49 research outputs found
A Syntactic Model of Mutation and Aliasing
Traditionally, semantic models of imperative languages use an auxiliary
structure which mimics memory. In this way, ownership and other encapsulation
properties need to be reconstructed from the graph structure of such global
memory. We present an alternative "syntactic" model where memory is encoded as
part of the program rather than as a separate resource. This means that
execution can be modelled by just rewriting source code terms, as in semantic
models for functional programs. Formally, this is achieved by the block
construct, introducing local variable declarations, which play the role of
memory when their initializing expressions have been evaluated. In this way, we
obtain a language semantics which directly represents at the syntactic level
constraints on aliasing, allowing simpler reasoning about related properties.
To illustrate this advantage, we consider the issue, widely studied in the
literature, of characterizing an isolated portion of memory, which cannot be
reached through external references. In the syntactic model, closed block
values, called "capsules", provide a simple representation of isolated portions
of memory, and capsules can be safely moved to another location in the memory,
without introducing sharing, by means of "affine' variables. We prove that the
syntactic model can be encoded in the conventional one, hence efficiently
implemented.Comment: In Proceedings DCM 2018 and ITRS 2018 , arXiv:1904.0956
Information Flow Control-by-Construction for an Object-Oriented Language Using Type Modifiers
In security-critical software applications, confidential information must be
prevented from leaking to unauthorized sinks. Static analysis techniques are
widespread to enforce a secure information flow by checking a program after
construction. A drawback of these systems is that incomplete programs during
construction cannot be checked properly. The user is not guided to a secure
program by most systems. We introduce IFbCOO, an approach that guides users
incrementally to a secure implementation by using refinement rules. In each
refinement step, confidentiality or integrity (or both) is guaranteed alongside
the functional correctness of the program, such that insecure programs are
declined by construction. In this work, we formalize IFbCOO and prove soundness
of the refinement rules. We implement IFbCOO in the tool CorC and conduct a
feasibility study by successfully implementing case studies
FHJ: A Formal Model for Hierarchical Dispatching and Overriding
Multiple inheritance is a valuable feature for Object-Oriented Programming. However, it is also tricky to get right, as illustrated by the extensive literature on the topic. A key issue is the ambiguity arising from inheriting multiple parents, which can have conflicting methods. Numerous existing work provides solutions for conflicts which arise from diamond inheritance: i.e. conflicts that arise from implementations sharing a common ancestor. However, most mechanisms are inadequate to deal with unintentional method conflicts: conflicts which arise from two unrelated methods that happen to share the same name and signature.
This paper presents a new model called Featherweight Hierarchical Java (FHJ) that deals with unintentional method conflicts. In our new model, which is partly inspired by C++, conflicting methods arising from unrelated methods can coexist in the same class, and hierarchical dispatching supports unambiguous lookups in the presence of such conflicting methods. To avoid ambiguity, hierarchical information is employed in method dispatching, which uses a combination of static and dynamic type information to choose the implementation of a method at run-time. Furthermore, unlike all existing inheritance models, our model supports hierarchical method overriding: that is, methods can be independently overridden along the multiple inheritance hierarchy. We give illustrative examples of our language and features and formalize FHJ as a minimal Featherweight-Java style calculus