Proceedings Article10.1145/3033019.3033032
Granullar: gradual nullable types for Java
Daniel Scott Brotherston,Werner Dietl,Ondřej Lhoták +2 more
- 05 Feb 2017
- pp 87-97
TL;DR: Granullar enables combining a checked core with untrusted libraries in a safe manner, improving on the practicality of such a system.
read more
Abstract: Object-oriented languages like Java and C# allow the null value for all references. This supports many flexible patterns, but has led to many errors, security vulnerabilities, and system crashes. % Static type systems can prevent null-pointer exceptions at compile time, but require annotations, in particular for used libraries. Conservative defaults choose the most restrictive typing, preventing many errors, but requiring a large annotation effort. Liberal defaults choose the most flexible typing, requiring less annotations, but giving weaker guarantees. Trusted annotations can be provided, but are not checked and require a large manual effort. None of these approaches provide a strong guarantee that the checked part of the program is isolated from the unchecked part: even with conservative defaults, null-pointer exceptions can occur in the checked part. This paper presents Granullar, a gradual type system for null-safety. Developers start out verifying null-safety for the most important components of their applications. At the boundary to unchecked components, runtime checks are inserted by Granullar to guard the verified system from being polluted by unexpected null values. This ensures that null-pointer exceptions can only occur within the unchecked code or at the boundary to checked code; the checked code is free of null-pointer exceptions. We present Granullar for Java, define the checked-unchecked boundary, and how runtime checks are generated. We evaluate our approach on real world software annotated for null-safety. We demonstrate the runtime checks, and acceptable compile-time and run-time performance impacts. Granullar enables combining a checked core with untrusted libraries in a safe manner, improving on the practicality of such a system.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
NullAway: practical type-based null safety for Java
Subarno Banerjee,Lazaro Clapp,Manu Sridharan +2 more
- 12 Aug 2019
TL;DR: The evaluation shows that NullAway has significantly lower build-time overhead than comparable tools, and remaining NPEs were due to unchecked third-party libraries, deliberate error suppressions, or reflection and other forms of post-checking code modification never due toNullAway’s unsound assumptions for checked code.
36
•Proceedings Article
Scala with Explicit Nulls
Abel Nieto Rodriguez
- 20 Dec 2019
TL;DR: This paper makes reference types non-nullable by default, while still allowing for nullable types via union types, and gives a denotational semantics of type nullification, the interoperability layer between Java and Scala with explicit nulls.
9
Lightweight verification of array indexing
Martin Kellogg,Vlastimil Dort,Suzanne Millstein,Michael D. Ernst +3 more
- 12 Jul 2018
TL;DR: A lightweight type system that certifies, at compile time, that array accesses in the program are in-bounds, specialized to the domain of array bounds-checking is presented.
9
•Posted Content
NullAway: Practical Type-Based Null Safety for Java
TL;DR: In this article, a type-based null safety checker for Java called NullAway has been proposed to reduce annotation burden through targeted unsound assumptions, aiming for no false negatives in practice on checked code.
8
•Proceedings Article
Blame for Null.
Abel Nieto,Marianna Rapoport,Gregor Richards,Ondrej Lhotak +3 more
- 01 Jan 2020
TL;DR: The main result is a theorem that states that nullability errors in λnull can always be blamed on terms with less-precise typing, which would mean that NullPointerExceptions in combined Java/Scala programs are always the result of unsoundness in the Java type system.
3
References
Aspect-oriented programming
Gregor Kiczales,Erik Hilsdale +1 more
- 01 Sep 2001
TL;DR: This tutorial shows how to use AOP to implement crosscutting conerns in a concise modular way and includes a description of their underlying model, in terms of which a wide range of AOP languages can be understood.
5.6K
Gradual Typing for Functional Languages
Jeremy G. Siek,Walid Taha +1 more
- 01 Jan 2006
TL;DR: In this paper, the authors propose a gradual type system for functional languages with structural types, based on the intuition that the structure of a type may be partially known/unknown at compiletime and the job of the type system is to catch incompatibilities between the known parts of types.
Pluggable checking and inferencing of nonnull types for Java
Torbjörn Ekman,Görel Hedin +1 more
TL;DR: A non-null type checker for Java and a new non- null inferencing algorithm for analyzing legacy code are implemented, illustrating how pluggable type systems can be achieved.
Type qualifier inference for java
David Greenfieldboyce,Jeffrey S. Foster +1 more
- 21 Oct 2007
TL;DR: JQual is a tool that adds user-defined type qualifiers to Java, allowing programmers to quickly and easily incorporate lightweight, application-specific type checking into their programs, and type qualifier inference is provided.
Related Papers (5)
Subarno Banerjee,Lazaro Clapp,Manu Sridharan +2 more
- 12 Aug 2019
Maria Kechagia,Diomidis Spinellis +1 more
- 20 May 2017
Dawson Engler,Andy Chou +1 more
- 01 Jan 2003