A Java typestate checker supporting inheritance

This work was partially supported by the EU H2020 RISE programme under the Marie Skłodowska-Curie grant agreement No. 778233 (BehAPI) and by NOVA LINCS UIDB/04516/2020/TRA/BIM/07 ) via the Portuguese Fundação para a Ciência e a Tecnologia. Publisher Copyright: © 2022 Elsevier B.V.Detecting programming errors in software is increasingly important, and building tools that help developers with this task is a crucial area of investigation on which the industry depends. Leveraging on the observation that in Object-Oriented Programming (OOP) it is natural to define stateful objects where the safe use of methods depends on their internal state, we present Java Typestate Checker (JATYC), a tool that verifies Java source code with respect to typestates. A typestate defines the object's states, the methods that can be called in each state, and the states resulting from the calls. The tool statically verifies that when a Java program runs: sequences of method calls obey to object's protocols; objects' protocols are completed; null-pointer exceptions are not raised; subclasses' instances respect the protocol of their superclasses. To the best of our knowledge, this is the first OOP tool that simultaneously tackles all these aspects.publishersversionpublishe

Deadlock-Free Typestate-Oriented Programming

Context. TypeState-Oriented Programming (TSOP) is a paradigm intended to help developers in the implementation and use of mutable objects whose public interface depends on their private state. Under this paradigm, well-typed programs are guaranteed to conform with the protocol of the objects they use. Inquiry. Previous works have investigated TSOP for both sequential and concurrent objects. However, an important difference between the two settings still remains. In a sequential setting, a well-typed program either progresses indefinitely or terminates eventually. In a concurrent setting, protocol conformance is no longer enough to avoid deadlocks, a situation in which the execution of the program halts because two or more objects are involved in mutual dependencies that prevent any further progress. Approach. In this work, we put forward a refinement of TSOP for concurrent objects guaranteeing that well-typed programs not only conform with the protocol of the objects they use, but are also deadlock free. The key ingredients of the type system are behavioral types, used to specify and enforce object protocols, and dependency relations, used to represent abstract descriptions of the dependencies between objects and detect circularities that might cause deadlocks. Knowledge. The proposed approach stands out for two features. First, the approach is fully compositional and therefore scalable: the objects of a large program can be type checked in isolation; deadlock freedom of an object composition solely depends on the types of the objects being composed; any modification/refactoring of an object that does not affect its public interface does not affect other objects either. Second, we provide the first deadlock analysis technique for join patterns, a high-level concurrency abstraction with which programmers can express complex synchronizations in a succinct and declarative form. Grounding. We detail the proposed typing discipline for a core programming language blending concurrent objects, asynchronous message passing and join patterns. We prove that the type system is sound and give non-trivial examples of programs that can be successfully analyzed. A Haskell implementation of the type system that demonstrates the feasibility of the approach is publicly available. Importance. The static analysis technique described in this work can be used to certify programs written in a core language for concurrent TSOP with proven correctness guarantees. This is an essential first step towards the integration and application of the technique in a real-world developer toolchain, making programming of such systems more productive and less frustrating

Structuring Documentation to Support State Search: A Laboratory Experiment about Protocol Programming

Abstract. Application Programming Interfaces (APIs) often define object protocols. Objects with protocols have a finite number of states and in each state a different set of method calls is valid. Many researchers have developed protocol verification tools because protocols are notoriously difficult to follow correctly. However, recent research suggests that a major challenge for API protocol programmers is effectively searching the state space. Verification is an ineffective guide for this kind of search. In this paper we instead propose Plaiddoc, which is like Javadoc except it organizes methods by state instead of by class and it includes explicit state transitions, state-based type specifications, and rich state relationships. We compare Plaiddoc to a Javadoc control in a betweensubjects laboratory experiment. We find that Plaiddoc participants complete state search tasks in significantly less time and with significantly fewer errors than Javadoc participants

State Controlled Object Oriented Programming

In this thesis, we examine an extension to the idea of object oriented programming to make programs easier for people and compilers to understand. Often objects behave differently depending on the history of past operations as well as their input that is their behavior depends on state. We may think of the fields of an object as encoding two kinds of information: data that makes up the useful information in the object and state that controls its behavior. Object oriented languages do not distinguish these two. We propose that by specifying these two, programs become clearer for people to write and understand and easier for machines to transform and optimize. We introduce the notion of state controlled object oriented programming, abbreviated as “SCOOP”, which encompasses explicit support of state in objects. While introducing an extension to object oriented programming, our objective is to minimize any burden on the programmer while programming with SCOOP. Static detection of the current state of an object by programming languages has been a challenge. To overcome this challenge without compromising our objective, a technique is presented that advances contemporary work. We propose an implementation scheme for a SCOOP compiler that effectively synchronizes the external and internal representation of state of objects. As an implication of this scheme, SCOOP would provide the memento design pattern by default. We also show how a portion of an object particular to its state can be replaced dynamically, allowing state dependent polymorphism. Further, we discuss how programs coded in SCOOP can be model checked