Jonathan Aldrich
Carnegie Mellon University
Ownership Domains: High-level Reasoning about Object Aliasing
Abstract:
Shared, mutable state is endemic in object-oriented programs, causing
significant problems in understanding and evolving object-oriented
software systems. Ownership types provide a lightweight way to
state and enforce high-level constraints on aliasing, enabling separate
reasoning about the state of different parts of the program.
However, previous ownership type proposals have tied the aliasing
policy of a system to the mechanism of ownership. As a result,
these proposals are too weak to express many important aliasing
constraints, yet also so restrictive that they prohibit many useful
programming idioms.
In this talk, I will describe Ownership Domains, which decouple
encapsulation policy from the mechanism of ownership in two key ways.
First, developers can specify multiple ownership domains for each
object, permitting a fine-grained control of aliasing compared to
systems that provide only one ownership domain for each object.
Second, developers can specify the permitted aliasing between each pair
of domains in the system, providing more flexibility compared to
systems that enforce a fixed policy for inter-domain aliasing.
Because it decouples policy from mechanism, our alias control system is
both more precise and more flexible than previous ownership type
systems.
This is joint work with Craig Chambers at the University of Washington.
Principles
of Programming Seminars
Friday, January 23, 2004
3:30 p.m.
Wean Hall 8220