Ownership types for safe region-based memory management in real-time Java

The Real Time Specification for Java (RTSJ) allows a program to create real-time threads with hard real-time constraints. Real-time threads use region-based memory management to avoid unbounded pauses caused by interference from the garbage collector. The RTSJ uses runtime checks to ensure that deleting a region does not create dangling references and that real-time threads do not access references to objects allocated in the garbage-collected heap. This paper presents a static type system that guarantees that these runtime checks will never fail for well-typed programs. Our type system therefore 1) provides an important safety guarantee for real-time programs and 2) makes it possible to eliminate the runtime checks and their associated overhead.Our system also makes several contributions over previous work on region types. For object-oriented programs, it combines the benefits of region types and ownership types in a unified type system framework. For multithreaded programs, it allows long-lived threads to share objects without using the heap and without memory leaks. For real-time programs, it ensures that real-time threads do not interfere with the garbage collector. Our experience indicates that our type system is sufficiently expressive and requires little programming overhead, and that eliminating the RTSJ runtime checks using a static type system can significantly decrease the execution time of real-time programs.

[1]  Andrew C. Myers,et al.  Subtypes vs. where clauses: constraining parametric polymorphism , 1995, OOPSLA.

[2]  Liuba Shrira,et al.  Lazy modular upgrades in persistent object stores , 2003, OOPSLA.

[3]  Douglas C. Schmidt,et al.  Evaluating real-time Java features and performance for real-time embedded systems , 2002, Proceedings. Eighth IEEE Real-Time and Embedded Technology and Applications Symposium.

[4]  Martin C. Rinard,et al.  ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (OOPSLA), November 2002 Ownership Types for Safe Programming: Preventing Data Races and Deadlocks , 2022 .

[5]  K. Rustan M. Leino,et al.  Data abstraction and information hiding , 2002, TOPL.

[6]  Martin Rinard,et al.  A Type System for Safe Region-Based Memory Management in Real-Time Java , 2002 .

[7]  James Cheney,et al.  Region-based memory management in cyclone , 2002, PLDI '02.

[8]  Ron K. Cytron,et al.  Automated discovery of scoped memory regions for real-time Java , 2002, ISMM '02.

[9]  Liuba Shrira,et al.  Ownership types for object encapsulation , 2003, POPL '03.

[10]  Martin C. Rinard,et al.  A parameterized type system for race-free Java programs , 2001, OOPSLA '01.

[11]  Martin Rinard,et al.  Safejava: a unified type system for safe programming , 2004 .

[12]  Andrew C. Myers,et al.  Parameterized types for Java , 1997, POPL '97.

[13]  Liuba Shrira,et al.  Ownership Types and Safe Lazy Upgrades in Object-Oriented Databases , 2002 .

[14]  Ovidiu Gheorghioiu,et al.  Statistically determining memory consumption of real-time Java threads , 2002 .

[15]  Robert DeLine,et al.  Enforcing high-level protocols in low-level software , 2001, PLDI '01.

[16]  M. Teresa Higuera-Toledano,et al.  Region-based memory management for real-time Java , 2001, Fourth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing. ISORC 2001.

[17]  David Gay,et al.  Language support for regions , 2001, PLDI '01.

[18]  Alexandru D. Sălcianu Pointer analysis and its applications for Java programs , 2001 .

[19]  Henry G. Baker,et al.  List processing in real time on a serial computer , 1978, CACM.

[20]  Martin Odersky,et al.  Making the future safe for the past: adding genericity to the Java programming language , 1998, OOPSLA '98.

[21]  K. Rustan M. Leino,et al.  Using data groups to specify and check side effects , 2002, PLDI '02.

[22]  David Gay,et al.  Memory management with explicit regions , 1998, PLDI.

[23]  Martin C. Rinard,et al.  An Implementation of Scoped Memory for Real-Time Java , 2001, EMSOFT.

[24]  Martin C. Rinard,et al.  Pointer and escape analysis for multithreaded programs , 2001, PPoPP '01.

[25]  Alexander Aiken,et al.  Better static memory management: improving region-based analysis of higher-order languages , 1995, PLDI '95.

[26]  David K. Gifford,et al.  Polymorphic effect systems , 1988, POPL '88.

[27]  Dave Clarke,et al.  External Uniqueness Is Unique Enough , 2003, ECOOP.

[28]  V. T. Rajan,et al.  A real-time garbage collector with low overhead and consistent utilization , 2003, POPL '03.

[29]  Dan Grossman,et al.  Type-safe multithreading in cyclone , 2003, TLDI '03.

[30]  Ron K. Cytron,et al.  Translation of Java to Real-Time Java Using Aspects , 2001 .

[31]  Douglas C. Schmidt,et al.  The Design and Performance of the jRate Real-Time Java Implementation , 2002, OTM.

[32]  David Walker,et al.  Typed memory management in a calculus of capabilities , 1999, POPL '99.

[33]  James Noble,et al.  Ownership types for flexible alias protection , 1998, OOPSLA '98.

[34]  Sophia Drossopoulou,et al.  Ownership, encapsulation and the disjointness of type and effect , 2002, OOPSLA '02.

[35]  Matthias Felleisen,et al.  Classes and mixins , 1998, POPL '98.

[36]  Martin C. Rinard,et al.  Interprocedural compatibility analysis for static object preallocation , 2003, POPL.

[37]  Stephen N. Freund,et al.  Adding type parameterization to the Java language , 1997, OOPSLA '97.

[38]  Martin Rinard,et al.  Safe Runtime Downcasts With Ownership Types , 2002 .

[39]  Craig Chambers,et al.  Alias annotations for program understanding , 2002, OOPSLA '02.

[40]  Mads Tofte,et al.  Region-based Memory Management , 1997, Inf. Comput..

[41]  James Gosling,et al.  The Real-Time Specification for Java , 2000, Computer.

[42]  Mads Tofte,et al.  Implementation of the typed call-by-value λ-calculus using a stack of regions , 1994, POPL '94.

[43]  David Gerard Clarke,et al.  Object ownership and containment , 2003 .