an exception aware behavioral type system for object-oriented programs

AN EXCEPTION AWARE BEHAVIORAL TYPE SYSTEM

FOR OBJECT-ORIENTED PROGRAMS

Filipe Militão and Luís Caires

CITI / Departamento de InformáticaUniversidade Nova de Lisboa - Portugal

CoRTA 2009

TravelOrder Classclass TravelOrder {

void flight(){ … } void hotel(){ … }

void buy(){ … } void cancel(){ … } string show(){ … }

}

TravelOrder Documentation

/** * A TravelOrder requires the selection of * a flight and an hotel before it can be bought * or canceled. */

TravelOrder Classclass TravelOrder {

void flight(){ … } void hotel(){ … }

void buy(){ … } void cancel(){ … } string show(){ … }

}

only available on specific situations

can be called freely

Background Increasing software complexity

Effort to eliminate bugs Faster feedback on errors (static detection)

Objectives and Contributions Statically check the externally

observable behavior of objects(based on formal description)

Guarantee termination (reaches stop) Exceptions (checked) Linear ownership + Borrowing (call-by-ref) Class body consistent with class behavior Working prototype

Checking call sequences

TravelOrder

object

flight(…)

hotel(…)

buy()

flight . hotel . buy

→ Hidden internal state (like in regular expressions)→Tracks observable calls (i.e., the behavior), not states

What is a Behavioral Type?

void hotel() void flight() void order() void cancel()string show()

1st flight2nd hotel3rd buy or cancel

TRAVELORDER TYPETRAVELORDER BEHAVIOR

+BEHAVIORAL

TYPE

Describing the Behavior

What about “string show()” ? free / non-behavioral, can be called at any time...

1st flight2nd hotel3rd buy or cancel

TRAVELORDER BEHAVIOR

. (buy + cancel)

Regular expression-like protocol:flight . hotel

TravelOrder Classclass TravelOrder {

usage flight.hotel.(buy+cancel) void flight(){ … } void hotel(){ … }

void buy(){ … } void cancel(){ … } string show(){ … }

}

Examplelet t in

t = new TravelOrder();t.flight();t.show();t.hotel();if( … )

t.buy()else

t.cancel()

flight . hotel . ( buy + cancel )stop

The rest of this talk… Introduction Type System

Exceptions Linear Ownership Borrowing

Subtyping Consistency check Related work Future work

Basic typing judgement

environment (before)

expression

type ofexpression

environment (after)

Sequence

e0 e1

T0 T1Will be lost!

Example (try branch)

void method(N#buy[Error: undo] v){try

v.buy()catch(Error excp)

v.undo()}

buy [Error: undo]v stopon Error { v undo }

Example (catch branch)

void method(N#buy[Error: undo] v){try

v.buy()catch(Error excp)

v.undo()}

undov stopon Error { v undo }

Exceptions - throwexpression produces

compatible environme

nt

Runtime is behavior

agnostic, so thrown object

must be stopped

Exception

handler for N

Exceptions - try catchTry branch with new exception handler

Catch branch restores old

handler

etry

ecatch

T

throw

“N”

Linear Ownership Only one owner at a time*

( *unless the object was borrowed… )let t0 in

let t1 int0 = new TravelOrder();t1 = t0 ;t1.flight();t0.hotel()

t0 t1 stop

flight.hotel.(buy+cancel)

TypeError!

Borrowing Checking call-by-reference

let t int = new TravelOrder();orderStuff(t);t.buy()

void orderStuff(TravelOrder#flight.hotel x)

Storing values requires owned permission

t flight.hotel.(buy+cancel)

The rest of this talk… Introduction Type System

Exceptions Linear Ownership Borrowing

Subtyping Consistency check Related work Future work

Subtyping Structural subtyping Requires compatible behavior

Subtype must accept same behavior as super…

flight.hotel

flight.hotel

(flight+swim).hotel <:

<: flight[Full: cancel].hotel

Consistency check

class ABC {

usage a.b.c

TravelOrder t;

void a(){ t = new TravelOrder(); }void b(){ t.flight(); }

void c(){ t.buy(); }

}

TypeError!

Server code must also obey protocols

Related work Resource usage analysis (2002)

Atsushi Igarashi and Naoki Kobayashi

Lightweight object specification with typestates (2007)Kevin Bierhoff and Jonathan Aldrich

Dynamic interfaces (2009)Vasco T. Vasconcelos, Simon Gay, António Ravara, Nils Gesbert, and Alexandre Z. Caldeira.

…

Future work Concurrency

Questions?

AN EXCEPTION AWARE BEHAVIORAL TYPE SYSTEM FOR OBJECT-ORIENTED PROGRAMS

Filipe Militão and Luís Caires

http://ctp.di.fct.unl.pt/yak/ YAK PROTOTYPE

Paper:

Web site: