Aleksy Schubert

Immutable objects for a java-like language

We extend a Java-like language with immutability specifications and a static type system for verifying immutability. A class modifier immutable specifies that all class instances are immutable objects. Ownership types specify the depth of object states and enforce encapsulation of representation objects. The type system guarantees that the state of immutable objects does not visibly mutate during a program run. Provided immutability-annotated classes and methods are final, this is true even if immutable classes are composed with untrusted classes that follow Javas type system, but not our immutability type system.

Second-order unification and type inference for Church-style polymorphism

We prove that the second-order unification problem is undecidable even if the functional free variables may only be applied to ground terms. Despite this strong restriction our proof uses elementary techniques, and does not rely on the undecidability of the tenth Hilberts problem which itself has a very difficult proof. We apply this result to obtain a surprising result of the undecidability of type inference for the Church-style system F - polymorphic ¿-calculus.We prove that the second-order unification problem is undecidable even if the functional free variables may only be applied to ground terms. Despite this strong restriction our proof uses elementary techniques, and does not rely on the undecidability of the tenth Hilberts problem which itself has a very difficult proof. We apply this result to obtain a surprising result of the undecidability of type inference for the Church-style system F - polymorphic λ-calculus.

The complexity of β-reduction in low orders

This paper presents the complexity of β-reduction for redexes of order 1, 2 and 3. It concludes with the following results -- evaluation of Boolean expressions can be reduced to β-reduction of order 1 and β-reduction of order 1 is in O(n log n), β-reduction of order 2 is complete for PTIME, and β-reduction of order 3 is complete for PSPACE.

Partially Typed Terms between Church-Style and Curry-Style

We introduce several structures between Church-style and Curry-style based on partially typed terms formalism. In the uniform framework, we study the static properties of the λ-terms between the two styles. It is proved that type checking, typability, and type inference for domain-free λ2 are in general undecidable. A simple instance of the second-order unification problem is reduced to the problem of type inference for domain-free λ2. The typability problem is undecidable even for a predicative fragment of domain-free λ2, called the rank 2 fragment. It is also found that making polymorphic domains free and the use of type-holes [] are independently responsible for the undecidability of the partial polymorphic type reconstruction problem.

Relational Abstract Domain of Weighted Hexagons

We propose a new numerical abstract domain for static analysis by abstract interpretation, the domain of Weighted Hexagons. It is capable of expressing interval constraints and relational invariants of the form x=

Extending operational semantics of the Java bytecode

A proof-carrying code infrastructure can ensure safety of global computers. Such an infrastructure requires sound and complete semantics of the global computing platform. Bicolano is an operational semantics of the major part of the Java bytecode language. We present here two extension frameworks for the semantics and discuss their different features. Both frameworks are made in a modular fashion. The first one, so called horizontal, allows to extend states with additional information that traces a running program behaviour (e.g. memory consumption). The second one, so called vertical, additionally allows an extension to supplement the behaviour specified in the original semantics. A comparison of these frameworks is presented. In particular, we prove that the horizontal framework can be simulated by the vertical one and show an example of an extension which cannot be realised in the horizontal one, but can be realised in the vertical one. However, extensions in the horizontal framework are less memory consuming and conceptually simpler. In this light, the choice of the framework to use should depend on a particular application.

BML and Related Tools

The Bytecode Modeling Language (BML) is a specification language for Java bytecode, that provides a high level of abstraction, while not restricting the format of the bytecode. Notably, BML specifications can be stored in class files, so that they can be shipped together with the bytecode. This makes BML particularly suited as property specification language in a proof-carrying code framework. Moreover, BML is designed to be close to the source code level specification language JML, so that specifications (and proofs) developed at -- the more intuitive -- source code level can be compiled into bytecode level. This paper describes the BML language and its binary representation. It also discusses the tool set that is available to support BML, containing BMLLib, a library to inspect and edit BML specifications; Umbra, a BML viewer and editor, integrated in Eclipse; JML2BML, a compiler from JML to BML specifications; BML2BPL, a translator from BML to BoogiePL, so that the BoogiePL verification condition generator can be used; and CCT, a tool to store proofs in class files.

ESC/Java2 as a Tool to Ensure Security in the Source Code of Java Applications*

The paper shows how extended static checking tools like ESC/Java2 can be used to ensure source code security properties of Java applications. It is demonstrated in a case study on a simple personal password manager. In case of such an application the ensuring of security is one of the most important goals. We present the possible threats connected with the current state of the code and its possible future extensions. This investigation is further accompanied by a presentation on how these threats can be controlled by JML specifications and ESC/Java2.

On the Mints Hierarchy in First-Order Intuitionistic Logic

We study the decidability and complexity of fragments of intuitionistic first-order logic over ( ∀ , → ) determined by the alternation of positive and negative occurrences of quantifiers (Mints hierarchy). We prove that fragments Π2 and Σ2 are undecidable and that Σ1 is Expspace-complete.

Restricted Positive Quantification Is Not Elementary

We show that a restricted variant of constructive predicate logic with positive (covariant) quantification is of super-elementary complexity. The restriction is to limit the number of eigenvariables used in quantifier introductions rules to a reasonably usable level. This construction suggests that the known non-elementary decision algorithms for positive logic may actually be best possible. 1998 ACM Subject Classification F.4.1 Mathematical Logic, I.2.3 Deduction and Theorem Proving