Retrofitting Typestates into Rust

As software becomes more prevalent in our lives, bugs are able to cause significant disruption. Thus, preventing them becomes a priority when trying to develop dependable systems. While reducing their occurrence possibility to zero is infeasible, existing approaches are able to eliminate certain subsets of bugs. Rust is a systems programming language that addresses memory-related bugs by design, eliminating bugs like use-after-free. To achieve this, Rust leverages the type system along with information about object lifetimes, allowing the compiler to keep track of objects throughout the program and checking for memory misusage. While preventing memory-related bugs goes a long way in software security, other categories of bugs remain in Rust. One of which would be Application Programming Interface (API) misusage, where the developer does not respect constraints put in place by an API, thus resulting in the program crashing. Typestates elevate state to the type level, allowing for the enforcement of API constraints at compile-time, relieving the developer from the burden that is keeping track of the possible computation states at runtime, and preventing possible API misusage during development. While Rust does not support typestates by design, the type system is powerful enough to express and validate typestates. I propose a new macro-based approach to deal with typestates in Rust; this approach provides an embedded Domain-Specific Language (DSL) which allows developers to express typestates using only existing Rust syntax. Furthermore, Rust’s macro system is leveraged to extract a state machine out of the typestate specification and then perform compile-time checks over the specification. Afterwards we leverage Rust’s type system to check protocol-compliance. The DSL avoids workflow-bloat by requiring nothing but a Rust compiler and the library itself.À medida que as nossas vidas estão cada vez mais dependentes de software, os erros do mesmo têm o potencial de causar problemas significativos. Prevenir estes erros torna-se uma tarefa prioritária durante o desenvolvimento de sistemas confiáveis. Erradicar erros por completo é impossível, mas é possível eliminar certos conjuntos. Rust é uma linguagem de programação de sistemas que, por desenho, endereça erros de gestão de memória. Para o conseguir, a linguagem inclui no sistema de tipos informação sobre o tempo de vida dos objetos, permitindo assim que o compilador conheça a utilização dos mesmos e detecte erros de utilização de memória. Apesar da prevenção de erros de memória ter um papel importante na segurança de software, existem ainda outras categorias de erros em Rust, como o uso incorrecto de interfaces de programação, em que o programador não respeita as restrições impostas pela mesma, o que resulta numa falha do programa. Typestates elevam o conceito de estado para o sistema de tipos, permitindo a aplicação das restrições da interface durante a fase de compilação. Este conceito permite assim aliviar o programador da responsabilidade que é conceptualizar e manter o estado do programa em mente durante o desenvolvimento, prevenindo o mau uso das interfaces. Apesar de Rust não suportar typestates de uma forma natural, o sistema de tipos permite expressar e validar typestates. Proponho uma nova abordagem de modo a lidar com typestates em Rust, tal abordagem é baseada numa DSL embebida na linguagem, permitindo assim a descrição de typestates usando apenas a sintaxe existente. A DSL vai mais além e providencia ainda verificações estáticas sobre a especificação, tirando proveito do sistema de macros, extrai uma máquina de estados que é depois verificada, por fim, a verificação de conformidade é feita pelo compilador, tirando proveito do sistema de tipos. A DSL evita poluição do ambiente trabalho, requerendo apenas um compilador de Rust e a sua própria biblioteca

Injecting Language Workbench Technology into Mainstream Languages

Eelco Visser envisioned a future where DSLs become a commonplace abstraction in software development. He took strides towards implementing this vision with the Spoofax language workbench. However, his vision is far from the mainstream of programming today. How will the many mainstream programmers encounter and adopt language workbench technology? We propose that the macro systems found in emerging industrial languages open a path towards delivering language workbenches as easy-to-adopt libraries. To develop the idea, we sketch an implementation of a language workbench as a macro-library atop Racket and identify the key features of the macro system needed to enable this evolution path

Retrofitting Typestates into Rust

Funding Information: Acknowledgements. We thank Bernardo Toninho, Daniel Henry-Mantilla, João Mota, Mathias Jakobsen, Ornela Dardha, Philip Munks-gaard, Simon Fowler, Tomás Alagoa and Wen Kokke for their comments on previous versions of this paper, and the reviewers’. This work is partially supported by NOVA LINCS (UIDB/04516/2020) with the financial support of FCT.IP and by the EU H2020 RISE programme under the Marie Skłodowska-Curie grant agreement No. 778233 (BehAPI). Publisher Copyright: © 2021 Owner/Author.As software permeates our lives, bugs become increasingly expensive; the best way to reduce their cost is to reduce the number of bugs. Of course, this is easier said than done and, at best, we can go after their root causes to mitigate them. One of such causes is state, whether it is the state of a light bulb (i.e. on/off), or the state of a complex protocol, reasoning about state is a complex process which developers are required to do with subpar tools. Ideally, we want to specify constraints and have the computer reason for us; typestates enable developers to describe states using the type system and allow the compiler to reason about them. We propose an approach to bring typestates to Rust, without any external tools, leveraging only Rust's type and macro systems. Our approach provides a macro-based domain-specific language which enables developers to easily express and implement typestates, along with certain state machine safety guarantees, it is open-source and available at https://github.com/rustype/typestate-rs.publishersversionpublishe

Session Kotlin: A hybrid session type embedding in Kotlin

Concurrency and distribution have become essential for building modern applications. However, developing and maintaining these apps is not an easy task. Communication errors are a common source of problems: unexpected messages cause runtime errors, and mutual dependencies lead to deadlocks. To address these issues, developers can define communication protocols that detail the structure and order of the transmitted messages, but maintaining protocol fidelity can be complex if carried out manually. Session types formalize this concept by materializing the communication protocol as a type that can be enforced by the language’s type system. In this thesis we present the first embedding of session types in Kotlin: we propose a Domain-Specific Language (DSL) for multiparty ses- sion types that lets developers write safe concurrent applications, with built-in validation and integrating code generation in the language’s framework.A concorrência e a distribuição têm-se tornado essenciais na construção de aplicações modernas. No entanto, desenvolver e manter estas aplicações não é tarefa fácil. Erros de comunicação são uma fonte comum de problemas: mensagens inesperadas causam erros durante a execução de código, e dependências mútuas levam a deadlocks. Para resolver estas questões, é tipico definir protocolos de comunicação que detalham a estrutura e a ordem das mensagens transmitidas, mas garantir o seu cumprimento pode ser complexo se feito manualmente. Os tipos de sessão formalizam este conceito ao materializar o protocolo de comunicação como um tipo que pode ser gerido pelo sistema de tipos da linguagem. Nesta tese apresentamos o primeiro embedding de tipos de sessão em Kotlin: propomos uma Linguagem de Domínio Específica para tipos de sessão com múltiplos participantes que permite aos programadores a escrita de aplicações concorrentes seguras, incorporando validação e integrando a geração de código no framework da linguagem

Sidekick compilation with xDSL

Traditionally, compiler researchers either conduct experiments within an existing production compiler or develop their own prototype compiler; both options come with trade-offs. On one hand, prototyping in a production compiler can be cumbersome, as they are often optimized for program compilation speed at the expense of software simplicity and development speed. On the other hand, the transition from a prototype compiler to production requires significant engineering work. To bridge this gap, we introduce the concept of sidekick compiler frameworks, an approach that uses multiple frameworks that interoperate with each other by leveraging textual interchange formats and declarative descriptions of abstractions. Each such compiler framework is specialized for specific use cases, such as performance or prototyping. Abstractions are by design shared across frameworks, simplifying the transition from prototyping to production. We demonstrate this idea with xDSL, a sidekick for MLIR focused on prototyping and teaching. xDSL interoperates with MLIR through a shared textual IR and the exchange of IRs through an IR Definition Language. The benefits of sidekick compiler frameworks are evaluated by showing on three use cases how xDSL impacts their development: teaching, DSL compilation, and rewrite system prototyping. We also investigate the trade-offs that xDSL offers, and demonstrate how we simplify the transition between frameworks using the IRDL dialect. With sidekick compilation, we envision a future in which engineers minimize the cost of development by choosing a framework built for their immediate needs, and later transitioning to production with minimal overhead

From Theory to Systems: A Grounded Approach to Programming Language Education

I present a new approach to teaching a graduate-level programming languages course focused on using systems programming ideas and languages like WebAssembly and Rust to motivate PL theory. Drawing on students\u27 prior experience with low-level languages, the course shows how type systems and PL theory are used to avoid tricky real-world errors that students encounter in practice. I reflect on the curricular design and lessons learned from two years of teaching at Stanford, showing that integrating systems ideas can provide students a more grounded and enjoyable education in programming languages. The curriculum, course notes, and assignments are freely available: http://cs242.stanford.edu/f18