Checker Framework logo

This section of the tutorial is only for those who are interested in writing their own type-checkers. Please feel free to skip this section.

Although the Checker Framework ships with many checkers, you may wish to write your own checker because there are other run-time problems you wish to prevent. If you do not wish to write a new type-checker, feel free to skip this section of the tutorial.

Outline
  1. An Encryption Checker
    1. Import encryption-checker project
    2. Set up the Subtyping Checker to run the Encryption Checker
  2. Write type annotation definitions
  3. Run the Encryption Checker — 2 errors
  4. Suppress the first error
  5. Re-run the Encryption Checker — 1 error
  6. Correct the second error
  7. Re-run the Encryption Checker — no errors
  8. Learn more about writing your own checker
  9. Issue 1: "TYPE_USE cannot be resolved or is not a field"
  10. Issue 2: Set the -source and -target levels

1. An Encryption Checker

As an example, suppose that you wish to only allow encrypted information to be sent over the internet. To do so, you can write an Encryption Checker.

You need to do some setup to prepare Eclipse.

1a. Import encryption-checker project

You will need to setup your JRE to use the Checker Framework jars, see Issue 1 below. This will fix the "TYPE_USE cannot be resolved or is not a field" error. The import myqual.Encrypted is never used warning should be ignored. When building the encryption-checker project, set the -source and -target levels to at least 1.7 (1.8 is recommended). See Issue 2.

1b. Set up the Subtyping Checker

The Encryption Checker is built on top of the Subtyping Checker. The Subtyping Checker allows you to enforce a basic type systems by listing its qualifiers when type checking. To set up the Subtyping Checker to use the Encryption Checker's qualifiers, do the following:

  1. Navigate to Eclipse->Preferences->Checker Framework
  2. Under Additional compiler parameters, add -Aquals=myqual.Encrypted,myqual.PossiblyUnencrypted
  3. Click Ok

2. Write the type annotation definitions

For this example, the annotation definitions have already been written for you and appear in files Encrypted.java and PossiblyUnencrypted.java.

3. Run the Encryption Checker

The @Encrypted annotations have already been written in file EncryptionDemo.java. The default for types without annotations is @PossiblyUnencrypted.

Invoke the compiler with the Subtyping Checker. Right Click on the src package, select Checker Framework->Run Built-in Checker->Subtyping Checker. You should see the following errors:

incompatible types in assignment.
                /*@Encrypted*/ int encryptInt = (character + OFFSET) % Character.MAX_VALUE ;
  found   : @PossiblyUnencrypted int
  required: @Encrypted int      EncryptionDemo.java     /encryption-checker/src/encrypted
incompatible types in argument.
                sendOverInternet(password);
  found   : @PossiblyUnencrypted String
  required: @Encrypted String   EncryptionDemo.java     /encryption-checker/src/encrypted

4. Suppress the First Error

The first error needs to be suppressed, because the string on the left is considered "encrypted" in this encryption scheme. All @SuppressWarnings should have a comment explaining why suppressing the warning is the correct action. See the correction below.

@SuppressWarnings("encrypted")  // this is the encryption algorithm
private /*@Encrypted*/ char encryptCharacter(char character) {

5. Re-run the Encryption Checker

You will see the following error:

incompatible types in argument.
        sendOverInternet(password);
  found   : @PossiblyUnencrypted String
  required: @Encrypted String

This is a real error, because the programmer is trying to send a password over the Internet without encrypting it first.

6. Correct the Second Error

The password should be encrypted before it is sent over the Internet. The correction is below.

void sendPassword() {
    String password = getUserPassword();
    sendOverInternet(encrypt(password));
}

7. Re-run the Encryption Checker

There should be no errors.

8. Learn more about writing your own checker

For further explanations, see the Checker Framework manual, chapter How to create a new checker.

Writing a Type annotation requires ElementType.TYPE_USE and/or ElementType.TYPE_PARAMETER which are part of Java 8. If you are using a version of Eclipse that does not support Java 8, Eclipse will give an error: "TYPE_USE cannot be resolved or is not a field".

Workaround
  1. Navigate to Eclipse->Preferences->Java->Installed JRES
  2. Highlight a preferred JRE and click Duplicate...
  3. (Optionally) Add Checker Framework to the JRE name
  4. Click Add External Jars
  5. Navigate to eclipse->plugins->checker.framework.eclipse.plugin_VERSION->lib
  6. Select javac.jar and either jdk7.jar or jdk8.jar depending on the version the JRE you are duplicating. Click Open
  7. Move the two jars to the top of the system libraries list. Click Finish

To update your -source and -target levels:

Workaround:
  1. Right click the encryption-checker project
  2. Select properties->Java Compiler
  3. Check the box labeled "Enable project specific settings"
  4. Update the compliance setting to 1.8 (recommended) or 1.7.