# Subtyping

In programming language theory, **subtyping** (also **subtype polymorphism** or **inclusion polymorphism**) is a form of type polymorphism in which a **subtype** is a datatype that is related to another datatype (the **supertype**) by some notion of substitutability, meaning that program elements, typically subroutines or functions, written to operate on elements of the supertype can also operate on elements of the subtype. If S is a subtype of T, the subtyping relation is often written S <: T, to mean that any term of type S can be *safely used in a context where* a term of type T is expected. The precise semantics of subtyping crucially depends on the particulars of what "safely used in a context where" means in a given programming language. The type system of a programming language essentially defines its own subtyping relation, which may well be trivial, should the language support no (or very little) conversion mechanisms.

Due to the subtyping relation, a term may belong to more than one type. Subtyping is therefore a form of type polymorphism. In object-oriented programming the term 'polymorphism' is commonly used to refer solely to this *subtype polymorphism*, while the techniques of parametric polymorphism would be considered *generic programming*.

Functional programming languages often allow the subtyping of records. Consequently, simply typed lambda calculus extended with record types is perhaps the simplest theoretical setting in which a useful notion of subtyping may be defined and studied.^{[1]} Because the resulting calculus allows terms to have more than one type, it is no longer a "simple" type theory. Since functional programming languages, by definition, support function literals, which can also be stored in records, records types with subtyping provide some of the features of object-oriented programming. Typically, functional programming languages also provide some, usually restricted, form of parametric polymorphism. In a theoretical setting, it is desirable to study the interaction of the two features; a common theoretical setting is system F_{<:}. Various calculi that attempt to capture the theoretical properties of object-oriented programming may be derived from system F_{<:}.

The concept of subtyping is related to the linguistic notions of hyponymy and holonymy. It is also related to the concept of bounded quantification in mathematical logic (see Order-sorted logic). Subtyping should not be confused with the notion of (class or object) inheritance from object-oriented languages;^{[2]} subtyping is a relation between types (interfaces in object-oriented parlance) whereas inheritance is a relation between implementations stemming from a language feature that allows new objects to be created from existing ones. In a number of object-oriented languages, subtyping is called **interface inheritance**, with inheritance referred to as *implementation inheritance*.

The notion of subtyping in programming languages dates back to the 1960s; it was introduced in Simula derivatives. The first formal treatments of subtyping were given by John C. Reynolds in 1980 who used category theory to formalize implicit conversions, and Luca Cardelli (1985).^{[3]}

The concept of subtyping has gained visibility (and synonymy with polymorphism in some circles) with the mainstream adoption of object-oriented programming. In this context, the principle of safe substitution is often called the Liskov substitution principle, after Barbara Liskov who popularized it in a keynote address at a conference on object-oriented programming in 1987. Because it must consider mutable objects, the ideal notion of subtyping defined by Liskov and Jeannette Wing, called behavioral subtyping is considerably stronger than what can be implemented in a type checker. (See § Function types below for details.)

A simple practical example of subtypes is shown in the diagram, right. The type "bird" has three subtypes "duck", "cuckoo" and "ostrich". Conceptually, each of these is a variety of the basic type "bird" that inherits many "bird" characteristics but has some specific differences. The UML notation is used in this diagram, with open-headed arrows showing the direction and type of the relationship between the supertype and its subtypes.

As a more practical example, a language might allow integer values to be used wherever floating point values are expected (`Integer`

<: `Float`

), or it might define a generic type `Number` as a common supertype of integers and the reals. In this second case, we only have `Integer`

<: `Number`

and `Float`

<: `Number`

, but `Integer`

and `Float`

are not subtypes of each other.

Programmers may take advantage of subtyping to write code in a more abstract manner than would be possible without it. Consider the following example:

If integer and real are both subtypes of `Number`

, and an operator of comparison with an arbitrary Number is defined for both types, then values of either type can be passed to this function. However, the very possibility of implementing such an operator highly constrains the Number type (for example, one can't compare an integer with a complex number), and actually only comparing integers with integers, and reals with reals, makes sense. Rewriting this function so that it would only accept 'x' and 'y' of the same type requires bounded polymorphism.

In type theory the concept of *subsumption*^{[4]} is used to define or evaluate whether a type **S** is a subtype of type **T**.

A type is a set of values. The set can be described *extensionally* by listing all the values, or it can be described *intensionally* by stating the membership of the set by a predicate over a domain of possible values. In common programming languages enumeration types are defined extensionally by listing values. User-defined types like records (structs, interfaces) or classes are defined intensionally by an explicit type declaration or by using an existing value, which encodes type information, as a prototype to be copied or extended.

In discussing the concept of subsumption, the set of values of a type is indicated by writing its name in mathematical italics: T. The type, viewed as a predicate over a domain, is indicated by writing its name in bold: **T**. The conventional symbol **<:** means "is a subtype of", and **:>** means "is a supertype of".

A rule of thumb follow: a subtype is likely to be "bigger/wider/deeper" (its values hold more information) and "fewer/smaller" (the set of values is smaller) than one of its supertypes (which has more restricted information, and whose set of values are a superset of those of the subtype).

In the context of subsumption, the type definitions can be expressed using Set-builder notation, which uses a predicate to define a set. Predicates can be defined over a domain (set of possible values) D. Predicates are partial functions that compare values to selection criteria. For example: "is an integer value greater than or equal to 100 and less than 200?". If a value matches the criteria then the function returns the value. If not, the value is not selected, and nothing is returned. (List comprehensions are a form of this pattern used in many programming languages.)

For example: there is a subfamily of cat species called *Felinae*, which is part of the family *Felidae*. The genus *Felis*, to which the domestic cat species *Felis catus* belongs, is part of that subfamily.

The conjunction of predicates has been expressed here through application of the second predicate over the domain of values conforming to the first predicate. Viewed as types, **Felis <: Felinae <: Felidae**.

Type theorists make a distinction between **nominal subtyping**, in which only types declared in a certain way may be subtypes of each other, and **structural subtyping**, in which the structure of two types determines whether or not one is a subtype of the other. The class-based object-oriented subtyping described above is nominal; a structural subtyping rule for an object-oriented language might say that if objects of type *A* can handle all of the messages that objects of type *B* can handle (that is, if they define all the same methods), then *A* is a subtype of *B* regardless of whether either inherits from the other. This so-called *duck typing* is common in dynamically typed object-oriented languages. Sound structural subtyping rules for types other than object types are also well known.^{[citation needed]}

Implementations of programming languages with subtyping fall into two general classes: *inclusive* implementations, in which the representation of any value of type *A* also represents the same value at type *B* if *A* <: *B*, and *coercive* implementations, in which a value of type *A* can be *automatically converted* into one of type *B*. The subtyping induced by subclassing in an object-oriented language is usually inclusive; subtyping relations that relate integers and floating-point numbers, which are represented differently, are usually coercive.

In almost all type systems that define a subtyping relation, it is reflexive (meaning *A* <: *A* for any type *A*) and transitive (meaning that if *A* <: *B* and *B* <: *C* then *A* <: *C*). This makes it a preorder on types.

Types of records give rise to the concepts of *width* and *depth* subtyping. These express two different ways of obtaining a new type of record that allows the same operations as the original record type.

Recall that a record is a collection of (named) fields. Since a subtype is a type which allows all operations allowed on the original type, a record subtype should support the same operations on the fields as the original type supported.

One kind of way to achieve such support, called *width subtyping*, adds more fields to the record. More formally, every (named) field appearing in the width supertype will appear in the width subtype. Thus, any operation feasible on the supertype will be supported by the subtype.

The second method, called *depth subtyping*, replaces the various fields with their subtypes. That is, the fields of the subtype are subtypes of the fields of the supertype. Since any operation supported for a field in the supertype is supported for its subtype, any operation feasible on the record supertype is supported by the record subtype. Depth subtyping only makes sense for immutable records: for example, you can assign 1.5 to the 'x' field of a real point (a record with two real fields), but you can't do the same to the 'x' field of an integer point (which, however, is a deep subtype of the real point type) because 1.5 is not an integer (see Variance).

Subtyping of records can be defined in System F_{<:}, which combines parametric polymorphism with subtyping of record types and is a theoretical basis for many functional programming languages that support both features.

Some systems also support subtyping of labeled disjoint union types (such as algebraic data types). The rule for width subtyping is reversed: every tag appearing in the width subtype must appear in the width supertype.

If *T*_{1} → *T*_{2} is a function type, then a subtype of it is any function type *S*_{1} → *S*_{2} with the property that *T*_{1} <: *S*_{1} and *S*_{2} <: *T*_{2}. This can be summarised using the following typing rule:

In languages that allow side effects, like most object-oriented languages, subtyping is generally not sufficient to guarantee that a function can be safely used in the context of another. Liskov's work in this area focused on behavioral subtyping, which besides the type system safety discussed in this article also requires that subtypes preserve all invariants guaranteed by the supertypes in some contract.^{[5]} This definition of subtyping is generally undecidable, so it cannot be verified by a type checker.

The subtyping of mutable references is similar to the treatment of function arguments and return values. Write-only references (or *sinks*) are contravariant, like function arguments; read-only references (or *sources*) are covariant, like return values. Mutable references which act as both sources and sinks are invariant.

Subtyping and inheritance are independent (orthogonal) relationships. They may coincide, but none is a special case of the other. In other words, between two types *S* and *T*, all combinations of subtyping and inheritance are possible:

The first case is illustrated by independent types, such as `Boolean`

and `Float`

.

The second case can be illustrated by the relationship between `Int32`

and `Int64`

. In most object oriented programming languages, `Int64`

are unrelated by inheritance to `Int32`

. However `Int32`

can be considered a subtype of `Int64`

since any 32 bit integer value can be promoted into a 64 bit integer value.

The third case is a consequence of function subtyping input contravariance. Assume a super class of type *T* having a method *m* returning an object of the same type (*i.e.* the type of *m* is *T* → *T*, also note that the first argument of *m* is this/self) and a derived class type *S* from *T*. By inheritance, the type of *m* in *S* is *S* → *S*. In order for *S* to be a subtype of *T* the type of *m* in *S* must be a subtype of the type of *m* in *T*, in other words: *S* → *S* ≤: *T* → *T*. By bottom-up application of the function subtyping rule, this means: *S* ≤: *T* and *T* ≤: *S*, which is only possible if *S* and *T* are the same. Since inheritance is an irreflexive relation, *S* can't be a subtype of *T*.

Subtyping and inheritance are compatible when all inherited fields and methods of the derived type have types which are subtypes of the corresponding fields and methods from the inherited type .^{[2]}

In coercive subtyping systems, subtypes are defined by implicit type conversion functions from subtype to supertype. For each subtyping relationship (*S* <: *T*), a coercion function *coerce*: *S* → *T* is provided, and any object *s* of type *S* is regarded as the object *coerce*_{S → T}(*s*) of type *T*. A coercion function may be defined by composition: if *S* <: *T* and *T* <: *U* then *s* may be regarded as an object of type *u* under the compound coercion (*coerce*_{T → U} ∘ *coerce*_{S → T}). The type coercion from a type to itself *coerce*_{T → T} is the identity function *id*_{T}

Coercion functions for records and disjoint union subtypes may be defined componentwise; in the case of width-extended records, type coercion simply discards any components which are not defined in the supertype. The type coercion for function types may be given by *f'*(*s*) = *coerce*_{S2 → T2}(*f*(*coerce*_{T1 → S1}(*t*))), reflecting the contravariance of function arguments and covariance of return values.

The coercion function is uniquely determined given the subtype and supertype. Thus, when multiple subtyping relationships are defined, one must be careful to guarantee that all type coercions are coherent. For instance, if an integer such as 2 : *int* can be coerced to a floating point number (say, 2.0 : *float*), then it is not admissible to coerce 2.1 : *float* to 2 : *int*, because the compound coercion *coerce*_{float → float} given by *coerce*_{int → float} ∘ *coerce*_{float → int} would then be distinct from the identity coercion *id*_{float}.