Static Analysis of Untyped Languages

Information

Frontpage
About PC-Doctor
Who is Dr. Blip
Fair Play

Resources

Posted by fred.bertsch in Software at 08:37 | Monday, March 10. 2008

A while ago I wrote about whether or not untyped languages were a good idea or a bad idea. I didn't come to any real conclusions at the time, and it's bothered me. I'd like to outline a way to gather some real conclusions now. I still won't be able to come to a conclusion, but I think this approach sounds interesting.

There are a number of advantages and disadvantages to untyped languages. One of the disadvantages is that, because variables have no type, you can assign the wrong type to them. A strongly typed language can avoid most of this problem. (You might still have problems involving type conversion, but a good programmer or a strict language can avoid those problems.)

I'd like to propose a tool that can analyze some untyped code without running it. (This is called static analysis.) The tool will try to deduce the types of variables. In theory, it is possible to analyze what possible types a value has at any given time. We couldn't be as strict as a typed language, but we can make some conclusions. For example, let's look at the following Python code:



class Duck:

  def _init_(self):

    self.hungerLevel = 0



daffy = Duck()

feed(daffy)

The first few lines define a type with a single numeric member variable. We can tell this before we run the program. The last two lines create a Duck and pass it to the feed function. We can tell at compile time that daffy is a variable of type Duck and feed is a function that will receive Ducks. Functions may receive different types at different times, but we can record all of the possible inputs and make sure the types are compatible at each point.

This cannot work perfectly, of course. For example, there might be code paths that are simply impossible to go through because of the value of variables rather than the type of variables. Determining all of these cases cannot be done without running the program. (My theoretical computer science is pretty weak, but I vaguely remember some theorems that could prove that.) However, if there's a program out there that is type safe but requires some of the code paths to be impossible to reach, it's probably not a particularly well written program.

I'd like to write something like this, but haven't fully justified it, yet. If I had such a tool, I'd try to run it on a body of existing, open source, untyped code.

I can imagine two possible ways to use this to strongly suggest that untyped languages are dangerous despite the claims of untyped language fans. First, real problems could be found in the code base. If the author(s) of the untyped code would admit that problems were there, then, almost by definition, it seems as though the problems exist. Second, the author(s) could become of a fan of the tool and use it during development. Perhaps the final code doesn't have type safety problems, but the code has those problems in its early stages. This could also be used as evidence that there's a problem with untyped languages.

Unfortunately, it's hard to imagine how this experiment could prove that untyped languages don't have a problem. Furthermore, it's possible that a tool like this works well enough that the problem largely goes away after programmers start using it. (The latter seems unlikely, but it's certainly a potential complication.)

Don't expect rapid progress here, but I'd guess that, at the very least, I'll have some follow up posts about this project as it progresses.

Comments (11) | Trackbacks (0)

Rating:

-2
-1
0
+1
+2

Current Rating: none, 0 vote(s) 186 hits

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

but, the problem is that most untyped languages are uncompiled - such as Python, Ruby, etc. Without any compilation step before running the code there is no opportunity to check the types.

As a common user of untyped languages I don't often have the problem of passing wrong types, it has happened, just not very often. I also use the lack of types to my advantage. I have passed variables to a method where said method will work differently depending on what it recieves. Of course, one could rewrite this by doing method overrides - but such a feature generally doesn't exist in untyped languages.

I think you should stop worrying about this - unless you're going to create your own untyped language that has some kind of compile step. Maybe you could call it Fruby, or Frython but definitely not FreHFre.

#1 andy on 2008-03-10 10:19 (Reply)

Lol at your language names!

Yes, I would add a step. There are, for example, Eclipse plugins which run similar lint-like programs for other languages. Running them is another step. I suspect that no one uses them, too.

I this case, I wouldn't really expect people to use my tool. Perhaps, if there's real interest, I'd write an Eclipse or Visual Studio plugin, but the main goal is simply to see what's going on.

I agree that I don't make type errors in untyped languages, either.

However, I frequently make type errors in typed languages. Perhaps that's because the compiler checks the types so I find out about more of them? Alternatively, it's because I create significantly more complex type systems in typed languages.

#2 fred.bertsch on 2008-03-10 10:35 (Reply)

I think all languages should be untyped. Adding typing to a language is just building in inefficiency.

Why should I have to state what a variable and then set the variable to that type of thing?

Why can't a variable figure out what it's type is based on the thing it is assigned to?

Why can't the left hand know what the right hand is doing?

Who are you really working for?

#3 Andy Koch on 2008-04-04 15:06 (Reply)

> Who are you really working for?

I'm a secret agent working for our competitors! Don't listen to me.

> Why can't a variable figure out what it's type is based on the thing it is assigned to?

After playing a bit with my project, I think it would be possible to create a language that did exactly that. You could create a strongly typed language that didn't require type declaration.

Essentially, it would use the techniques that I'm using to try to deduce the type of each variable and declare an error whenever it failed. The language would be designed to make it as easy as possible to deduce the types.

Unfortunately, the rules would be fairly complex. I doubt it would end up being pretty.

It might make an interesting topic for another post, though.

#4 fred.bertsch on 2008-04-04 15:25 (Reply)

> You could create a strongly typed language that didn't require type declaration.

OH you are just evil!!!

Listen pal, if I want my string variable to morph magically into an integer; thats my right as a human programmer.

And furthermore, you are not being nearly bombastic enough in your responses. A flame war is no fun if you keep responded with sensible, well reasoned statements.

Flame it up man! Call me names...

#5 Andy Koch on 2008-04-04 15:56 (Reply)

Oooo. Okay, I can use the practice. I'll give it a shot.

> Listen pal, if I want my string variable to morph magically into an integer; thats my right as a human programmer.

Magic has nothing to do with this. You interpreted freaks are always claiming that compilers do some "magic".

Even if it were magic, you're dealing with the same stuff. Interpreted languages these days compile their code into byte code before executing it! Welcome to the second half of the 20th century, Andy.

It's not just values that have types. Variables need it, too.

#6 fred.bertsch on 2008-04-04 16:21 (Reply)

Now you're flaming! Well done, half-reasoned arguments followed by a snide comment.

So let's keep going...

> Even if it were magic

See, you're agreeing with me!

> It's not just values that have types. Variables need it, too.

and again! Why don't you just start arguing my side of the case? You're winning for me.

You see, Variables are typed by the type of value they portend to represent. It's so obvious, but when it's get over-analyzed it becomes obfustcated by trivially planned hypotheses that are not founded in the Turing complete upper bounded (by big O, mind you).

it's just so obvious...

#7 Andy Koch on 2008-04-04 16:31 (Reply)

Wow. That's pathetic, Andy! You can do better than that. You're just shooting yourself in the foot, here.

First of all, there is absolutely no way that trivial planning algorithms can have an upper bound! They always end up in committee!

You're argument goes downhill from there:

> it's just so obvious...

Yeah! Variables have been typed since before the Vietnam war. Stop fighting history and start working with reality.

Here's a perfect example from one of your very own Ruby fan bois!

http://tinyurl.com/5vjvgq

If that doesn't make you see reason, then you're probably still drunk from this morning.

#7.1 fred.bertsch on 2008-04-04 16:47 (Reply)

I see what your problem is, you're living in the past.

> Variables have been typed since before the Vietnam war

yes, but most programmers weren't born until after that - so maybe you scruffy bearded unix types are the ones caught in a temporal compiler error.

So consider this snippet of Ruby, this demonstrates the awe inspiring power of duck-typing...

# Accepts an object which responds to the +year+, +month+ and +day+
# methods.
def date=(val)
[:year, :month, :day].each do |meth|
raise ArgumentError unless val.responds_to?(meth)
end
@date = val
end

As you can see, with Ruby we can do |meth| which allows us to lazily evaluate the date-ness of the thing we are receiving.

Do I care what's typed on the left or right? Of course not, I'm doing each meth and I'll raise an Arugment for any Error you have unless it responds to my meth.

geez, why do I have to explain this over and over again?

#8 Andy Koch on 2008-04-04 20:18 (Reply)

Andy, I thought you were drunk when you were writing your responses! Are you doing something else instead?

#8.1 fred.bertsch on 2008-04-06 10:35 (Reply)

drunk? no, high on Rails my friend

well, I'm declaring myself the victor of this flame-war - looking forward to our next battle of wits

#8.1.1 Andy Koch on 2008-04-07 13:06 (Reply)

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. Standard emoticons like :-) and ;-) are converted to images. E-Mail addresses will not be displayed and will only be used for E-Mail notifications
	Remember Information? Subscribe to this entry