skip to main content
10.1145/1297027.1297051acmconferencesArticle/Chapter ViewAbstractPublication PagessplashConference Proceedingsconference-collections
Article

Type qualifier inference for java

Published:21 October 2007Publication History

ABSTRACT

Java's type system provides programmers with strong guarantees of type and memory safety, but there are many important properties not captured by standard Java types. We describe JQual, a tool that adds user-defined type qualifiers to Java, allowing programmers to quickly and easily incorporateextra lightweight, application-specific type checking into their programs. JQual provides type qualifier inference, so that programmers need only add a few key qualifier annotations to their program, and then JQual infers any remaining qualifiers and checks their consistency. We explore two applications of JQual. First, we introduce opaque and enumqualifiers to track C pointers and enumerations that flow through Java code via the JNI. In our benchmarks we found that these C values are treated correctly, but there are some places where a client could potentially violate safety. Second,we introduce a read only qualifier for annotating references that cannot be used to modify the objects they refer to. We found that JQual is able to automatically infer read only in many places on method signatures. These results suggest that type qualifiers and type qualifier inference are a useful addition to Java.

References

  1. SourceForge. http://www.sourceforge.net.Google ScholarGoogle Scholar
  2. SPEC JVM98 Benchmarks. http://www.spec.org/jvm98/.Google ScholarGoogle Scholar
  3. Java Enterprise Edition HttpServletRequest API, 2006. http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletReq%uest.html.Google ScholarGoogle Scholar
  4. A. Aiken, J. S. Foster, J. Kodumal, and T. Terauchi. Checking and Inferring Local Non-Aliasing. In PLDI'03, pages 129--140, June 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. C. Andreae, J. Noble, S. Markstrum, and T. Millstein. A framework for implementing pluggable type systems. In OOPSLA'06: Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications, pages 57--74, New York, NY, USA, 2006. ACM Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. K. Arnold, J. Gosling, and D. Holmes. The Java Programming Language. Addison-Wesley, 4th edition, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. S. Artzi, M. D. Ernst, D. Glasse, and A. Kiezun. Combined static and dynamic mutability analysis. Technical Report MIT-CSAIL-TR-2006-065, MIT CSAIL, Sept. 2006.Google ScholarGoogle Scholar
  8. A. Birka and M. D. Ernst. A practical type system and language for reference immutability. In OOPSLA'04, pages 35--49, Oct. 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. P. Broadwell, M. Harren, and N. Sastry. Scrash: A System for Generating Secure Crash Information. In Usenix Security'03, Aug. 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. B. Chin, S. Markstrum, and T. Millstein. Semantic type qualifiers. In PLDI'05, pages 85--95, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. B. Chin, S. Markstrum, T. Millstein, and J. Palsberg. Inference of User-Defined Type Qualifiers and Qualifier Rules. In ESOP'06, pages 264--278, Mar. 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. J. Dean, D. Grove, and C. Chambers. Optimizatin of Object-Oriented Programs Using Static Class Hierarchy Analysis. In ECOOP'95, pages 77--101, Aug. 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. M. D. Ernst and D. Coward. JSR 308: Annotations on Java types. http://jcp.org/en/jsr/detail?id=308, October 17 2006.Google ScholarGoogle Scholar
  14. J. S. Foster, M. Fähndrich, and A. Aiken. A Theory of Type Qualifiers. In PLDI'99, pages 192--203, May 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. S. Foster, R. Johnson, J. Kodumal, and A. Aiken. Flow-Insensitive Type Qualifiers. ACM TOPLAS, 28(6):1035--1087, Nov. 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. J. S. Foster, T. Terauchi, and A. Aiken. Flow-Sensitive Type Qualifiers. In PLDI'02, pages 1--12, June 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. T. E. Foundation. Eclipse Project. Web pages at http://www.eclipse.org.Google ScholarGoogle Scholar
  18. T. Fraser, J. Nick L. Petroni, and W. A. Arbaugh. Applying flow-sensitive CQUAL to verify MINIX authorization check placement. In PLAS'06, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. T. Freeman and F. Pfenning. Refinement types for ml. In PLDI'91, pages 268--277, New York, NY, USA, 1991. ACM Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. M. Furr and J. S. Foster. Polymorphic Type Inference for the JNI. In ESOP'06, pages 309--324, Mar. 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. V. Haldar, D. Chandra, and M. Franz. Dynamic taint propagation for java. In ACSAC'05: Proceedings of the 21st Annual Computer Security Applications Conference, pages 303--311, Washington, DC, USA, 2005. IEEE Computer Society. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. A. Igarashi, B. C. Pierce, and P. Wadler. Featherweight Java: a minimal core calculus for Java and GJ. ACM TOPLAS, 23(3):396--450, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Java-Gnome Developers. Java bindings for the gnome and gtk libraries. http://java-gnome.sourceforge.net.Google ScholarGoogle Scholar
  24. R. Johnson and D. Wagner. Finding User/Kernel Bugs With Type Inference. In Usenix Security'04, Aug. 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. M. S. Lam, J. Whaley, V. B. Livshits, M. C. Martin, D. Avots, M. Carbin, and C. Unkel. Context-sensitive program analysis as database queries. In PODS'05, pages 1--12, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. O. Lhoták and L. Hendren. Scaling Java points-to analysis using Spark. In CC'03, pages 153-169, 2003. language concept for enhancing software reliability. IEEE Trans. Softw. Eng., 12(1):157--171, 1986. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. O. Lhoták and L. Hendren. Jedd: a BDD-based Relational Extension of Java. In PLDI'04, pages 158--169, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. S. Liang. The Java Native Interface: Programmer's Guide and Specification. Addison-Wesley, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Y. Liu and A. Milanova. Ownership and Immutability Inference for UML-based Object Access Control. In ICSE'07, pages 323--332, 2007. 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. V. B. Livshits and M. S. Lam. Finding security errors in Java programs with static analysis. In Proceedings of the 14th Usenix Security Symposium, pages 271--286, Aug. 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. A. Milanova, A. Rountev, and B. G. Ryder. Parameterized Object Sensitivity for Points--to Analysis for Java. ACM TSEM, 14(1):1--41, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. R. Milner. A Theory of Type Polymorphism in Programming. JCSS, 17:348--375, 1978.Google ScholarGoogle ScholarCross RefCross Ref
  33. G. C. Necula, S. McPeak, S. P. Rahul, and W. Weimer. CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs. In CC'02, pages 213--228, Apr. 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. P. Pratikakis, J. Spacco, and M. Hicks. Transparent Proxies for Java Futures. In OOPSLA'04, pages 206--223, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. W. Pugh. JSR 305: Annotations for Software Defect Detection, 2006. http://jcp.org/en/jsr/detail?id=305.Google ScholarGoogle Scholar
  36. J. Rehof and M. Fähndrich. Type-Based Flow Analysis: From Polymorphic Subtyping to CFL-Reachability. In POPL'01, pages 54--66, Jan. 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. T. Reps. Undecidability of context-sensitive data-independence analysis. ACM Trans. Program. Lang. Syst., 22(1):162--186,2000 Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. T. Reps, S. Horwitz, and M. Sagiv. Precise Interprocedural Dataflow Analysis via Graph Reachability. In POPL'95, pages 49--61, Jan. 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. A. Rountev. Precise Identification of Side-effect-free Methods in Java. In ICSM'04, pages 82--91, Sept. 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. B. G. Ryder. Dimensions of Precision in Reference Analysis of Object-oriented Programming Languages. In CC'03, pages 126--137, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. A. Salcianu and M. Rinard. Purity and Side Effect Analysis for Java Programs. In VMCAI'05, Jan. 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting Format String Vulnerabilities with Type Qualifiers. In Usenix Security'01, Aug. 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. M. Sridharan and R. Bodik. Refinement-based Contextsensitive Points-to Analysis for Java. In PLDI'06, pages 387--400, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. M. Sridharan, D. Gopan, L. Shan, and R. Bodik. Demanddriven Points-to Analysis for Java. In OOPSLA'05, pages 59--76, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. R. E. Strom and S. Yemini. Typestate: A programming language concept for enhancing software reliability. IEEE Trans. Softw. Eng., 12(1):157--171, 1986. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. M. S. Tschantz. Javari: Adding reference immutability to Java. Master's thesis, MIT Dept. of EECS, Aug. 2006. MITCSAIL-TR-2006-059.Google ScholarGoogle Scholar
  47. M. S. Tschantz and M. D. Ernst. Javari: Adding reference immutability to Java. In OOPSLA'05, pages 211--230, Oct. 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. J. Whaley and M. S. Lam. Cloning-based Context-sensitive Pointer Alias Analysis using Binary Decision Diagrams. In PLDI'04, pages 131--144, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. X. Zhang, A. Edwards, and T. Jaeger. Using CQUAL for Static Analysis of Authorization Hook Placement. In Usenix Security'02, Aug. 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Type qualifier inference for java

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!