AN EXCEPTION AWARE
BEHAVIORAL TYPE SYSTEM FOR
OBJECT-ORIENTED PROGRAMS
CITI / Departamento de Informática
Universidade Nova de Lisboa - Portugal
CoRTA 2009
Filipe Militão and Luís Caires
TravelOrder Class
class TravelOrder {
void flight(){ … }
void hotel(){ … }
void
buy(){ … }
void cancel(){ … }
string show(){ … }
}
TravelOrder Documentation
/**
* A TravelOrder requires the selection of
* a flight and an hotel before it can be bought
* or canceled.
*/
TravelOrder Class
class TravelOrder {
only available on specific situations
void flight(){ … }
void hotel(){ … }
void
buy(){ … }
void cancel(){ … }
string show(){ … }
}
can be called freely
Background

Increasing software complexity
 Effort
to eliminate bugs
 Faster feedback on errors (static detection)
Objectives and Contributions






Statically check the externally observable
behavior of objects
(based on formal description)
Guarantee termination (reaches stop)
Exceptions (checked)
Linear ownership + Borrowing (call-by-ref)
Class body consistent with class behavior
Working prototype
Checking call sequences
flight(…)
TravelOrder
object
hotel(…)
buy()
flight
. hotel
. buy
→ Hidden internal state (like in regular expressions)
→Tracks observable calls (i.e., the behavior), not states
What is a Behavioral Type?
TRAVELORDER TYPE
TYPE
TRAVELORDER BEHAVIOR
BEHAVIORAL
1st
2nd
3rd
void
void
flight
+
void
hotel
void
buy or cancel
string
hotel()
flight()
order()
cancel()
show()
Describing the Behavior
TRAVELORDER BEHAVIOR
1st flight
2nd hotel
rd buy expression-like
3Regular
protocol:
or cancel
flight . hotel . (buy + cancel)

What about “string show()” ?
free / non-behavioral, can be called at any time...
TravelOrder Class
class TravelOrder {
void
… }
usageflight(){
flight.hotel.(buy+cancel)
void hotel(){ … }
void
buy(){ … }
void cancel(){ … }
string show(){ … }
}
Example
let t in
t = new TravelOrder();
t.flight();
t.show();
t.hotel();
if( … )
t.buy()
else
t.cancel()
flight . hotelstop
. ( buy + cancel )
The rest of this talk…


Introduction
Type System
 Exceptions
 Linear
Ownership
 Borrowing




Subtyping
Consistency check
Related work
Future work
Basic typing judgement
expression
environment
(before)
type of
expression
environment
(after)
Sequence
e0
e1
T0
T1
Will be lost!
Example (try branch)
void method(N#buy[Error: undo] v){
try
v.buy()
catch(Error excp)
v.undo()
}
on Error  { v  undo }
buy [Error: undo]
v  stop
Example (catch branch)
void method(N#buy[Error: undo] v){
try
v.buy()
catch(Error excp)
v.undo()
}
on Error  { v  undo }
undo
v  stop
Exceptions - throw
expression
produces
compatible
environment
Exception
handler
for N
Runtime is
behavior
agnostic, so
thrown object
must be stopped
Exceptions - try catch
Try branch with
new exception
handler
Catch branch
restores old
handler
etry
T
ecatch
Linear Ownership

Only one owner at a time*
( *unless the object was borrowed… )
let t0 in
let t1 in
t0 = new TravelOrder();
t1 = t0 ;
t1.flight();
Type
t0.hotel()
Error!
t1  stop
t0  flight.hotel.(buy+cancel)
Borrowing

Checking call-by-reference
let t in
void orderStuff(TravelOrder#flight.hotel x)
t = new TravelOrder();
orderStuff(t);
t.buy()
t  flight.hotel.(buy+cancel)

Storing values requires owned permission
The rest of this talk…


Introduction
Type System
Exceptions
 Linear Ownership
 Borrowing





Subtyping
Consistency check
Related work
Future work
Subtyping


Structural subtyping
Requires compatible behavior
 Subtype
must accept same behavior as super…
(flight+swim).hotel <: flight.hotel
flight.hotel
<: flight[Full: cancel].hotel
Consistency check

Server code must also obey protocols
class ABC {
usage a.b.c
TravelOrder t;
void a(){ t = new TravelOrder(); }
void b(){ t.flight(); }
Type
void c(){ t.buy(); Error!
}
}
Related work

Resource usage analysis (2002)
Atsushi Igarashi and Naoki Kobayashi



Lightweight object specification with typestates (2007)
Kevin Bierhoff and Jonathan Aldrich
Dynamic interfaces (2009)
Vasco T. Vasconcelos, Simon Gay, António Ravara, Nils Gesbert,
and Alexandre Z. Caldeira.
…
Future work

Concurrency
Questions?
Filipe Militão and Luís Caires

Paper:
AN EXCEPTION AWARE BEHAVIORAL TYPE SYSTEM FOR
OBJECT-ORIENTED PROGRAMS

Web site:
YAK PROTOTYPE
http://ctp.di.fct.unl.pt/yak/