Document Open Access Logo

Constrictor: Immutability as a Design Concept

Authors Elad Kinsbruner , Shachar Itzhaky , Hila Peleg

PDF
Thumbnail PDF

File

LIPIcs.ECOOP.2024.22.pdf
  • Filesize: 1.02 MB
  • 29 pages

Document Identifiers

Author Details

Elad Kinsbruner
  • Technion, Haifa, Israel
Shachar Itzhaky
  • Technion, Haifa, Israel
Hila Peleg
  • Technion, Haifa, Israel

Funding

This research was supported by the Israeli Science Foundation (ISF) grants no. 2117/23 and 651/23.

Cite AsGet BibTex

Elad Kinsbruner, Shachar Itzhaky, and Hila Peleg. Constrictor: Immutability as a Design Concept. In 38th European Conference on Object-Oriented Programming (ECOOP 2024). Leibniz International Proceedings in Informatics (LIPIcs), Volume 313, pp. 22:1-22:29, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2024)
https://doi.org/10.4230/LIPIcs.ECOOP.2024.22

Abstract

Many object-oriented applications in algorithm design rely on objects never changing during their lifetime. This is often tackled by marking object references as read-only, e.g., using the const keyword in C++. In other languages like Python or Java where such a concept does not exist, programmers rely on best practices that are entirely unenforced. While reliance on best practices is obviously too permissive, const-checking is too restrictive: it is possible for a method to mutate the internal state while still satisfying the property we expect from an "immutable" object in this setting. We would therefore like to enforce the immutability of an object’s abstract state. We check an object’s immutability through a view of its abstract state: for instances of an immutable class, the view does not change when running any of the class’s methods, even if some of the internal state does change. If all methods of a class are verified as non-mutating, we can deem the entire class view-immutable. We present an SMT-based algorithm to check view-immutability, and implement it in our linter/verifier, Constrictor. We evaluate Constrictor on 51 examples of immutability-related design violations. Our evaluation shows that Constrictor is effective at catching a variety of prototypical design violations, and does so in seconds. We also explore Constrictor with two real-world case studies.

Subject Classification

ACM Subject Classification
  • Software and its engineering → Software design engineering
  • Software and its engineering → Software defect analysis
Keywords
  • Immutability
  • Design Enforcement
  • SMT
  • Liskov Substitution Principle
  • Object-oriented Programming

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Supplementary Materials

References

  1. 8. Compound statements - Python 3.12.1 documentation. https://docs.python.org/3/reference/compound_stmts.html#type-params. [Accessed 12-Jan-2024].
  2. Contract (java8 17.0.0 API) - javadoc.io. https://www.javadoc.io/doc/org.jetbrains/annotations/17.0.0/org/jetbrains/annotations/Contract.html. [Accessed 27-Apr-2023].
  3. dotnet/roslyn: The Roslyn .NET compiler provides C#and Visual Basic languages with rich code analysis APIs. https://github.com/dotnet/roslyn. [Accessed 14-Apr-2024].
  4. freeze (Object) - APIdock. https://apidock.com/ruby/Object/freeze. [Accessed 14-Jan-2024].
  5. ImmutableCollectionsExplained · google/guava wiki. URL: https://github.com/google/guava/wiki/ImmutableCollectionsExplained.
  6. Kotlin/kotlinx.collections.immutable: immutable persistent collections for Kotlin. https://github.com/Kotlin/kotlinx.collections.immutable. [Accessed 13-Jan-2024].
  7. Mutable and Immutable Collections | Collections | Scala Documentation. URL: https://docs.scala-lang.org/overviews/collections-2.13/overview.html.
  8. Object.freeze - JavaScript | MDN. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/freeze. [Accessed 14-Jan-2024].
  9. pytype - google.github.io. https://google.github.io/pytype/. [Accessed 12-Apr-2023].
  10. Standard C++ const correctness FAQ - isocpp.org. https://isocpp.org/wiki/faq/const-correctness. [Accessed 27-Apr-2023].
  11. String.Intern(String) Method (System) | Microsoft Learn. URL: https://learn.microsoft.com/en-us/dotnet/api/system.string.intern.
  12. Himanshu Arora, Raghavan Komondoor, and G. Ramalingam. Checking observational purity of procedures. In Reiner Hähnle and Wil M. P. van der Aalst, editors, Fundamental Approaches to Software Engineering - 22nd International Conference, FASE 2019, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019, Prague, Czech Republic, April 6-11, 2019, Proceedings, volume 11424 of Lecture Notes in Computer Science, pages 228-243, Cham, 2019. Springer. URL: https://doi.org/10.1007/978-3-030-16722-6_13.
  13. Shay Artzi, Adam Kiezun, Jaime Quinonez, and Michael D. Ernst. Parameter reference immutability: formal definition, inference tool, and comparison. Autom. Softw. Eng., 16(1):145-192, March 2009. URL: https://doi.org/10.1007/s10515-008-0043-7.
  14. Haniel Barbosa, Clark W. Barrett, Martin Brain, Gereon Kremer, Hanna Lachnitt, Makai Mann, Abdalrhman Mohamed, Mudathir Mohamed, Aina Niemetz, Andres Nötzli, Alex Ozdemir, Mathias Preiner, Andrew Reynolds, Ying Sheng, Cesare Tinelli, and Yoni Zohar. cvc5: A versatile and industrial-strength SMT solver. In Dana Fisman and Grigore Rosu, editors, Tools and Algorithms for the Construction and Analysis of Systems - 28th International Conference, TACAS 2022, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022, Munich, Germany, April 2-7, 2022, Proceedings, Part I, volume 13243 of Lecture Notes in Computer Science, pages 415-442. Springer, 2022. URL: https://doi.org/10.1007/978-3-030-99524-9_24.
  15. Michael Barnett, Robert DeLine, Manuel Fähndrich, K. Rustan M. Leino, and Wolfram Schulte. Verification of object-oriented programs with invariants. J. Object Technol., 3(6):27-56, 2004. URL: https://doi.org/10.5381/jot.2004.3.6.a2.
  16. Armin Biere, Alessandro Cimatti, Edmund M. Clarke, Ofer Strichman, and Yunshan Zhu. Bounded model checking. Adv. Comput., 58(99):117-148, 2003. URL: https://doi.org/10.1016/S0065-2458(03)58003-2.
  17. Adrian Birka and Michael D. Ernst. A practical type system and language for reference immutability. In John M. Vlissides and Douglas C. Schmidt, editors, Proceedings of the 19th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2004, October 24-28, 2004, Vancouver, BC, Canada, pages 35-49, Vancouver, BC, Canada, October 2004. ACM. URL: https://doi.org/10.1145/1028976.1028980.
  18. Adam Chen, Parisa Fathololumi, Eric Koskinen, and Jared Pincus. Veracity: declarative multicore programming with commutativity. Proc. ACM Program. Lang., 6(OOPSLA2):1726-1756, October 2022. URL: https://doi.org/10.1145/3563349.
  19. Dave Clarke, James Noble, and Tobias Wrigstad, editors. Aliasing in Object-Oriented Programming. Types, Analysis and Verification, volume 7850 of Lecture Notes in Computer Science. Springer, 2013. URL: https://doi.org/10.1007/978-3-642-36946-9.
  20. Edmund M. Clarke, Orna Grumberg, Daniel Kroening, Doron A. Peled, and Helmut Veith. Model checking, 2nd Edition. Cyber Physical Systems Series. MIT Press, 2018. URL: https://mitpress.mit.edu/books/model-checking-second-edition.
  21. Michael J. Coblenz, Joshua Sunshine, Jonathan Aldrich, Brad A. Myers, Sam Weber, and Forrest Shull. Exploring language support for immutability. In Laura K. Dillon, Willem Visser, and Laurie A. Williams, editors, Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, Austin, TX, USA, May 14-22, 2016, ICSE '16, pages 736-747, New York, NY, USA, 2016. ACM. URL: https://doi.org/10.1145/2884781.2884798.
  22. Cristina David and Wei-Ngan Chin. Immutable specifications for more concise and precise verification. In Cristina Videira Lopes and Kathleen Fisher, editors, Proceedings of the 26th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2011, part of SPLASH 2011, Portland, OR, USA, October 22 - 27, 2011, OOPSLA '11, pages 359-374, New York, NY, USA, 2011. ACM. URL: https://doi.org/10.1145/2048066.2048096.
  23. Leonardo Mendonça de Moura and Nikolaj S. Bjørner. Z3: an efficient SMT solver. In C. R. Ramakrishnan and Jakob Rehof, editors, Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings, volume 4963 of Lecture Notes in Computer Science, pages 337-340. Springer, March 2008. URL: https://doi.org/10.1007/978-3-540-78800-3_24.
  24. José Javier Dolado, Mark Harman, Mari Carmen Otero, and Lin Hu. An empirical investigation of the influence of a type of side effects on program comprehension. IEEE Trans. Software Eng., 29(7):665-670, 2003. URL: https://doi.org/10.1109/TSE.2003.1214329.
  25. Jon Eyolfson and Patrick Lam. C++ const and immutability: An empirical study of writes-through-const. In Shriram Krishnamurthi and Benjamin S. Lerner, editors, 30th European Conference on Object-Oriented Programming, ECOOP 2016, July 18-22, 2016, Rome, Italy, volume 56 of LIPIcs, pages 8:1-8:25. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2016. URL: https://doi.org/10.4230/LIPIcs.ECOOP.2016.8.
  26. Jonathan Eyolfson. Enforcing Abstract Immutability. PhD thesis, University of Waterloo, Ontario, Canada, 2018. URL: https://hdl.handle.net/10012/13507.
  27. Carlo A. Furia, Bertrand Meyer, and Sergey Velder. Loop invariants: Analysis, classification, and examples. ACM Comput. Surv., 46(3):34:1-34:51, January 2014. URL: https://doi.org/10.1145/2506375.
  28. Juan P. Galeotti, Nicolás Rosner, Carlos López Pombo, and Marcelo F. Frias. Analysis of invariants for efficient bounded verification. In Paolo Tonella and Alessandro Orso, editors, Proceedings of the Nineteenth International Symposium on Software Testing and Analysis, ISSTA 2010, Trento, Italy, July 12-16, 2010, ISSTA '10, pages 25-36, New York, NY, USA, 2010. ACM. URL: https://doi.org/10.1145/1831708.1831712.
  29. Paola Giannini, Marco Servetto, and Elena Zucca. Types for immutability and aliasing control. In Vittorio Bilò and Antonio Caruso, editors, Proceedings of the 17th Italian Conference on Theoretical Computer Science, Lecce, Italy, September 7-9, 2016, volume 1720 of CEUR Workshop Proceedings, pages 62-74. DEU, CEUR-WS.org, 2016. URL: https://ceur-ws.org/Vol-1720/full5.pdf.
  30. Colin S. Gordon, Matthew J. Parkinson, Jared Parsons, Aleks Bromfield, and Joe Duffy. Uniqueness and reference immutability for safe parallelism. In Gary T. Leavens and Matthew B. Dwyer, editors, Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2012, part of SPLASH 2012, Tucson, AZ, USA, October 21-25, 2012, OOPSLA '12, pages 21-40, New York, NY, USA, 2012. ACM. URL: https://doi.org/10.1145/2384616.2384619.
  31. Christian Haack and Erik Poll. Type-based object immutability with flexible initialization. In Sophia Drossopoulou, editor, ECOOP 2009 - Object-Oriented Programming, 23rd European Conference, Genoa, Italy, July 6-10, 2009. Proceedings, volume 5653 of Lecture Notes in Computer Science, pages 520-545. Springer, Springer, 2009. URL: https://doi.org/10.1007/978-3-642-03013-0_24.
  32. Dominik Helm, Florian Kübler, Michael Eichberg, Michael Reif, and Mira Mezini. A unified lattice model and framework for purity analyses. In Marianne Huchard, Christian Kästner, and Gordon Fraser, editors, Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, ASE 2018, Montpellier, France, September 3-7, 2018, pages 340-350. ACM, 2018. URL: https://doi.org/10.1145/3238147.3238226.
  33. John E. Hopcroft and Jeffrey D. Ullman. Set merging algorithms. SIAM J. Comput., 2(4):294-303, 1973. URL: https://doi.org/10.1137/0202024.
  34. Wei Huang, Ana L. Milanova, Werner Dietl, and Michael D. Ernst. Reim & reiminfer: checking and inference of reference immutability and method purity. In Gary T. Leavens and Matthew B. Dwyer, editors, Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2012, part of SPLASH 2012, Tucson, AZ, USA, October 21-25, 2012, OOPSLA '12, pages 879-896, New York, NY, USA, 2012. ACM. URL: https://doi.org/10.1145/2384616.2384680.
  35. Telmo Luis Correa Jr., Jaime Quinonez, and Michael D. Ernst. Tools for enforcing and inferring reference immutability in java. In Richard P. Gabriel, David F. Bacon, Cristina Videira Lopes, and Guy L. Steele Jr., editors, Companion to the 22nd Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2007, October 21-25, 2007, Montreal, Quebec, Canada, OOPSLA '07, pages 866-867, New York, NY, USA, 2007. ACM. URL: https://doi.org/10.1145/1297846.1297929.
  36. Elad Kinsbruner, Shachar Itzhaky, and Hila Peleg. Constrictor: Immutability as a Design Concept (Artifact). Dagstuhl Artifacts Series, 10(2), 2024. URL: https://doi.org/10.4230/DARTS.10.2.9.
  37. Zach Klippenstein. Two mutables don't make a right. https://dev.to/zachklipp/two-mutables-dont-make-a-right-2kgp, 2021. [Accessed 08-Jan-2024].
  38. Eric Lippert. Persistence, façades and Roslyn’s red-green trees | Fabulous adventures in coding. https://ericlippert.com/2012/06/08/red-green-trees/. [Accessed 14-Apr-2024].
  39. Barbara Liskov and Jeannette M. Wing. A behavioral notion of subtyping. ACM Trans. Program. Lang. Syst., 16(6):1811-1841, November 1994. URL: https://doi.org/10.1145/197320.197383.
  40. Nicholas D. Matsakis and Felix S. Klock II. The rust language. In Michael B. Feldman and S. Tucker Taft, editors, Proceedings of the 2014 ACM SIGAda annual conference on High integrity language technology, HILT 2014, Portland, Oregon, USA, October 18-21, 2014, volume 34(3), pages 103-104. ACM, 2014. URL: https://doi.org/10.1145/2663171.2663188.
  41. Matt McCutchen and Dr. Michael Ernst. Putting Javari into Practice, 2006. URL: https://api.semanticscholar.org/CorpusID:242697933.
  42. Ana L. Milanova. Definite reference mutability. In Todd D. Millstein, editor, 32nd European Conference on Object-Oriented Programming, ECOOP 2018, July 16-21, 2018, Amsterdam, The Netherlands, volume 109 of LIPIcs, pages 25:1-25:30, Dagstuhl, Germany, 2018. Schloss Dagstuhl - Leibniz-Zentrum für Informatik. URL: https://doi.org/10.4230/LIPIcs.ECOOP.2018.25.
  43. David A. Naumann. Observational purity and encapsulation. Theor. Comput. Sci., 376(3):205-224, 2007. Fundamental Aspects of Software Engineering. URL: https://doi.org/10.1016/j.tcs.2007.02.004.
  44. Stephen Nelson, David J. Pearce, and James Noble. Understanding the impact of collection contracts on design. In Jan Vitek, editor, Objects, Models, Components, Patterns, 48th International Conference, TOOLS 2010, Málaga, Spain, June 28 - July 2, 2010. Proceedings, volume 6141 of Lecture Notes in Computer Science, pages 61-78. Springer, Springer, 2010. URL: https://doi.org/10.1007/978-3-642-13953-6_4.
  45. Igor Pechtchanski and Vivek Sarkar. Immutability specification and its applications. In José E. Moreira, Geoffrey C. Fox, and Vladimir Getov, editors, Proceedings of the 2002 Joint ACM-ISCOPE Conference on Java Grande 2002, Seattle, Washington, USA, November 3-5, 2002, JGI '02, pages 202-211, New York, NY, USA, 2002. ACM. URL: https://doi.org/10.1145/583810.583833.
  46. Sara Porat, Marina Biberstein, Larry Koved, and Bilha Mendelson. Automatic detection of immutable fields in java. In Stephen A. MacKay and J. Howard Johnson, editors, Proceedings of the 2000 conference of the Centre for Advanced Studies on Collaborative Research, November 13-16, 2000, Mississauga, Ontario, Canada, CASCON '00, page 10. IBM, 2000. URL: https://dl.acm.org/citation.cfm?id=782044.
  47. Jaime Quinonez, Matthew S. Tschantz, and Michael D. Ernst. Inference of reference immutability. In Jan Vitek, editor, ECOOP 2008 - Object-Oriented Programming, 22nd European Conference, Paphos, Cyprus, July 7-11, 2008, Proceedings, volume 5142 of Lecture Notes in Computer Science, pages 616-641, Berlin, Heidelberg, 2008. Springer. URL: https://doi.org/10.1007/978-3-540-70592-5_26.
  48. Tobias Roth, Dominik Helm, Michael Reif, and Mira Mezini. Cifi: Versatile analysis of class and field immutability. In 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021, Melbourne, Australia, November 15-19, 2021, pages 979-990. IEEE, 2021. URL: https://doi.org/10.1109/ASE51524.2021.9678903.
  49. Atanas Rountev. Precise identification of side-effect-free methods in java. In 20th International Conference on Software Maintenance (ICSM 2004), 11-17 September 2004, Chicago, IL, USA, pages 82-91. IEEE Computer Society, 2004. URL: https://doi.org/10.1109/ICSM.2004.1357793.
  50. Tobias Runge, Marco Servetto, Alex Potanin, and Ina Schaefer. Immutability and encapsulation for sound OO information flow control. ACM Trans. Program. Lang. Syst., 45(1):3:1-3:35, 2023. URL: https://doi.org/10.1145/3573270.
  51. Marco Servetto, Julian Mackay, Alex Potanin, and James Noble. The billion-dollar fix - safe modular circular initialisation with placeholders and placeholder types. In Giuseppe Castagna, editor, ECOOP 2013 - Object-Oriented Programming - 27th European Conference, Montpellier, France, July 1-5, 2013. Proceedings, volume 7920 of Lecture Notes in Computer Science, pages 205-229, Berlin, Heidelberg, 2013. Springer. URL: https://doi.org/10.1007/978-3-642-39038-8_9.
  52. Yaakov Smith. Red-Green Trees. https://blog.yaakov.online/red-green-trees/. [Accessed 14-Apr-2024].
  53. Arran Stewart, Rachel Cardell-Oliver, and Rowan Davies. Fine-grained classification of side-effect free methods in real-world java code and applications to software security. In Proceedings of the Australasian Computer Science Week Multiconference, Canberra, Australia, February 2-5, 2016, ACSW '16, page 37, New York, NY, USA, 2016. ACM. URL: https://doi.org/10.1145/2843043.2843354.
  54. Matthew S. Tschantz and Michael D. Ernst. Javari: adding reference immutability to java. In Ralph E. Johnson and Richard P. Gabriel, editors, Proceedings of the 20th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2005, October 16-20, 2005, San Diego, CA, USA, pages 211-230. ACM, 2005. URL: https://doi.org/10.1145/1094811.1094828.
  55. Yunfan Zhang, Ruidong Zhu, Yingfei Xiong, and Tao Xie. Efficient synthesis of method call sequences for test generation and bounded verification. In 37th IEEE/ACM International Conference on Automated Software Engineering, ASE 2022, Rochester, MI, USA, October 10-14, 2022, ASE '22, pages 38:1-38:12, New York, NY, USA, 2022. ACM. URL: https://doi.org/10.1145/3551349.3556951.
  56. Yoav Zibin, Alex Potanin, Mahmood Ali, Shay Artzi, Adam Kiezun, and Michael D. Ernst. Object and reference immutability using java generics. In Ivica Crnkovic and Antonia Bertolino, editors, Proceedings of the 6th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2007, Dubrovnik, Croatia, September 3-7, 2007, ESEC-FSE '07, pages 75-84, New York, NY, USA, 2007. ACM. URL: https://doi.org/10.1145/1287624.1287637.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact