Existential Quantification for Variant Ownership Nicholas Cameron Sophia Drossopoulou Imperial College London (Victoria University of Wellington)‏

Slides:

Advertisements

Similar presentations

Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.

Advertisements

1 A Model for Java with Wildcards Nicholas Cameron Sophia Drossopoulou Erik Ernst.

1 Variant Ownership with Existential Types Nicholas Cameron Sophia Drossopoulou Imperial College London.

Type Analysis and Typed Compilation Stephanie Weirich Cornell University.

Supervised by: Dr Sophia Drossopoulou, Dr Nobuko Yoshida Wildcards, Variance and Virtual Classes.

Ownership, Encapsulation and the Disjointness of Type and Effect Dave Clarke, Sophia Drossopoulou/2002 Encapsulation seminar Dec Sharon Goldschlager.

Establishing Local Temporal Heap Safety Properties with Applications to Compile-Time Memory Management Ran Shaham Eran Yahav Elliot Kolodner Mooly Sagiv.

Architectural Reasoning in ArchJava Jonathan Aldrich Craig Chambers David Notkin University of Washington ECOOP ‘02, 13 June 2002.

Alias Annotations for Program Understanding Jonathan Aldrich Valentin Kostadinov Craig Chambers University of Washington.

OOP in Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Java Generics. 2 The Dark Ages: Before Java 5 Java relied only on inclusion polymorphism  A polymorphism code = Using a common superclass Every class.

Laboratory for Computer Science Massachusetts Institute of Technology Ownership Types for Safe Region-Based Memory Management in Real-Time Java Chandrasekhar.

Run time vs. Compile time

Modular Shape Analysis for Dynamically Encapsulated Programs Noam Rinetzky Tel Aviv University Arnd Poetzsch-HeffterUniversität Kaiserlauten Ganesan RamalingamMicrosoft.

Models of Human Performance Dr. Chris Baber. 2 Objectives Introduce theory-based models for predicting human performance Introduce competence-based models.

Modular Shape Analysis for Dynamically Encapsulated Programs Noam Rinetzky Tel Aviv University Arnd Poetzsch-HeffterUniversität Kaiserlauten Ganesan RamalingamMicrosoft.

1 A Short Introduction to (Object-Oriented) Type Systems Kris De Volder.

Abstract Data Types and Encapsulation Concepts

OOP in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Javari: Adding Reference Immutability to Java Matthew Tschantz and Michael Ernst MIT CSAIL.

Taming the Wildcards: Combining Definition- and Use-Site Variance – Altidor John Altidor Taming the Wildcards: Combining Definition- and Use-Site Variance.

Types in programming languages What are types, and why do we need them? Types in programming languages1.

CSE 331 Software Design & Implementation Hal Perkins Autumn 2012 Java Classes, Interfaces, and Types 1.

Static and Dynamic Behavior CMPS Power of OOP Derives from the ability of objects to change their behavior dynamically at run time. Static – refers.

1 OOP in C#: Object Interaction. Inheritance and Polymorphism OOP in C# - Del 1.

Inference and Checking of Object Ownership Wei Huang 1, Werner Dietl 2, Ana Milanova 1, Michael D. Ernst 2 1 Rensselaer Polytechnic Institute 2 University.

Programming Languages and Design Lecture 7 Subroutines and Control Abstraction Instructor: Li Ma Department of Computer Science Texas Southern University,

Self Type Constructors Atsushi Igarashi Kyoto University Joint work with Chieri Saito 1.

Generic Ownership for Generic Java Alex Potanin, Dave Clarke (CWI) James Noble, Robert Biddle (Carleton)

Chapter 2 Introducing Interfaces Summary prepared by Kirk Scott.

Introduction A variable can be characterized by a collection of properties, or attributes, the most important of which is type, a fundamental concept in.

Introduction to Object Oriented Programming CMSC 331.

Ownership and Immutability in Generic Java (OIGJ) Yoav Zibin +, Alex Potanin * Paley Li *, Mahmood Ali ^, and Michael Ernst $ Presenter: Yossi Gil + +

Java Objects and Classes. Overview n Creating objects that belong to the classes in the standard Java library n Creating your own classes.

1 Chapter 8 – Classes and Object: A Deeper Look Outline 1 Introduction 2 Implementing a Time Abstract Data Type with a Class 3 Class Scope 4 Controlling.

A Universe-Type-Based Verification Technique for Mutable Static Fields and Methods Alexander J Summers Sophia Drossopoulou Imperial College London Peter.

A state abstraction for Java Ferruccio Damiani, Paola Giannini, Sophia Drossopoulou, Nick Cameron, Elena Giachino Presentation by Nick Cameron

Types in programming languages1 What are types, and why do we need them?

RUN-Time Organization Compiler phase— Before writing a code generator, we must decide how to marshal the resources of the target machine (instructions,

Lecture 4 Generic programming Advanced Java Programming 1 dr hab. Szymon Grabowski dr inż. Wojciech Bieniecki

Lecture 10 Concepts of Programming Languages Arne Kutzner Hanyang University / Seoul Korea.

Classes. Constructor A constructor is a special method whose purpose is to construct and initialize objects. Constructor name must be the same as the.

Multiple Ownership Nicholas Cameron Sophia Drossopoulou James Noble Matthew Smith.

Multiple Ownership Nicholas Cameron Sophia Drossopoulou James Noble Matthew Smith.

Featherweight Generic Ownership Alex Potanin, James Noble Victoria University of Wellington Dave Clarke CWI, Netherlands Robert Biddle Carlton University.

1 CSE 331 Generics (Parametric Polymorphism) slides created by Marty Stepp based on materials by M. Ernst, S. Reges, D. Notkin, R. Mercer, Wikipedia

Types and Programming Languages Lecture 11 Simon Gay Department of Computing Science University of Glasgow 2006/07.

Encoding Ownership Types in Java Nicholas Cameron James Noble Victoria University of Wellington, New Zealand.

Variables reference, coding, visibility. Rules for making names  permitted character set  maximum length, significant length  case sensitivity  special.

SHEEP CLONING Paley Li, Nicholas Cameron, and James Noble 1.

Array Size Arrays use static allocation of space. That is, when the array is created, we must specify the size of the array, e.g., int[] grades = new int[100];

ReIm & ReImInfer: Checking and Inference of Reference Immutability and Method Purity Wei Huang 1, Ana Milanova 1, Werner Dietl 2, Michael D. Ernst 2 1.

Types and Programming Languages Lecture 10 Simon Gay Department of Computing Science University of Glasgow 2006/07.

CS5205Semantics1 CS5205: Foundation in Programming Languages Semantics Static Semantics Dynamic Semantics Operational Semantics Big-step Small-Step Denotational.

Towards a Semantic Model for Java Wildcards Sophia Drossopoulou Mariangiola Dezani-Ciancaglini Imperial College London Università di Torino Italy Nicholas.

ISBN Chapter 12 Support for Object-Oriented Programming.

Tribal Ownership Nicholas Cameron James Noble Tobias Wrigstad Victoria University of Wellington Uppsala University.

Classes CS 162 (Summer 2009). Parts of a Class Instance Fields Methods.

Comparing Universes and Existential Ownership Types Nicholas Cameron Werner Dietl ETH Zurich Victoria University of Wellington.

On Subtyping, Wildcards, and Existential Types

Nicholas Cameron James Noble Victoria University of Wellington

Component Based Software Engineering

자바 언어를 위한 정적 분석 (Static Analyses for Java) ‘99 한국정보과학회 가을학술발표회 튜토리얼

Lecture 10 Concepts of Programming Languages

point when a program element is bound to a characteristic or property

Abstract Types Defined as Classes of Variables

Presentation transcript:

Existential Quantification for Variant Ownership Nicholas Cameron Sophia Drossopoulou Imperial College London (Victoria University of Wellington)‏

Ownership

Statically partitions the heap Organises objects into an hierarchical structure Improves reasoning about programs  Effects  Concurrency  Memory Management  Garbage Collection Many flavours Encapsulation properties

Ownership

Parametric ownership Each object is owned by a context  context  object  owner Classes and types are parameterised by contexts

Ownership Classes are parameterised by formal contexts class C {...}  o1 is the owner of objects of class C  o2 is another context

Ownership Types are parameterised by actual contexts class C {...} C  this C  World, formal contexts C  Final variables, final fields

Ownership Ownership hierarchy  o1:C  o2:C  o1 is inside o3  o2 is inside o4  If o4 is inside o3 then o2 is inside o3

Existential Types

Used to model abstraction  Ǝ X.(X → int)‏ Or variance in generic object-oriented languages  Ǝ X.List  List (Java wildcards)‏

Existential Types Bounds  Ǝ X→[Merino Animal].List  Merino <: X <: Animal

Existential Types Safe covariance:  Ǝ X→[  Sheep].List  List

Existential Types Packing pack( List ) = Ǝ X.List  A is hidden – it is the witness type close expression

Existential Types Unpacking unpack( Ǝ X.List ) = List  Z is a fresh type variable open expression

Jo Ǝ - Motivation

Motivation Desire for variance  +, -, * in Variant Ownership Types Lu, Potter, ECOOP '06  ? in MOJO Cameron, Drossopoulou, Noble, Smith, OOPSLA '07  any / readonly in Universes Müller, Dietl, et al., many papers  any in Effective Ownership Lu, Potter, POPL '06 ...

Motivation All tailor-made solutions  No connection to established type theory  Limited expressivity

Motivation E.g., ? in MOJO  Strict substitution If ? In....  Strict method and field lookup Permeates entire calculus  Additional subtype rules

Motivation

Jo Ǝ

Goals:  Expressivity  Uniformity

Jo Ǝ Existential quantification of contexts Parametrisation by types and contexts  This combination gives improved expressivity

Jo Ǝ Class List { List next; X datum; X get() {...} void add(X x) {...} } context parameters type parameters

Jo Ǝ Generics and quantification for expressivity:  List >  Ǝ o.List >  List >  Ǝ o.List >

Jo Ǝ Flexible ownership language  Parametric methods Type and context parameters  Actual contexts  Explicit unpacking  Upper and lower bounds on formal contexts

Jo Ǝ Upper and lower bounds on formal contexts Ǝ o→[o5 o2].Sheep o is inside o2 o5 is inside o

Jo Ǝ Uniform  Uses only the purest form of existential types  No special cases to support variance  No tailored annotations  Variance is dealt with locally  Direct relation to long history of research on existential types

Jo Ǝ Describes the topology of the heap  This topology is fixed, not variant Type sound  Static description of topology reflects heap at runtime Ownership hierarchy can 'grow', but not 'mutate' Useful  e.g. effects

Jo Ǝ Can encode other systems  Generic Universes Dietl, Drossoploulou, Müller, ECOOP '07  Existential owners for downcasting Wrigstad, Clarke, JOT, May '07  Variant Ownership Types? Lu, Potter, ECOOP '06  Single owner case of MOJO Cameron, Drossopoulou, Noble, Smith, OOPSLA '07

How it Works

Jo Ǝ

Three environments Variable environment

Jo Ǝ Owner environment Quantified contexts are unpacked here  Does not affect this rule

Jo Ǝ Type environment Owner bounds

Jo Ǝ Substitute receiver for this

Jo Ǝ Receiver cannot be arbitrary expression But no loss of expressivity Thanks to open expression

Jo Ǝ Receiver must have class type Forces unpacking Don't account for quantification here

Summary Parametric ownership + Existential quantification of contexts + Generics = Jo Ǝ Expressive and Uniform Can encode existing systems

Thank you!

Ownership Encapsulation  Owners-as-Dominators  Owners-as-Modifiers  Link Soundness ... Owners-as-Dominators  All paths through the heap to an object are dominated by that object's owner  Common for parametric ownership systems  Useful for garbage collection, memory management,...

Ownership Owners-as-Dominators

Ownership Owners-as-Modifiers

Encapsulation

Jo Ǝ deep Owners-as-Dominators Strong encapsulation property Very small modifications  Well-formed heap  Well-formed classes  Class type checking

Jo Ǝ deep Treat existentially quantified context variables as their lower bounds Owners-as-dominators involves showing referenced objects are outside their owners If the lower bound is outside, then the hidden context must be outside