Preventing Runtime Errors at Compile Time

*
Accepted Session
Long Form
Scheduled: Wednesday, June 22, 2011 from 10:00 – 11:45am in B204

Excerpt

Are you tired of null pointer exceptions, unintended side effects, SQL injections, concurrency errors, mistaken equality tests, and other run-time errors that appear during testing or in the field? A compile-time tool named the Checker Framework has found hundreds of such errors. Oracle plans to include it in the Java 8 javac, but you can use it today to improve your code and avoid errors.

Description

Are you tired of null pointer exceptions, unintended side effects, SQL injections, concurrency errors, mistaken equality tests, and other run-time errors that appear during testing or in the field? A pluggable type system can guarantee the absence of these errors, and many more real, important bugs.

Are you a software architect who wants to be able to quickly and easily implement custom checks that prevent more errors at compile time? You need a framework that supports you in creating a formally correct code checker.

This presentation is aimed at both audiences. A pluggable type system can give a compile-time guarantee of important properties. We will explain what it is, how to use it, and even how to create your own. You can create a simple pluggable type-checker in 2 minutes, and you can enhance it thereafter.

The demo uses the Checker Framework, which enables you to create pluggable type systems for Java. It takes advantage of features planned by Oracle for Java 8, but your code remains backward-compatible. The pluggable type-checker can be run as part of javac or via an Eclipse plug-in, and integration with build tools such as Ant and Maven is provided. The tools are freely available.

The Checker Framework provides 12 pluggable type systems that are ready to use, including nullness, immutability, and locking checkers. The presentation will first develop a simple declarative type checker that checks the consistency of method signature strings. The presentation will then discuss the design and usage of more advanced checkers.

The Checker Framework has found hundreds of bugs in over 3 million lines of open source code, including from Oracle, Google, Apache, etc. Overall, we found that the type checkers were easy to write, easy for novices to productively use, and effective in finding real bugs and verifying program properties, even for widely tested and used open source projects. It is easy to improve the quality of your Java code, and you can start using the Checker Framework today!

During this session we will:

  • guide the audience through installing the Checker Framework, including how to set up Eclipse integration;
  • teach you how to use some of the checkers included with the Checker Framework;
  • discuss other types of errors that you would like to be prevented at compile time;
  • and teach how to write a new type checker to prevent the errors we come up with in our discussion.

Audience participation is a must! Please come prepared with a laptop with a working Java environment (Eclipse optional). We encourage you to think, ahead of time, about run-time errors that you would like to prevent. We also encourage you to bring in Java code that you think might benefit from the Checker Framework.

Of course, feel free to get a head start and install the Checker Framework.
If you are interested in applying the Checker Framework to a particular open-source project, please send us a message (either to one of the speakers or checker-framework-dev@googlegroups.com) and we will prepare the setup.

Speaking experience

Speakers