UNU/IIST International Institute for Software Technology
A Type System for the Relational Calculus of Object Systems Liang Zhao, Xiangpeng Zhao, Quan Long and Zongyan Qiu September 2006
UNU-IIST Report No. 345
R
UNU-IIST and UNU-IIST Reports UNU-IIST (United Nations University International Institute for Software Technology) is a Research and Training Centre of the United Nations University (UNU). It is based in Macau, and was founded in 1991. It started operations in July 1992. UNU-IIST is jointly funded by the Governor of Macau and the governments of the People’s Republic of China and Portugal through a contribution to the UNU Endownment Fund. As well as providing twothirds of the endownment fund, the Macau authorities also supply UNU-IIST with its office premises and furniture and subsidise fellow accommodation. The mission of UNU-IIST is to assist developing countries in the application and development of software technology. UNU-IIST contributes through its programmatic activities: 1. Advanced development projects, in which software techniques supported by tools are applied, 2. Research projects, in which new techniques for software development are investigated, 3. Curriculum development projects, in which courses of software technology for universities in developing countries are developed, 4. University development projects, which complement the curriculum development projects by aiming to strengthen all aspects of computer science teaching in universities in developing countries, 5. Schools and Courses, which typically teach advanced software development techniques, 6. Events, in which conferences and workshops are organised or supported by UNU-IIST, and 7. Dissemination, in which UNU-IIST regularly distributes to developing countries information on international progress of software technology. Fellows, who are young scientists and engineers from developing countries, are invited to actively participate in all these projects. By doing the projects they are trained. At present, the technical focus of UNU-IIST is on formal methods for software development. UNU-IIST is an internationally recognised center in the area of formal methods. However, no software technique is universally applicable. We are prepared to choose complementary techniques for our projects, if necessary. UNU-IIST produces a report series. Reports are either Research R , Technical T , Compendia C or Administrative A . They are records of UNU-IIST activities and research and development achievements. Many of the reports are also published in conference proceedings and journals. Please write to UNU-IIST at P.O. Box 3058, Macau or visit UNU-IIST’s home page: http://www.iist.unu.edu, if you would like to know more about UNU-IIST and its report series.
Chris George, Acting Director
UNU/IIST International Institute for Software Technology
P.O. Box 3058 Macau
A Type System for the Relational Calculus of Object Systems Liang Zhao, Xiangpeng Zhao, Quan Long and Zongyan Qiu Abstract Being a successful technique in software practice, Object Orientation (OO) is a hot topic in academic research fields. Among many formalisms, rCOS, a refinement calculus of object-oriented systems based on Unifying Theories of Programming (UTP), has been proven a promising one in the sense of its applications to incremental software constructions, the formal use of UML, etc. However, equipped with a semantics reasoning on both static and dynamic properties, rCOS is not designed for static checking. We believe introducing static checking will extend the power of rCOS. In this paper, we develop a type system for rCOS and prove some type safety theorems. To make the theoretical results of this paper convincible and easy to be understood, we follow the traditional approaches of type systems construction. That is, we use an operational semantics as the basic explanation of rCOS language in spite of the fact that rCOS is originally developed in a denotational framework.
Liang Zhao is a master candidate in Department of Informatics, School of Mathematics, Peking University, Beijing, China. He is a fellow of UNU/IIST from Feb. 2006 to Nov. 2006. His research interests include semantics and type systems of programming languages, formal methods in software development, OO programming and development. E-mail:
[email protected] Xiangpeng Zhao is a a PhD candidate in Department of Informatics, School of Mathematics, Peking University. He is also a former fellow of UNU/IIST in 2005. His research interests include formal methods, web services, business process management and model-checking. E-mail:
[email protected] Quan Long has just got his PhD degree from Department of Informatics, School of Mathematics, Peking University. He is also a former fellow of UNU-IIST from 2003 to 2005. His research interests include programming languages, software development and formal techniques for Object Oriented, UML and Component Software. E-mail:
[email protected] Zongyan Qiu is a professor of computer science at the Department of Informatics, School of Mathematical Sciences of Peking University. His research interests include semantics, formal methods and programming languages. E-mail:
[email protected]
c 2006 by UNU-IIST, Liang Zhao, Xiangpeng Zhao, Quan Long and Copyright ° Zongyan Qiu
Contents
i
Contents 1 Introduction
1
2 Syntax of rCOS
2
3 The Type System of rCOS 3.1 Sub-typing . . . . . . . . . . . . . . . . . . 3.2 Auxiliary Definitions and Explanations . . . 3.2.1 The Well-formedness of Cdecls . . 3.2.2 Actual fields . . . . . . . . . . . . 3.2.3 Method Looking-up . . . . . . . . 3.2.4 Type Context . . . . . . . . . . . . 3.3 Type System of Expressions . . . . . . . . 3.4 Well Typed Commands . . . . . . . . . . . 3.5 Well Typed Programs . . . . . . . . . . . . 3.5.1 Well Typed Methods . . . . . . . . 3.5.2 Well Typed Class Declarations . . . 3.5.3 Well Typed Class Declaration Block 3.5.4 Well Typed Programs . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
3 3 4 4 5 5 5 6 7 8 8 8 8 9
4 Operational Semantics for rCOS and Type Safety 4.1 Auxiliary Definitions and Explanations . . . . . . . . . . 4.1.1 Object Pool . . . . . . . . . . . . . . . . . . . . 4.1.2 Values . . . . . . . . . . . . . . . . . . . . . . . 4.1.3 Objects . . . . . . . . . . . . . . . . . . . . . . 4.1.4 Store and State . . . . . . . . . . . . . . . . . . 4.2 Evaluation of Expressions . . . . . . . . . . . . . . . . 4.3 Type Safety of Expressions . . . . . . . . . . . . . . . . 4.3.1 Consistency Between a State and a Type Context 4.3.2 Two Abnormal Cases . . . . . . . . . . . . . . . 4.3.3 Type Safety Theorem for Expressions . . . . . . 4.4 Execution of Commands . . . . . . . . . . . . . . . . . 4.5 Type Safety of Commands . . . . . . . . . . . . . . . . 4.5.1 Three New Abnormal Cases . . . . . . . . . . . 4.5.2 Type Safety Theorem for Commands . . . . . . 4.6 Type Safety of Programs . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . .
9 9 9 10 10 10 11 12 12 12 12 13 15 15 15 16
5 An Example 5.1 Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2 Type checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3 Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
16 16 17 17
6 Conclusion
17
Report No. 345, September 2006
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . . . .
UNU-IIST, P.O. Box 3058, Macau
Introduction
1
1 Introduction Being a successful technique in software practice, Object Orientation (OO) is currently a hot topic in academic research fields. It gives software components a high level of abstraction, and supports the construction of large system incrementally and efficiently. Recent development and application of UML [3] and the Rational Unified Process (RUP) [12, 13] have led to the use of OO more effective. Both practitioners of formal methods and experts in object technology have investigated how formal specification can supplement object-oriented development, or how it may help to clarify the semantics of object-oriented notations and concepts. Model-based formalisms have been used extensively in conjunction with object-oriented techniques, via languages such as Object-Z [7], VDM++ [8], and methods such as Syntropy [6], which uses the Z notation and Fusion [5] that is related to VDM. Whilst these formalisms are effective for modeling data structures as sets and relations between sets, they are not ideal for capturing more sophisticated object-oriented mechanisms, such as dynamic binding and polymorphism. Cavalcanti and Naumann defined an object-oriented programming language ROOL based on predicate transformer, which supports subtype and polymorphism [4]. However, neither reference types nor mutual dependency between classes is tackled. The development of rCOS is mainly motivated by these problems [10]. rCOS focuses on a mathematical characterization of object-oriented concepts, and provide a rigorous semantic basis essential for ensuring correctness of programs and for developing tool support to the use of formal techniques. The language supports subtypes, visibility, reference types, inheritance, type casting, dynamic binding and polymorphism. It is sufficiently similar to Java and C++ and can be used in meaningful case studies [18] and to capture some of the central difficulties in modelling object-oriented designs and programs. Unlike the object logic in [1], rCOS is class-based and refinement is about correct changes in the structure, methods of classes and the main program, rather than changes in the behaviour of individual objects. Currently, rCOS has been successfully applied to different areas such as UML [15], use-case driven development [14], design patterns, refactoring [17], and Rational Unified Process (RUP) [18]. However, equipped with a semantics reasoning on both static and dynamic properties, rCOS is not designed for static checking. We believe introducing static checking will extend the power of rCOS. Type systems and type checking techniques [19] are widely used and have been proved to be very useful in checking static properties of programs. As R. Milner’s slogan says, “well-typed programs can’t go wrong”. There are some existing works on type systems in the field of OO. Igarashi et al. presented a minimal core calculus: Featherweight Java (FJ) [11], which has most basic features of the full Java, together with a typing environment and the type soundness theorem. Based on this work, Wang et al. presented a denotational model for FJ which ensure stronger type safety properties [20]. As its name implies, FJ is a reduced language in which not only complex features like threads, exception handling, but also, even assignments, are omitted. In addition to FJ, Middleweight Java (MJ) [2], presented by Bierman et al., is an imperative core calculus for Java which models features such as object identity, field assignment, constructor methods and block structure. However, MJ lacks unique object references and allows the so-called “stupid casts”, compared with our work.
Report No. 345, September 2006
UNU-IIST, P.O. Box 3058, Macau
Syntax of rCOS
2
In this paper, to enhance the power of both rCOS and previous type systems, we develop a type system for rCOS with type safety theorems. Unlike FJ and MJ, we do not allow “stupid casts”, because we use “big step” semantics rather the “small step” semantics. We use an operational semantics as the basic explanation of rCOS language, in order to make the theoretical results of this paper easy to be understood. The rest of the paper is organized as follows. We first briefly introduce the rCOS syntax in Section 2. Then we introduce our type system in Section 3. In Section 4, we give an operational semantics framework for rCOS and study its type safety. Section 5 gives an example program, illustrating our type system and operational semantics. Finally, in Section 6 we conclude the paper and discuss some future research directions.
2 Syntax of rCOS In this section we give a brief introduction to the rCOS syntax. Please refer to [10, 16, 9] for more details of the rCOS model. rCOS is an object-oriented refinement calculus. The syntax of rCOS is listed as follows: P ::= Cdecls · M ain Cdecls ::= cdecl | Cdecls; cdecl cdecl ::= [private] class C [extends C] {A M s} A ::= [private T a = d; ] [protected T a = d; ] [public T a = d; ] Ms ::= [ms] ms ::= M | ms ; M M ::= m(T x; T x; T x){c} Throughout the paper, an underlined word denotes that it is composed of zero or many segments separated by commas. Moreover, when we write T a = d, it means T a = d, T a = d, · · · , T a = d. Similarly, we have T x, Γ ` e : T , S
