Java Annotations for Invariant Specification

8/14/2019 Java Annotations for Invariant Specification

1/21

RICE UNIVERSITY

COMPUTER

SCIENCE

Java Annotations for

Invariant Specification

Mathias Ricken

September 22, 2008

COMP 617 Seminar


2/21

2

Comments are dumb

class HashMap {

// returns null if no mapping for key

Object get(Object key) { }

}

HashMap m = new HashMap();

Object o = m.get("foo");

String s = o.toString();

NullPointerException at runtime:

o is null


3/21

3

Types are smart

class HashMap {


Object|null get(Object key) { }

}




Compiler Error:Return type Object|null

incompatible with type

Object

This is not Java!


4/21

4

Annotations can make Java smarter

class HashMap {


@Nullable Object get(Object key) { }

}




Compiler Warning:

Return value may be null,

assigned to non-null variable.

Pluggable type systems in Java 5 7?


5/21

5

Annotation Targets in Java 5@Apackage some.package.name;

@B class MyClass {

@NonNull Object field;

@C MyClass(@NonNull Object param) {

field = param;

}

@NonNull Object method() { @NonNull Object localVar = field;

return localVar;

}

} Note: Local variable annotations are completely ignored.


6/21

6

Concurrency Invariants

interface TableModel { // may only be called from event thread

void setValueAt();

}

TableModel m;

// from outside event thread

m.setValueAt();

Possible race condition.


7/21

7

Invariant Specification

interface TableModel { @OnlyEventThread

void setValueAt();

}

TableModel m;

// from outside event thread

m.setValueAt();

Invariant Violation Warning at Runtime

(but still possible race condition)


8/21

8

Comparison to assertvoid setValueAt() {

assert (EventQueue.isDispatchThread());

Similarity Debug mode disabled in production code

@OnlyEventThread

void setValueAt() { }


9/21

9

Annotations are Easier to Find

Javadoc produces invariant index


10/21

10

Inherited Invariants

Object getValueAt()

@OnlyEventThread void setValueAt()

TableModel

Object getValueAt()

void setValueAt()

AbstractTableModel

Object getValueAt()

void setValueAt()

MySpecialTableModelObject getValueAt()

void setValueAt()

DefaultTableModel

Implied

@OnlyEventThread

Implied

@OnlyEventThread

Implied

@OnlyEventThread


11/21

11

Inherited Invariants

Object getValueAt()

void setValueAt()

@OnlyEventThread TableModel

Object getValueAt()

void setValueAt()

AbstractTableModel

Object getValueAt()

void setValueAt()

MySpecialTableModelObject getValueAt()

void setValueAt()

DefaultTableModel

Implied

@OnlyEventThread

Implied

@OnlyEventThread

Implied

@OnlyEventThread

Implied

@OnlyEventThread


12/21

12

Limited Universality

assert (someComplexPredicate());

assert can test an arbitrary predicate

@OnlyEventThread

@OnlyThreadWithName

@OnlySynchronizedThis

@NotEventThread

@NotThreadWithName

@NotSynchronizedThis

A few supplied invariant annotations


13/21

13

Predicate Invariant Annotations@PredicateLink(value=Predicates.class, method="eval")

public @interface OnlyThreadWithName {

String value;

}

public class Predicates {

public static boolean eval(Object this0, String name) {

return Thread.currentThread().getName().

equals(name);

}}

@OnlyThreadWithName("main")void myMethod() { }

Findp

redicat

emeth

od

Call predicate method and

pass as arguments:this (nornull if static) data in invariant annotation

Return true orfalse

to indicate violation

1.

2.

3.


14/21

14

Further Limitation of Annotations

One occurrence of an annotation class pertarget

@OnlyThreadWithName("main") // illegal; and is

@OnlyThreadWithName("other") // this "and" or "or"?

void myMethod() { }

@Or({

@OnlyThreadWithName("main"),

@OnlyThreadWithName("other")

})

void myMethod() { }

Suggestion


15/21

15

Annotation Members@interface MyAnnotation {

int intMember; // primitives

String stringMember; // strings

Class classMember; // class literals

SomeEnum enumMember; // enums

// annotions

OnlyThreadWithNameannotMember;

// arrays of the above

OnlyThreadWithName[] arrayMember;

}

extends OtherAnnotation

not allowed no subtyping


16/21

16

No Annotation Subtyping in Java@interface Or { OnlyThreadWithName[] value; }

@Or({@OnlyThreadWithName("main"),

@OnlyThreadWithName("other")})

void myMethod() { } // legal

@Or({@OnlyThreadWithName("main"),

@NotThreadWithName("other")})void otherMethod() { } // illegal

No common supertype for annotations


17/21

17

xajavac Modified Compiler@interface Base {}

@interface OnlyThreadWithName extends Base {

String value;

}

@interface NotThreadWithName extends Base {

String value;

}

@interface Or extends Base {

Base[] value;

}


18/21

18

Results

Annotations with SubtypingMinimal changes to the compiler

No changes to class file format

Reduced invariant checker by ~1500 lines Improved code reuse


19/21

19

Results

Invariant AnnotationsAnnotated part of Swing and DrJava

Discovered and fixed some bugs in DrJava

Hard to do retroactively and without insideknowledge


20/21

20

Future Work

Reflection library for annotations withsubtyping Annotation getAnnotation(Class c)

currently returns the annotation of class c

Annotation[] getAnnotations(Class c)

should be added to return all annotations of

class c and its subclasses

Modify JSR 308 prototype compiler to

support subtyping


21/21

21

More Information and Download

Invariant Specification http://www.concutest.org/tc/

Annotations with Subtyping http://www.cs.rice.edu/~mgricken/research/xajavac/
http://www.concutest.org/tc/http://www.cs.rice.edu/~mgricken/research/xajavac/http://www.cs.rice.edu/~mgricken/research/xajavac/http://www.concutest.org/tc/

Java Annotations for Invariant Specification

Documents

Transcript of Java Annotations for Invariant Specification