1 / 1

Compile-time Typechecking for Custom Java Type Qualifiers pag.csail.mit/jsr308

Compile-time Typechecking for Custom Java Type Qualifiers http://pag.csail.mit.edu/jsr308. Mahmood Ali, Matthew M. Papi, and Michael D. Ernst Program Analysis Group, MIT CSAIL. Motivation. Goals. 2. Allow compile-time verification of qualifier semantics:.

arion
Download Presentation

Compile-time Typechecking for Custom Java Type Qualifiers pag.csail.mit/jsr308

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Compile-time Typechecking for Custom Java Type Qualifiers http://pag.csail.mit.edu/jsr308 Mahmood Ali, Matthew M. Papi, and Michael D. Ernst Program Analysis Group, MIT CSAIL Motivation Goals 2. Allow compile-time verification of qualifier semantics: • 1. Allow programmers to write type qualifiers • List<@NonNull String> names; • ResultSet executeQuery(@Untainted String query); • Planned for inclusion in Java 7 • Backward-compatible: qualifiers in comments • - Use it today! class Folder<F extends /*@Existing*/ File> {...} class UnmodifiableList<T> implements /*@ReadOnly*/ List<T> { ... } • Type qualifiers: • Improve documentation • Find bugs in programs • Guarantee the absence of errors • Aid compilers and analysis tools • Reduce the need for assertions and run-time checks javac -processor NullnessChecker [source files] checker finds no errors javac parses input files javac finishes compilation, writes class files checker finds errors javac calls typechecker plug-in javac reports errors and terminates Writing a Checker Using a Checker Simple Checkers Effective Usable Sophisticated Checkers • Example: Tainting checker checks usage of untrusted data • Complete checker: @TypeAnnotation @SubtypeOf(Unqualified.class) public @interface Untainted { } • Simple checkers require no code • - declarative syntax for common use • Featureful: • - Type Rules: assignments, overriding, etc • - Polymorphic (Java Generics) • - Flow-sensitive type qualifier inference • - Qualifier default • - Warning suppression • Checkers for expressive type systems for: • - @NonNull: nullness errors • - @Interned: incorrect equality tests • - @ReadOnly: undesired side-effects • Sophisticated checkers are concise: • Override a method for each special check • - Nullness: dereferencing • - Interning: equality test • Publicly available: • http://pag.csail.mit.edu/jsr308 • website includes all checkers and • documentation • Programmers found the checkers easy to use • Tool support: javac, Ant, Eclipse, Netbeans • Not too verbose • - @NonNull: 1 per 75 lines • - @Interned: 124 annotations in 220KLOC revealed 11 bugs • Possible to annotate part of program • Fewer annotations in new code • Case studies details: • “Practice Pluggable Types in Java,” ISSTA 2008 • Scales to > 200, 000 LOC • Each checker found errors in every code base it ran on (including itself) • Few false positives Nullness Tools comparison: 4KLOC code base Ann. = annotations inserted by programmer FP = false positives (suppressed by an annotation or assertion)

More Related