The C programming language
Patterns in property specifications for finite-state verification
Proceedings of the 21st international conference on Software engineering
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The C++ Programming Language
Java Native Interface: Programmer's Guide and Reference
Java Native Interface: Programmer's Guide and Reference
The Exu Approach to Safe, Transparent and Lightweight Interoperability
COMPSAC '01 Proceedings of the 25th International Computer Software and Applications Conference on Invigorating Software Development
Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley))
Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley))
Checking type safety of foreign function calls
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Adding trace matching with free variables to AspectJ
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The DaCapo benchmarks: java benchmarking development and analysis
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
SWIG: an easy to use tool for integrating scripting languages with C and C++
TCLTK'96 Proceedings of the 4th conference on USENIX Tcl/Tk Workshop, 1996 - Volume 4
Proceedings of the 6th international symposium on Memory management
Jeannie: granting java native interface developers their wishes
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Ilea: inter-language analysis across java and c
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Mop: an efficient and generic runtime verification framework
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Finding bugs in java native interface programs
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Deep typechecking and refactoring
Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
QVM: an efficient runtime for detecting defects in deployed systems
Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
An empirical security study of the native code in the JDK
SS'08 Proceedings of the 17th conference on Security symposium
Automatic generation of library bindings using static analysis
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Debug all your code: portable mixed-environment debugging
Proceedings of the 24th ACM SIGPLAN conference on Object oriented programming systems languages and applications
Finding bugs in exceptional situations of JNI programs
Proceedings of the 16th ACM conference on Computer and communications security
Polymorphic type inference for the JNI
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Robusta: taming the native beast of the JVM
Proceedings of the 17th ACM conference on Computer and communications security
JNI light: an operational model for the core JNI
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
JET: exception checking in the Java native interface
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Quarantine: a framework to mitigate memory errors in JNI applications
Proceedings of the 9th International Conference on Principles and Practice of Programming in Java
Generating sound and effective memory debuggers
Proceedings of the 2013 international symposium on memory management
JNICodejail: native code isolation for Java programs
Proceedings of the 2013 International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools
Bringing java's wild native world under control
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
Programming language specifications mandate static and dynamic analyses to preclude syntactic and semantic errors. Although individual languages are usually well-specified, composing languages is not, and this poor specification is a source of many errors in multilingual programs. For example, virtually all Java programs compose Java and C using the Java Native Interface (JNI). Since JNI is informally specified, developers have difficulty using it correctly, and current Java compilers and virtual machines (VMs) inconsistently check only a subset of JNI constraints. This paper's most significant contribution is to show how to synthesize dynamic analyses from state machines to detect foreign function interface (FFI) violations. We identify three classes of FFI constraints encoded by eleven state machines that capture thousands of JNI and Python/C FFI rules. We use a mapping function to specify which state machines, transitions, and program entities (threads, objects, references) to check at each FFI call and return. From this function, we synthesize a context-specific dynamic analysis to find FFI bugs. We build bug detection tools for JNI and Python/C using this approach. For JNI, we dynamically and transparently interpose the analysis on Java and C language transitions through the JVM tools interface. The resulting tool, called Jinn, is compiler and virtual machine independent. It detects and diagnoses a wide variety of FFI bugs that other tools miss. This approach greatly reduces the annotation burden by exploiting common FFI constraints: whereas the generated Jinn code is 22,000+ lines, we wrote only 1,400 lines of state machine and mapping code. Overall, this paper lays the foundation for a more principled approach to developing correct multilingual software and a more concise and automated approach to FFI specification.