Title: A Seminar on Encapsulation http://www.cs.tau.ac.il/~msagiv/courses/encapsulate.html
1A Seminar on Encapsulationhttp//www.cs.tau.ac.il
/msagiv/courses/encapsulate.html
- Noam Rinetzky
- Mooly Sagiv
Summary
2Outline
- Formalisms in programming languages
- What is encapsulation
- Some model of encapsulation
- Feedback
3Programming Language Formalisms
- Regular languages
- Context free grammars
- Attribute grammars
- Operational Semantics
- Axiomatic Semantic/ Deductive Verification
- Denotational semantics
- Type Checking
- Abstract Interpretation
4Example The While Programming Language
S x a skip S1 S2 if b then S1 else
S2 while b do S
5Natural Semantics
- Notations
- ltS, sgt - the program statement S is executed on
input state s - s representing a terminal (final) state
- For every statement S, write meaning rulesltS, igt
? oIf the statement S is executed on an input
state i, it terminates and yields an output state
o - The meaning of a program P on an input state i is
the set of outputs states o such that ltP, igt ? o - The meaning of compound statements is defined
using the meaning of immediate constituent
statements
6Natural Semantics for While
assns ltx a, sgt ? sx ?A?a?s skipns ltskip,
sgt ? s
axioms
rules
7Natural Semantics for While(Loop rules)
8Hoare Proof Rules for Partial Correctness
p skip p
p/v? e ve p
p c0 r r c1 q p c0c1q
p?b c0 q p ??b c1 q p if b then c0 else
c1q
9Hoare Proof Rules for Partial Correctness
i?b c i i while b do ci??b
?p ? p p c q ? q ? q p c q
10Type Checking Rules
11Type Checking Rules
- Enforce consistency of usages
- Many satisfying type assignments
- Most principle type
- Sound type system
- Every type assignment describes a superset of
expression values
12Even/Odd Abstract Interpretation
- Determine if an integer variable is even or odd
at a given program point
13Example Program
/ x? /
- while (x !1) do
- if (x 2) 0
- x x / 2
- else
- x x 3 1
- assert (x 2
0)
/ x? /
/ xE /
/ x? /
/ xO /
/ xE /
/ xO/
14Abstract Interpretation
Concrete
Sets of stores
15What is encapsulation?
16Common Answer(1)
- Encapsulation is the ability of an object to
place a boundary around its properties (ie. data)
and methods (ie. operations) - Programs written in older languages suffered
from side effects where variables sometimes had
their contents changed or reused in unexpected
ways. Some older languages even allowed branching
into procedures from external points - This led to 'spaghetti' code that was difficult
to unravel, understand and maintain - Encapsulation is one of three basic principles
within object oriented programming languages
17Common Answer(2)
- Object variables can be hidden completely from
external access - These private variables can only be seen or
modified by use of object accessor and mutator
methods - Access to other object variables can be allowed
but with tight control on how it is done - Methods can also be completely hidden from
external use - Those that are made visible externally can only
be called by using the object's front door (ie.
there is no 'goto' branching concept).
18Is it that simple?
- Does private guarantee encapsulation?
19What is encapsulation?
- Desired feature of programs/systems
- Not well defined
20What is encapsulation?
- Restrictions on aliasing
- Desired features
- Modular reasoning
- Representation independence
- Simplified specifications
- Predictable side-effects
- Simplified concurrent programming
- Not too restrictive
- Enforced
- Programming disciplines
- Programming language syntax
- Runtime checks
- Type system
- Abstract interpretation
21Towards a Model of Encapsulation
- J. Noble, R. Biddle, E. Tempero, A. Potanin, D.
Clark
22Dan Ingalls
- No component in a complex system should depend
on the internal details of any other components
23Access Graph
- Models the topology of the system
- Nodes N
- Edges E between nodes represent accesses between
objects - Either directed or undirected
- Abstract
- Simple example Storage graph
24Encapsulation Function
- A system S ? N
- An encapsulated component C
- Can be a package
- A set of objects
- Map C into three sets
- B the Boundary nodes
- Y the Inside nodes
- R the External nodes referred
- O the Outside nodes
- O S (B ? I)
- R ? O
- e C ? B, I, O
25An encapsulated component
O
I
R
B
?
?
?
?
26Encapsulation Constraints
- Disjointness of sets
- B ? I ?
- B ? R ?
- I ? R ?
- Connectivity
- ?I ? (B ? I)
- ? o ? O, ? i ? I ? p ? paths(o, i) ?b ?p
s.t. b ?B - (B ? I)? ? (B ? I ?R)
No component in a complex system should depend
on the internal details of any other components
27Nested Encapsulation
O
Ic
Rc
Id
Bd
Bc
?
?
Rd
?
?
?
?
?
28Nested Encapsulation
- d is nested c (d ? c) when
- Id ? Ic
- Bd ? Bc ? Ic
- Rd ? Bc ? Ic ? Rc
29Islands Full EncapsulationHoggAharon
I
B
R
?
?
30Islands Full EncapsulationHoggAharon
- Protects static references only
31Uniqueness
R
I
B
unique
32Uniqueness
where ?u 1
Can be enforced by 1. Runtine 2. Type system 3.
Abstract Interpretation
33External UniquenessClarkeWrigstrad Ziv
34External Uniqueness ClarkeWrigstrad Ziv
B v
external_unique(u)
I u ?o u ? o
where v ?u I v 1
R O
35Balloon TypesAlemida
Iouter
Router
Iinner
Rinner
Binner
36Flexible Alias ProtectionNoble, Vitek, Potter
- More permissive than Islands and Balloon on
static alias protection - Adds requirements on dynamic aliases
- Two concepts representation and arguments
rep(o)
arg(o)
o
37Ownership TypesClarke, Potter, Noble Shay,
Sharon, Ziv
- Alias protection via ownership
- Every object has an owner
- ownership forms a tree
- Only references from parent to decedents
- Nested encapsulation
- Enforced by the type system
38Ownership
39Formalizing Simple Ownership
- owner N ? N
- owner(root)root
- i ownedby o ?k ownerk(i) o
- o owns i ?k ownerk(i) o
- Invariant s ? t ? s ownedby owner(t)
40Other Ownership Models
- Parameterized ownership
- The set R is explicitly parameterized by
ownerships - Inner Ownership Boyapati
41Confined TypesBokawskiVitek Guy
42Confined TypesBokawskiVitek Guy
43Lecture Summary
44Feedback