Type qualifier inference for java

Java's type system provides programmers with strong guarantees of type and memory safety, but there are many important properties not captured by standard Java types. We describe JQual, a tool that adds user-defined type qualifiers to Java, allowing programmers to quickly and easily incorporateextra lightweight, application-specific type checking into their programs. JQual provides type qualifier inference, so that programmers need only add a few key qualifier annotations to their program, and then JQual infers any remaining qualifiers and checks their consistency. We explore two applications of JQual. First, we introduce opaque and enumqualifiers to track C pointers and enumerations that flow through Java code via the JNI. In our benchmarks we found that these C values are treated correctly, but there are some places where a client could potentially violate safety. Second,we introduce a read only qualifier for annotating references that cannot be used to modify the objects they refer to. We found that JQual is able to automatically infer read only in many places on method signatures. These results suggest that type qualifiers and type qualifier inference are a useful addition to Java.

[1]  Michael D. Ernst,et al.  Javari: adding reference immutability to Java , 2005, OOPSLA '05.

[2]  Benjamin Livshits,et al.  Context-sensitive program analysis as database queries , 2005, PODS.

[3]  Frank Pfenning,et al.  Refinement types for ML , 1991, PLDI '91.

[4]  Shane Markstrum,et al.  Semantic type qualifiers , 2005, PLDI '05.

[5]  Manu Sridharan,et al.  Demand-driven points-to analysis for Java , 2005, OOPSLA '05.

[6]  Ondrej Lhoták,et al.  Scaling Java Points-to Analysis Using SPARK , 2003, CC.

[7]  Barbara G. Ryder,et al.  Parameterized object sensitivity for points-to analysis for Java , 2005, TSEM.

[8]  Robin Milner,et al.  A Theory of Type Polymorphism in Programming , 1978, J. Comput. Syst. Sci..

[9]  William A. Arbaugh,et al.  Applying flow-sensitive CQUAL to verify MINIX authorization check placement , 2006, PLAS '06.

[10]  David Glasser,et al.  Combined static and dynamic mutability analysis , 2007, ASE '07.

[11]  Yin Liu,et al.  Ownership and Immutability Inference for UML-Based Object Access Control , 2007, 29th International Conference on Software Engineering (ICSE'07).

[12]  David Grove,et al.  Optimization of Object-Oriented Programs Using Static Class Hierarchy Analysis , 1995, ECOOP.

[13]  Alexander Aiken,et al.  Checking and inferring local non-aliasing , 2003, PLDI '03.

[14]  Sheng Liang,et al.  Java Native Interface: Programmer's Guide and Specification , 1999 .

[15]  Philip Wadler,et al.  Featherweight Java: a minimal core calculus for Java and GJ , 2001, TOPL.

[16]  Trent Jaeger,et al.  Using CQUAL for Static Analysis of Authorization Hook Placement , 2002, USENIX Security Symposium.

[17]  Jens Palsberg,et al.  Inference of User-Defined Type Qualifiers and Qualifier Rules , 2006, ESOP.

[18]  Atanas Rountev,et al.  Precise identification of side-effect-free methods in Java , 2004, 20th IEEE International Conference on Software Maintenance, 2004. Proceedings..

[19]  Shane Markstrum,et al.  A framework for implementing pluggable type systems , 2006, OOPSLA '06.

[20]  Thomas W. Reps,et al.  Precise interprocedural dataflow analysis via graph reachability , 1995, POPL '95.

[21]  Jeffrey S. Foster,et al.  Flow-insensitive type qualifiers , 2006, TOPL.

[22]  Peter M. Broadwell,et al.  Scrash: A System for Generating Secure Crash Information , 2003, USENIX Security Symposium.

[23]  Martin C. Rinard,et al.  Purity and Side Effect Analysis for Java Programs , 2005, VMCAI.

[24]  Jakob Rehof,et al.  Type-base flow analysis: from polymorphic subtyping to CFL-reachability , 2001, POPL '01.

[25]  Robert E. Strom,et al.  Typestate: A programming language concept for enhancing software reliability , 1986, IEEE Transactions on Software Engineering.

[26]  Alexander Aiken,et al.  Flow-sensitive type qualifiers , 2002, PLDI '02.

[27]  George C. Necula,et al.  CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.

[28]  Sheng Liang,et al.  Java Native Interface: Programmer's Guide and Reference , 1999 .

[29]  Alexander Aiken,et al.  A theory of type qualifiers , 1999, PLDI '99.

[30]  Thomas W. Reps,et al.  Undecidability of context-sensitive data-dependence analysis , 2000, TOPL.

[31]  Polyvios Pratikakis,et al.  Transparent proxies for java futures , 2004, OOPSLA.

[32]  Jeffrey S. Foster,et al.  Polymorphic Type Inference for the JNI , 2006, ESOP.

[33]  David A. Wagner,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .

[34]  Manu Sridharan,et al.  Refinement-based context-sensitive points-to analysis for Java , 2006, PLDI '06.

[35]  Michael Franz,et al.  Dynamic taint propagation for Java , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[36]  Barbara G. Ryder Dimensions of Precision in Reference Analysis of Object-Oriented Programming Languages , 2003, CC.

[37]  Benjamin Livshits,et al.  Finding Security Vulnerabilities in Java Applications with Static Analysis , 2005, USENIX Security Symposium.

[38]  Ondrej Lhoták,et al.  Jedd: a BDD-based relational extension of Java , 2004, PLDI '04.

[39]  David Hovemeyer,et al.  Status report on JSR-305: annotations for software defect detection , 2007, OOPSLA '07.

[40]  Michael D. Ernst,et al.  A practical type system and language for reference immutability , 2004, OOPSLA '04.

[41]  Monica S. Lam,et al.  Cloning-based context-sensitive pointer alias analysis using binary decision diagrams , 2004, PLDI '04.

[42]  Ken Arnold,et al.  The Java Programming Language , 1996 .

[43]  Ken Arnold,et al.  Java(TM) Programming Language, The (4th Edition) , 2005 .

[44]  David A. Wagner,et al.  Finding User/Kernel Pointer Bugs with Type Inference , 2004, USENIX Security Symposium.

[45]  Benjamin Livshits,et al.  Reflection Analysis for Java , 2005, APLAS.