Finding bugs in java native interface programs

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Finding bugs in java native interface programs

Full text

Pdf (365 KB)

Source

International Symposium on Software Testing and Analysis archive
Proceedings of the 2008 international symposium on Software testing and analysis table of contents

Seattle, WA, USA

SESSION: Case studies table of contents

Pages 109-118

Year of Publication: 2008

ISBN:978-1-60558-050-0

Authors

Goh Kondoh	IBM Research, 1623-14, Shimotsuruma, Yamato-shi, Japan
Tamiya Onodera	IBM Research, 1623-14, Shimotsuruma, Yamato-shi, Japan

Sponsors

ACM: Association for Computing Machinery
SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 22, Downloads (12 Months): 137, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1390630.1390645 What is a DOI?

ABSTRACT

In this paper, we describe static analysis techniques for finding bugs in programs using the Java Native Interface (JNI). The JNI is both tedious and error-prone because there are many JNI-specific mistakes that are not caught by a native compiler. This paper is focused on four kinds of common mistakes. First, explicit statements to handle a possible exception need to be inserted after a statement calling a Java method. However, such statements tend to be forgotten. We present a typestate analysis to detect this exception-handling mistake. Second, while the native code can allocate resources in a Java VM, those resources must be manually released, unlike Java. Mistakes in resource management cause leaks and other errors. To detect Java resource errors, we used the typestate analysis also used for detecting general memory errors. Third, if a reference to a Java resource lives across multiple native method invocations, it should be converted into a global reference. However, programmers sometimes forget this rule and, for example, store a local reference in a global variable for later uses. We provide a syntax checker that detects this bad coding practice. Fourth, no JNI function should be called in a critical region. If called there, the current thread might block and cause a deadlock. Misinterpreting the end of the critical region, programmers occasionally break this rule. We present a simple typestate analysis to detect an improper JNI function call in a critical region.

We have implemented our analysis techniques in a bug-finding tool called BEAM, and executed it on opensource software including JNI code. In the experiment, our analysis techniques found 86 JNI-specific bugs without any overhead and increased the total number of bug reports by 76%.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	The Apache Software Foundation, Apache Harmony -- Opensource Java SE, http://harmony.apache.org/
	2	Bailey, C. Java technology, IBM style: Introduction to the IBM developer kit, http://www-128.ibm.com/developerworks/java/library/j-ibmjava1.html, May, 2006.
	3	Daniel Brand, A Software Falsifier, Proceedings of the 11th International Symposium on Software Reliability Engineering (ISSRE'00), p.174, October 08-11, 2000
	4	Marian Bubak , Dawid Kurzyniec , Piotr Luszczek , Vaidy Sunderam, Creating Java to Native Code Interfaces with Janet, Scientific Programming, v.9 n.1, p.39-50, January 2001
	5	Firefox web browser, http://www.mozilla.org/firefox/
	6	Furr, M., Foster, J. Polymorphic Type Inference for the JNI, In Proc. 16th European Symposium on Programming (ESOP'06), Vienna, Austria. Mar., 2006.
	7	Gnu Classpath, http://www.gnu.org/software/classpath/
	8	Martin Hirzel , Robert Grimm, Jeannie: granting java native interface developers their wishes, Proceedings of the 22nd annual ACM SIGPLAN conference on Object oriented programming systems and applications, October 21-25, 2007, Montreal, Quebec, Canada
	9	Opening GTK and GNOME to Java Programmers, http://java-gnome.sourceforge.net/
	10	Sheng Liang, Java Native Interface: Programmer's Guide and Reference, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1999
	11	Livshits, B., Whaley, J., Lam, M., S. Reflection Analysis for Java, In Proc. The Third Asian Symposium on Programming Languages and Systems, Nov., 2005.
	12	Skelmir, LLC. SKELMIR virtual machine technology, http://www.skelmir.com/products/ceej.html
	13	R E Strom , S Yemini, Typestate: A programming language concept for enhancing software reliability, IEEE Transactions on Software Engineering, v.12 n.1, p.157-171, Jan. 1986
	14	Sun Microsystems, Inc. Java SE HotSpot at a glance, http://java.sun.com/javase/technologies/hotspot/
	15	Tan, G., Appel, A. W., Chakradhar, S., Raghunathan, A., Ravi, S., Wang, D. Safe Java native interface. In Proc. 2006 IEEE International Symposium on Secure Software Engineering, Mar., 2006.
	16	Tzabari, G. Jace -- JNI Made Easy, http://reyelts.dyndns.org:8080/jace/release/docs/index.html