Abstract
Every newly created object goes through several initialization states: starting from a state where all fields are uninitialized until all of them are assigned. Any operation on the object during its initialization process, which usually happens in the constructor via this , has to observe the initialization states of the object for correctness, i.e. only initialized fields may be used. Checking safe usage of this statically, without manual annotation of initialization states in the source code, is a challenge, due to aliasing and virtual method calls on this . Mainstream languages either do not check initialization errors, such as Java, C++, Scala, or they defend against them by not supporting useful initialization patterns, such as Swift. In parallel, past research has shown that safe initialization can be achieved for varying degrees of expressiveness but by sacrificing syntactic simplicity. We approach the problem by upholding local reasoning about initialization which avoids whole-program analysis, and we achieve typestate polymorphism via subtyping. On this basis, we put forward a novel type-and-effect system that can effectively ensure initialization safety while allowing flexible initialization patterns. We implement an initialization checker in the Scala 3 compiler and evaluate on several real-world projects.
Highlights
Object-oriented programming is unsafe if objects cannot be initialized safely
If we posit the abstractions cold, warm and hot as types, we arrive at a type system for safe initialization of objects, which we call the basic model
An important discipline that our type system follows implicitly is what we call the discipline of authority
Summary
FENGYUN LIU, EPFL, Switzerland ONDŘEJ LHOTÁK, University of Waterloo, Canada AGGELOS BIBOUDIS, EPFL, Switzerland PAOLO G. GIARRUSSO, Delft University of Technology, Netherlands MARTIN ODERSKY, EPFL, Switzerland. Checking safe usage of this statically, without manual annotation of initialization states in the source code, is a challenge, due to aliasing and virtual method calls on this. We approach the problem by upholding local reasoning about initialization which avoids whole-program analysis, and we achieve typestate polymorphism via subtyping. On this basis, we put forward a novel typeand-effect system that can effectively ensure initialization safety while allowing flexible initialization patterns. ACM Reference Format: Fengyun Liu, Ondřej Lhoták, Aggelos Biboudis, Paolo G.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have