CS 711
Fall 2002
Programming Languages Seminar
Andrew Myers
1. Introduction
2 September 02
Writing “Hello World”
• Written by a CS 100 programmer:
print “Hello world!”
• By a CS 211 programmer:
public class Hello {
static void main (String[] argv) {
System.out.println(“Hello world!”);
}
}
2
• Written by an expert:
[
uuid(2573F8F4-CFEE-101A-9A9F-00AA00342820)
]
library LHello
{
// bring in the master library
importlib("actimp.tlb");
importlib("actexp.tlb");
…
int _cdecl main(int argc, char * argv[])
{
ULONG ulRef;
DWORD dwRegistration;
CHelloCF *pCF = new CHelloCF();
hEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
// Initialize the OLE libraries
CoInitializeEx(NULL, COINIT_MULTITHREADED);
// bring in my interfaces
#include "pshlo.idl"
CoRegisterClassObject(CLSID_CHello, pCF, CLSCTX_LOCAL_SERVER,
REGCLS_MULTIPLEUSE, &dwRegistration);
[
uuid(2573F8F5-CFEE-101A-9A9F-00AA00342820)
]
// wait on an event to stop
WaitForSingleObject(hEvent, INFINITE);
cotype THello
{
interface IHello;
interface IPersistFile;
};
// revoke and release the class object
CoRevokeClassObject(dwRegistration);
ulRef = pCF-Release();
};
// Tell OLE we are going away.
CoUninitialize();
[
exe,
uuid(2573F890-CFEE-101A-9A9F-00AA00342820)
]
return(0);
}
…
3
Perils of writing software
• After 30+ years of research and
engineering, have to know too much!
• Protocols
– OLE, COM, Corba, RMI, IP, DNS, TCP,
HTTP, Corba, JavaBeans, ‘serialization’…
• Languages
– Java, C, Perl, sh, Javascript, Visual Basic,
make, C++, HTML, XML…
• Library/OS interfaces
– Unix, X Windows, AWT, Swing, WINNT, …
4
Problems
Stuff CS 211 doesn’t have to deal with:
• Concurrency
• Reliability
Distribution
• Security
• Persistence
• Extensibility
• Interoperability
• Scale and complexity
• Configuration management
5
Does it have to be this bad?
• Lots of (visible) stuff underneath (and above!)
your code
• Every layer has its
own semantics IDE
autoconf
Ant/make CVS
m4
Application code
sh
“look-and-feel” lib
XML
UI base RMI
HTTP
Serialization
JIT compiler Reflection
window system
virtual mem
file system
TCP/IP stack
m-kernel OS
6
Cost
• Cost of computing systems is:
– software development
– customization to local environment
– training
– maintenance
• Not:
– hardware
• The (single-machine) performance
problem is solved
7
Language-based solution
• Idea: program in a language expressive
enough to hide most of the cruft
– existing layer semantics can be embedded in
language, made less onerous
• Advantages:
– Programmers learn one language
– Power: some features (e.g., transparent
persistence) impossible to provide through
procedural interface
– Domain-specific languages
8
Transparency
• End-user is given increasingly transparent
interface
– web sites transparently distributed
– files transparently distributed
– documents mapped onto file system
– differences between content hidden (web pages, files)
– content seamlessly encapsulated
• Programmers need transparency too
– Simple programming model, sophisticated
implementation
– But what to expose?
9
An attempt: Java
– Some support for concurrency, distribution,
security, extensibility
– Doesn’t address: reliability, persistence, scale,
resource management
• Visual Basic, Javascript…
10
Security
• Access control provided by OS (NT) or
language (Java)
– Language-based: application-specific access
rights
• Security = data confidentiality, integrity
• (D)AC doesn’t enforce system-wide
security
– access but not propagation
– No simple way to validate AC settings
• Must prevent improper information flow
11
Static information flow
• Information flows in program analyzed
statically
• Programs that might violate security are
rejected at compile time
• Lots of unsolved problems : concurrency,
distribution, covert channels, dynamic
security policies [Sabelfeld and Myers]
12
Persistence
• What is the right programming (& data)
model for accessing persistent data?
• Usual persistent data formats don’t look
much like popular programming
language models of data!
– No pointers or object identity, weak
referential integrity, no garbage collection,
weak or absent types
– Considered important for writing correct
programs…only needed for volatile data?
13
Transparent Persistence?
• Want safe, fine-grained data sharing
across applications, network
• Orthogonal persistence: objects
transparently persistent or volatile
– System makes persistent objects arrive in
memory when needed
– Result: simpler programming; more robust
code; better performance!
• Problems: data evolution, software
upgrades, distributed computing
14
Distributed computing
• Correct concurrent programs are hard
• Distribution is harder: failure-prone
components, high-latency communication
• Need failure-tolerant programs
– automatic failure recovery
15
Distributed performance
• Function shipping: data has home
computer, computation moves to data
• Data shipping: data moves to host
computer
• Transfer data or control? Both!
– Function shipping (RMI) is good when data is
large, bad when control flow is complex
(overhead, fragility)
– Data shipping good when computation is
complex
• Can we figure it out automatically?
16
Consistency/isolation models
• Distributed computation: good
performance requires caching, else
10’s of ms access time
• Caching  stale data  inconsistency
• Programmer needs isolation model to
write code that works in face of update
– Expose transactions in the programming
model?
– Weak or strong consistency model?
– Explicit versioning?
17
Extensibility
• High software development,
customization costs  reusable,
extensible code
• Parametric polymorphism helps
• Object-oriented programming helps more
– subtyping
– inheritance
• Still not enough!
– multimethods, mixins, open classes, …
– linking languages, reflection
18
Plan
• Read mix of recent and classic papers on
related topics
– Security, concurrency, reliability, persistence,
extensibility
• 1–2 papers per 50-minute lecture
• Participation  Presentation
• Come prepared to talk
– Read the paper(s)
– Discussion is as important as presentation
– Outrageous (polite) opinions welcome
19
Reading
• new papers:
– PLDI ‘02
– OOPSLA ‘02
– ASPLOS ‘02
– POPL ‘03 (when available)
+ timeless papers
• Some pure PL, some systems + PL.
• Paper suggestions welcome
• Sign up by sending me mail
20
Presentation suggestions
• Computer projector and laptop will be
available.
• Aim for a 25-minute talk without
interruptions.
• Practice your talk at least once before.
• Can go over slides with me.
21
Project
• For credit: write a short (4-5k words)
paper
– project on related topics
– survey of work in area
22
Wednesday
• Start talking about security – three papers
to read on foundations of information flow
www.cs.cornell.edu/andru/cs711
23