skip to main content
research-article

LaCasa: lightweight affinity and object capabilities in Scala

Published:19 October 2016Publication History
Skip Abstract Section

Abstract

Aliasing is a known source of challenges in the context of imperative object-oriented languages, which have led to important advances in type systems for aliasing control. However, their large-scale adoption has turned out to be a surprisingly difficult challenge. While new language designs show promise, they do not address the need of aliasing control in existing languages.

This paper presents a new approach to isolation and uniqueness in an existing, widely-used language, Scala. The approach is unique in the way it addresses some of the most important obstacles to the adoption of type system extensions for aliasing control. First, adaptation of existing code requires only a minimal set of annotations. Only a single bit of information is required per class. Surprisingly, the paper shows that this information can be provided by the object-capability discipline, widely-used in program security. We formalize our approach as a type system and prove key soundness theorems. The type system is implemented for the full Scala language, providing, for the first time, a sound integration with Scala's local type inference. Finally, we empirically evaluate the conformity of existing Scala open-source code on a corpus of over 75,000 LOC.

References

  1. M. Abadi, C. Flanagan, and S. N. Freund. Types for safe locking: Static race detection for Java. ACM Trans. Program. Lang. Syst, 28(2):207–255, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. G. A. Agha. ACTORS: A Model of Concurrent Computation in Distributed Systems. MIT Press, Cambridge, MA, 1986. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. J. Aldrich, V. Kostadinov, and C. Chambers. Alias annotations for program understanding. In OOPSLA, pages 311–330, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. P. S. Almeida. Balloon types: Controlling sharing of state in data types. In ECOOP, pages 32–59, 1997.Google ScholarGoogle Scholar
  5. N. Amin, T. Rompf, and M. Odersky. Foundations of pathdependent types. In OOPSLA, pages 233–249, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. N. Amin, S. Grütter, M. Odersky, T. Rompf, and S. Stucki. The essence of dependent object types. In A List of Successes That Can Change the World, pages 249–272. Springer, 2016.Google ScholarGoogle Scholar
  7. B. Anderson, L. Bergstrom, D. Herman, J. Matthews, K. McAllister, M. Goregaokar, J. Moffitt, and S. Sapin. Experience report: Developing the Servo web browser engine using Rust. CoRR, abs/1505.07383, 2015.Google ScholarGoogle Scholar
  8. J. Armstrong, R. Virding, C. Wikström, and M. Williams. Concurrent Programming in Erlang. Prentice Hall, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. J. S. Auerbach, D. F. Bacon, R. Guerraoui, J. H. Spring, and J. Vitek. Flexible task graphs: a unified restricted thread programming model for Java. In LCTES, pages 1–11, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. H. G. Baker. ’use-once’ variables and linear objects - storage management, reflection and multi-threading. SIGPLAN Notices, 30(1):45–52, 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. G. Bierman, M. Parkinson, and A. Pitts. MJ: An imperative core calculus for Java and Java with effects. Technical Report UCAM-CL-TR-563, University of Cambridge, Computer Laboratory, Apr. 2003.Google ScholarGoogle Scholar
  12. G. M. Bierman, C. V. Russo, G. Mainland, E. Meijer, and M. Torgersen. Pause ’n’ play: Formalizing asynchronous C#. In ECOOP, pages 233–257, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. C. Boyapati, R. Lee, and M. C. Rinard. Ownership types for safe programming: Preventing data races and deadlocks. In OOPSLA, pages 211–230, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. J. Boyland. Alias burying: Unique variables without destructive reads. Softw, Pract. Exper, 31(6):533–553, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. Boyland. Checking interference with fractional permissions. In SAS, pages 55–72, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. L. Caires and J. C. Seco. The type discipline of behavioral separation. In POPL, pages 275–286, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. City of Asheville, NC, USA. Priority Places project. http: //priorityplaces.ashevillenc.gov/.Google ScholarGoogle Scholar
  18. D. Clarke and T. Wrigstad. External uniqueness is unique enough. In ECOOP, pages 176–200, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  19. D. Clarke, T. Wrigstad, J. Östlund, and E. B. Johnsen. Minimal ownership for active objects. In APLAS, pages 139–154, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. D. Clarke, J. Östlund, I. Sergey, and T. Wrigstad. Ownership types: A survey. In Aliasing in Object-Oriented Programming, volume 7850 of LNCS, pages 15–58. Springer, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. D. G. Clarke, J. Potter, and J. Noble. Ownership types for flexible alias protection. In OOPSLA, pages 48–64, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. S. Clebsch, S. Drossopoulou, S. Blessing, and A. McNeil. Deny capabilities for safe, fast actors. In [email protected], pages 1–12. ACM, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. D. Crockford. ADsafe. http://www.adsafe.org, 2011.Google ScholarGoogle Scholar
  24. B. C. d. S. Oliveira, A. Moors, and M. Odersky. Type classes as objects and implicits. In OOPSLA, pages 341–360, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. B. C. d. S. Oliveira, T. Schrijvers, W. Choi, W. Lee, and K. Yi. The implicit calculus: a new foundation for generic programming. In PLDI, pages 35–44, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. A. Danial and contributors. cloc. http://cloc. sourceforge.net/, 2006. Accessed: 2016-03-20.Google ScholarGoogle Scholar
  27. J. B. Dennis and E. C. V. Horn. Programming semantics for multiprogrammed computations. Commun. ACM, 9(3):143– 155, 1966. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. W. Dietl and P. Müller. Universes: Lightweight ownership for JML. Journal of Object Technology, 4(8):5–32, 2005.Google ScholarGoogle ScholarCross RefCross Ref
  29. W. Dietl, S. Dietzel, M. D. Ernst, K. Muslu, and T. W. Schiller. Building and using pluggable type-checkers. In ICSE, pages 681–690, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. B. Emir, M. Odersky, and J. Williams. Matching objects with patterns. In ECOOP, pages 273–298, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. J. Epstein, A. P. Black, and S. L. P. Jones. Towards Haskell in the cloud. In Haskell, pages 118–129, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Ericsson AB. Erlang/OTP. https://github.com/erlang/ otp, 2010. Accessed: 2016-07-10.Google ScholarGoogle Scholar
  33. M. Fähndrich and R. DeLine. Adoption and focus: Practical linear types for imperative programming. In PLDI, pages 13– 24, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. C. Flanagan, A. Sabry, B. F. Duba, and M. Felleisen. The essence of compiling with continuations. In PLDI, pages 237– 247, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. C. S. Gordon, M. J. Parkinson, J. Parsons, A. Bromfield, and J. Duffy. Uniqueness and reference immutability for safe parallelism. In OOPSLA, pages 21–40, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. P. Haller. On the integration of the actor model in mainstream technologies: The Scala perspective. In [email protected], pages 1–6, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. P. Haller and A. Loiko. Object capabilities and lightweight affinity in Scala: Implementation, formalization, and soundness. CoRR, abs/1607.05609, 2016.Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. P. Haller and M. Odersky. Scala actors: Unifying thread-based and event-based programming. Theor. Comput. Sci, 410(2-3): 202–220, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. P. Haller and M. Odersky. Capabilities for uniqueness and borrowing. In ECOOP, pages 354–378, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. C. Hewitt. Viewing control structures as patterns of passing messages. Artif. Intell, 8(3):323–364, 1977.Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. J. Hogg. Islands: Aliasing protection in object-oriented languages. In OOPSLA, pages 271–285, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. A. Igarashi, B. C. Pierce, and P. Wadler. Featherweight Java: a minimal core calculus for Java and GJ. ACM Trans. Program. Lang. Syst, 23(3):396–450, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Lightbend, Inc. Akka. http://akka.io/, 2009. Accessed: 2016-03-20.Google ScholarGoogle Scholar
  44. A. Mettler, D. Wagner, and T. Close. Joe-E: A securityoriented subset of Java. In NDSS, 2010.Google ScholarGoogle Scholar
  45. H. Miller, P. Haller, and M. Odersky. Spores: A type-based foundation for closures in the age of concurrency and distribution. In ECOOP, pages 308–333, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. M. S. Miller. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. PhD thesis, Johns Hopkins University, May 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Caja: Safe active content in sanitized JavaScript. Google, Inc., Tech. Rep, 2008.Google ScholarGoogle Scholar
  48. N. H. Minsky. Towards alias-free pointers. In ECOOP, pages 189–209, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. P. Müller and A. Rudich. Ownership transfer in universe types. In OOPSLA, pages 461–478, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. J. Noble, J. Vitek, and J. Potter. Flexible alias protection. In ECOOP, pages 158–185, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. M. Odersky. Observers for linear types. In ESOP, pages 390– 407, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. M. Odersky and A. Moors. Fighting bit rot with types. In FSTTCS, pages 427–451, 2009.Google ScholarGoogle Scholar
  53. M. Odersky, C. Zenger, and M. Zenger. Colored local type inference. In POPL, pages 41–53, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. M. Odersky, P. Altherr, V. Cremet, G. Dubochet, B. Emir, P. Haller, S. Micheloud, N. Mihaylov, A. Moors, L. Rytz, M. Schinz, E. Stenman, and M. Zenger. The Scala language specification version 2.11. http://www.scala-lang.org/ files/archive/spec/2.11/, Apr. 2014.Google ScholarGoogle Scholar
  55. J. Östlund and T. Wrigstad. Welterweight Java. In TOOLS, pages 97–116, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. J. G. Politz, S. A. Eliopoulos, A. Guha, and S. Krishnamurthi. ADsafety: Type-based verification of JavaScript sandboxing. CoRR, abs/1506.07813, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. F. Pottier and J. Protzenko. Programming with permissions in Mezzo. In ICFP, pages 173–184, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. L. Rytz. A Practical Effect System for Scala. PhD thesis, EPFL, Lausanne, Switzerland, Sept. 2013.Google ScholarGoogle Scholar
  59. J. H. Spring, J. Privat, R. Guerraoui, and J. Vitek. Streamflex: high-throughput stream programming in Java. In OOPSLA, pages 211–228, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  60. S. Srinivasan and A. Mycroft. Kilim: Isolation-typed actors for Java. In ECOOP, pages 104–128, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. P. Stutz, A. Bernstein, and W. W. Cohen. Signal/Collect: Graph algorithms for the (semantic) web. In ISWC, pages 764–780, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  62. M. Tofte and J.-P. Talpin. Implementation of the typed callby-value lambda-calculus using a stack of regions. In POPL, pages 188–201, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. M. Tofte and J.-P. Talpin. Region-based memory management. Inf. Comput, 132(2):109–176, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  64. P. Wadler. Linear types can change the world! In Programming Concepts and Methods, pages 561–581. North Holland, 1990.Google ScholarGoogle Scholar
  65. E. M. Westbrook, J. Zhao, Z. Budimlic, and V. Sarkar. Practical permissions for race-free parallelism. In ECOOP, pages 614–639, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  66. T. Wrigstad, F. Pizlo, F. Meawad, L. Zhao, and J. Vitek. Loci: Simple thread-locality for Java. In ECOOP, pages 445–469, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  67. Z. Y. Concurrency Analysis Based On Fractional Permission System. PhD thesis, University of Wisconsin–Milwaukee, 2007.Google ScholarGoogle Scholar

Index Terms

  1. LaCasa: lightweight affinity and object capabilities in Scala

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 51, Issue 10
        OOPSLA '16
        October 2016
        915 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/3022671
        Issue’s Table of Contents
        • cover image ACM Conferences
          OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications
          October 2016
          915 pages
          ISBN:9781450344449
          DOI:10.1145/2983990

        Copyright © 2016 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 19 October 2016

        Check for updates

        Qualifiers

        • research-article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!