DOCSLIB.ORG

7 Varieties of Object-Oriented Programming Languages 95 7.1 Multi-Methods Vs

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
7 Varieties of Object-Oriented Programming Languages 95 7.1 Multi-Methods Vs Y L F M A E T Team-Fly® Foundations of Object-Oriented Languages This page intentionally left blank Foundations of Object-Oriented Languages Types and Semantics Kim B. Bruce The MIT Press Cambridge, Massachusetts London, England © 2002 Massachusetts Institute of Technology All rights reserved. No part of this book may be reproduced in any form by any electronic or mechanical means (including photocopying, recording, or information storage and retrieval) without permission in writing from the publisher. Library of Congress Cataloging-in-Publication Information Bruce, Kim B. Foundations of object-oriented languages: types and semantics / Kim B. Bruce. p. cm. Includes bibliographical references and index. ISBN 0-262-02523-X (hc. : alk. paper) 1. Object-oriented programming (computer science). 2. Programming lan- guages (Electronic computers). I. Title. QA76.64 .B776 2002 005.1’17–dc21 2001054613 To my mother and the memory of my late father This page intentionally left blank Contents List of Figures xi Preface xv ITypeProblemsin Object-Oriented Languages 1 1 Introduction 3 1.1 Type systems in programming languages 4 1.2 Type checking and strongly typed languages 6 1.3 Focus on statically typed class-based languages 12 1.4 Foundations: A look ahead 13 2 Fundamental Concepts of Object-Oriented Languages 17 2.1 Objects, classes, and object types 17 2.2 Subclasses and inheritance 22 2.3 Subtypes 24 2.4 Covariant and contravariant changes in types 26 2.5 Overloading versus overriding methods 27 2.6 Summary 32 3 Type Problems in Object-Oriented Languages 33 3.1 Type checking object-oriented languages is difficult 33 3.2 Simple type systems are lacking in flexibility 35 3.3 Summary of typing problems 48 4 Adding Expressiveness to Object-Oriented Languages 49 viii Contents 4.1 GJ 49 4.2 Even more flexible typing with Eiffel 60 4.3 Summary 69 5 Understanding Subtypes 71 5.1 Subtyping for non-object types 72 5.2 Object types 83 5.3 Subtyping for class types 84 5.4 Summary 86 6 Type Restrictions on Subclasses 89 6.1 Allowable changes to method types 89 6.2 Instance variable types invariant in subclasses 91 6.3 Changing visibility 92 6.4 Summary 93 7 Varieties of Object-Oriented Programming Languages 95 7.1 Multi-methods vs. object-based vs. class-based languages 95 7.2 Well-known object-oriented languages 103 7.3 Summary 111 Historical Notes and References for Section I 113 II Foundations: The Lambda Calculus 117 8 Formal Language Descriptions and the Lambda Calculus 119 8.1 The simply-typed lambda calculus 120 8.2 Adding pairs, sums, records, and references 132 8.3 Summary 140 9 The Polymorphic Lambda Calculus 141 9.1 Parameterized types and polymorphism 141 9.2 Recursive expressions and types 147 9.3 Information hiding and existential types 151 9.4 Adding subtypes to the polymorphic lambda calculus 156 9.5 Summary 165 Historical Notes and References for Section II 167 Contents ix III Formal Descriptions of Object-Oriented Languages 171 10 ËÇÇÄ, a Simple Object-Oriented Language 173 10.1 Informal description and example 173 10.2 Syntax and type-checking rules 176 10.3 Summary 200 11 A Simple Translational Semantics of Objects and Classes 201 11.1 Representing objects at runtime 201 È ËÇÇÄ £ 11.2 Modeling types in 203 È ËÇÇÄ £ 11.3 Modeling expressions in 207 11.4 Modeling classes — first try 212 11.5 Problems with modeling subclasses 218 11.6 Summary 223 12 Improved Semantics for Classes 225 12.1 (Re-)Defining classes 225 12.2 A correct subclass encoding 232 12.3 Summary and a look ahead 233 13 ËÇÇÄ’s Type System Is Safe (and Sound) 239 È Ë ÇÇÄ £ 13.1 The translation of to is sound 239 13.2 The translation is well defined 255 13.3 Ë ÇÇÄ is type safe 258 13.4 Errors 260 13.5 Summary 262 14 Completing ËÇÇÄ: super, nil, Information Hiding, and Multiple Inheritance 263 14.1 Using methods from superclasses 263 14.2 Translating nil 266 14.3 A complication with self 271 14.4 Finer control over information hiding 272 14.5 Multiple inheritance 275 14.6 Summary 279 Historical Notes and References for Section III 283 x Contents IV Extending Simple Object-Oriented Languages 289 15 Adding Bounded Polymorphism to ËÇÇÄ 291 15.1 Introducing ÈËÇÇÄ 291 15.2 Translational semantics of ÈËÇÇÄ 296 15.3 Summary 297 16 Adding MyType to Object-Oriented Programming Languages 299 16.1 Typing self with MyType 300 Ë ÇÇÄ 16.2 ÅÇÇÄ: Adding MyType to 309 16.3 Translational semantics of ÅÇ Ç Ä 319 16.4 Soundness of translation for ÅÇ Ç Ä 322 16.5 Summary 330 17 Match-Bounded Polymorphism 331 17.1 Benefits of match-bounded polymorphism 331 17.2 Introducing È ÅÇÇÄ 333 17.3 Examples and comparison with F-bounded polymorphism 334 17.4 Translational semantics of È ÅÇÇÄ 335 17.5 Soundness of the translation of ÈÅÇÇÄ 342 17.6 Summary 347 18 Simplifying: Dropping Subtyping for Matching 349 18.1 Can we drop subtyping? 349 18.2 Introducing hash types 352 18.3 Type-checking rules 356 18.4 An informal semantics of hash types 360 18.5 Summary 361 Historical Notes and References for Section IV 363 Bibliography 367 Index 379 Y L F M A E T Team-Fly® List of Figures 2.1 ClrCellClass defined as a subclass of CellClass.23 2.2 Covariant and contravariant changes in types. 26 2.3 Classes with overridden and overloaded method equals.29 3.1 Typing deepClone methods in subclasses. 38 3.2 Node class. 42 3.3 Doubly linked node class — with errors. 43 3.4 Legal doubly linked node class — with cast. 45 3.5 Example showing why IndDoubleNodeType cannot be a subtype of NodeType.46 3.6 Circle and color circle classes. 47 4.1 Point interfaces in Java. 52 4.2 Point class in Java. 53 4.3 RATIONAL class in Eiffel, part 1. 62 4.4 RATIONAL class in Eiffel, part 2. 63 4.5 Eiffel classes LINKABLE and BILINKABLE, part 1. 65 4.6 Eiffel classes LINKABLE and BILINKABLE, part 2. 66 4.7 Eiffel version of COMPARING. 69 5.1 A record r: m: S; n: T; p: U , and another record r’: m: S’; n: T’; p: U’; q: V’ masquerading as an element of type m: S; n: T; p: U .74 5.2 A function f: S T, and another function f’: S’ T’ masquerading as having type S T.75 xii List of Figures 5.3 A variable x: Ref S, and another variable x’: Ref S’ masquerading as having type Ref S.78 5.4 Summary of subtyping rules. 88 6.1 Changing types of methods in subclasses. 90 7.1 Cell and StringCell classes in Beta. 105 7.2 The Subject-Observer pattern expressed with virtual types. 106 7.3 Specializing Subject-Observer to windows. 107 7.4 Lack of least upper bounds in Java interfaces. 109 8.1 Typing rules for expressions of the typed lambda calculus. 126 £ 8.2 Type-checking rules for ÖÖ , part 1. 136 £ 8.3 Type-checking rules for ÖÖ , part 2. 137 £ 8.4 Computation rules for ÖÖ . 139 9.1 Kind checking and equivalence rules. 144 È £ 9.2 New type-checking and congruence rules in ÖÖ . 146 È £ 9.3 Type-checking rules for existentials in ÖÖ . 155 9.4 Kind checking rules for bounded polymorphic and existential types. 157 È £ 9.5 Subtyping rules for : Part 1. 159 È £ 9.6 Subtyping rules for : Part 2. 160 È £ 9.7 Type-checking rules for , part 1: revised rules. 164 È £ 9.8 Type-checking rules for , part 2: revised rules. 165 È £ 9.9 Type-checking rules for , part 3: new rules. 166 10.1 Cell class. 174 10.2 CellClass in the fully expanded language. 175 10.3 PointExample program in language with abbreviations. 182 10.4 PointExample program in language without abbreviations. 183 10.5 Parameterized Point class in language with abbreviations. 184 10.6 Parameterized Point class in language without abbreviations. 185 10.7 Type checking rules for declarations. 188 10.8 Type-checking rules for expressions of ËÇÇÄ, part 1. 189 10.9 Type-checking rules for expressions of ËÇÇÄ, part 2. 192 10.10 Type-checking rules for statements of ËÇÇÄ. 194 10.11 Subtyping rules for ËÇÇÄ. 195 10.12 Class definition from PointExample. 197 List of Figures xiii È Ë ÇÇÄ £ 11.1 Translation of types of to types in . 203 11.2 Translation of selected expressions of ËÇÇÄ to expressions in È £ . 209 11.3 Translation of more expressions and statements of ËÇÇÄ to È £ expressions in .211 11.4 Translation of class and new expressions of ËÇÇÄ to È £ expressions in . 218 12.1 Revised type-checking rules for classes and subclasses. 227 12.2 Revised type-checking rules for messages and instance variables. 229 12.3 New translation of classes and class types. 230 12.4 New translation of new expressions. 231 12.5 New translation of subclasses. 233 È ËÇÇÄ £ 12.6 Final translation of types of to types in . 234 12.7 Translation of selected expressions of ËÇÇÄ to expressions in È £ . 235 È ËÇÇÄ £ 12.8 Final translation of expressions of to . Part 2. 236 È ËÇÇÄ £ 12.9 Translation of statements of to expressions in . 237 13.1 CellExample program. 256 14.1 Type-checking rules for subclasses with super. 264 È ËÇÇÄ £ 14.2 Translation of subclass with super from to .
Load more

Recommended publications
  • Proof-Carrying Authentication∗
    Proof-Carrying Authentication∗ Andrew W. Appel and Edward W. Felten Secure Internet Programming Laboratory Department of Computer Science Princeton University Princeton, NJ 08544 USA August 9, 1999 Abstract Statements in these frameworks are represented as data structures that are often digitally signed We have designed and implemented a general to ensure their integrity. and powerful distributed authentication frame- work based on higher-order logic. Authenti- Several authentication frameworks exist; we cation frameworks — including Taos, SPKI, mention a few here as examples. The Taos SDSI, and X.509 — have been explained using operating system provided support for secure logic. We show that by starting with the logic, remote procedure call and data structures to we can implement these frameworks, all in the represent authority and identity [6]. X.509 [15] same concise and efficient system. Because our is a widely-used standard for expressing and us- logic has no decision procedure — although ing digital certificates. SPKI [4] and SDSI [14] proof checking is simple — users of the frame- (since merged under the joint name SPKI) work must submit proofs with their requests. were reactions to the perceived complexity of X.509; in both cases the ‘S’ stands for ‘simple.’ 1 Introduction PolicyMaker [3] is a language for expressing se- curity policies; it can be applied to distributed Distributed authentication frameworks allow security policies. Kerberos [12], unlike the other sharing of access to resources across adminis- frameworks, uses symmetric-key encryption to trative boundaries in a distributed system. The authenticate users. Each framework has a main abstractions they support are name-to- differerent semantics and offers a different kind key bindings, access control, and delegation.
    [Show full text]
  • A Model of Inheritance for Declarative Visual Programming Languages
    An Abstract Of The Dissertation Of Rebecca Djang for the degree of Doctor of Philosophy in Computer Science presented on December 17, 1998. Title: Similarity Inheritance: A Model of Inheritance for Declarative Visual Programming Languages. Abstract approved: Margaret M. Burnett Declarative visual programming languages (VPLs), including spreadsheets, make up a large portion of both research and commercial VPLs. Spreadsheets in particular enjoy a wide audience, including end users. Unfortunately, spreadsheets and most other declarative VPLs still suffer from some of the problems that have been solved in other languages, such as ad-hoc (cut-and-paste) reuse of code which has been remedied in object-oriented languages, for example, through the code-reuse mechanism of inheritance. We believe spreadsheets and other declarative VPLs can benefit from the addition of an inheritance-like mechanism for fine-grained code reuse. This dissertation first examines the opportunities for supporting reuse inherent in declarative VPLs, and then introduces similarity inheritance and describes a prototype of this model in the research spreadsheet language Forms/3. Similarity inheritance is very flexible, allowing multiple granularities of code sharing and even mutual inheritance; it includes explicit representations of inherited code and all sharing relationships, and it subsumes the current spreadsheet mechanisms for formula propagation, providing a gradual migration from simple formula reuse to more sophisticated uses of inheritance among objects. Since the inheritance model separates inheritance from types, we investigate what notion of types is appropriate to support reuse of functions on different types (operation polymorphism). Because it is important to us that immediate feedback, which is characteristic of many VPLs, be preserved, including feedback with respect to type errors, we introduce a model of types suitable for static type inference in the presence of operation polymorphism with similarity inheritance.
    [Show full text]
  • Unifying Theories of Objects
    Unifying Theories of Objects Michael Anthony Smith1;2 and Jeremy Gibbons1 1 Oxford University, UK. 2 Systems Assurance Group, QinetiQ, UK. [email protected] [email protected] Abstract. We present an approach to modelling Abadi{Cardelli-style object calculi as Unifying Theories of Programming (UTP) designs. Here we provide a core object calculus with an operational small-step evalua- tion rule semantics, and a corresponding UTP model with a denotational relational predicate semantics. For clarity, the UTP model is defined in terms of an operand stack, which is used to store the results of sub- programs. Models of a less operational nature are briefly discussed. The consistency of the UTP model is demonstrated by a structural induction proof over the operations of the core object calculus. Overall, our UTP model is intended to provide facilities for encoding both object-based and class-based languages. 1 Introduction Hoare and He's Unifying Theories of Programming (UTP) [6] can be used to formally define how results produced in one formal model can be translated as assumptions to another formal model. Essentially, programs are considered to be predicates that relate the values of their observable input and output variables (their alphabet). For example, the increment program x := x + 1 is typically defined by the relational predicate x 0 = x + 1, where predicate variables x and x 0 denote the input and output values of the program variable x. In general, the alphabet of a program P is denoted by αP; it is the disjoint union of P's input and output sets (inαP and outαP respectively), which in the case of the example is the set fx; x 0g.
    [Show full text]
  • Admission Control for Independently-Authored Realtime Applications
    Admission Control for Independently-authored Realtime Applications by Robert Kroeger Athesis presented to the University of Waterloo in fulfilment of the thesis requirement for the degree of Doctor of Philosophy in Computer Science Waterloo, Ontario, Canada, 2004 c Robert Kroeger 2004 AUTHOR’S DECLARATION FOR ELECTRONIC SUBMISSION OF A THESIS I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii Abstract This thesis presents the LiquiMedia operating system architecture. LiquiMedia is specialized to schedule multimedia applications. Because they generate output for a human observer, multimedia applications such as video games, video conferencing and video players have both unique scheduling requirements and unique allowances: a multimedia stream must synchro- nize sub-streams generated for different sensory modalities within 20 milliseconds, it is not successfully segregated until it has existed for over 200 milliseconds and tolerates occasional scheduling failures. LiquiMedia is specialized around these requirements and allowances. First, LiquiMedia synchronizes multimedia tasks by invoking them from a shared realtime timer interrupt. Sec- ond, owing to multimedia’s tolerance of scheduling failures, LiquiMedia schedules tasks based on a probabilistic model of their running times. Third, LiquiMedia can infer per-task models while a user is segregating the streams that the tasks generate. These specializations provide novel capabilities: up to 2.5 times higher utilization than RMS scheduling, use of an atomic task primitive 9.5 times more efficient than preemptive threading, and most importantly, the ability to schedule arbitrary tasks to a known probability of realtime execution without a priori knowledge of their running times.
    [Show full text]
  • Types for Safe Locking: Static Race Detection for Java
    Types for Safe Locking: Static Race Detection for Java MARTIN ABADI Microsoft Research and University of California at Santa Cruz CORMAC FLANAGAN University of California at Santa Cruz and STEPHEN N. FREUND Williams College This article presents a static race-detection analysis for multithreaded shared-memory programs, focusing on the Java programming language. The analysis is based on a type system that captures many common synchronization patterns. It supports classes with internal synchronization, classes that require client-side synchronization, and thread-local classes. In order to demonstrate the effectiveness of the type system, we have implemented it in a checker and applied it to over 40,000 lines of hand-annotated Java code. We found a number of race conditions in the standard Java libraries and other test programs. The checker required fewer than 20 additional type annotations per 1,000 lines of code. This article also describes two improvements that facilitate checking much larger programs: an algorithm for annotation inference and a user interface that clarifies warnings generated by the checker. These extensions have enabled us to use the checker for identifying race conditions in large-scale software systems with up to 500,000 lines of code. Categories and Subject Descriptors: F.3.1 [Logics and Meanings of Programs]: Specifying and Verifying and Reasoning about Programs; D.2.4 [Software Engineering]: Software/Program Ver- ification—Reliability; D.3.2 [Programming Languages]: Language Classifications—Concurrent, distributed, and parallel languages; D.3.1 [Programming Languages]: Formal Definitions and Theory—Semantics, syntax Martin Abadi’s work was started at Compaq; it was also partly supported by the National Science Foundation under Grants CCR-0204162 and CCR-0341179, and by faculty research funds granted by the University of California, Santa Cruz.
    [Show full text]
  • Luca Cardelli • Curriculum Vitae • 2014
    Luca Cardelli • Curriculum Vitae • 2014 Short Bio Luca Cardelli was born near Montecatini Terme, Italy, studied at the University of Pisa (until 1978-07- 12), and has a Ph.D. in computer science from the University of Edinburgh(1982-04-01). He worked at Bell Labs, Murray Hill, from 1982-04-05 to 1985-09-20, and at Digital Equipment Corporation, Systems Research Center in Palo Alto, from 1985-09-30 to 1997-10-31, before assuming a position on 1997-11-03 at Microsoft Research, in Cambridge UK, where he was head of the Programming Principles and Tools andSecurity groups until 2012, and is currently a Principal Researcher. His main interests are in type theory and operational semantics (for applications to language design, semantics, and implementation), and in concurrency theory (for applications to computer networks and to modeling biological systems). He implemented the first compiler for ML (one of the most popular typed functional language, whose recent incarnations are Caml and F#) and one of the earliest direct-manipulation user-interface editors. He was a member of the Modula-3 design committee, and has designed a few experimental languages, including Obliq: a distributed higher- order scripting language (voted most influential POPL'95 paper 10 years later), and Polyphonic C#, a distributed extension of C#. His more protracted research activity has been in establishing the semantic and type-theoretic foundations of object-oriented languages, resulting in the 1996 book "A Theory of Objects" with Martin Abadi. More recently he has focused on modeling global and mobile computation, via the Ambient Calculus andSpatial Logics, which indirectly led to a current interest in Systems Biology , Molecular Programming, and Stochastic Systems.
    [Show full text]
  • The Machine Assisted Proof of Programming Language Properties
    THE MACHINEASSISTED PROOF OF PROGRAMMING LANGUAGE PROPERTIES MYRA VANINWEGEN A DISSERTATION in COMPUTER AND INFORMATION SCIENCE Presented to the Faculties of the UniversityofPennsylvania in Partial Fulllment of the Requirements for the Degree of Do ctor of Philosophy August Carl Gunter Sup ervisor of Dissertation Peter Buneman Graduate Group Chairp erson ABSTRACT The MachineAssisted Proof of Programming Language Properties Myra VanInwegen Advisor Carl Gunter The goals of the pro ject describ ed in this thesis are twofold First wewanted to demon strate that if a programming language has a semantics that is complete and rigorous mathematical but not to o complex then substantial theorems can b e proved ab out it Second wewanted to assess the utility of using an automated theorem prover to aid in such pro ofs Wechose SML as the language ab out which to prove theorems it has a published semantics that is complete and rigorous and while not exactly simple is comprehensible We enco ded the semantics of Core SML into the theorem prover HOL creating new deni tional packages for HOL in the pro cess Weproved imp ortant theorems ab out evaluation and ab out the typ e system We also proved the typ e preservation theorem which relates evaluation and typing for a go o d p ortion of the language Wewere not able to complete the pro of of typ e preservation b ecause it is not true we found counterexamples These pro ofs demonstrate that a go o d semantics will allow the pro of of programming language prop erties and allowtheidentication of trouble sp
    [Show full text]
  • Modula-3: CS 520 Final Report
    Modula-3 CS 520 Final Report Swaminathan Sankararaman and Bojan Durickovic May 14, 2008 1 Introduction Modula-3 is a successor of Modula-2 and Modula-2+, and influenced, among others, by Mesa, Cedar and Object Pascal. The main design goals were simplicity and safety, while preserving the power of a system-level language. The machine-level abilities combined with garbage collection make it well suited for system programming, while the explicit interfaces and safety features support development of large-scale projects. Modula-3 has features of both functional programming and BCPL-like languages. Its key fea- tures include objects, modules and interfaces, automatic garbage collection, strong typing, generics, safety, exception handling, and multithreading. Similarly to C/C++, the language itself was kept minimal, leaving common operations such as input and output functionality to the standard library. 2 History The story of Modula-3 begins in 1986, when Maurice Wilkes contacted Niklaus Wirth, suggesting a revision of Modula-2/Modula-2+. Wirth had already moved on to work on Oberon, but gave his consent to Wilkes for using the Modula name. The team gathered for designing the language inlcuded Luca Cardelli, Jim Donahue, Mick Jordan, Bill Kalsow and Greg Nelson, and the project was sponsored by Digital Equipment Corporation (DEC) and Olivetti. The language definition was completed in August 1988, and revised in January 1989. The contribution of the Modula-3 team goes beyond the language definition itself, as the process of developing the language through committee discussions and voting was thoroughly documented [1], and represents a unique reference of that kind.
    [Show full text]
  • Brand Objects for Nominal Typing
    Brand Objects for Nominal Typing Timothy Jones, Michael Homer, and James Noble Victoria University of Wellington New Zealand {tim,mwh,kjx}@ecs.vuw.ac.nz Abstract Combinations of structural and nominal object typing in systems such as Scala, Whiteoak, and Unity have focused on extending existing nominal, class-based systems with structural subtyping. The typical rules of nominal typing do not lend themselves to such an extension, resulting in major modifications. Adding object branding to an existing structural system integrates nominal and structural typing without excessively complicating the type system. We have implemented brand objects to explicitly type objects, using existing features of the structurally typed language Grace, along with a static type checker which treats the brands as nominal types. We demonstrate that the brands are useful in an existing implementation of Grace, and provide a formal model of the extension to the language. 1998 ACM Subject Classification D.3.3 Classes and objects Keywords and phrases brands, types, structural, nominal, Grace Digital Object Identifier 10.4230/LIPIcs.ECOOP.2015.198 Supplementary Material ECOOP Artifact Evaluation approved artifact available at http://dx.doi.org/10.4230/DARTS.1.1.4 1 Introduction Most statically typed object-oriented languages use nominal subtyping. From Simula [5] and C++, through to Java, C] and Dart, an instance of one type can only be considered an instance of another type if the subtyping relationship is declared in advance, generally at the time the subtype is declared. Some modern languages have adopted structural subtyping. In Go, for example, types are declared as interfaces, and an object conforms to a type if the object declares at least the methods required by the interface [41].
    [Show full text]
  • Resource Control of Untrusted Code in an Open Network Environment
    UCAM-CL-TR-561 Technical Report ISSN 1476-2986 Number 561 Computer Laboratory Resource control of untrusted code in an open network environment Paul B. Menage March 2003 15 JJ Thomson Avenue Cambridge CB3 0FD United Kingdom phone +44 1223 763500 http://www.cl.cam.ac.uk/ c 2003 Paul B. Menage This technical report is based on a dissertation submitted June 2000 by the author for the degree of Doctor of Philosophy to the University of Cambridge, Magdalene College. Some figures in this document are best viewed in colour. If you received a black-and-white copy, please consult the online version if necessary. Technical reports published by the University of Cambridge Computer Laboratory are freely available via the Internet: http://www.cl.cam.ac.uk/TechReports/ Series editor: Markus Kuhn ISSN 1476-2986 Summary Current research into Active Networks, Open Signalling and other forms of mobile code have made use of the ability to execute user-supplied code at locations within the network infrastructure, in order to avoid the inherent latency associated with wide area networks or to avoid sending excessive amounts of data across bottleneck links or nodes. Existing research has addressed the design and evaluation of programming environments, and testbeds have been implemented on traditional operating systems. Such work has deferred issues regarding resource control; this has been reasonable, since this research has been conducted in a closed environment. In an open environment, which is required for widespread deployment of such technologies, the code supplied to the network nodes may not be from a trusted source.
    [Show full text]
  • Sharing in Typed Module Assembly Language
    Sharing in Typed Module Assembly Language Dominic Duggan Department of Computer Science Stevens Institute of Technology Hoboken, NJ 07030. [email protected] Abstract. There is a growing need to provide low-overhead software-based pro- tection mechanisms to protect against malicious or untrusted code. Type-based approaches such as proof-carrying code and typed assembly language provide this protection by relying on untrusted compilers to certify the safety properties of machine language programs. Typed Module Assembly Language (TMAL) is an extension of typed assembly language with support for the type-safe manipu- lation of dynamically linked libraries. A particularly important aspect of TMAL is its support for shared libraries. 1 Introduction Protection of programs from other programs is an old and venerable problem, given new urgency with the growing use of applets, plug-ins, shareware software programs and ActiveX controls (and just plain buggy commercial code). Historically the conven- tional approach to providing this protection has been based on hardware support for isolating the address spaces of different running programs, from each other and from the operating system. The OS kernel and its data structures sit in a protected region of memory, and machine instructions are provided to “trap” into the kernel in a safe way to execute kernel code. While this approach to protection is widely popularized by “modern” operating systems such as Windows 2000 and Linux, there is a growing desire to find alterna- tives. The problem is that this technique is a fairly heavyweight mechanism for pro- viding protection, relying on expensive context switching between modes and between address spaces.
    [Show full text]
  • Bibliography
    Bibliography [1] Martin Abadi, Luca Cardelli. A Theory of Primitive Objects - Untyped and First-Order Systems. Information and Computation, 125(2), pp.78- 102, 1996. Earlier version appeared in TACS ’94 proceedings, LNCS 789, 1994. [2] Martin Abadi, Luca Cardelli. A Theory Of Objects. Springer, 1996. [3] Roberto M. Amadio, Luca Cardelli: Subtyping Recursive Types. In: ACM Transactions on Languages and Systems, vol. 15, no.4., pp. 575-631, September 1993. [4] Kirby W. Angell. Python Server Pages (PSP), Part I. Dr. Dobbs Journal, January 2000. [5] G. Antoniol, G. Canfora, G. Casazza, A. D. Lucia. Web site reengineering using RMM. In: Proc. of the International Workshop on Web Site Evolu- tion, pages 9-16, March 2000. [6] David Atkins, Thomas Ball et al. Integrated Web and Telephone Service Creation. Bell Labs Technical Journal, 2(1), Winter 1997. [7] David Atkins, Thomas Ball, Michael Benedikt, Glenn Bruns, Kenneth Cox, et.al. Experience with a Domain Specific Language for Form-based Ser- vices. Software Production Research Department, Bell Laboratories, Lu- cent Technologies. 1997. [8] David Atkins, Thomas Ball, Glenn Bruns, and Kenneth Cox. Mawl: a domain-specific language for form-based services. In: IEEE Transactions on Software Engineering, June 1999. [9] Attardi, G., Cisternino, A.: Reflection Support by Means of Template Metaprogramming. In: LNCS 2186, pp. 118. Springer, 2001. [10] H.P. Barendregt: Lambda Calculi with Types. In: S.Abramsky, D.V. Gab- bay, T.S.E. Maibaum (eds.): Handbook of Logic in Computer Science, vol.2., pp.118-331. Clarendon Press, 1992. [11] Beck, K.: Extreme Programming Explained - Embrace Change.
    [Show full text]