Safe manual memory management in Cyclone

The goal of the Cyclone project is to investigate how to make a low-level C-like language safe. Our most difficult challenge has been providing programmers with control over memory management while retaining safety. This paper describes our experience trying to integrate and use effectively two previously-proposed, safe memory-management mechanisms: statically-scoped regions and tracked pointers. We found that these typing mechanisms can be combined to build alternative memory-management abstractions, such as reference counted objects and arenas with dynamic lifetimes, and thus provide a flexible basis. Our experience -- porting C programs and device drivers, and building new applications for resource-constrained systems -- confirms that experts can use these features to improve memory footprint and sometimes to improve throughput when used instead of, or in combination with, conservative garbage collection.

[1]  Henry G. Baker,et al.  Lively linear Lisp: “look ma, no garbage!” , 1992, SIGP.

[2]  David Walker,et al.  Alias Types , 2000, ESOP.

[3]  Dan Grossman,et al.  Safe Programming at the C Level of Abstraction , 2003 .

[4]  Tachio Terauchi,et al.  Memory Management with Use-Counted Regions , 2004 .

[5]  Daniel G. Bobrow,et al.  An efficient, incremental, automatic garbage collector , 1976, CACM.

[6]  John Tang Boyland Alias Killing: Unique Variables without Destructive Reads , 1999, ECOOP Workshops.

[7]  Dan Grossman,et al.  Experience with safe manual memory-management in cyclone , 2004, ISMM '04.

[8]  John Tang Boyland,et al.  Alias burying: Unique variables without destructive reads , 2001, Softw. Pract. Exp..

[9]  Dave Clarke,et al.  External Uniqueness Is Unique Enough , 2003, ECOOP.

[10]  Marinus J. Plasmeijer,et al.  The Ins and Outs of Clean I/O , 1995, J. Funct. Program..

[11]  David Walker,et al.  Typed memory management via static capabilities , 2000, TOPL.

[12]  Andrew W. Appel,et al.  Type-preserving garbage collectors , 2001, POPL '01.

[13]  Thorsten von Eicken,et al.  Adding operating system structure to language-based protection , 2000 .

[14]  David Mazières,et al.  A Toolkit for User-Level File Systems , 2001, USENIX Annual Technical Conference, General Track.

[15]  Dan Grossman,et al.  Quantified types in an imperative language , 2006, TOPL.

[16]  David Gay,et al.  Language support for regions , 2001, PLDI '01.

[17]  Hans-Juergen Boehm,et al.  Garbage collection in an uncooperative environment , 1988, Softw. Pract. Exp..

[18]  Alexander Aiken,et al.  Checking and inferring local non-aliasing , 2003, PLDI '03.

[19]  Frank Pfenning,et al.  Dependent types in practical programming , 1999, POPL '99.

[20]  Martin Elsman,et al.  Combining region inference and garbage collection , 2002, PLDI '02.

[21]  Alexander Aiken,et al.  Better static memory management: improving region-based analysis of higher-order languages , 1995, PLDI '95.

[22]  Emery D. Berger,et al.  Quantifying the performance of garbage collection vs. explicit memory management , 2005, OOPSLA '05.

[23]  David Walker,et al.  Typed memory management in a calculus of capabilities , 1999, POPL '99.

[24]  Martin C. Rinard,et al.  Ownership types for safe region-based memory management in real-time Java , 2003, PLDI '03.

[25]  Robert DeLine,et al.  Enforcing high-level protocols in low-level software , 2001, PLDI '01.

[26]  Robert DeLine,et al.  Adoption and focus: practical linear types for imperative programming , 2002, PLDI '02.

[27]  Benjamin G. Zorn,et al.  The measured cost of conservative garbage collection , 1993, Softw. Pract. Exp..

[28]  Bruce W. Weide,et al.  Copying and Swapping: Influences on the Design of Reusable Software Components , 1991, IEEE Trans. Software Eng..

[29]  James Cheney,et al.  Cyclone: A Safe Dialect of C , 2002, USENIX Annual Technical Conference, General Track.

[30]  Michael Hind,et al.  Pointer analysis: haven't we solved this problem yet? , 2001, PASTE '01.

[31]  David Walker,et al.  On regions and linear types (extended abstract) , 2001, ICFP '01.

[32]  Luca Cardelli,et al.  An Extension of System F with Subtyping , 1991, TACS.

[33]  David Walker,et al.  On Regions and Linear Types , 2001, ACM SIGPLAN International Conference on Functional Programming.

[34]  Martin Elsman,et al.  Programming with regions in the ml kit (for version 4) , 1998 .

[35]  Matthew Fluet,et al.  Implementation and Performance Evaluation of a Safe Runtime System in Cyclone , 2004 .

[36]  Philip Wadler,et al.  Linear Types can Change the World! , 1990, Programming Concepts and Methods.

[37]  James Cheney,et al.  Region-based memory management in cyclone , 2002, PLDI '02.

[38]  James Gosling,et al.  The Real-Time Specification for Java , 2000, Computer.

[39]  David Walker,et al.  Alias Types for Recursive Data Structures , 2000, Types in Compilation.

[40]  Kathryn S. McKinley,et al.  Reconsidering custom memory allocation , 2002, OOPSLA '02.

[41]  Mads Tofte,et al.  Region-based Memory Management , 1997, Inf. Comput..

[42]  Fritz Henglein,et al.  A direct approach to control-flow sensitive region-based memory management , 2001, PPDP '01.