Pluggable type-checking for custom type qualifiers in Java

We have created a framework for adding custom type qualifiers to the Javalanguage in a backward-compatible way. The type system designer definesthe qualifiers and creates a compiler plug-in that enforces theirsemantics. Programmers can write the type qualifiers in their programs andbe informed of errors or assured that the program is free of those errors.The system builds on existing Java tools and APIs.In order to evaluate our framework, we have written four type-checkersusing the framework: for a non-null type system that can detect andprevent null pointer errors; for an interned type system that can detectand prevent equality-checking errors; for a reference immutability typesystem, Javari, that can detect and prevent mutation errors; and for areference and object immutability type system, IGJ, that can detect andprevent even more mutation errors. We have conducted case studies usingeach checker to find real errors in existing software. These case studiesdemonstrate that the checkers and the framework are practical and useful

Simple Reference Immutability for System F-sub

Reference immutability is a type based technique for taming mutation that has long been studied in the context of object-oriented languages, like Java. Recently, though, languages like Scala have blurred the lines between functional programming languages and object oriented programming languages. We explore how reference immutability interacts with features commonly found in these hybrid languages, in particular with higher-order functions -- polymorphism -- and subtyping. We construct a calculus System F-sub-M which encodes a reference immutability system as a simple extension of F-sub and prove that it satisfies the standard soundness and immutability safety properties.Comment: 25 page

Context-Sensitive Optional Type Systems Meet Generics: A Uniform Treatment and Formalization

This thesis explores a novel design of context-sensitive optional type systems which supports generics. Optional type systems, as the name suggests, optionally enforce type rules in typechecking and can be switched on only when needed. They give flexibility to developers because, whenever they need optional type properties, they can plug these properties into the compiler and perform additional rounds of semantic analyses. Context-sensitive type systems help to resolve a declared type to different types according to usage contexts. Type parameters and type variable uses can be annotated with optional type qualifiers, and these type qualifiers can impact the process of type argument substitution and context-sensitive resolution of types. This thesis shows (1) existing optional type systems either do not support generics or have type safety issues when context sensitivity is involved; (2) type variables and monomorphic types are treated differently in the type check and type inference modes by these type systems. This thesis formalizes a Java-like language, introduces a new qualifier Sub to clarify the semantics of unannotated type variables, and presents a new viewpoint adaptation rule to model how context-sensitive type systems interact with generics. As a concrete instantiation, a case study is conducted in a context-sensitive type system called Practical Immutability for Classes and Objects (PICO). PICO offers reference and object immutability to Java, making Java programs more robust in areas like thread-safe programming and aliasing control. This thesis also gives an overview of PICO, identifies some interesting issues, and fixes them. Last, this thesis formalizes the core parts of non-generic version of PICO, providing the well-formedness rules, type rules, and operational semantics

Object and Reference Immutability using Java Generics

A compiler-checked immutability guarantee provides useful documentation, facilitates reasoning, and enables optimizations. This paper presents Immutability Generic Java (IGJ), a novel language extension that expresses immutability without changing Javas syntax by building upon Javas generics and annotation mechanisms. In IGJ, each class has one additional generic parameter that is Immutable, Mutable, or ReadOnly. IGJ guarantees both reference immutability (only mutable references can mutate an object) and object immutability (an immutable reference points to an immutable object). IGJ is the first proposal for enforcing object immutability, and its reference immutability is more expressive than previous work. IGJ also permits covariant changes of generic arguments in a type-safe manner, e.g., a readonly list of integers is a subtype of a readonly list of numbers. IGJ extends Javas type system with a few simple rules. We formalize this type system and prove it sound. Our IGJ compiler works by type-erasure and generates byte-code that can be executed on any JVM without runtime penalty