Type Annotations in Java 8

Java 8 Type Annotations:
Tools and Opportunities
Todd Schiller | FinLingua
March 24, 2014
Copyright ©2014 FinLingua, Inc. 1

Java 7: annotations on declarations
@Override public boolean equals(Object obj)
@Entity class MyPojo implements Serializable
Java 8: annotations on any uses of types
@Encrypted String data
List<@NonNull String> strings
MyGraph = (@Immutable Graph) tmpGraph;

Annotations are just syntax,
tools give them their semantics (meaning)
Complementary Goals:
1. Error Checking: quality
2. Metaprogramming: productivity

Java 7: Overrides
@Override
protected boolean displaySensitiveInfo()
...
}
Problem: dynamic dispatch is tricky
Solution: have a tool (the compiler) check
inheritance automatically

Java 7: Persistence
@Entity
@Table(name="tbl_flight")
public class Flight implements Serializable {
@Id
public Long getId() { return id; }
...
}
Problem: DB mappings are redundant
Solution: have a tool (e.g., Hibernate) create
mappings automatically

Type Information Improves Quality
Mars Climate Orbiter
• Unit error in thruster
controller: lbf-s vs. N-s
• Crashed into Mars
• 3 years of work, > $125
million

Talk Outline
1. Type Annotation Syntax
2. Error Checking
3. Metaprogramming

Type Annotations on Any Uses of Types
(JSR 308)
@Encrypted String data
List<@NonNull String> strings
MyGraph = (@Immutable Graph) tmpGraph;
class UnmodifiableList<T>
implements @ReadOnly List<@ReadOnly T> {}

Type Annotations are Stored in the
Class File
• Can be accessed via reflection
• Local variable annotations are stored, too
• Backward-compatible with Java 7

Type Annotations Don’t Affect Execution
File file = ...;
@Encrypted File encryptedFile = ...;
// These lines call the same method
connection.Send(file);
connection.Send(encryptedFile);

class Connection{
// Impossible:
void send(@Encrypted File file) { ... }
void send( File file) { ... }
...
}
Type Annotations Don’t Affect Execution

Receiver Annotations
Receiver
@Open MyFile file = ...;
... = file.read();
class MyFile {
Byte[] read() { ... }
...
}
Where is the type
of this?

Receiver Annotations
Receiver
@Open MyFile file = ...;
... = file.read();
class MyFile {
Byte[] read(@Open MyFile this) { ... }
...
} New in Java 8

Type Annotations Don’t Affect
Execution
// This code will compile, run, (and crash)!
@Closed MyFile file = ...;
... = file.read();

Talk Outline
2. Error Checking
3. Metaprogramming

Run-time Type Checking
Use Aspect Oriented Programming (AOP) to
insert run-time checks
Byte[] read(@Open MyFile this){
// Inserted by the AOP tool
if (!this.isOpen()){
throw new IllegalArgumentException(...);
}
...
}
Refined Claim: Type annotations don’t, on their own,
affect execution

Static Type Checking
Prevent run-time exceptions at compile-time:
List<String> xs = ...;
String x = xs.get(0); // Known to be valid
... = x.Trim(); // Method known to exist
int sum = xs.get(1) + 3; // Compiler error
... = x.Foo(); // Compiler error
NullPointerException!

Type Annotations Qualify Types
List<@NonNull String> xs = ...;
@NonNull String x = xs.get(0);
... = x.Trim(); // OK
Other ways to qualify the String type:
@Encrypted String
@Format({FLOAT, INT}) String
@Localized String

Type Checking Annotations
Java 8 compiler does not check the annotations
Java provides a Pluggable Annotation Processing
API and Java Compiler API

Type Checking via Subtyping
@MaybeTainted
@Untainted
userInput = dbQuery; // Safe
dbQuery = "SELECT * FROM " + userInput; // Invalid!
@MaybeTainted String userInput;
@Untainted String dbQuery;

The Checker Framework: Pluggable
Type-Checking
• Many built-in checkers: null pointers, locking, security,
string syntax (regex, format strings),
internationalization, ...
• Quickly build your own checker
• Uses Java 8 type annotations (or comments)
– List<@Nullable String>
– List</*@Nullable*/ String>
• http://checkerframework.org

void nullSafe( MyObject nonNullByDefault,
@Nullable MyObject mightBeNull
){
// Smart defaults
nonNullByDefault.Foo(); // Safe
mightBeNull.Foo(); // Unsafe!
if (mightBeNull != null){
// Flow-sensitive
mightBeNull.Foo(); // Safe
}
}
Low Annotation Overhead

Our Experience
• Checkers reveal important latent bugs
–Ran on >3 million LOC of real-world code
–Found hundreds of user-visible bugs
• Mean 2.6 annotations per kLOC
• Quickly build your own checkers

Type System Brainstorming
1. Runtime Behavior to Prevent
2. Legal Operations
3. Types of Data

Type System Brainstorming
1. Runtime Behavior to Prevent
Don’t send unencrypted data over the network
2. Legal Operations
Only pass encrypted data to send(...)
3. Types of Data
Encrypted, Unencrypted
@MaybeEncrypted
@Encrypted

Error-Checking with Type Annotations
Support
Checker Framework Full support, including annotations in comments
Eclipse Null error analysis support
IntelliJ IDEA Can write custom inspectors, no null error
analysis support
No Support
PMD
Coverity
Find Bugs No Java 8 support
Check Style No Java 8 support

Talk Outline
2. Error Checking
3. Metaprogramming

Metaprogramming
Aspect Oriented Programming
• AspectJ: @Aspect, @Pointcut
Dependency Injection
• Spring: @Autowired, @Required
• Guice: @Inject
Persistence
• Hibernate/JPA: @Entity

Fine-Grained Dependency Injection
@Autowired private Store<Product> s1;
@Autowired private Store<Service> s2;
Spring 4 considers generics a form of qualifier:
Type Annotations would allow further refinement:
@Autowired
private Store<@Prod(Type.Grocery) Product> s1;

Fine-Grained Aspect Oriented
Programming
Annotations on local variables:
// Trace all calls made to the ar object
@Trace AuthorizationRequest ar = ...
Refine Join-Points:
void showSecrets(@Authenticated User user);

EnerJ: Approximate Computing Model
Specify which data is non-critical:
@Approx int pixel
Run-time can approximate that data
(e.g., convergence criteria)
Checker ensures approximate data
doesn’t flow into precise
expressions

Java 8: Annotations on any Uses of
Types
Complementary Goals:
1. Error Checking: quality
2. Metaprogramming: productivity

References
• The Checker Framework: http://checkerframework.org/
• MCO trajectory:
ftp://ftp.hq.nasa.gov/pub/pao/reports/1999/MCO_report.pdf
• Werner Dietl et al. Building and using pluggable type-
checkers. 2011.
• Marc Eaddy and Alfred Aho. Statement Annotations for Fine-
Grained Advising. 2006.
• Adrian Sampson et al. EnerJ: Approximate Data Types for Safe
and General Low-Power Computation. 2011.

Type Annotations in Java 8

More Related Content

What's hot

Viewers also liked

Similar to Type Annotations in Java 8

Recently uploaded

Type Annotations in Java 8

Editor's Notes