research-article

Public Access

Rust-like borrowing with 2nd-class values (short paper)

Authors:

Tiark RompfAuthors Info & Claims

SCALA 2017: Proceedings of the 8th ACM SIGPLAN International Symposium on Scala

Pages 13 - 17

https://doi.org/10.1145/3136000.3136010

Published: 22 October 2017 Publication History

Abstract

The Rust programming language demonstrates that memory safety can be achieved in a practical systems language, based on a sophisticated type system that controls object lifetimes and aliasing through notions of ownership and borrowing. While Scala has traditionally targeted only managed language runtimes, the ScalaNative effort makes Scala a viable low-level language as well. Thus, memory safety becomes an important concern, and the question bears asking what, if anything, Scala can learn from Rust. In addition, Rust's type system can encode forms of protocols, state machines, and session types, which would also be useful for Scala in general. A key challenge is that Rust's typing rules are inherently flow-sensitive, but Scala's type system is not. In this paper, we sketch one possible method of achieving static guarantees similar to Rust with only mild extensions to Scala's type system. Our solution is based on two components: First, the observation that continuation passing style (CPS) or monadic style can transform a flow-sensitive checking problem into a type-checking problem based on scopes. Second, on a previously presented type system extension with second-class values, which we use to model scope-based lifetimes.

References

[1]

J. Aldrich, V. Kostadinov, and C. Chambers. Alias Annotations for Program Understanding. In Proceedings of the 17th ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications, OOPSLA ’02, pages 311–330, New York, NY, USA, 2002. ACM.

Digital Library

[2]

A. Banerjee and D. A. Schmidt. Stackability in the simply-typed callby-value lambda calculus. Sci. Comput. Program., 31(1):47–73, 1998.

Digital Library

[3]

A. Beingessner and S. Klabnik. The Rustonomicon: The Dark Arts of Advanced and Unsafe Rust Programming. https://doc.rust-lang.org/ nomicon/references.html, 2016.

[4]

J. Boyland. Alias burying: Unique variables without destructive reads. Software: Practice and Experience, 31(6):533–553, 2001.

Digital Library

[5]

J. Boyland, J. Noble, and W. Retert. Capabilities for Sharing. In J. L. Knudsen, editor, ECOOP 2001 — Object-Oriented Programming: 15th European Conference Budapest, Hungary, June 18–22, 2001 Proceedings, pages 2–27. Springer Berlin Heidelberg, Berlin, Heidelberg, 2001.

[6]

E. Burmako. Scala Macros: Let Our Powers Combine!: On How Rich Syntax and Static Types Work with Metaprogramming. In Proceedings of the 4th Workshop on Scala, SCALA ’13, pages 3:1—-3:10, New York, NY, USA, 2013. ACM.

Digital Library

[7]

D. Clarke, J. Östlund, I. Sergey, and T. Wrigstad. Ownership types: A survey. In Aliasing in Object-Oriented Programming, volume 7850 of Lecture Notes in Computer Science, pages 15–58. Springer, 2013.

Digital Library

[8]

D. Clarke and T. Wrigstad. External Uniqueness Is Unique Enough, pages 176–200. Springer Berlin Heidelberg, Berlin, Heidelberg, 2003.

[9]

D. G. Clarke, J. M. Potter, and J. Noble. Ownership Types for Flexible Alias Protection. In Proceedings of the 13th ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications, OOPSLA ’98, pages 48–64, New York, NY, USA, 1998. ACM.

Digital Library

[10]

S. Clebsch, S. Drossopoulou, S. Blessing, and A. McNeil. Deny Capabilities for Safe, Fast Actors. In Proceedings of the 5th International Workshop on Programming Based on Actors, Agents, and Decentralized Control, AGERE! 2015, pages 1–12, New York, NY, USA, 2015. ACM.

[11]

W. Dietl, S. Drossopoulou, and P. Müller. Generic Universe Types, pages 28–53. Springer Berlin Heidelberg, Berlin, Heidelberg, 2007.

[12]

P. Haller. Isolated Actors for Race-Free Concurrent Programming. PhD thesis, 2010.

[13]

P. Haller and A. Loiko. LaCasa: Lightweight Affinity and Object Capabilities in Scala. Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, (Section 2):272–291, 2016.

Digital Library

[14]

P. Haller and M. Odersky. Capabilities for Uniqueness and Borrowing, pages 354–378. Springer Berlin Heidelberg, Berlin, Heidelberg, 2010.

[15]

J. Hannan. A type-based escape analysis for functional languages. J. Funct. Program., 8(3):239–273, 1998.

Digital Library

[16]

J. Hogg. Islands: Aliasing protection in object-oriented languages. In OOPSLA, pages 271–285. ACM, 1991.

[17]

R. Jung and J.-h. Jourdan. RustBelt: Securing the Foundations of the Rust Programming Language. https://people.mpi-sws.org/~dreyer/ papers/rustbelt/paper.pdf (under peer review), 2017.

[18]

N. D. Matsakis and F. S. Klock, II. The Rust language. Ada Lett., 34(3):103–104, oct 2014.

Digital Library

[19]

A. Moors, T. Rompf, P. Haller, and M. Odersky. Scala-virtualized. Proceedings of the ACM SIGPLAN 2012 Workshop on Partial Evaluation and Program Manipulation, pages 117–120, 2012.

Digital Library

[20]

J. Moses. The function of function in lisp or why the funarg problem should be called the environment problem. ACM Sigsam Bulletin, (15):13–27, 1970.

Digital Library

[21]

P. Müller and A. Rudich. Ownership Transfer in Universe Types. In Proceedings of the 22nd Annual ACM SIGPLAN Conference on Objectoriented Programming Systems and Applications, volume 42 of OOPSLA ’07, pages 461–478, New York, NY, USA, 2007. ACM.

Digital Library

[22]

K. Naden, R. Bocchino, J. Aldrich, and K. Bierhoff. A type system for borrowing permissions. In POPL, pages 557–570. ACM, 2012.

Digital Library

[23]

L. Osvald, G. Essertel, X. Wu, L. I. G. Alayón, and T. Rompf. Gentrification gone too far? affordable 2nd-class values for fun and (co-)effect. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, pages 234–251, New York, NY, USA, 2016. ACM.

Digital Library

[24]

E. Reed. Patina : A Formalization of the Rust Programming Language. (February):1–37, 2015.

[25]

T. Rompf, I. Maier, and M. Odersky. Implementing first-class polymorphic delimited continuations by a type-directed selective cpstransform. In Proceedings of the 14th ACM SIGPLAN international conference on Functional programming, ICFP ’09, pages 317–328, New York, NY, USA, 2009. ACM.

Digital Library

[26]

C. Strachey. Fundamental concepts in programming languages. HigherOrder and Symbolic Computation, 13(1/2):11–49, 2000.

Digital Library

[27]

W. Taha and M. F. Nielsen. Environment classifiers. In A. Aiken and G. Morrisett, editors, Conference Record of POPL 2003: The 30th SIGPLAN-SIGACT Symposium on Principles of Programming Languages, New Orleans, Louisisana, USA, January 15-17, 2003, pages 26–37. ACM, 2003.

Digital Library

[28]

J. Weizenbaum. The funarg problem explained. Technical report, MIT, Cambridge, Massachusetts, 1968.

[29]

T. Wrigstad. Ownership-Based Alias Management. PhD thesis, 2006.

[30]

T. Zhao, J. Baker, J. Hunt, J. Noble, and J. Vitek. Implicit ownership types for memory management. Sci. Comput. Program., 71(3):213–241, 2008.

Digital Library

Cited By

Brachthäuser JSchuster PLee EBoruch-Gruszecki A(2022)Effects, capabilities, and boxes: from scope-based reasoning to type-based reasoning and backProceedings of the ACM on Programming Languages10.1145/35273206:OOPSLA1(1-30)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3527320

Index Terms

Rust-like borrowing with 2nd-class values (short paper)
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features
        Control structures
        Patterns
  2. Software organization and properties
    1. Extra-functional properties
      1. Software safety
2. Theory of computation
  1. Semantics and reasoning
    1. Program constructs
      1. Type structures

Recommendations

Gentrification gone too far? affordable 2nd-class values for fun and (co-)effect
OOPSLA '16

First-class functions dramatically increase expressiveness, at the expense of static guarantees. In ALGOL or PASCAL, functions could be passed as arguments but never escape their defining scope. Therefore, function arguments could serve as temporary ...
Gentrification gone too far? affordable 2nd-class values for fun and (co-)effect
OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications

First-class functions dramatically increase expressiveness, at the expense of static guarantees. In ALGOL or PASCAL, functions could be passed as arguments but never escape their defining scope. Therefore, function arguments could serve as temporary ...
Short Paper: Rusty Types for Solid Safety
PLAS '16: Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security

Programs operating "close to the metal" necessarily handle memory directly. Because of this, they must be written in languages like C or C++. These languages lack any kind of guarantee on memory or race safety, often leading to security vulnerabilities ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SCALA 2017: Proceedings of the 8th ACM SIGPLAN International Symposium on Scala

October 2017

77 pages

ISBN:9781450355292

DOI:10.1145/3136000

General Chair:
Heather Miller
EPFL, Switzerland / Northeastern University, USA
,
Program Chairs:
Philipp Haller
KTH, Sweden
,
Ondřej Lhoták
University of Waterloo, Canada

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

In-Cooperation

SIGAda: ACM Special Interest Group on Ada Programming Language

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 October 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

SPLASH '17

Sponsor:

SIGPLAN

SPLASH '17: Conference on Systems, Programming, Languages, and Applications: Software for Humanity

October 22 - 23, 2017

BC, Vancouver, Canada

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
568
Total Downloads

Downloads (Last 12 months)121
Downloads (Last 6 weeks)20

Reflects downloads up to 15 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Brachthäuser JSchuster PLee EBoruch-Gruszecki A(2022)Effects, capabilities, and boxes: from scope-based reasoning to type-based reasoning and backProceedings of the ACM on Programming Languages10.1145/35273206:OOPSLA1(1-30)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3527320

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten