Article

Modular typestate checking of aliased objects

Authors:

Kevin Bierhoff,

Jonathan AldrichAuthors Info & Claims

OOPSLA '07: Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems, languages and applications

Pages 301 - 320

https://doi.org/10.1145/1297027.1297050

Published: 21 October 2007 Publication History

Abstract

Objects often define usage protocols that clients must follow inorder for these objects to work properly. Aliasing makes itnotoriously difficult to check whether clients and implementations are compliant with such protocols. Accordingly, existing approaches either operate globally or severely restrict aliasing.

We have developed a sound modular protocol checking approach, based on typestates, that allows a great deal of flexibility in aliasing while guaranteeing the absence of protocol violations at runtime. The main technical contribution is a novel abstraction, access permissions, that combines typestate and object aliasing information. In our methodology, developers express their protocol design intent through annotations based on access permissions. Our checking approach then tracks permissions through method implementations. For each object reference the checker keeps track of the degree of possible aliasing and is appropriately conservativein reasoning about that reference. This helps developers account for object manipulations that may occur through aliases. The checking approach handles inheritance in a novel way, giving subclasses more flexibility in method overriding. Case studies on Java iterators and streams provide evidence that access permissions can model realistic protocols, and protocol checking based on access permissions can be used to reason precisely about the protocols that arise in practice.

References

[1]

T. Ball and S. K. Rajamani. Automatically validating temporal safety properties of interfaces. In Proc. of the Eighth SPIN Workshop, pages 101--122, May 2001.

Digital Library

[2]

M. Barnett, R. DeLine, M. Fähndrich, K. R. M. Leino, and W. Schulte. Verification of object-oriented programs with invariants. Journal of Object Technology, 3(6):27--56, June 2004.

[3]

K. Bierhoff. Iterator specification with typestates. In 5th Int. Workshop on Specification and Verification of Component- Based Systems, pages 79--82. ACM Press, Nov. 2006.

Digital Library

[4]

K. Bierhoff and J. Aldrich. Lightweight object specification with typestates. In Joint European Software Engineering Conference and ACM Symposium on the Foundations of Software Engineering, pages 217--226. ACM Press, Sept. 2005.

Digital Library

[5]

K. Bierhoff and J. Aldrich. Modular typestate verification of aliased objects. Technical Report CMUISRI-07-105, Carnegie Mellon University, Mar. 2007. http://reports-archive.adm.cs.cmu.edu/anon/isri2007/CMUISRI-07-105.pdf.

[6]

J. Boyland. Checking interference with fractional permissions. In Int. Symposium on Static Analysis, pages 55--72. Springer, 2003.

[7]

J. T. Boyland and W. Retert. Connecting effects and uniqueness with adoption. In ACM Symposium on Principles of Programming Languages, pages 283--295, Jan. 2005.

Digital Library

[8]

S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. In Int. Conference on Software Engineering, pages 385--395, May 2003.

Digital Library

[9]

W.-N. Chin, S.-C. Khoo, S. Qin, C. Popeea, and H. H. Nguyen. Verifying safety policies with size properties and alias controls. In Int. Conference on Software Engineering, pages 186--195, May 2005.

Digital Library

[10]

M. Degen, P. Thiemann, and S. Wehr. Tracking linear and affine resources with Java(X). In European Conference on Object-Oriented Programming. Springer, Aug. 2007.

Digital Library

[11]

R. DeLine and M. Fähndrich. Enforcing high-level protocols in low-level software. In ACM Conference on Programming Language Design and Implementation, pages 59--69, 2001.

Digital Library

[12]

R. DeLine and M. Fähndrich. Typestates for objects. In European Conference on Object-Oriented Programming, pages 465--490. Springer, 2004.

[13]

M. Fähndrich and R. DeLine. Adoption and focus: Practical linear types for imperative programming. In ACM Conference on Programming Language Design and Implementation, pages 13--24, June 2002.

Digital Library

[14]

S. Fink, E. Yahav, N. Dor, G. Ramalingam, and E. Geay. Effective typestate verification in the presence of aliasing. In ACM Int. Symposium on Software Testing and Analysis, pages 133--144, July 2006.

Digital Library

[15]

C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. Saxe, and R. Stata. Extended static checking for Java. In ACM Conference on Programming Language Design and Implementation, pages 234--245, May 2002.

Digital Library

[16]

J. Foster, T. Terauchi, and A. Aiken. Flow-sensitive type qualifiers. In ACM Conference on Programming Language Design and Implementation, pages 1--12, 2002.

Digital Library

[17]

D. Giannakopoulou, C. S. Pǎsǎreanu, and J. M. Cobleigh. Assume-guarantee verification of source code with designlevel assumptions. In Int. Conference on Software Engineering, pages 211--220, May 2004.

Digital Library

[18]

J.-Y. Girard. Linear logic. Theoretical Computer Science, 50:1--102, 1987.

Digital Library

[19]

S. Hallem, B. Chelf, Y. Xie, and D. Engler. A system and language for building system-specific, static analyses. In ACM Conference on Programming Language Design and Implementation, pages 69--82, 2002.

Digital Library

[20]

D. Harel. Statecharts: A visual formalism for complex systems. Sci. Comput. Programming, 8:231--274, 1987.

Digital Library

[21]

T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In ACM Symposium on Principles of Programming Languages, pages 58--70, 2002.

Digital Library

[22]

G. Hughes and T. Bultan. Interface grammars for modular software model checking. In ACM Int. Symposium on Software Testing and Analysis, pages 39--49. ACM Press, July 2007.

Digital Library

[23]

A. Igarashi and N. Kobayashi. Resource usage analysis. In ACM Symposium on Principles of Programming Languages, pages 331--342, Jan. 2002.

Digital Library

[24]

A. Igarashi, B. Pierce, and P. Wadler. Featherweight Java: A minimal core calculus for Java and GJ. In ACM Conference on Object-Oriented Programming, Systems, Languages & Applications, pages 132--146, 1999.

Digital Library

[25]

V. Kuncak, P. Lam, K. Zee, and M. Rinard. Modular pluggable analyses for data structure consistency. IEEE Transactions on Software Engineering, 32(12), Dec. 2006.

Digital Library

[26]

G. T. Leavens, A. L. Baker, and C. Ruby. JML: A notation for detailed design. In H. Kilov, B. Rumpe, and I. Simmonds, editors, Behavioral Specifications of Businesses and Systems, pages 175--188. Kluwer Academic Publishers, Boston, 1999.

Digital Library

[27]

K. R. M. Leino. Data groups: Specifying the modification of extended state. In ACM Conference on Object-Oriented Programming, Systems, Languages & Applications, pages 144--153, Oct. 1998.

Digital Library

[28]

P. Lincoln and A. Scedrov. First-order linear logic without modalities is NEXPTIME-hard. Theoretical Computer Science, 135:139--154, 1994.

Digital Library

[29]

B. H. Liskov and J. M. Wing. A behavioral notion of subtyping. ACM Transactions on Programming Languages and Systems, 16(6):1811--1841, Nov. 1994.

Digital Library

[30]

Y. Mandelbaum, D. Walker, and R. Harper. An effective theory of type refinements. In ACM Int. Conference on Functional Programming, pages 213--225, 2003.

Digital Library

[31]

M. G. Nanda, C. Grothoff, and S. Chandra. Deriving object typestates in the presence of inter-object references. In ACM Conference on Object-Oriented Programming, Systems, Languages & Applications, pages 77--96, 2005.

Digital Library

[32]

G. Ramalingam, A. Warshavsky, J. Field, D. Goyal, and M. Sagiv. Deriving specialized program analyses for certifying component-client conformance. In ACM Conference on Programming Language Design and Implementation, pages 83--94, 2002.

Digital Library

[33]

F. Smith, D. Walker, and G. Morrisett. Alias types. In European Symposium on Programming, pages 366--381. Springer, 2000.

Digital Library

[34]

R. E. Strom and S. Yemini. Typestate: A programming language concept for enhancing software reliability. IEEE Transactions on Software Engineering, 12:157--171, 1986.

Digital Library

[35]

G. Tan, X. Ou, and D. Walker. Enforcing resource usage protocols via scoped methods. In Int. Workshop on Foundations of Object-Oriented Languages, 2003.

[36]

P. Wadler. Linear types can change the world! In Working Conference on Programming Concepts and Methods, pages 347--359. North Holland, 1990.

Digital Library

Cited By

Saffrich HNishida YThiemann P(2024)Law and Order for Typestate with BorrowingProceedings of the ACM on Programming Languages10.1145/36897638:OOPSLA2(1475-1503)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689763
Cheng XRen JSui Y(2024)Fast Graph Simplification for Path-Sensitive Typestate Analysis through Tempo-Spatial Multi-Point SlicingProceedings of the ACM on Software Engineering10.1145/36437491:FSE(494-516)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643749
Stricker NLian YJiang YJones CThiele L(2023)Self-triggered Control with Energy Harvesting Sensor NodesACM Transactions on Cyber-Physical Systems10.1145/35973117:3(1-31)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3597311
Show More Cited By

Index Terms

Modular typestate checking of aliased objects

Recommendations

Foundations of Typestate-Oriented Programming

Typestate reflects how the legal operations on imperative objects can change at runtime as their internal state changes. A typestate checker can statically ensure, for instance, that an object method is only called when the object is in a state for which ...
Typestate-like analysis of multiple interacting objects
OOPSLA '08: Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications

This paper presents a static analysis of typestate-like temporal specifications of groups of interacting objects, which are expressed using tracematches. Whereas typestate expresses a temporal specification of one object, a tracematch state may change ...
Modular typestate checking of aliased objects
Proceedings of the 2007 OOPSLA conference

Objects often define usage protocols that clients must follow inorder for these objects to work properly. Aliasing makes itnotoriously difficult to check whether clients and implementations are compliant with such protocols. Accordingly, existing ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

OOPSLA '07: Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems, languages and applications

October 2007

728 pages

ISBN:9781595937865

DOI:10.1145/1297027

General Chair:
Richard P. Gabriel
IBM Research, USA
,
Program Chairs:
David F. Bacon
IBM Research, USA
,
Cristina Videira Lopes
University of California, Irvine, USA
,
Guy L. Steele
Sun Labs, USA

ACM SIGPLAN Notices Volume 42, Issue 10
Proceedings of the 2007 OOPSLA conference
October 2007
686 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1297105
Issue’s Table of Contents

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 October 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

OOPSLA07

Sponsor:

OOPSLA07: ACM SIGPLAN Object Oriented Programming Systems and Applications Conference

October 21 - 25, 2007

Quebec, Montreal, Canada

Acceptance Rates

OOPSLA '07 Paper Acceptance Rate 33 of 156 submissions, 21%;

Overall Acceptance Rate 268 of 1,244 submissions, 22%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

170
Total Citations
View Citations
803
Total Downloads

Downloads (Last 12 months)29
Downloads (Last 6 weeks)3

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Saffrich HNishida YThiemann P(2024)Law and Order for Typestate with BorrowingProceedings of the ACM on Programming Languages10.1145/36897638:OOPSLA2(1475-1503)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689763
Cheng XRen JSui Y(2024)Fast Graph Simplification for Path-Sensitive Typestate Analysis through Tempo-Spatial Multi-Point SlicingProceedings of the ACM on Software Engineering10.1145/36437491:FSE(494-516)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643749
Stricker NLian YJiang YJones CThiele L(2023)Self-triggered Control with Energy Harvesting Sensor NodesACM Transactions on Cyber-Physical Systems10.1145/35973117:3(1-31)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3597311
Li TLi YZhang MTarkoma SHui P(2023)You Are How You Use Apps: User Profiling Based on Spatiotemporal App Usage BehaviorACM Transactions on Intelligent Systems and Technology10.1145/359721214:4(1-21)Online publication date: 21-Jul-2023
https://dl.acm.org/doi/10.1145/3597212
Allard MSmith SChatzilygeroudis KLim BCully A(2023)Online Damage Recovery for Physical Robots with Hierarchical Quality-DiversityACM Transactions on Evolutionary Learning and Optimization10.1145/35969123:2(1-23)Online publication date: 17-May-2023
https://dl.acm.org/doi/10.1145/3596912
Cavenaghi ESottocornola GStella FZanker M(2023)A Systematic Study on Reproducibility of Reinforcement Learning in Recommendation SystemsACM Transactions on Recommender Systems10.1145/35965191:3(1-23)Online publication date: 14-Jul-2023
https://dl.acm.org/doi/10.1145/3596519
Zhang YZhao CLiao WZhou WYuan M(2023)Asymmetrical Attention Networks Fused Autoencoder for Debiased RecommendationACM Transactions on Intelligent Systems and Technology10.1145/359649814:6(1-24)Online publication date: 14-Nov-2023
https://dl.acm.org/doi/10.1145/3596498
Arslanagić ASubotić PPérez J(2023)Bit-Vector Typestate AnalysisFormal Aspects of Computing10.1145/359529935:3(1-36)Online publication date: 13-Sep-2023
https://dl.acm.org/doi/10.1145/3595299
Zhang YTennekes Mde Jong TCurier LCoecke BChen M(2023)Simulation-Based Optimization of User Interfaces for Quality-Assuring Machine Learning Model PredictionsACM Transactions on Interactive Intelligent Systems10.1145/3594552Online publication date: 17-May-2023
https://dl.acm.org/doi/10.1145/3594552
Côté HMcKenzie P(2023)Catalytic branching programs from groups and general protocolsACM Transactions on Computation Theory10.1145/3583085Online publication date: 17-May-2023
https://dl.acm.org/doi/10.1145/3583085
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents