Towards imperative modules: reasoning about invariants and sharing of mutable state

Imperative and object-oriented programs make ubiquitous use of shared mutable objects. Updating a shared object can and often does transgress a boundary that was supposed to be established using static constructs such as a class with private fields. This paper shows how auxiliary fields can be used to express two state-dependent encapsulation disciplines: ownership, a kind of separation, and local co-dependence, a kind of sharing. A methodology is given for specification and modular verification of encapsulated object invariants and shown sound for a class-based language.

[1]  David Gerard Clarke,et al.  Object ownership and containment , 2003 .

[2]  Frank S. de Boer,et al.  Controlling Object Allocation Using Creation Guards , 2005, FM.

[3]  Scott F. Smith,et al.  Static use-based object confinement , 2005, International Journal of Information Security.

[4]  Albert R. Meyer,et al.  Towards a fully abstract semantics for local variables: Preliminary report , 1988 .

[5]  Hongseok Yang,et al.  Semantics of Separation-Logic Typing and Higher-Order Frame Rules , 2005, LICS.

[6]  K. Rustan M. Leino,et al.  Verification of Object-Oriented Programs with Invariants , 2003, J. Object Technol..

[7]  Frank Piessens,et al.  Safe concurrency for aggregate objects with invariants , 2005, Third IEEE International Conference on Software Engineering and Formal Methods (SEFM'05).

[8]  Robert DeLine,et al.  Enforcing high-level protocols in low-level software , 2001, PLDI '01.

[9]  K. Rustan M. Leino,et al.  Object Invariants in Dynamic Contexts , 2004, ECOOP.

[10]  Martin C. Rinard,et al.  ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (OOPSLA), November 2002 Ownership Types for Safe Programming: Preventing Data Races and Deadlocks , 2022 .

[11]  K. Rustan M. Leino,et al.  Data abstraction and information hiding , 2002, TOPL.

[12]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[13]  Frank S. de Boer,et al.  A proof outline logic for object-oriented programming , 2005, Theor. Comput. Sci..

[14]  Michael Barnett,et al.  Friends Need a Bit More: Maintaining Invariants Over Shared State , 2004, MPC.

[15]  Gavin M. Bierman,et al.  Separation logic and abstraction , 2005, POPL '05.

[16]  Andrew W. Appel,et al.  Foundational proof-carrying code , 2001, Proceedings 16th Annual IEEE Symposium on Logic in Computer Science.

[17]  K. Rustan M. Leino,et al.  The Spec# Programming System: An Overview , 2004, CASSIS.

[18]  Liuba Shrira,et al.  Ownership types for object encapsulation , 2003, POPL '03.

[19]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[20]  James Noble,et al.  Simple Ownership Types for Object Containment , 2001, ECOOP.

[21]  K. Rustan M. Leino,et al.  Modular Verification of Static Class Invariants , 2005, FM.

[22]  Anindya Banerjee,et al.  State Based Ownership, Reentrance, and Encapsulation , 2005, ECOOP.

[23]  Gary T. Leavens,et al.  Modular invariants for layered object structures , 2006, Sci. Comput. Program..

[24]  Matthew J. Parkinson,et al.  Local reasoning for Java , 2005 .

[25]  Gary T. Leavens,et al.  How the design of JML accommodates both runtime assertion checking and formal verification , 2003, Sci. Comput. Program..

[26]  David A. Naumann,et al.  On assertion-based encapsulation for object invariants and simulations , 2004, Formal Aspects of Computing.

[27]  Karl Crary,et al.  From system F to typed assembly language , 1999 .

[28]  Craig Chambers,et al.  Ownership Domains: Separating Aliasing Policy from Mechanism , 2004, ECOOP.

[29]  Peter W. O'Hearn,et al.  Separation and information hiding , 2004, POPL.

[30]  Frank S. de Boer,et al.  A WP-calculus for OO , 1999, FoSSaCS.

[31]  Bertrand Meyer,et al.  Object-Oriented Software Construction, 2nd Edition , 1997 .

[32]  John C. Mitchell,et al.  Abstract types have existential type , 1988, TOPL.

[33]  Bernhard Reus,et al.  Modular Semantics and Logics of Classes , 2003, CSL.

[34]  Bart Jacobs,et al.  Java Program Verification Challenges , 2002, FMCO.

[35]  Anindya Banerjee,et al.  Ownership confinement ensures representation independence for object-oriented programs , 2002, JACM.

[36]  Peter W. O'Hearn,et al.  Algol-like Languages , 1997, Progress in Theoretical Computer Science.

[37]  David A. Naumann,et al.  Soundness of data refinement for a higher-order imperative language , 2002, Theor. Comput. Sci..