1 Recency Types for Dynamically- Typed, Object-Based Languages Phillip Heidegger, Peter Thiemann University of Freiburg 06/24/2010.

Slides:



Advertisements
Similar presentations
Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.
Advertisements

Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
JavaScript I. JavaScript is an object oriented programming language used to add interactivity to web pages. Different from Java, even though bears some.
A Fix for Dynamic Scope Ravi Chugh U. of California, San Diego.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.
Names and Bindings.
The Essence of JavaScript Arjun Guha, Claudiu Saftoiu, and Shriram Krishnamurthi.
Compiler Principle and Technology Prof. Dongming LU Mar. 28th, 2014.
A metadata-driven approach to context-sensitive composition of collaborations Eddy Truyen, Wouter Joosen and Pierre Verbaeten Bo N. Jørgensen Maersk Institute.
ISBN Chapter 10 Implementing Subprograms.
Typed Assembly Languages COS 441, Fall 2004 Frances Spalding Based on slides from Dave Walker and Greg Morrisett.
Run time vs. Compile time
A Type System for Expressive Security Policies David Walker Cornell University.
1 Run time vs. Compile time The compiler must generate code to handle issues that arise at run time Representation of various data types Procedure linkage.
Names and Bindings Introduction Names Variables The concept of binding Chapter 5-a.
Subclasses and Subtypes CMPS Subclasses and Subtypes A class is a subclass if it has been built using inheritance. ▫ It says nothing about the meaning.
Impact Analysis of Database Schema Changes Andy Maule, Wolfgang Emmerich and David S. Rosenblum London Software Systems Dept. of Computer Science, University.
VEX: VETTING BROWSER EXTENSIONS FOR SECURITY VULNERABILITIES XIANG PAN.
Recovery of Variables and Heap Structure in x86 Executables Gogul Balakrishnan Thomas Reps University of Wisconsin.
Implementation Yaodong Bi. Introduction to Implementation Purposes of Implementation – Plan the system integrations required in each iteration – Distribute.
CS3012: Formal Languages and Compilers The Runtime Environment After the analysis phases are complete, the compiler must generate executable code. The.
F LEXIB O Language Design Work-in-Progress Yifeng Chen University of Leicester 7 May 2004 UNU/IIST, Macau.
SOFTWARE DESIGN AND ARCHITECTURE LECTURE 21. Review ANALYSIS PHASE (OBJECT ORIENTED DESIGN) Functional Modeling – Use case Diagram Description.
1 Testing, Abstraction, Theorem Proving: Better Together! Greta Yorsh joint work with Thomas Ball and Mooly Sagiv.
POSL (Principles of Software Languages) Gr. Kyushu Institute of Technology, Japan Pointcut-based Architectural Interface.
Chapter 18 Object Database Management Systems. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc. All rights reserved. Outline Motivation for object.
Existential Quantification for Variant Ownership Nicholas Cameron Sophia Drossopoulou Imperial College London (Victoria University of Wellington)‏
CSC3315 (Spring 2008)1 CSC 3315 Subprograms Hamid Harroud School of Science and Engineering, Akhawayn University
Typing Local Control and State Using Flow Analysis Arjun Guha, Claudiu Saftoiu, and Shriram Krishnamurthi 1.
A Universe-Type-Based Verification Technique for Mutable Static Fields and Methods Alexander J Summers Sophia Drossopoulou Imperial College London Peter.
1 Type Sensitive Application of Mutation Operators for Dynamically Typed Programs Leonardo Bottaci Department of Computer Science University of Hull, Hull,
1 CSCD 326 Data Structures I Software Design. 2 The Software Life Cycle 1. Specification 2. Design 3. Risk Analysis 4. Verification 5. Coding 6. Testing.
Demeter Aspects We study techniques for the emerging area of Aspect-Oriented Software Development and focus on the following areas:  Aspectual Collaborations.
Gogul Balakrishnan, Radu Gruian and Thomas Reps Computer Science Dept., Univ. of Wisconsin GrammaTech, Inc. April, 2005 CodeSurfer / x86 A Platform for.
Principles of programming languages 10: Object oriented languages Isao Sasano Department of Information Science and Engineering.
Lightweight Support for Magic Wands in an Automatic Verifier Malte Schwerhoff and Alexander J. Summers 10 th July 2015, ECOOP, Prague.
An Introduction to Automated Program Verification with Permission Logics 15 th May 2015, Systems Group, ETH Zurich Uri Juhasz, Ioannis Kassios, Peter Müller,
Watching the movie the hard way…. Page 256 – Head First Design Patterns.
Chapter 18 Object Database Management Systems. Outline Motivation for object database management Object-oriented principles Architectures for object database.
String Analysis for JavaScript Programs Serena KingDr.Lu Yves Engelmann.
JavaScript Introduction and Background. 2 Web languages Three formal languages HTML JavaScript CSS Three different tasks Document description Client-side.
MOPS: an Infrastructure for Examining Security Properties of Software Authors Hao Chen and David Wagner Appears in ACM Conference on Computer and Communications.
ITEC1301 Object-Oriented Systems Construction Lecture Notes #4 1.
Recency Types for Dynamically- Typed, Object-Based Languages Phillip Heidegger, Peter Thiemann University of Freiburg
Implementing Subprograms
Optimistic Hybrid Analysis
Modeling with UML – Class Diagrams
Principles of programming languages 10: Object oriented languages
Polymorphism in Methods
An Operational Approach to Relaxed Memory Models
Tips on coding practices
Implementing Subprograms Chapter 10
Implementing Subprograms
Implementing Subprograms
CS 326 Programming Languages, Concepts and Implementation
Demeter Aspects Who We Are Aspectual Collaborations
Implementing Subprograms
Implementing Subprograms
Information Security CS 526
Subprograms and Programmer Defined Data Type
Implementing Subprograms
Binding Times Binding is an association between two things Examples:
Information Security CS 526
QWIRE: A Core Language for Quantum Circuits
Information Security CS 526
Programming Languages and Compilers (CS 421)
Implementing Subprograms
Implementing Subprograms
Presentation transcript:

1 Recency Types for Dynamically- Typed, Object-Based Languages Phillip Heidegger, Peter Thiemann University of Freiburg 06/24/2010

2 Create a static analysis of JavaScript for: ● Documentation ● Understanding programs ● Finding bugs Motivation

3 Features of JavaScript ● Object-based language (no classes, but prototypes) ● Functions are first class values ● Weak, dynamic typing ●... ● The combination of these features makes a static analysis a challenge

4 Approach ● We concentrate on a core calculus ● We decide to use recency abstraction ● We model this analysis as a type system

5 Core Calculus ● lambda calculus ● imperative objects ● read/write properties ● add properties ● delete properties ● prototypes

6 Recency Abstraction ● Gogul Balakrishnan and Thomas W. Reps. Recency- abstraction for heap-allocated storage. SAS ● S. H. Jensen, A. Møller, and P. Thiemann. Type analysis for JavaScript, SAS 2009 ➔ These papers are based on abstract interpretation ➔ Our work models recency abstraction in a type system

7 Example - Bank Account Typical Problem during object initialization: ● Initialize the customer of the bank account ● Initialize a account passing the corresponding owner ● setting the “account” property of the customer to its account

8 Bank Account concrete heap abstract heap 1 function Customer(n){ return { name: n }^L1; }; 2 function Account(o) { return { owner: o }^L2; }; 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; aged objects most recent objects

9 Bank Account 1 function Customer(n){ return { name: n }^L1; }; 2 function Account(o) { return { owner: o }^L2; }; 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; owner: name: “Lee” L1 L2 c1 a1 concrete heap abstract heap aged objects most recent objects

10 Bank Account 1 function Customer(n){ return { name: n }^L1; }; 2 function Account(o) { return { owner: o }^L2; }; 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; owner: name: “Lee”, account: L1 L2 c1 a1 concrete heap abstract heap aged objects most recent objects

11 Bank Account 1 function Customer(n){ return { name: n }^L1; }; 2 function Account(o) { return { owner: o }^L2; }; 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; owner: name: “Lee”, account: L1 L2 c1 a1 concrete heap abstract heap aged objects most recent objects owner: name: “Smith”name: String L2 c2 a2 L1

12 Bank Account 1 function Customer(n){ return { name: n }^L1; }; 2 function Account(o) { return { owner: o }^L2; }; 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; owner: name: “Lee”, account: L1 L2 c1 a1 concrete heap abstract heap aged objects most recent objects owner: name: “Smith”, account: L2 c2 a2 L1

13 Bank Account 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; 7 var c3 = Customer(“Hall”), a3 = Account(c3); 8 c3.account = a3; owner: name: “Lee”, account:name: String, account: L1 L2 concrete heap abstract heap aged objects most recent objects owner: name: “Smith”, account: owner: name: “Hall” L2 c3 a3 L1

14 Bank Account owner: name: “Lee”, account:name: String, account: L1 L2 concrete heap abstract heap aged objects most recent objects owner: name: “Smith”, account: owner: name: “Hall”, account: L2 c3 a3 L1 3 var c1 = Customer(“Lee”), a1 = Account(c1); 4 c1.account = a1; 5 var c2 = Customer(“Smith”), a2 = Account(c2); 6 c2.account = a2; 7 var c3 = Customer(“Hall”), a3 = Account(c3); 8 c3.account = a3;

15 Observation ● each most recent object has its own abstract description ➔ update of object → update of description strong update ● all aged objects share a description ➔ update of object → join of description relation n - 1 relation

16 Approach ● We concentrate on a core calculus ● We decide to use recency abstraction ● We model this analysis as a type system

17 Why a type system? ● type system models bidirectional flow of values ● modularity (principal type)

18 The Type System The type system has a flow sensitive and a flow insensitive part ● treat types for most recent objects flow sensitive ➔ “strong updates” in the flow sensitive part ● treat types for aged objects flow insensitive ➔ “weak updates” for old objects

19 Structure of Function Types most recent environment type of argument return type effect of function ● the effect together with the most recent heap environments is required for modularity

20 Invariant of the Type System ● ensure that we have a 1 to 1 relation between most recent objects and their types ➔ the effect helps maintain this invariant: ➔ collect abstract location for which a new object may be created during execution ➔ attach the effect to the function type ➔ frees most recent heap for all abstract locations that are part of the effect of the function

21 Javascripts' Prototypes ● JavaScript's mechanism for inheritance ● Prototypes are usually singleton objects ➔ They stay most recent ➔ We can allow strong updates during the full execution of the program ➔ Give flexibility to objects that are in the summary heap

22 Related Work ● Christopher Anderson, Paola Giannini, and Sophia Drossopoulou. Towards type inference for JavaScript. ECOOP 2005 ● We can type each program they can type ● We allow type changes (for most recent objects) ● We can deal with prototypes

23 Related Work ● Frederick Smith, David Walker, and J. Gregory Morrisett. Alias types. ESOP ● David Walker and Greg Morrisett. Alias types for recursive data structures. TIC 2000 Alias Types ● Type checking ● unroll/unpack operations Recency Types ● Type inference ● No movement from summary into most recent heap

24 Paper Contents ● Operational semantics of core calculus ● two heaps (most recent / old objects) ● Type soundness proof ● Type inference algorithm ● Prototype implementation

25 Conclusion ● Recency and flow sensitivity allows: ● strong updates during initialization ● weak updates after initialization ➔ Strong updates on prototypes ● Type soundness proof ● Prototype implementation ● Future Work ● implement modularity (remove closed world assumption) ● support full core calculus of “The Essence of JavaScript” Arjun Guha, Claudiu Saftoiu, Shriram Krishnamurthi. The Essence of JavaScript. ECOOP 2010 ● real world programs

26 Thank you for your attention ! Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.