ιDOT: a DOT calculus with object initialization

The Dependent Object Types (DOT) calculus serves as a foundation of the Scala programming language, with a machine-verified soundness proof. However, Scala's type system has been shown to be unsound due to null references, which are used as default values of fields of objects before they have been initialized. This paper proposes ιDOT, an extension of DOT for ensuring safe initialization of objects. DOT was previously extended to κDOT with the addition of mutable fields and constructors. To κDOT, ιDOT adds an initialization effect system that statically prevents the possibility of reading a null reference from an uninitialized object. To design ιDOT, we have reformulated the Freedom Before Commitment object initialization scheme in terms of disjoint subheaps to make it easier to formalize in an effect system and prove sound. Soundness of ιDOT depends on the interplay of three systems of rules: a type system close to that of DOT, an effect system to ensure definite assignment of fields in each constructor, and an initialization system that tracks the initialization status of objects in a stack of subheaps. We have proven the overall system sound and verified the soundness proof using the Coq proof assistant.

[1]  Ondrej Lhoták,et al.  A simple soundness proof for dependent object types , 2017, Proc. ACM Program. Lang..

[2]  Nada Amin,et al.  Type soundness for dependent object types (DOT) , 2016, OOPSLA.

[3]  Alexander. Summers,et al.  Freedom Before Commitment Simple Flexible Initialisation for Non-Null Types , 2011 .

[4]  Peter Sestoft,et al.  Deriving a lazy abstract machine , 1997, Journal of Functional Programming.

[5]  Martin Odersky,et al.  The Essence of Dependent Object Types , 2016, A List of Successes That Can Change the World.

[6]  Martin Odersky,et al.  An Overview of the Scala Programming Language (2. Edition) , 2006 .

[7]  Songtao Xia,et al.  Establishing object invariants with delayed types , 2007, OOPSLA.

[8]  Ondrej Lhoták,et al.  A path to DOT: formalizing fully path-dependent types , 2019, Proc. ACM Program. Lang..

[9]  Martin Odersky,et al.  An Overview of the Scala Programming Language , 2004 .

[10]  Matthias Felleisen,et al.  A Syntactic Approach to Type Soundness , 1994, Inf. Comput..

[11]  James Noble,et al.  The Billion-Dollar Fix - Safe Modular Circular Initialisation with Placeholders and Placeholder Types , 2013, ECOOP.

[12]  Ondrej Lhoták,et al.  κDOT: scaling DOT with mutation and constructors , 2018, SCALA@ICFP.

[13]  Erik Poll,et al.  Type-Based Object Immutability with Flexible Initialization , 2009, ECOOP.

[14]  Peter Müller,et al.  Freedom before commitment: a lightweight type system for object initialisation , 2011, OOPSLA '11.

[15]  Martin Odersky,et al.  Foundations of path-dependent types , 2014, OOPSLA.

[16]  Matthias Felleisen,et al.  A calculus for assignments in higher-order languages , 1987, POPL '87.

[17]  Xin Qi,et al.  Masked types for sound object initialization , 2009, POPL '09.

[18]  Ross Tate,et al.  Java and scala's type systems are unsound: the existential crisis of null pointers , 2016, OOPSLA.