Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards a Semantic Model for Java Wildcards Sophia Drossopoulou Mariangiola Dezani-Ciancaglini Imperial College London Università di Torino Italy Nicholas.

Published byPhyllis Jones Modified over 8 years ago

Similar presentations

Presentation on theme: "Towards a Semantic Model for Java Wildcards Sophia Drossopoulou Mariangiola Dezani-Ciancaglini Imperial College London Università di Torino Italy Nicholas."— Presentation transcript:

1 Towards a Semantic Model for Java Wildcards Sophia Drossopoulou Mariangiola Dezani-Ciancaglini Imperial College London Università di Torino Italy Nicholas Cameron Alexander J. Summers Victoria Univ. of Wellington New Zealand ETH Zurich Zürich

2 Outline  Java Wildcards & Existential Types  Semantic Model for Existential Types  Soundness & (In-)Completeness  Weak Independence & Completeness  Conclusions

3 Outline  Java Wildcards & Existential Types  Semantic Model for Existential Types  Soundness & (In-)Completeness  Weak Independence & Completeness  Conclusions

4 Wildcards in Java ►Based on Java Generics (since Java 5.0) – Parameterised types : List, List >, etc. ►Generic types are subtype invariant – List and List are incomparable ►Wildcards introduce “hiding” of type parameters – List is a type (a List of “something”) – List subtype of List ►Bounded wildcards allow subtype variance – List subtype of List

5 Existential Types ►Existential types allow type information to be hidden ►Bounded existentials expose some information about hidden type, e.g.,  X:[String Object].C ►Standard representation of wildcard types –C represented by  X:[  Object].C –C represented by  X:[B Object].C ►For Java, introduction and elimination of existential types is handled implicitly (by subtyping). ►Java has f-bounded types (type variables may occur in each other’s bounds, mutually)

6 Why use Existential Types? ►Not all types that can occur during type checking of Java programs can be written using the Java syntax ►i.e., there are types that are expressible but not denotable in Java ►Not true for existential types –All Java types can be denoted using existential types –e.g.,  X.Pair can arise during type-checking (but Pair corresponds to  X,Y.Pair )

7 Syntactic Type Assignment ►Types and type environments are defined by: Class types N ::= C types T ::= X | ∃ Δ.N type bounds B ::= T | ⊥ type environments Δ ::= X : [B B] ►We use σ for type substitutions, and use a judgement Δ ⊢ σ to express that σ maps the type variables in Δ to types within their declared bounds ►Syntactic subtyping Δ ⊢ T 1 ≤ T 2 handles subclassing, existential types and their bounds ►e.g., Δ, Δ 1 ⊢ σ ⇒ Δ ⊢ σ(N) ≤ ∃ Δ 1.N

8 Outline  Java Wildcards & Existential Types  Semantic Model for Existential Types  Soundness & (In-)Completeness  Weak Independence & Completeness  Conclusions

9 Our semantics for types ►Idea: interpret existential types as unions –all the possible concrete types the existential might “hide” ►What are “concrete types”? –One idea: use structural types to describe fields and methods guaranteed to exist in the runtime object –but Java uses a nominal type system –allows use of fields and methods based only on class type –Each runtime object has an associated closed class type –We use these as the “concrete types” of our model

10 Our semantics for types ►Semantic types S are sets of closed class types –all the possible runtime types the type might permit ►We give a semantic interpretation of closed types –open types will be dealt with later ►We map closed types to semantic types as follows: [[ N ]] = { N ’ | N ’ ⊑ N } [[ ⊥ ]] = ∅ [[ ∃Δ.N ]] = U σ with Δ ⊢ σ [[ σ(N) ]]

11 Our semantics for types [[ N ]] = { N ’ | N ’ ⊑ N } [[ ⊥ ]] = ∅ [[ ∃Δ.N ]] = U σ with Δ ⊢ σ [[ σ(N) ]] ►For example... [[ Object ]] = { Object, String, List, … } [[ ∃X : [String Object], ∃Y : [X Object]. Pair ]] = { Pair, Pair, Pair }

12 Semantic subtyping ►We define subtyping on semantic types simply as S 1 ≤ S 2 ⇔ S 1 ⊆ S 2 ►We extend this notion to syntactic types, as follows: Δ ⊨ T 1 ≤ T 2 ⇔ ∀ σ, Δ ⊢ σ ⇒ [[ σ( T 1 ) ]] ⊆ [[ σ( T 2 ) ]] ►We now have two subtyping judgements: syntactic Δ ⊢ T 1 ≤ T 2 and semantic subtyping Δ ⊨ T 1 ≤ T 2 ►Is syntactic subtyping sound? Δ ⊢ T 1 ≤ T 2 ⇒ Δ ⊨ T 1 ≤ T 2 ? ►Is syntactic subtyping complete? Δ ⊢ T 1 ≤ T 2 ⇐ Δ ⊨ T 1 ≤ T 2 ?

13 Outline  Java Wildcards & Existential Types  Semantic Model for Existential Types  Soundness & (In-)Completeness  Weak Independence & Completeness  Conclusions

14 Soundness ►Since type soundness for Java Wildcards is known [Cameron et al. 2008] we would hope that soundness of subtyping holds. ►In fact, we proved this (Theorem 1 in paper): Soundness: Δ ⊢ T 1 ≤ T 2 ⇒ Δ ⊨ T 1 ≤ T 2 ►By defining a suitable semantic type assignment we extended the soundness result to the type system ►Completeness could be reasonably expected: –result w.r.t. nominal subtyping (weaker than structural) –decidability of the syntactic type system is open ►However, completeness turns out not to hold

15 Incompleteness 1 ►Consider the type ∃X : [C C]. List ►The semantic model “knows” that X must hide C : –[[ ∃X : [C C]. List ]] = {List } = [[List ]] ►In particular, ⊨ ∃X : [C C]. List ≤ List holds ►This subtyping cannot be derived syntactically –syntactic rules cannot identify the “uniqueness” of X ►What if we add a rule specifically for such cases? Δ ⊢ ∃X : [B U]. N ≤ N{B/X} Δ ⊢ B ≤ U Δ ⊢ U ≤ B (eq)

16 Incompleteness 2 ►This is still not enough. Consider now the types T 1 = ∃X : [ ⊥ Y], ∃Y : [X Object]. Pair T 2 = ∃Z : [ ⊥ Object]. Pair ►The bounds on X and Y can only be satisfied if the same (closed class) type is chosen to replace each –the model shows this: [[ T 1 ]] = [[ T 2 ]] ►In particular, ⊨ T 1 ≤ T 2 holds, but not syntactically ►Further examples make completeness unfeasible ►But, could we find a restricted type language for which completeness does hold?

17 Outline  Java Wildcards & Existential Types  Semantic Model for Existential Types  Soundness & (In-)Completeness  Weak Independence & Completeness  Conclusions

18 Completeness? When does Δ ⊨ T 1 ≤ T 2 ⇒ Δ ⊢ T 1 ≤ T 2 hold ?

19 Completeness? When does Δ ⊨ T 1 ≤ T 2 ⇒ Δ ⊢ T 1 ≤ T 2 hold ?

20 Completeness? When does Δ ⊨ T 1 ≤ T 2 ⇒ Δ ⊢ T 1 ≤ T 2 hold ?

21 Completeness? ⊨ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ?

22 Completeness? ⊨ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ? [[ ∃Δ 1.N 1 ]] ⊆ [[ ∃Δ 2.N 2 ]] ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ? U σ 1 with Δ 1 ⊢ σ 1 [[ σ 1 (N 1 ) ]] ⊆ U σ 2 with Δ 2 ⊢ σ 2 [[ σ 2 (N 2 ) ]] ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ?

23 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ?

24 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ?

25 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ?

26 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X

27 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X

28 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y Y

29 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y Y

30 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y Y

31 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y Y

32 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y Y

33 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y

34 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y

35 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y

36 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y

37 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y

38 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y

39 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? Y = Y X X

40 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? X X Y = Y X X

41 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ ? Y = Y X X X X

42 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ there exists σ 3 with Δ 2 ⊢ σ 3 such that N 1 = σ 3 (N 2 ) Y = Y X X X X

43 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ there exists σ 3 with Δ 2 ⊢ σ 3 such that N 1 = σ 3 (N 2 ) ⇒ ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 Y = Y X X X X

44 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ there exists σ 3 with Δ 2 ⊢ σ 3 such that N 1 = σ 3 (N 2 ) ►The red property below is sufficient to deduce completeness ( Δ 1 is “rich” in the language of paper) ►Previous pictures suggest it is enough for there to be “sufficiently different” instantiations for Δ 1 ►This is not quite enough, with multiple variables ►e.g., Δ 1 = X : [ ⊥ C], Y : [X X] and Δ 2 = Z : [ ⊥ C] and N 1 = Pair and N 2 = Pair

45 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇒ there exists σ 3 with Δ 2 ⊢ σ 3 such that N 1 = σ 3 (N 2 ) ►The red property below is sufficient to deduce completeness ( Δ 1 is “rich” in the language of paper) ►Previous pictures suggest it is enough for there to be “sufficiently different” instantiations for Δ 1 ►This is not quite enough, with multiple variables ►e.g., Δ 1 = X : [ ⊥ C], Y : [X X] and Δ 2 = Z : [ ⊥ C] and N 1 = Pair and N 2 = Pair

46 Completeness? (forall σ 1 with Δ 1 ⊢ σ 1 there exists σ 2 with Δ 2 ⊢ σ 2 such that σ 1 (N 1 ) = σ 2 (N 2 )) ⇏ there exists σ 3 with Δ 2 ⊢ σ 3 such that N 1 = σ 3 (N 2 ) ►The red property below is sufficient to deduce completeness ( Δ 1 is “rich” in the language of paper) ►Previous pictures suggest it is enough for there to be “sufficiently different” instantiations for Δ 1 ►This is not quite enough, with multiple variables ►e.g., Δ 1 = X : [ ⊥ C], Y : [X X] and Δ 2 = Z : [ ⊥ C] and N 1 = Pair and N 2 = Pair

47 Completeness? ►The red property below is sufficient to deduce completeness ( Δ 1 is “rich” in the language of paper) ►Previous pictures suggest it is enough for there to be “sufficiently different” instantiations for Δ 1 ►This is not quite enough, with multiple variables ►e.g., Δ 1 = X : [ ⊥ C], Y : [X X] and Δ 2 = Z : [ ⊥ C] and N 1 = Pair and N 2 = Pair ►We need that each variable in Δ 1 gets sufficiently varied instantiations independently of the others...

48 Weak Independence ►We define two types to be sufficiently different if the uppermost class types in their structure differ ►We say Δ 1 is weakly independent if for each variable X in Δ 1 there exist two substitutions σ 1, σ 2 such that σ 1 (X) is sufficiently different from σ 2 (X) and for all other variables Y in Δ 1, σ 1 (Y) = σ 2 (Y) ►Essentially, each variable gets the chance to vary independently of the others ►e.g., X : [ ⊥ C], Y : [X X] is not weakly independent, but X : [String Object], Y : [X Object] is

49 Weak Completeness ►We proved a weak completeness result: If ⊨ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 and Δ 1 is weakly independent, then ⊢ ∃Δ 1.N 1 ≤ ∃Δ 2.N 2 ►Recall: all types can be written in the form ∃Δ.N (in which Δ is possibly empty) – this is not a restriction ►The result does not apply (yet) to open types (those featuring type parameters of the enclosing class) ►However, for closed types with weakly independent environments, syntactic subtyping is sound and complete with respect to our semantic model

50 Conclusions and Future Work ►Defined a semantic model for Java Wildcards ►Proved soundness of Java subtyping w.r.t. model ►Completeness does not hold in general ►Identified a restriction (weakly-independent environments) under which completeness holds ►For future work, open types should be handled ►Can we find a weaker restriction for completeness? ►Can non-trivial incompleteness arise in Java? ►we conjecture not, which would give us strong soundness and completeness results for Java subtyping

51 Finally… ►Thank you for listening! Y = Y X X X X

Download ppt "Towards a Semantic Model for Java Wildcards Sophia Drossopoulou Mariangiola Dezani-Ciancaglini Imperial College London Università di Torino Italy Nicholas."

Similar presentations

Types and Programming Languages Lecture 4 Simon Gay Department of Computing Science University of Glasgow 2006/07.

Types and Programming Languages Lecture 4 Simon Gay Department of Computing Science University of Glasgow 2006/07.
Types and Programming Languages Lecture 13 Simon Gay Department of Computing Science University of Glasgow 2006/07.

Types and Programming Languages Lecture 13 Simon Gay Department of Computing Science University of Glasgow 2006/07.
Boyce/DiPrima 9th ed, Ch 2.8: The Existence and Uniqueness Theorem Elementary Differential Equations and Boundary Value Problems, 9th edition, by William.

Boyce/DiPrima 9th ed, Ch 2.8: The Existence and Uniqueness Theorem Elementary Differential Equations and Boundary Value Problems, 9th edition, by William.
Constraint Semantics for Abstract Read Permissions 28 th July 2014, FTfJP, Uppsala John Tang Boyland (UW-Milwaukee/ETH Zurich) Peter Müller, Malte Schwerhoff,

Constraint Semantics for Abstract Read Permissions 28 th July 2014, FTfJP, Uppsala John Tang Boyland (UW-Milwaukee/ETH Zurich) Peter Müller, Malte Schwerhoff,
1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.

1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.
1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.

1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.
Copyright © Cengage Learning. All rights reserved.

Copyright © Cengage Learning. All rights reserved.
Lecture 6 Hyperreal Numbers (Nonstandard Analysis)

Lecture 6 Hyperreal Numbers (Nonstandard Analysis)
1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.
A Semantic Characterization of Unbounded-Nondeterministic Abstract State Machines Andreas Glausch and Wolfgang Reisig 1.

A Semantic Characterization of Unbounded-Nondeterministic Abstract State Machines Andreas Glausch and Wolfgang Reisig 1.
1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.
1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.
Introduction to Computability Theory

Introduction to Computability Theory
Foundations of Programming Languages: Introduction to Lambda Calculus

Foundations of Programming Languages: Introduction to Lambda Calculus
1 Basic abstract interpretation theory. 2 The general idea §a semantics l any definition style, from a denotational definition to a detailed interpreter.

1 Basic abstract interpretation theory. 2 The general idea §a semantics l any definition style, from a denotational definition to a detailed interpreter.
Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.

Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.
Slides prepared by Rose Williams, Binghamton University Chapter 13 Interfaces and Inner Classes.

Slides prepared by Rose Williams, Binghamton University Chapter 13 Interfaces and Inner Classes.
13. The Weak Law and the Strong Law of Large Numbers

13. The Weak Law and the Strong Law of Large Numbers
A logic for reasoning about digital rights Riccardo Pucella, Vicky Weissman Cornell University.

A logic for reasoning about digital rights Riccardo Pucella, Vicky Weissman Cornell University.
Taming the Wildcards: Combining Definition- and Use-Site Variance – Altidor John Altidor Taming the Wildcards: Combining Definition- and Use-Site Variance.

Taming the Wildcards: Combining Definition- and Use-Site Variance – Altidor John Altidor Taming the Wildcards: Combining Definition- and Use-Site Variance.

Similar presentations

Ads by Google