Rumer a Programming Language and Modular Verification Technique Based on Relationships

Total Page:16

File Type:pdf, Size:1020Kb

Rumer a Programming Language and Modular Verification Technique Based on Relationships Research Collection Doctoral Thesis Rumer A programming language and modular verification technique based on relationships Author(s): Balzer, Stephanie Publication Date: 2011 Permanent Link: https://doi.org/10.3929/ethz-a-007086593 Rights / License: In Copyright - Non-Commercial Use Permitted This page was generated automatically upon download from the ETH Zurich Research Collection. For more information please consult the Terms of use. ETH Library Diss. ETH No. 19851 RUMER: A PROGRAMMING LANGUAGE AND MODULAR VERIFICATION TECHNIQUE BASED ON RELATIONSHIPS A dissertation submitted to ETH Zurich for the degree of Doctor of Sciences presented by Stephanie Balzer accepted on the recommendation of Prof. Dr. Thomas R. Gross, examiner Prof. Dr. Sophia Drossopoulou, co-examiner Prof. Dr. Peter Müller, co-examiner Dr. Alexander J. Summers, co-examiner 2011 Abstract The idea of asserting a program’s correctness by a mathematical proof rather than ex- haustive testing has persisted in software system development. The notion of an invariant to capture the constant properties of data plays a central role in such program verifica- tion attempts. Invariants have also infiltrated object-oriented programming languages and have become a foundation for verifying object-oriented programs. Current invariant-based, object-oriented verification techniques provide modular verifica- tion of single-object invariants. However, as soon as an invariant relates several objects, modular reasoning about the invariant is not possible without imposing certain restric- tions on the program. Current solutions to the verification of such multi-objects invari- ants either restrict aliasing in a program or expand the visibility of an invariant beyond the boundary of the declaring class. This thesis represents a two-part approach to program verification based on invariants. We develop a programming language, Rumer, that provides higher-level abstractions to capture not only objects but also the relationships between them. In addition, we elaborate a visible-state verification technique for Rumer that facilitates the modular verification of Rumer programs. The Rumer programming language employs the abstraction of a relationship as a key architectural element in building a software system. Rather than employing references in objects to represent the relationships between objects, those relationships are repre- sented explicitly by a relationship instance. This indirection gives rise to a stratified programming model. Based on this model, we formulate the Matryoshka Principle, a modularization discipline that provides strong encapsulation for Rumer types. The verification technique is based on the Matryoshka Principle and leverages the par- ticular features of the Rumer programming and specification language. The Matryoshka Principle provides modular reasoning about state changes and permits the adoption of a visible-state semantics for invariants. The Rumer programming and specification lan- guage encompasses techniques to encapsulate multi-object invariants in relationships and includes a rich assertion language that is based on discrete mathematics. i Zusammenfassung Die Idee, die Korrektheit eines Programms durch einen mathematischen Beweis anstatt durch ausgiebiges Testen sicherzustellen, hat seit jeher eine zenrale Bedeutung in der Ent- wicklung von Softwaresystemen eingenommen. Verifikationsansätze basieren traditions- gemäss auf Invarianten, die jene Eigenschaften von Daten spezifizieren, die zur Laufzeit des Programms konstant sind. Invarianten finden mittlerweile auch in objektorientierten Programmiersprachen Anwendung und haben sich zu einer wichtigen Grundlage für die Verifikation objektorientierter Programme entwickelt. Gängige invariantenbasierte, objektorientierte Verifikationstechniken erlauben die modu- lare Verifikation von Invarianten, die sich auf ein einzelnes Objekt beziehen. Setzt eine Invariante jedoch mehrere Objekte zueinander in Beziehung, ist modulares Schliessen nur mittels Einschränkungen des Programms möglich. Gängige Lösungsansätze für die Verifikation solcher Multi-Objekt-Invarianten unterbinden entweder das Aliasing (d.h. die Existenz unterschiedlicher Referenzen auf denselben Speicherplatz) oder weiten die Sichtbarkeit einer Invariante über die Grenzen der deklarierenden Klasse hinaus aus. Die vorliegende Dissertation präsentiert einen zweistufigen Ansatz für die Verifikation in- variantenbasierter Programme. Wir beschreiben die Programmiersprache Rumer, welche Abstraktionen für die Repräsentation von Objekten und deren Beziehungen zueinander zur Verfügung stellt. Des Weiteren erarbeiten wir eine Verifikationstechnik für Rumer. Diese basiert auf sichtbaren Zuständen und ermöglicht die modulare Verifikation von Rumer Programmen. Die Programmiersprache Rumer verwendet die Abstraktion einer Beziehung als grund- legendes Sprachkonstrukt zur Bildung eines Softwaresystems. Dabei werden die Bezie- hungen zwischen Objekten durch explizite Beziehungsinstanzen repräsentiert und nicht durch Referenzen in den beteiligten Objekten. Die Verwendung expliziter Beziehungsin- stanzen zusätzlich zu den beteiligten Objekten führt zu einem mehrschichtigen Program- miermodell. Ausgehend von diesem Programmiermodell formulieren wir das Matrjoschka- Prinzip — ein Modularisierungsansatz, der starke Kapselungseigenschaften für Rumer Datentypen gewährleistet. Die Verifikationstechnik basiert auf dem Matrjoschka-Prinzip und nutzt die spezifischen Eigenschaften der Programmiersprache Rumer und deren Spezifikationssprache aus. Das Matrjoschka-Prinzip ermöglicht das modulare Schliessen über Zustandswechsel und ga- rantiert, dass Invarianten in sichtbaren Programmzuständen gelten. Die Programmierspra- iii che Rumer und deren Spezifikationssprache bieten Techniken zur Kapselung von Multi- Objekt-Invarianten in Beziehungen und unterstützen eine reiche, auf diskreter Mathema- tik beruhende Aussagensprache. iv Acknowledgments I am grateful to the following persons who have accompanied my journey to a PhD: My advisor Thomas Gross. His patience, allowing me to explore and substantiate my research ideas, and his scientific curiosity towards new, maybe even unconventional, re- search ideas are unparalleled. But above all, he has guided me to become, I believe, an independent researcher. My co-examiners Sophia Drossopoulou, Peter Müller, and Alex Summers. I am grate- ful for their valuable feedback, allowing me to improve this thesis importantly. Sophia’s thought-provoking questions on the occasion of my visit have decisively influenced the last revision of the Rumer language. The discussions with Alex on visible-state verifica- tion techniques have deepened my understanding thereof, and I am very appreciative of Alex’s meticulous reading of this thesis, allowing me to greatly polish it. The researchers I was fortunate to get to know at ETH. I am grateful to: Jean-Raymond Abrial for introducing me to formal methods and for his support of my PhD work; Laurent Voisin for his assistance in formal methods and for sharing his enormous knowledge; Patrick Eugster for his belief in first-class relationships and for pushing me to “go for my ideas”. Also, I would like to thank Bertrand Meyer for providing me a start at ETH. My colleagues at ETH. In particular, I want to thank Susanne Cech Previtali for sharing my passion in the search for the right abstraction, her advice, and sisterhood. Also, I want to thank my colleagues of the LST research group Christoph Angerer, Mihai Cuibus, Nicu Fruja, Zoltán Majó, Nicholas Matsakis, Valery Naumov, Albert Noll, Mathias Payer, Michael Pradel, Florian Schneider, Yang Su, Luca Della Toffola, Oliver Trachsel, Cristian Tuduce, and Faheem Ullah for stimulating discussions, both on and off research topics. Furthermore, I want to thank Karine Arnout, Arnaud Bailly, Ilinca Ciupa, Werner Dietl, Lisa Ling Liu, Piotr Nienaltowski, Joseph Ruskiewicz, Silvia Santini, Bernd Schoeller, Sebastien Vaucouleur, and Christoph Wintersteiger for their support and friendship. The students whose projects I was privileged to supervise: Christoph Bäni, Alexandra Burns, Reto Conconi, Roland Schilter, Ágnes Sebestyén-Pál, Shinji Takasaka, Michelle Volery, and Andrea Zimmermann. My parents and my sister Charlotte. I am grateful for their love and encouragement. My partner Adnan. Without his love and unconditional support this work would not have been possible. v Contents 1 Introduction 1 1.1 Thesis ............................................... 3 1.2 Content and contribution ................................. 3 2 Relationships 7 2.1 OO relationships ....................................... 7 2.1.1 Running example .................................. 8 2.1.2 Relationship features ............................... 9 2.1.3 Programming idioms ............................... 9 2.2 Empirical study ........................................ 15 2.2.1 Analysis corpus ................................... 15 2.2.2 Metrics ......................................... 15 2.2.3 Results ......................................... 21 2.2.4 Analysis ......................................... 25 2.3 First-class relationships ................................... 29 2.3.1 Deficiencies of OO relationships ....................... 30 2.3.2 Toward first-class relationships ........................ 32 2.4 Related work .......................................... 34 3 Rumer: a relationship-based programming language 39 3.1 Rationale ............................................. 39 3.2 Language concepts .....................................
Recommended publications
  • X10 Language Specification
    X10 Language Specification Version 2.6.2 Vijay Saraswat, Bard Bloom, Igor Peshansky, Olivier Tardieu, and David Grove Please send comments to [email protected] January 4, 2019 This report provides a description of the programming language X10. X10 is a class- based object-oriented programming language designed for high-performance, high- productivity computing on high-end computers supporting ≈ 105 hardware threads and ≈ 1015 operations per second. X10 is based on state-of-the-art object-oriented programming languages and deviates from them only as necessary to support its design goals. The language is intended to have a simple and clear semantics and be readily accessible to mainstream OO pro- grammers. It is intended to support a wide variety of concurrent programming idioms. The X10 design team consists of David Grove, Ben Herta, Louis Mandel, Josh Milthorpe, Vijay Saraswat, Avraham Shinnar, Mikio Takeuchi, Olivier Tardieu. Past members include Shivali Agarwal, Bowen Alpern, David Bacon, Raj Barik, Ganesh Bikshandi, Bob Blainey, Bard Bloom, Philippe Charles, Perry Cheng, David Cun- ningham, Christopher Donawa, Julian Dolby, Kemal Ebcioglu,˘ Stephen Fink, Robert Fuhrer, Patrick Gallop, Christian Grothoff, Hiroshi Horii, Kiyokuni Kawachiya, Al- lan Kielstra, Sreedhar Kodali, Sriram Krishnamoorthy, Yan Li, Bruce Lucas, Yuki Makino, Nathaniel Nystrom, Igor Peshansky, Vivek Sarkar, Armando Solar-Lezama, S. Alexander Spoon, Toshio Suganuma, Sayantan Sur, Toyotaro Suzumura, Christoph von Praun, Leena Unnikrishnan, Pradeep Varma, Krishna Nandivada Venkata, Jan Vitek, Hai Chuan Wang, Tong Wen, Salikh Zakirov, and Yoav Zibin. For extended discussions and support we would like to thank: Gheorghe Almasi, Robert Blackmore, Rob O’Callahan, Calin Cascaval, Norman Cohen, Elmootaz El- nozahy, John Field, Kevin Gildea, Sara Salem Hamouda, Michihiro Horie, Arun Iyen- gar, Chulho Kim, Orren Krieger, Doug Lea, John McCalpin, Paul McKenney, Hiroki Murata, Andrew Myers, Filip Pizlo, Ram Rajamony, R.
    [Show full text]
  • Exploring Languages with Interpreters and Functional Programming Chapter 22
    Exploring Languages with Interpreters and Functional Programming Chapter 22 H. Conrad Cunningham 5 November 2018 Contents 22 Overloading and Type Classes 2 22.1 Chapter Introduction . .2 22.2 Polymorphism in Haskell . .2 22.3 Why Overloading? . .2 22.4 Defining an Equality Class and Its Instances . .4 22.5 Type Class Laws . .5 22.6 Another Example Class Visible ..................5 22.7 Class Extension (Inheritance) . .6 22.8 Multiple Constraints . .7 22.9 Built-In Haskell Classes . .8 22.10Comparison to Other Languages . .8 22.11What Next? . .9 22.12Exercises . 10 22.13Acknowledgements . 10 22.14References . 11 22.15Terms and Concepts . 11 Copyright (C) 2017, 2018, H. Conrad Cunningham Professor of Computer and Information Science University of Mississippi 211 Weir Hall P.O. Box 1848 University, MS 38677 (662) 915-5358 Browser Advisory: The HTML version of this textbook requires use of a browser that supports the display of MathML. A good choice as of November 2018 is a recent version of Firefox from Mozilla. 1 22 Overloading and Type Classes 22.1 Chapter Introduction Chapter 5 introduced the concept of overloading. Chapters 13 and 21 introduced the related concepts of type classes and instances. The goal of this chapter and the next chapter is to explore these concepts in more detail. The concept of type class was introduced into Haskell to handle the problem of comparisons, but it has had a broader and more profound impact upon the development of the language than its original purpose. This Haskell feature has also had a significant impact upon the design of subsequent languages (e.g.
    [Show full text]
  • On the Interaction of Object-Oriented Design Patterns and Programming
    On the Interaction of Object-Oriented Design Patterns and Programming Languages Gerald Baumgartner∗ Konstantin L¨aufer∗∗ Vincent F. Russo∗∗∗ ∗ Department of Computer and Information Science The Ohio State University 395 Dreese Lab., 2015 Neil Ave. Columbus, OH 43210–1277, USA [email protected] ∗∗ Department of Mathematical and Computer Sciences Loyola University Chicago 6525 N. Sheridan Rd. Chicago, IL 60626, USA [email protected] ∗∗∗ Lycos, Inc. 400–2 Totten Pond Rd. Waltham, MA 02154, USA [email protected] February 29, 1996 Abstract Design patterns are distilled from many real systems to catalog common programming practice. However, some object-oriented design patterns are distorted or overly complicated because of the lack of supporting programming language constructs or mechanisms. For this paper, we have analyzed several published design patterns looking for idiomatic ways of working around constraints of the implemen- tation language. From this analysis, we lay a groundwork of general-purpose language constructs and mechanisms that, if provided by a statically typed, object-oriented language, would better support the arXiv:1905.13674v1 [cs.PL] 31 May 2019 implementation of design patterns and, transitively, benefit the construction of many real systems. In particular, our catalog of language constructs includes subtyping separate from inheritance, lexically scoped closure objects independent of classes, and multimethod dispatch. The proposed constructs and mechanisms are not radically new, but rather are adopted from a variety of languages and programming language research and combined in a new, orthogonal manner. We argue that by describing design pat- terns in terms of the proposed constructs and mechanisms, pattern descriptions become simpler and, therefore, accessible to a larger number of language communities.
    [Show full text]
  • An Analysis of the Dynamic Behavior of Javascript Programs
    An Analysis of the Dynamic Behavior of JavaScript Programs Gregor Richards Sylvain Lebresne Brian Burg Jan Vitek S3 Lab, Department of Computer Science, Purdue University, West Lafayette, IN fgkrichar,slebresn,bburg,[email protected] Abstract becoming a general purpose computing platform with office appli- The JavaScript programming language is widely used for web cations, browsers and development environments [15] being devel- programming and, increasingly, for general purpose computing. oped in JavaScript. It has been dubbed the “assembly language” of the Internet and is targeted by code generators from the likes As such, improving the correctness, security and performance of 2;3 JavaScript applications has been the driving force for research in of Java and Scheme [20]. In response to this success, JavaScript type systems, static analysis and compiler techniques for this lan- has started to garner academic attention and respect. Researchers guage. Many of these techniques aim to reign in some of the most have focused on three main problems: security, correctness and dynamic features of the language, yet little seems to be known performance. Security is arguably JavaScript’s most pressing prob- about how programmers actually utilize the language or these fea- lem: a number of attacks have been discovered that exploit the lan- tures. In this paper we perform an empirical study of the dynamic guage’s dynamism (mostly the ability to access and modify shared behavior of a corpus of widely-used JavaScript programs, and an- objects and to inject code via eval). Researchers have proposed ap- alyze how and why the dynamic features are used.
    [Show full text]
  • Thinking in C++ Volume 2 Annotated Solution Guide, Available for a Small Fee From
    1 z 516 Note: This document requires the installation of the fonts Georgia, Verdana and Andale Mono (code font) for proper viewing. These can be found at: http://sourceforge.net/project/showfiles.php?group_id=34153&release_id=105355 Revision 19—(August 23, 2003) Finished Chapter 11, which is now going through review and copyediting. Modified a number of examples throughout the book so that they will compile with Linux g++ (basically fixing case- sensitive naming issues). Revision 18—(August 2, 2003) Chapter 5 is complete. Chapter 11 is updated and is near completion. Updated the front matter and index entries. Home stretch now. Revision 17—(July 8, 2003) Chapters 5 and 11 are 90% done! Revision 16—(June 25, 2003) Chapter 5 text is almost complete, but enough is added to justify a separate posting. The example programs for Chapter 11 are also fairly complete. Added a matrix multiplication example to the valarray material in chapter 7. Chapter 7 has been tech-edited. Many corrections due to comments from users have been integrated into the text (thanks!). Revision 15—(March 1 ,2003) Fixed an omission in C10:CuriousSingleton.cpp. Chapters 9 and 10 have been tech-edited. Revision 14—(January ,2003) Fixed a number of fuzzy explanations in response to reader feedback (thanks!). Chapter 9 has been copy-edited. Revision 13—(December 31, 2002) Updated the exercises for Chapter 7. Finished rewriting Chapter 9. Added a template variation of Singleton to chapter 10. Updated the build directives. Fixed lots of stuff. Chapters 5 and 11 still await rewrite. Revision 12—(December 23, 2002) Added material on Design Patterns as Chapter 10 (Concurrency will move to Chapter 11).
    [Show full text]
  • Ferrite: a Judgmental Embedding of Session Types in Rust
    Ferrite: A Judgmental Embedding of Session Types in Rust RUOFEI CHEN, Independent Researcher, Germany STEPHANIE BALZER, Carnegie Mellon University, USA This paper introduces Ferrite, a shallow embedding of session types in Rust. In contrast to existing session type libraries and embeddings for mainstream languages, Ferrite not only supports linear session types but also shared session types. Shared session types allow sharing (aliasing) of channels while preserving session fidelity (preservation) using type modalities for acquiring and releasing sessions. Ferrite adopts a propositions as types approach and encodes typing derivations as Rust functions, with the proof of successful type-checking manifesting as a Rust program. We provide an evaluation of Ferrite using Servo as a practical example, and demonstrate how safe communication can be achieved in the canvas component using Ferrite. CCS Concepts: • Theory of computation ! Linear logic; Type theory; • Software and its engineering ! Domain specific languages; Concurrent programming languages. Additional Key Words and Phrases: Session Types, Rust, DSL ACM Reference Format: Ruofei Chen and Stephanie Balzer. 2021. Ferrite: A Judgmental Embedding of Session Types in Rust. In Proceedings of International Conference on Functional Programming (ICFP 2021). ACM, New York, NY, USA, 36 pages. 1 INTRODUCTION Message-passing concurrency is a dominant concurrency paradigm, adopted by mainstream lan- guages such as Erlang, Scala, Go, and Rust, putting the slogan “to share memory by communicating rather than communicating by sharing memory”[Gerrand 2010; Klabnik and Nichols 2018] into practice. In this setting, messages are exchanged over channels, which can be shared among several senders and recipients. Figure 1 provides a simplified example in Rust.
    [Show full text]
  • Asynchronous Liquid Separation Types
    Asynchronous Liquid Separation Types Johannes Kloos, Rupak Majumdar, and Viktor Vafeiadis Max Planck Institute for Software Systems, Germany { jkloos, rupak, viktor }@mpi-sws.org Abstract We present a refinement type system for reasoning about asynchronous programs manipulating shared mutable state. Our type system guarantees the absence of races and the preservation of user-specified invariants using a combination of two ideas: refinement types and concurrent separation logic. Our type system allows precise reasoning about programs using two ingredients. First, our types are indexed by sets of resource names and the type system tracks the effect of program execution on individual heap locations and task handles. In particular, it allows making strong updates to the types of heap locations. Second, our types track ownership of shared state across concurrently posted tasks and allow reasoning about ownership transfer between tasks using permissions. We demonstrate through several examples that these two ingredients, on top of the framework of liquid types, are powerful enough to reason about correct behavior of practical, complex, asynchronous systems manipulating shared heap resources. We have implemented type inference for our type system and have used it to prove complex invariants of asynchronous OCaml programs. We also show how the type system detects subtle concurrency bugs in a file system implementation. 1998 ACM Subject Classification F.3.1 Specifying and Verifying and Reasoning about Pro- grams, D.2.4 Software/Program Verification Keywords and phrases Liquid Types, Asynchronous Parallelism, Separation Logic, Type Sys- tems 1 Introduction Asynchronous programming is a common programming idiom used to handle concurrent interactions. It is commonly used not only in low-level systems code, such as operating systems kernels and device drivers, but also in internet services, in programming models for mobile applications, in GUI event loops, and in embedded systems.
    [Show full text]
  • Thinking in C++ 2Nd Edition Volume 2
    Thinking in C++ 2nd edition Volume 2: Standard Libraries & Advanced Topics To be informed of future releases of this document and other information about object- oriented books, documents, seminars and CDs, subscribe to my free newsletter. Just send any email to: [email protected] ________________________________________________________________________ “This book is a tremendous achievement. You owe it to yourself to have a copy on your shelf. The chapter on iostreams is the most comprehensive and understandable treatment of that subject I’ve seen to date.” Al Stevens Contributing Editor, Doctor Dobbs Journal “Eckel’s book is the only one to so clearly explain how to rethink program construction for object orientation. That the book is also an excellent tutorial on the ins and outs of C++ is an added bonus.” Andrew Binstock Editor, Unix Review “Bruce continues to amaze me with his insight into C++, and Thinking in C++ is his best collection of ideas yet. If you want clear answers to difficult questions about C++, buy this outstanding book.” Gary Entsminger Author, The Tao of Objects “Thinking in C++ patiently and methodically explores the issues of when and how to use inlines, references, operator overloading, inheritance and dynamic objects, as well as advanced topics such as the proper use of templates, exceptions and multiple inheritance. The entire effort is woven in a fabric that includes Eckel’s own philosophy of object and program design. A must for every C++ developer’s bookshelf, Thinking in C++ is the one C++ book you must have if you’re doing serious development with C++.” Richard Hale Shaw Contributing Editor, PC Magazine Thinking In C++ 2nd Edition, Volume 2 Bruce Eckel President, MindView Inc.
    [Show full text]
  • C for Java Programmers
    C for Java Programmers George Ferguson Summer 2016 (Updated Summer 2021) 2 Contents 1 Introduction7 2 Overview of Java and C9 2.1 What’s The Same?.........................9 2.2 What’s Different?.......................... 10 3 Development and Execution 11 3.1 Development and Execution in Java and C............. 11 3.2 Setting Up Your Development Environment............ 14 3.3 Writing Your First C Program................... 16 3.4 Compiling Your First C Program.................. 17 4 Basic Expressions and Statements 21 4.1 Comments.............................. 21 4.2 Primitive Types........................... 22 4.3 Producing Output.......................... 23 4.4 Operators and Expressions..................... 24 4.5 Variables and Assigment...................... 26 4.6 Arrays................................ 27 4.7 Strings................................ 29 3 4 CONTENTS 5 Control Flow 31 5.1 Conditional Statements....................... 31 5.2 Iteration Statements......................... 32 5.3 Other Control Flow Statements................... 33 6 Functions 35 6.1 Function Parameters and Arguments................ 36 6.2 Function Declarations........................ 37 7 Structured Types 39 8 Memory Management 43 8.1 Variables, Addresses, and Pointers................. 43 8.2 Passing Arguments by Reference.................. 46 8.3 Memory Allocation......................... 48 8.4 Dynamic Memory Allocation in Java................ 49 8.5 Dynamic Memory Allocation in C................. 50 8.6 Dynamic Arrays........................... 54 8.7 Dynamic Data Structures...................... 56 8.8 Function Pointers.......................... 64 9 Defining New Types 69 10 Sharing Code: Files and Libraries 73 10.1 The C Preprocessor......................... 73 10.2 Separate Compilation, Libraries, and Linking........... 75 10.3 Standard System Libraries..................... 76 CONTENTS 5 10.4 Project Development........................ 77 10.5 Building Larger C Programs.................... 79 11 Debugging a C Program 83 11.1 Debuggers.............................
    [Show full text]
  • Refining Expression Evaluation Order for Idiomatic C++ (Revision 2)
    P0145R1 2016-02-12 Reply-To: [email protected] Refining Expression Evaluation Order for Idiomatic C++ (Revision 2) Gabriel Dos Reis Herb Sutter Jonathan Caves Abstract This paper proposes an order of evaluation of operands in expressions, directly supporting decades-old established and recommended C++ idioms. The result is the removal of embarrassing traps for novices and experts alike, increased confidence and safety of popular programming practices and facilities, hallmarks of modern C++. 1. INTRODUCTION Order of expression evaluation is a recurring discussion topic in the C++ community. In a nutshell, given an expression such as f(a, b, c), the order in which the sub-expressions f, a, b, c (which are of arbitrary shapes) are evaluated is left unspecified by the standard. If any two of these sub-expressions happen to modify the same object without intervening sequence points, the behavior of the program is undefined. For instance, the expression f(i++, i) where i is an integer variable leads to undefined behavior, as does v[i] = i++. Even when the behavior is not undefined, the result of evaluating an expression can still be anybody’s guess. Consider the following program fragment: #include <map> int main() { std::map<int, int> m; m[0] = m.size(); // #1 } What should the map object m look like after evaluation of the statement marked #1? {{0, 0}} or {{0, 1}}? 1.1. CHANGES FROM PREVIOUS VERSIONS a. The original version of this proposal (Dos Reis, et al., 2014) received unanimous support from the Evolution Working Group (EWG) at the Fall 2014 meeting in Urbana, IL, as approved direction, and also strong support for inclusion in C++17.
    [Show full text]
  • Long X T 2021.Pdf (989.3Kb)
    Understanding Common Scratch Programming Idioms and Their Impact on Project Remixing Xingyu Long Thesis submitted to the Faculty of the Virginia Polytechnic Institute and State University in partial fulfillment of the requirements for the degree of Master of Science in Computer Science and Applications Eli Tilevich, Chair Osman Balci Dimitrios S. Nikolopoulos May 10, 2021 Blacksburg, Virginia Keywords: Programming idioms; Scratch; Block-based programming; Novice programmers; Project remixing; Copyright 2021, Xingyu Long Understanding Common Scratch Programming Idioms and Their Im- pact on Project Remixing Xingyu Long (ABSTRACT) As Scratch has become one of the most popular educational programming languages, under- standing its common programming idioms can benefit both computing educators and learn- ers. This understanding can fine-tune the curricular development to help learners master the fundamentals of writing idiomatic code in their programming pursuits. Unfortunately, the research community’s understanding of what constitutes idiomatic Scratch code has been limited. To help bridge this knowledge gap, we systematically identified idioms as based on canonical source code, presented in widely available educational materials. We implemented a tool that automatically detects these idioms to assess their prevalence within a large dataset of over 70K Scratch projects in different demographic and project categories. Since communal learning and the practice of remixing are one of the cornerstones of the Scratch programming community, we studied the relationship between common programming idioms and remixes. Having analyzed the original projects and their remixes, we observed that different idioms may associate with dissimilar types of code changes. Code changes in remixes are desirable, as they require a meaningful programming effort that spurs the learning process.
    [Show full text]
  • Types You Can Count on Like Types for Javascript
    Types you can count on Like types for JavaScript Abstract As the need for error reporting was felt in industry, develop- Scripting languages support exploratory development by eschew- ers adopted a “dynamic first” philosophy, which led to the design ing static type annotations but fall short when small scripts turn into of optional type systems for languages such as Smalltalk, PHP and large programs. Academic researchers have proposed type systems JavaScript [3, 4, 11, 16, 20]. Optional type systems have two rather that integrate dynamic and static types, providing robust error re- surprising properties: they do not affect the program’s execution ports when the contract at the boundary between the two worlds is and they are unsound. These are design choices motivated by the violated. Safety comes at the price of pervasive runtime checks. On need to be backwards compatible and to capture popular program- the other hand, practitioners working on massive code bases have ming idioms used in scripting languages. Rather than limiting ex- come up with type systems that are unsound and that are ignored pressiveness of the language to what can shown to be type safe, at runtime, but which have proven useful in practice. This paper this design instead limits the type system. For example, Hack [20], proposes a new design for the JavaScript language, combining dy- Facebook’s optionally typed PHP dialect, has an UNSAFE direc- namic types, concrete types and like types to let developers pick tive that turns off type checking for the remainder of a block. Un- the level of guarantee that is appropriate for their code.
    [Show full text]