Checking type safety of foreign function calls
Gespeichert in:
| Titel: | Checking type safety of foreign function calls |
|---|---|
| Autoren: | Michael Furr, Jeffrey S. Foster |
| Weitere Verfasser: | The Pennsylvania State University CiteSeerX Archives |
| Quelle: | http://www.cs.umd.edu/~jfoster/papers/toplas-ffi.pdf. |
| Publikationsjahr: | 2005 |
| Bestand: | CiteSeerX |
| Schlagwörter: | General Terms, Languages, Verification Additional Key Words and Phrases, foreign function interface, FFI, foreign function calls, representational type, multilingual type system, multilingual type inference, flow-sensitive type system, dataflow analysis, OCaml, Java, JNI, Java Native Interface |
| Beschreibung: | Foreign function interfaces (FFIs) allow components in different languages to communicate directly with each other. While FFIs are useful, they often require writing tricky, low-level code and include little or no static safety checking, thus providing a rich source of hard-to-find programming errors. In this paper, we study the problem of enforcing type safety across the OCaml-to-C FFI and the Java Native Interface (JNI). We present O-Saffire and J-Saffire, a pair of multilingual type inference systems that ensure C code that uses these FFIs accesses high-level data safely. Our inference systems use representational types to model C’s low-level view of OCaml and Java values, and singleton types to track integers, strings, memory offsets, and type tags through C. J-Saffire, our Java system, uses a polymorphic, flow-insensitive, unification-based analysis. Polymorphism is important because it allows us to precisely model user-defined wrapper functions and the more than 200 JNI functions. O-Saffire, our OCaml system, uses a monomorphic, flow-sensitive analysis, because while polymorphism is much less important for the OCaml FFI, flow-sensitivity is critical to track conditional branches, which are used when “pattern matching ” OCaml data in C. O-Saffire also tracks garbage collection information to ensure that local C pointers to the OCaml heap are registered properly, which is not necessary for the JNI. We have applied O-Saffire and J-Saffire to a set of benchmarks and found many bugs and questionable coding practices. These results suggest that static checking of FFIs can be a valuable tool in writing correct multilingual software. |
| Publikationsart: | text |
| Dateibeschreibung: | application/pdf |
| Sprache: | English |
| Relation: | http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.86.6338 |
| Verfügbarkeit: | http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.86.6338 http://www.cs.umd.edu/~jfoster/papers/toplas-ffi.pdf |
| Rights: | Metadata may be used without restrictions as long as the oai identifier remains attached to it. |
| Dokumentencode: | edsbas.C9E244FE |
| Datenbank: | BASE |
Nájsť tento článok vo Web of Science Schreiben Sie den ersten Kommentar!