’<quote> -> ’(’ ’quote’ <variable> ’)’

For now: no ‘if’s, no ‘define’sand no recursive procedures

Typing Axioms

• To infer the type of an expression (as well as whether or not it is well-typed), we need to define rules

• To be used on sub-expressions, to derive types of the more complex expression

• Only abbreviated forms are given here, see lecture notes for full description of rules.

Typing axiomsTyping axiom Number:For every type environment _Tenv and number _n:_Tenv |- _n:Number

Typing axiom Boolean :For every type environment _Tenv and boolean_ b:_Tenv |- _b:Boolean

Typing axiom Variable :For type environment _Tenv and variable _v:_Tenv |- _v: _Tenv (_v)

Typing axioms Primitive procedure :_Tenv |- +:[Number* ... *Number -> Number]_Tenv |- not:[S -> Boolean] where S is a type variable. _Tenv |- display:[S -> Void]…

Typing RulesTyping rule Procedure :For all _xi,_Si,_bi,U_i….If Tenv ° {_x1<-_S1, ..., _xn<-_Sn} |- _b:_Ui for all i=1..m,Then Tenv |- (lambda (_x1 ... _xn) _b1 ..._ bm):[_S1*...*_Sn -> _Um]

Typing rule Application :If Tenv |- f:[S1*...*Sn -> S],Tenv |- e1:S1, ..., Tenv |- en:SnThen Tenv |- (f e1 ... en):S

More properties

Monotonicity: Type environments in typing statements in derivations can be extended.• That is, addition of type environments to a type

environment does not invalidate an already derived typing statement for that type environment

• If a type derivation includes Tenv |- e:T, then it can include also Tenv ° {v : S} |- e:T for every variable v not in Tenv, and every type expression S.

• We try to derive the “maximal” type

More properties

Instantiation: Every instance of a derived typing statement in a derivation is also a derived typing statement (an instance typing statement).

Expression Trees

The nesting of expressions can be viewed as a tree

Sub-trees correspond to composite expressions

For lambda expressions, their body expressions reside in their children

Leaves correspond to atomic ones

Expression Tree Example

Tree for (+ 2 (+ 5 7))

(+ 2 (+ 5 7))

+ (+ 5 7)2

+ 5 7

Type Derivation (inference) Algorithm

Main idea: go bottom-up on the expression tree, deriving new type statements by using the “type-statements-pool”, rules and substitution Add the result to the type-statements-pool

Declare T if you get |-e:T, FAIL otherwise

See exact algorithm in lecture notes!

Well-typeness

• Definition: If Type-derivation(e) ends with { } |- e:t, We say that e is well typed, and its type is t. The sequence of typing statements in derived-ts-pool is a type derivation for e.

Example

Derive a typing statement for (+ 2 ( + 5 7))

(+ 2 (+ 5 7))

+ (+ 5 7)2

+ 5 7

We start with the leaves: we use Number and primitives axioms.

1. { } |- 5:Number2. { } |- 7:Number3. { } |- 2:Number4. { } |- +:[Number*Number -> Number]

Next we deal with (+ 5 7): Application axiom.For every:

type environment _Tenv,expressions _f, _e1, ..., _en, n > 0 , and

type expressions _S1, ..., _Sn, _S:

Procedure with parameters (n > 0):If

_Tenv |- _f:[_S1*...*_Sn -> _S],

_Tenv |- _e1:_S1, ..., _Tenv |- _en:_Sn

Then _Tenv |- (_f _e1 ... _e):_S

Application of typing rule Application to typing statements 4,1,2, with type substitution

{_S1=Number, _S2=Number, _S=Number}:

5. { } |- (+ 5 7):Number

Application of typing rule Application to typing statements 4,3,5, with type substitution

{_S1=Number, _S2=Number, _S=Number}:

6. { } |- (+ 2 (+ 5 7)):Number

Done

Type-Derivation Algorithm

• Input: expression e• Output: Typing statement and derivation (or

FAIL)

Type-Derivation Algorithm

1. Rename e2. Let pool = {}3. Apply axiom for all leaves.4. Apply rules for all sub-expressions5. If pool contains ts Tenv |- e:t

1. Output: <ts, pool>2. Else output FAIL

Example((λ (x) (+ x 3)) 5)

5(λ (x) (+ x 3))

(+ x 3)

3x+

Throwing in definitions

1. A definition expression (define x e) is well typed if e is well typed.2. An expression e, that follows (occurs after) well typed definitions (define xi ei) i =1…n, in which ei has type Ti, is well typed and has type S, if Type-derivation(e) outputs a typing statement Tenv |- e:S, where Tenv may include only the type assumptions xi:Ti’ for Ti’, an instance of Ti.

3. No repeated definition for a variable are allowed.

Throwing in definitions

(define x 1)(define y (+ x 1))

Throwing in control flow (if)

For every type environment _Tenv,expressions _p, _c, _a, andtype expression _S:If _Tenv |- _p:Boolean and_Tenv |- _c:_S and_Tenv |- _a:_SThen _Tenv |- (if _p _c _a):S

Throwing in recursion

Changing the rule for (define f e): e is well typed and has type [S1*...Sn–> S], for n>0 or [Empty –> S] for n=0, if Type-derivation(e) outputs a typing statement Tenv |- e:[S1*...Sn –> S] (alternatively Tenv |- e:[Empty –> S]), where Tenv satisfies: If there are no previous well typed definitions, Tenv = {f:[S1*...Sn –> S]} for n>0, or Tenv = {f:[Empty –> S]} for n=0. If there are m previous well typed definitions (define xi ei) (m>0), in which ei has type Ti, Tenv = Tenv’ °{f:[S1*...Sn –> S]} where Tenv’ may include only type assumptions xi:Ti’ where Ti’ is an instance of Ti.

Examples

• On the board, also in lecture notes

Type constraints approach

• Create a (meta-) variable for each sub-expression

• Construct type equations over these variables– 1. Numbers, booleans, quoted symbols, primitive

procedures: Construct equations using their types..

– 2. Intuitive rules for lambda and applications (on the blackboard)

Solving the equations

1. Apply the current substitution on the equation, i.e., replace variables by their substituting expressions.2. If the equation includes atomic types on both sides then, if they are the same the equation is ignored, and if they are different, the type inference fails: Output FAIL.3. If one side of the equation is a variable and the other side is not the same variable, apply the equation to the current substitution, and add the equation to the substitution. If a circular substitution is created, i.e., a type variable T is substituted by a type expression that includes T, output FAIL.4. If both sides of the equation are composite and have the same type constructor, split the equation into equations between corresponding components.

Example

• On the board & in the notes