These are the proceedings of the 16th Workshop on Formal Techniques for Java-like Programs (FTfJP 2014) held together with ECOOP 2014 in Uppsala, Sweden.
{"title":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","authors":"David J. Pearce","doi":"10.1145/2635631","DOIUrl":"https://doi.org/10.1145/2635631","url":null,"abstract":"These are the proceedings of the 16th Workshop on Formal Techniques for Java-like Programs (FTfJP 2014) held together with ECOOP 2014 in Uppsala, Sweden.","PeriodicalId":251269,"journal":{"name":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126614709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Escrow Exchange Contract has been used as a case study of building up complex and trustworthy systems from basic object capabilities, in the context of concurrent and distributed programming. In this short paper we present a Rational Reconstruction of the Escrow Exchange Contract case study, expressed in Grace, concentrating on the most essential issues of trustworthiness, and ignoring issues to do with distribution or more complex protocols. We then use our notation for capability policies to specify the key features of the reconstructed case study.
{"title":"Rationally Reconstructing the Escrow Example","authors":"J. Noble, S. Drossopoulou","doi":"10.1145/2635631.2635850","DOIUrl":"https://doi.org/10.1145/2635631.2635850","url":null,"abstract":"The Escrow Exchange Contract has been used as a case study of building up complex and trustworthy systems from basic object capabilities, in the context of concurrent and distributed programming. In this short paper we present a Rational Reconstruction of the Escrow Exchange Contract case study, expressed in Grace, concentrating on the most essential issues of trustworthiness, and ignoring issues to do with distribution or more complex protocols. We then use our notation for capability policies to specify the key features of the reconstructed case study.","PeriodicalId":251269,"journal":{"name":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","volume":"151 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122968954","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Specifying the functional behaviour of a concurrent program can often be quite troublesome: it is hard to provide a stable method contract that can not be invalidated by other threads. In this paper we propose a novel modular technique for specifying and verifying behavioural properties in concurrent programs. Our approach uses history-based specifications. A history is a process algebra term built of actions, where each action represents an update over a heap location. Instead of describing the object's precise state, a method contract may describe the method's behaviour in terms of actions recorded in the history. The client class can later use the history to reason about the concrete state of the object. Our approach allows providing simple and intuitive specifications, while the logic is a simple extension of permission-based separation logic.
{"title":"Verifying Functional Behaviour of Concurrent Programs","authors":"Marina Zaharieva-Stojanovski, M. Huisman, S. Blom","doi":"10.1145/2635631.2635849","DOIUrl":"https://doi.org/10.1145/2635631.2635849","url":null,"abstract":"Specifying the functional behaviour of a concurrent program can often be quite troublesome: it is hard to provide a stable method contract that can not be invalidated by other threads. In this paper we propose a novel modular technique for specifying and verifying behavioural properties in concurrent programs. Our approach uses history-based specifications. A history is a process algebra term built of actions, where each action represents an update over a heap location. Instead of describing the object's precise state, a method contract may describe the method's behaviour in terms of actions recorded in the history. The client class can later use the history to reason about the concrete state of the object. Our approach allows providing simple and intuitive specifications, while the logic is a simple extension of permission-based separation logic.","PeriodicalId":251269,"journal":{"name":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134643908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Grace is a new gradually, structurally typed object-oriented programming language. Formal models of existing languages provide a rigorous base for claiming type soundness, so we have set about creating a model of a subset of Grace. While much of the formal literature of objects has used structural typing, models of popular modern languages such as Featherweight Java have had to use nominal typing to match the language they are modelling. In contrast to this, we present Tinygrace: a subset of Grace with a structural type system, feature-parity with FJ, and an accompanying proof of soundness.
{"title":"Tinygrace: A Simple, Safe, and Structurally Typed Language","authors":"T. Jones, J. Noble","doi":"10.1145/2635631.2635848","DOIUrl":"https://doi.org/10.1145/2635631.2635848","url":null,"abstract":"Grace is a new gradually, structurally typed object-oriented programming language. Formal models of existing languages provide a rigorous base for claiming type soundness, so we have set about creating a model of a subset of Grace. While much of the formal literature of objects has used structural typing, models of popular modern languages such as Featherweight Java have had to use nominal typing to match the language they are modelling. In contrast to this, we present Tinygrace: a subset of Grace with a structural type system, feature-parity with FJ, and an accompanying proof of soundness.","PeriodicalId":251269,"journal":{"name":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127446521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Small-step operational semantics is the most commonly employed formalism for proving type soundness of statically typed programming languages, because of its ability to distinguish stuck from non-terminating computations, as opposed to big-step operational semantics. Despite this, big-step operational semantics is more abstract, and more useful for specifying interpreters. In previous work we have proposed a new proof technique to prove type soundness of a Java-like language expressed in terms of its big-step operational semantics. However the presented proof is rather involved, since it requires showing that the set of proof trees defining the semantic judgment forms a complete metric space when equipped with a specific distance function. In this paper we propose a more direct and abstract approach that exploits a standard and general compactness property of the metric space of values, that allows approximation of the coinductive big-step semantics in terms of the small-step one; in this way type soundness can be proved by standard mathematical induction.
{"title":"How to prove type soundness of Java-like languages without forgoing big-step semantics","authors":"D. Ancona","doi":"10.1145/2635631.2635846","DOIUrl":"https://doi.org/10.1145/2635631.2635846","url":null,"abstract":"Small-step operational semantics is the most commonly employed formalism for proving type soundness of statically typed programming languages, because of its ability to distinguish stuck from non-terminating computations, as opposed to big-step operational semantics. Despite this, big-step operational semantics is more abstract, and more useful for specifying interpreters. In previous work we have proposed a new proof technique to prove type soundness of a Java-like language expressed in terms of its big-step operational semantics. However the presented proof is rather involved, since it requires showing that the set of proof trees defining the semantic judgment forms a complete metric space when equipped with a specific distance function. In this paper we propose a more direct and abstract approach that exploits a standard and general compactness property of the metric space of values, that allows approximation of the coinductive big-step semantics in terms of the small-step one; in this way type soundness can be proved by standard mathematical induction.","PeriodicalId":251269,"journal":{"name":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124595779","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. Boyland, Peter Müller, M. Schwerhoff, Alexander J. Summers
The concept of controlling access to mutable shared data via permissions is at the heart of permission logics such as separation logic and implicit dynamic frames, and is also used in type systems, for instance, to give a semantics to "read-only" annotations. Existing permission models have different strengths in terms of expressiveness. Fractional permissions, for example, enable unbounded (recursive) splitting, whereas counting permissions enable unbounded subtraction of the same permission amount. Combining these strengths in a single permission model appeared to increase the complexity for the user and tools. In this paper we extend our previous work on abstract read permissions by providing them with a novel constraint semantics, which retains the use of the domain of rational numbers but enables unbounded subtraction of identical amounts. Thus we can keep an intuitive model conducive to SMT solvers while enabling "counting."
{"title":"Constraint Semantics for Abstract Read Permissions","authors":"J. Boyland, Peter Müller, M. Schwerhoff, Alexander J. Summers","doi":"10.1145/2635631.2635847","DOIUrl":"https://doi.org/10.1145/2635631.2635847","url":null,"abstract":"The concept of controlling access to mutable shared data via permissions is at the heart of permission logics such as separation logic and implicit dynamic frames, and is also used in type systems, for instance, to give a semantics to \"read-only\" annotations. Existing permission models have different strengths in terms of expressiveness. Fractional permissions, for example, enable unbounded (recursive) splitting, whereas counting permissions enable unbounded subtraction of the same permission amount. Combining these strengths in a single permission model appeared to increase the complexity for the user and tools. In this paper we extend our previous work on abstract read permissions by providing them with a novel constraint semantics, which retains the use of the domain of rational numbers but enables unbounded subtraction of identical amounts. Thus we can keep an intuitive model conducive to SMT solvers while enabling \"counting.\"","PeriodicalId":251269,"journal":{"name":"Proceedings of 16th Workshop on Formal Techniques for Java-like Programs","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127681957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: