skip to main content

ιDOT: a DOT calculus with object initialization

Published:13 November 2020Publication History
Skip Abstract Section

Abstract

The Dependent Object Types (DOT) calculus serves as a foundation of the Scala programming language, with a machine-verified soundness proof. However, Scala's type system has been shown to be unsound due to null references, which are used as default values of fields of objects before they have been initialized. This paper proposes ιDOT, an extension of DOT for ensuring safe initialization of objects. DOT was previously extended to κDOT with the addition of mutable fields and constructors. To κDOT, ιDOT adds an initialization effect system that statically prevents the possibility of reading a null reference from an uninitialized object. To design ιDOT, we have reformulated the Freedom Before Commitment object initialization scheme in terms of disjoint subheaps to make it easier to formalize in an effect system and prove sound. Soundness of ιDOT depends on the interplay of three systems of rules: a type system close to that of DOT, an effect system to ensure definite assignment of fields in each constructor, and an initialization system that tracks the initialization status of objects in a stack of subheaps. We have proven the overall system sound and verified the soundness proof using the Coq proof assistant.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This is the video of the presentation of our OOPSLA'20 paper on ιDOT: A DOT Calculus with Object Initialization. The Dependent Object Types (DOT) calculus serves as a foundation of the Scala programming language. However, Scala's type system has been shown to be unsound due to null references, which are used as default values of fields of objects before they have been initialized. Previous DOT calculi have sidestepped having null references by pre-populating fields. Our paper proposes ιDOT, an extension of DOT with safe initialization of objects. ιDOT adds an initialization effect system that statically prevents the possibility of reading a null reference from an uninitialized object. Soundness of ιDOT depends on the interplay of three systems: a type system close to that of DOT, an effect system to ensure definite assignment of fields in each constructor, and an initialization system that tracks the initialization status of objects.

References

  1. Nada Amin, Samuel Grütter, Martin Odersky, Tiark Rompf, and Sandro Stucki. 2016. The Essence of Dependent Object Types. In A List of Successes That Can Change the World-Essays Dedicated to Philip Wadler on the Occasion of His 60th Birthday (Lecture Notes in Computer Science, Vol. 9600 ), Sam Lindley, Conor McBride, Philip W. Trinder, and Donald Sannella (Eds.). Springer, Cham, 249-272. https://doi.org/10.1007/978-3-319-30936-1_14 Google ScholarGoogle ScholarCross RefCross Ref
  2. Nada Amin, Tiark Rompf, and Martin Odersky. 2014. Foundations of Path-Dependent Types. In Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications, OOPSLA 2014, part of SPLASH 2014, Portland, OR, USA, October 20-24, 2014, Andrew P. Black and Todd D. Millstein (Eds.). ACM, New York, NY, USA, 233-249. https://doi.org/10.1145/2660193.2660216 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Nada Amin and Ross Tate. 2016. Java and Scala's Type Systems Are Unsound: The Existential Crisis of Null Pointers. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (Amsterdam, Netherlands) ( OOPSLA 2016). ACM, New York, NY, USA, 838-848. https://doi.org/10.1145/ 2983990.2984004 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Manuel Fähndrich and Songtao Xia. 2007. Establishing Object Invariants with Delayed Types. In Proceedings of the 22nd Annual ACM SIGPLAN Conference on Object-oriented Programming Systems and Applications (Montreal, Quebec, Canada) ( OOPSLA '07). ACM, New York, NY, USA, 337-350. https://doi.org/10.1145/1297027.1297052 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Matthias Felleisen and Daniel P. Friedman. 1987. A Calculus for Assignments in Higher-Order Languages. In Conference Record of the Fourteenth Annual ACM Symposium on Principles of Programming Languages, Munich, Germany, January 21-23, 1987. ACM Press, New York, NY, USA, 314-325. https://doi.org/10.1145/41625.41654 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Christian Haack and Erik Poll. 2009. Type-Based Object Immutability with Flexible Initialization. In ECOOP 2009-ObjectOriented Programming, 23rd European Conference, Genoa, Italy, July 6-10, 2009. Proceedings (Lecture Notes in Computer Science, Vol. 5653 ), Sophia Drossopoulou (Ed.). Springer, Berlin, Heidelberg, 520-545. https://doi.org/10.1007/978-3-642-03013-0_24 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Ifaz Kabir and Ondřej Lhoták. 2018. DOT: Scaling DOT with Mutation and Constructors. In Proceedings of the 9th ACM SIGPLAN International Symposium on Scala (St. Louis, MO, USA) ( Scala 2018 ). ACM, New York, NY, USA, 40-50. https://doi.org/10.1145/3241653.3241659 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Ifaz Kabir, Yufeng Li, and Ondřej Lhoták. 2020. DOT: A DOT Calculus with Object Initialization. Technical Report CS-2020-06. University of Waterloo. https://cs.uwaterloo.ca/sites/ca.computer-science/files/uploads/files/cs-2020-06.pdfGoogle ScholarGoogle Scholar
  9. Martin Odersky, Philippe Altherr, Vincent Cremet, Iulian Dragos, Gilles Dubochet, Burak Emir, Sean McDirmid, Stéphane Micheloud, Nikolay Mihaylov, Michel Schinz, Lex Spoon, Erik Stenman, and Matthias Zenger. 2006. An Overview of the Scala Programming Language (2. Edition). ( 2006 ). http://infoscience.epfl.ch/record/ 85634Google ScholarGoogle Scholar
  10. Xin Qi and Andrew C. Myers. 2009. Masked Types for Sound Object Initialization. In Proceedings of the 36th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Savannah, GA, USA) ( POPL '09). ACM, New York, NY, USA, 53-65. https://doi.org/10.1145/1480881.1480890 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Marianna Rapoport, Ifaz Kabir, Paul He, and Ondřej Lhoták. 2017. A Simple Soundness Proof for Dependent Object Types. Proc. ACM Program. Lang. 1, OOPSLA, Article 46 (Oct. 2017 ), 27 pages. https://doi.org/10.1145/3133870 Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Marianna Rapoport and Ondřej Lhoták. 2019. A Path to DOT: Formalizing Fully Path-dependent Types. Proc. ACM Program. Lang. 3, OOPSLA, Article 145 (Oct. 2019 ), 29 pages. https://doi.org/10.1145/3360571 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Tiark Rompf and Nada Amin. 2016. Type Soundness for Dependent Object Types (DOT). In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, part of SPLASH 2016, Amsterdam, The Netherlands, October 30-November 4, 2016, Eelco Visser and Yannis Smaragdakis (Eds.). ACM, New York, NY, USA, 624-641. https://doi.org/10.1145/2983990.2984008 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Marco Servetto, Julian Mackay, Alex Potanin, and James Noble. 2013. The Billion-Dollar Fix-Safe Modular Circular Initialisation with Placeholders and Placeholder Types. In ECOOP 2013-Object-Oriented Programming-27th European Conference, Montpellier, France, July 1-5, 2013. Proceedings (Lecture Notes in Computer Science, Vol. 7920 ), Giuseppe Castagna (Ed.). Springer, Berlin, Heidelberg, 205-229. https://doi.org/10.1007/978-3-642-39038-8_9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Peter Sestoft. 1997. Deriving a Lazy Abstract Machine. Journal of Functional Programming 7, 3 (May 1997 ), 231-264. https://doi.org/10.1017/S0956796897002712 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Alexander J. Summers and Peter Mueller. 2011a. Freedom Before Commitment : Simple Flexible Initialisation for Non-Null Types. Technical Report 716. ETH Zurich.Google ScholarGoogle Scholar
  17. Alexander J. Summers and Peter Mueller. 2011b. Freedom Before Commitment: A Lightweight Type System for Object Initialisation. In Proceedings of the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications (Portland, Oregon, USA) ( OOPSLA '11). ACM, New York, NY, USA, 1013-1032. https://doi.org/10.1145/ 2048066.2048142 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Andrew K. Wright and Matthias Felleisen. 1994. A Syntactic Approach to Type Soundness. Information and Computation 115, 1 ( 1994 ), 38-94. https://doi.org/10.1006/inco. 1994.1093 Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. ιDOT: a DOT calculus with object initialization

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!