Post on 26-Apr-2018
Component‐baseddesigninTako(acasestudy)
ArunSudhir•GregoryKulczycki•JyotindraVasudeo
GregoryKulczycki
GregoryKulczycki
ArunSudhir
GregoryKulczycki
ArunSudhir
JyotindraVasudeo
FallsChurch,VA
Component‐baseddesigninTako(acasestudy)
(1)WhatisTako?
(2)WhatisTakodesign?
(1)WhatisTako?
Tako≈Java+Resolve
WhatisResolve?
integrated
programming&specification
language
fullformalverification
(full=heavyweight)
Staticallyprove...
CODEiscorrectw.r.t.SPEC
VerifyingCompiler
GrandChallengeTonyHoare,2003
Resolveandlanguagedesign
Makethingsassimpleaspossible...
butnosimpler.
–AlbertEinstein
SimplicityinReasoning
SophisticatedLanguageFeatures
nopointers
noinheritance
noconcurrency
!!!
pointers
inheritance
concurrency
(butdisciplined)
Pointers
Pointers=References
⇒Aliasing
{x=true}
y:=false
{x=???}
{x=true}
y:=false
{x=???}Isx
aliasedtoy?
referencecopying⇒aliasing
objectcopying⇒expensive
x:=:y
x
y
before
x
y
after
UsingResolve/C++JoeHollingsworthetal,2000
100,000linesofcode
swapping/copying‐based
pointer‐based⤴
WhatisResolve?
(1)Goal–fullverification
(2)Language–swapping
(1)WhatisTako?
Tako≈Java+Resolve
sex‐appeal
sex‐appeal
popular
sex‐appeal
popular
notlogical
sex‐appeal
popular
notlogical
idealist
sex‐appeal
popular
notlogical
idealist
rational
sex‐appeal
popular
notlogical
idealist
rational
know‐it‐all
sex‐appeal
popular
notlogical
idealist
rational
know‐it‐all
Takoisacompromise
x
[•,•,•]
O M G
arr
WhyTako?
(1)Teachformalreasoning
(2)Simplifyinformalreasoning
p:=q;q.enqueue(t);t.clear();//initializettoΦ
p=<Ψ,Φ>q=<Ψ,Δ,Ψ,Δ>t=Δ
p=???q=???t=???
Pre‐state:
Post‐state:
0
15
30
45
60
Copy Swap Reference
PercentCorrect
0
60
120
180
240
300
Copy Swap Reference
AverageTime(toanswercorrectly)
Futureforswapping‐basedOO?
Ourcasestudy
WestofHouseYouarestandinginanopenfieldwestofawhitehouse,withaboardedfrontdoor.
Thereisasmallmailboxhere.
> examinemailboxThesmallmailboxisclosed
> openmailboxOpeningthesmallmailboxrevealsaleaflet.
> getleafletTaken
>
Parser GameWorld
Parser
action=OPEN
subject=PLAYERobject1=BOX
object2=NOTHING
⤴
“openthebox”⤴
Parser:Tako≈Java
GameWorld
TreeofGameObjects
IndexedTree
a
f g
d
e
b
x z
c
a
f g
d
e
b
x z
c
G=(V,E)rank(v)ROOT,CSRVcontents(v)
Model
∈
Constraints
acyclicconsistentrank
DEN
insert(DEN,den_obj)
DEN
insert(TOM,tom_obj)
DEN TOM
DEN
advance()
DENTOM TOM
enter()
DENTOMDENTOM
moveSubtreeToCursor(TOM)
DEN
TOM
DENTOM
GameWorld
TreeofGameObjects
GameWorld
moveObjectIntoSecond(OBJ1,OBJ2)
moveObjectBeforeSecond(OBJ1,OBJ2)
updateObjectProperty(OBJ,PROP)
objectHasProperty(OBJ,PROP)
setObjectProperty(BOX,OPEN)
DEN
TOM BOX
PERSONMALE
BIN
ROOMLIGHT DEN
TOM BOX
PERSONMALE
BINOPEN
ROOMLIGHT
setObjectProperty(BOX,OPEN)
DEN
TOM BOX
PERSONMALE
BIN
ROOMLIGHT DEN
TOM BOX
PERSONMALE
BINOPEN
ROOMLIGHT
setObjectProperty(BOX,OPEN)
DEN
TOM BOX
PERSONMALE
BIN
ROOMLIGHT DEN
TOM BOX
PERSONMALE
BINOPEN
ROOMLIGHT
1.Createdummynode
1.Createdummynode
2.Gototarget
1.Createdummynode
2.Gototarget
3.Swapnodeout
1.Createdummynode
2.Gototarget
3.Swapnodeout
4.Modifynode
1.Createdummynode
2.Gototarget
3.Swapnodeout
4.Modifynode
5.Swapnodein
1.Createdummynode
2.Gototarget
3.Swapnodeout
4.Modifynode
5.Swapnodein
tray
dish fork
ricepeas
>lookYouseeatraycontainingadish(containingriceandpeas)andafork.
tray
dish fork
ricepeas
1.getFormattedList
2.getSubtree/insertSubtree
3.getTreeExplorer(read‐onlyiterator)
4.advance/enter/swapNodes
value‐basedcomponents
list⤴tree⤴
GameWorld
IndexedTree
PointerMap
Whatdidwelearn?
(1)Algorithms–similartoJava
(2)Datastructures–difference(a)updates–swapin/out(b)strongownership
Questions?
aliasavoidance
think“uniquereferences”
x
Obama‐Palin
McCain‐Biden⤴
thesimplestanswerisnotalwayscorrect