Abstract
We present a formal specification language and a formal verification logic for a simple object-oriented programming language. The language is applicative and statically typed, and supports subtyping and message-passing. The verification logic relies on a behavioral notion of subtyping that captures the intuition that a subtype behaves like its supertypes. We give a formal definition for legal subtype relations, based on the specified behavior of objects, and show that this definition is sufficient to ensure the soundness of the verification logic. The verification logic reflects the way programmers reason informally about object-oriented programs, in that it allows them to use static type information, which avoids the need to consider all possible run-time subtypes.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
America, P.: Inheritance and subtyping in a parallel object-oriented language. In: Bezivin, J. et al. (eds) ECOOP '87, European Conference on Object-Oriented Programming, Paris, France, pages 234–242, New York, N.Y., 1987. Springer, Lecture Notes in Computer Science, Vol. 276
America, P.: Designing an object-oriented programming language with behavioural subtyping. In: de Bakker, J. W., de Roever, W. P., Rozenberg, G. (eds) Foundations of Object-Oriented Languages, REX School/Workshop, Noordwijkerhout, The Netherlands, May/June 1990, volume 489 of Lecture Notes in Computer Science, pages 60–90. Springer, New York, N.Y., 1991
America, P., de Boer, F.: A sound and complete proof theory for SPOOL. Technical Report 505, Philips Research Laboratories, Nederlandse Philips Bedrijven B. V., 1990
Broy, M.: A theory for nondeterminism, parallelism, communication, and concurrency. Theoretical Computer Science 45(1):1–61, 1986
Bruce, K. B., Longo, G.: A modest model of records, inheritance, and bounded quantification. In Gurevich, Y. (ed.) Third Annual Symposium on Logic in Computer Science, pages 38–51. IEEE, 1988
Bruce, K. B., Wegner, P.: An algebraic model of subtype and inheritance. In: Bancilhon, F., Buneman, P. (eds) Advances in Database Programming Languages, pages 75–96. Addison-Wesley, Reading, Mass., 1990
Burstall, R. M., Goguen, J. A.: Algebras, theories and freeness: An introduction for computer scientists. In: Broy, M., Schmidt, G. (eds) Theoretical Foundations of Programming Methodology: Lecture Notes of an International Summer School directed by F. L. Bauer, E. W. Dijkstra, C. A. R. Hoare, volume 91 of series C, pages 329–348. D. Reidel, Dordrecht, Holland, 1982
Cardelli, L.: A semantics of multiple inheritance. In: G. Kahn, D. B. M., Plotkin, G. (eds) Semantics of Data Types: International Symposium, Sophia-Antipolis, France, volume 173 of Lecture Notes in Computer Science, pages 51–66. Springer, New York, N.Y., 1984 A revised version of this paper appears in: Information and Computation,76, 138–164, 1988
Cardelli, L.: Structural subtyping and the notion of power type. In: Conference Record of the Fifteenth Annual ACM Symposium on Principles of Programming Languages, San Diego, Calif., pages 70–79. ACM, 1988
Cardelli, L., Wegner, P.: On understanding types, data abstraction and polymorphism. ACM Computing Surveys17(4):471–522, 1985
Chen, J.: The Larch/Generic interface language. Technical report, Massachusetts Institute of Technology, EECS department, 1989. The author's Bachelor's thesis. Available from John Guttag at MIT (guttag@lcs.mit.edu)
Cheon, Y. Larch/Smalltalk: A specification language for Smalltalk. Technical Report 91-15, Department of Computer Science, Iowa State University, Ames, IA, 1991. Available by anonymous ftp from ftp.cs.iastate.edu, and by e-mail from almanac@cs.iastate.edu
Cook, S. A.: Soundness and completeness of an axiom system for program verification. SIAM Journal on Computing7:70–90, 1978
Cook, W. R.: Object-oriented programming versus abstract data types. In: de Bakker, J. W., de Roever, W. P., Rozenberg, G. (eds) Foundations of Object-Oriented Languages, REX School/Workshop, Noordwijkerhout, The Netherlands, May/June 1990, volume 489 of Lecture Notes in Computer Science, pages 151–178. Springer, New York, N.Y., 1991
Cook, W. R., Hill, W. L., Canning, P. S.: Inheritance is not subtyping. In: Conference Record of the Seventeenth Annual ACM Symposium on Principles of Programming Languages, San Francisco, California, pages 125–135, 1990. Also STL-89-17, Software Technology Laboratory, Hewlett-Packard Laboratories, Palo Alto, Calif., July 1989
Dhara, K. K.: Subtyping among mutable types in object-oriented programming languages. Master's thesis, Iowa State University, Department of Computer Science, Ames, Iowa, 1992
Dhara, K. K., Leavens, G. T.: Subtyping for mutable types in object-oriented programming languages Technical Report 92-36, Deparement of Computer Science, Iowa State University, Ames, Iowa, 50011, 1992. Available by anonymous ftp from ftp.cs.iastate.edu, and by e-mail from almanac@cs.iastate.edu
Ehrig, H., Mahr, B.: Fundamentals of Algebraic Specification 1: Equations and Initial Semantics. EATCS Monographs on Theoretical Computer Science. Springer, New York, N.Y., 1985
Enderton, H. B.: A Mathematical Introduction to Logic. Academic Press, Inc., Orlando, Florida, 1972.
Goguen, J. A.: Parameterized programming. IEEE Transactions on Software Engineering, SE10(5):528–543, 1984
Goguen, J. A., Meseguer, J.: Order-sorted algebra solves the constructor-selector, multiple representation and coercion problems. Technical Report CSLI-87-92, Center for the Study of Language and Information, March 1987. Appears in Second Annual Symposium on Logic in Computer Science, Ithaca, NY, 1987, pages 18-29
Goldberg, A., Robson, D.: Smalltalk-80, The Language and its Implementation. Addison-Wesley Publishing Co., Reading, Mass., 1983
Gratzer, G.: Universal Algebra. Springer, New York, N.Y., second edition, 1979
Guttag, J. V., Horning, J. J., Wing, J. M.: Larch in five easy pieces. Technical Report 5, Digital Equipment Corporation, Systems Research Center, 130 Lytton Avenue, Palo Alto, CA 94301, July 1985. Order from src-report@src.dec.com
Guttag, J.: Notes on type abstractions (version 2). IEEE Transactions of Software Engineering, SE6(1):13–23, 1980. Version 1 in Proceedings Specifications of Reliable Software, Cambridge, Mass., IEEE, April, 1979
Guttag, J. V., Horning, J. J., Garland, S., Jones, K., Modet, A., Wing, J.: Larch: Languages and Tools for Formal Specification. Springer, New York, N.Y., 1993
Guttag, J. V., Horning, J. J., Modet, A.: Report on the Larch Shared Language: Version 2.3. Technical Report 58, Digital Equipment Corporation, Systems Research Center, 130 Lytton Avenue, Palo Alto, CA 94301, 1990. Order from src-report@src.dec.com
Guttag, J. V., Horning, J. J., Wing, J. M.: The Larch family of specification languages. IEEE Software,2(4), 1985
Hoare, C. A. R.: Notes on data structuring. In: Ole-J. Dahl, E. D., Hoare, C. A. R. (eds) Structured Programming, pages 83–174. Academic Press, Inc., New York, N.Y., 1972
LaLonde, W. R.: Designing families of data types using exemplars. ACM Transactions on Programming Languages and Systems11(2):212–248, 1989
LaLonde, W. R., Thomas, D. A., Pugh, J. R.: An exemplar based Smalltalk. ACM SIGPLAN Notices,21(11):322–330, 1986. OOPSLA '86 Conference Proceedings, Norman Meyrowitz (ed), 1986, Portland, Oregon
Lamping, J.: Typing the specialization interface. ACM SIGPLAN Notices28(10):201–214, 1993. OOPSLA '93 Proceedings, Andreas Paepcke (ed)
Lamport, L.: A simple approach to specifying concurrent systems. Communications of the ACM32(1):32–45, 1989
Leavens, G. T.: Modular verification of object-oriented programs with subtypes. Technical Report 90-09, Department of Computer Science, Iowa State University, Ames, Iowa, 50011, 1990. Available by anonymous ftp from ftp.cs.iastate.edu, and by e-mail from almanac@cs.iastate.edu
Leavens, G. T.: Modular specification and verification of object-oriented programs. IEEE Software8(4):72–80, 1991
Leavens, G. T., Pigozzi, D.: Typed homomorphic relations extended with subtypes. Technical Report 91-14, Department of Computer Science, Iowa State University, Ames, Iowa, 50011, 1991 Appears in the proceedings of Mathematical Foundations of Programming Semantics '91, Springer, Lecture Notes in Computer Science, volume 598, pages 144–167, 1992
Leavens, G. T., Pigozzi, D.: Typed homomorphic relations extended with subtypes. In: Brookes, S. (ed.) Mathematical Foundations of Programming Semantics '91, volume 598 of Lecture Notes in Computer Science, pages 144–167. Springer, New York, N.Y., 1992
Leavens, G. T., Weihl, W. E.: Reasoning about object-oriented programs that use subtypes (extended abstract). ACM SIGPLAN Notices,25(10):212–223, 1990. OOPSLA ECOOP '90 Proceedings, N. Meyrowitz (ed)
Leavens, G. T., Weihl, W. E.: Subtyping, modular specification, and modular verification for applicative object-oriented programs. Technical Report 92-28d, Department of Computer Science, Iowa State University, Ames, Iowa, 50011, 1994. Available by anonymous ftp from ftp.cs.iastate.edu, and by e-mail from almanac@cs.iastate.edu
Leavens, G. T.: Verifying object-oriented programs that use subtypes. Technical Report 439, Massachusetts Institute of Technology, Laboratory for Computer Science, February 1989. The author's Ph.D. thesis
Lieberman, H.: Using prototypical objects to implement shared behavior in object oriented systems. ACM SIGPLAN Notices21(11):214–223, 1986. OOPSLA '86 Conference Proceedings, Norman Meyrowitz (ed), 1986, Portland, Oregon
Liskov, B.: Data abstraction and hierarchy. ACM SIGPLAN Notices23(5):17–34, 1988. Revised version of the keynote address given at OOPSLA '87
Liskov, B., Guttag, J.: Abstraction and Specification in Program Development. The MIT Press, Cambridge, Mass., 1986
Liskov, B., Wing, J. M.: A new definition of the subtype relation. In Nierstrasz, O. M. (ed.) ECOOP '93-Object-Oriented Programming, 7th European Conference, Kaiserslautern, Germany, volume 707 of Lecture Notes in Computer Science, pages 118–141. Springer, New York, N.Y., 1993
Liskov, B., Wing, J. M.: Specifications and their use in defining subtypes. ACM SIGPLAN Notices28(10):16–28, 1993. OOPSLA '93 Proceedings, Andreas Paepcke (ed)
Loeckx, J., Sieber, K.: The Foundations of Program Verification (Second edition). John Wiley and Sons, New York, N.Y., 1987
Meyer, B.: Object-oriented Software Construction. Prentice Hall, New York, N.Y., 1988
Meyer, B.: Eiffel: The Language. Object-Oriented Series. Prentice Hall, New York, N.Y., 1992
Mitchell, J. C.: Representation independence and data abstraction (preliminary version). In: Conference Record of the Thirteenth Annual ACM Symposium on Principles of Programming Languages, St. Petersburg Beach, Florida, pages 263–276. ACM, January 1986
Mitchell, J. C.: Lambda Calculus Models of Typed Programming Languages. PhD thesis, Massachusetts Institute of Technology, August 1984
Nipkow, T.: Non-deterministic data types: Models and implementations. Acta Informatica22(16):629–661, 1986
Nipkow, T.: Behavioural Implementation Concepts for Nondeterministic Data Types. PhD thesis, University of Manchester, May 1987
Reynolds, J. C.: Using category theory to design implicit conversions and generic operators. In: Jones, N. D. (ed) Semantics-Directed Compiler Generation, Proceedings of a Workshop, Aarhus, Denmark, volume 94 of Lecture Notes in Computer Science, pages 211–258. Springer, 1980
Reynolds, J. C.: Three approaches to type structure. In: Ehrig, H., Floyd, C., Nivat, M., Thatcher, J. (eds) Mathematical Foundations of Software Development, Proceedings of the International Joint Conference on Theory and Practice of Software Development (TAPSOFT), Berlin. Volume 1: Colloquium on Trees in Algebra and Programming (CAAP '85), Volume 185 of Lecture Notes in Computer Science, pages 97–138. Springer, New York, N.Y., 1985
Schaffert, C., Cooper, T., Bullis, B., Kilian, M., Wilpolt, C.: An introduction to Trellis/Owl. ACM SIGPLAN Notices21(11):9–16, 1986. OOPSLA '86 Conference Proceedings, Norma Meyrowitz (ed), 1986, Portland, Oregon
Schmidt, D. A.: Denotational Semantics: A Methodology for Language Development. Allyn and Bacon, Inc., Boston, Mass., 1986
Schoett, O.: Behavioural correctness of data representations. Science of Computer Programming14(1):43–57, 1990
Snyder, A.: Encapsulation and inheritance in object-oriented programming languages. ACM SIGPLAN Notices21(11):38–45, 1986. OOPSLA '86 Conference Proceedings, Norman Meyrowitz (ed), September 1986, Portland, Oregon
Statman, R.: Logical relations and the typed λ-calculus. Information and Control65(2/3):85–97, 1985
Stein, L. A., Lieberman, H., Ungar, D.: A shared view of sharing: The treaty of Orlando. In: Kim, W., Lochovsky, F. H. (eds) Object-Oriented Concepts, Databases, and Applications, chapter 3, pages 32–48. Addison-Wesley Publishing Co., Reading, Mass., 1989
Utting, M.: An Object-Oriented Refinement Calculus with Modular Reasoning. PhD thesis, University of New South Wales, Kensington, Australia, 1992. Draft of February 1992 obtained from the Author
Utting, M., Robinson, K.: Modular reasoning in an object-oriented refinement calculus. In: Bird, R. S., Morgan, C. C., Woodcock, J. C. P. (eds) Mathematics of Program Construction, Second International Conference, Oxford, U.K., volume 669 of Lecture Notes in Computer Science, pages 344–367. Springer, New York, N.Y., 1992
Wing, J. M.: Writing Larch interface language specifications. ACM Transactions on Programming Languages and Systems9(1):1–24, 1987
Wing, J. M.: A two-tiered approach to specifying programs. Technical Report TR-299, Massachusetts Institute of Technology, Laboratory for Computer Science, 1983
Author information
Authors and Affiliations
Additional information
The work of both authors was supported in part by the National Science Foundation under Grant CCR-8716884, and in part by the Defense Advanced Research Projects Agency (DARPA) under Contract N00014-89-J-1988. While a graduate student at MIT, Leavens was also supported in part by a GenRad/AEA Faculty Development Fellowship, and at ISU he has been partially supported by the ISU Achievement Foundation and by the National Science Foundation under Grant CCR-9108654
Rights and permissions
About this article
Cite this article
Leavens, G.T., Weihl, W.E. Specification and verification of object-oriented programs using supertype abstraction. Acta Informatica 32, 705–778 (1995). https://doi.org/10.1007/BF01178658
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF01178658