[e-lang] Joe-E Taming Policies

David Wagner daw at cs.berkeley.edu
Mon Sep 21 12:12:49 EDT 2009 

Mohsen Vakilian  wrote:
> So, given that ArrayIndexOutOfBoundsException is an honorary interface in
> Joe-E, there is no need to suppress its constructors. Right?

Actually, the "honorary" business is something else and unrelated.
ArrayIndexOutOfBoundsException is a class from the Java class library.
Its constructors just happened to be tamed away because we never
analyzed the class itself, and because the default is to suppress
anything we haven't manually analyzed and determined to be safe.

Honoraries are orthogonal to which methods/constructors are
suppressed/allowed in the taming database.  For some description of
"honorary", see Sections 3.2 and 3.3 of the Joe-E spec.  For more on
taming, see Section 5 of the spec.

> How can I overwrite some of the taming policies for my project?

We have not yet written any documentation on how to do this,
so you're mostly on your own.  If you ask Adrian nicely, he might
be able to provide some explanation when he gets a chance.  (If you
feel like giving back and are inspired to write a Wiki page for
the Joe-E project on how to do this, that'd be useful.)

The taming database is under the directory safej/ in the Joe-E
distribution.

If you look at the file safej/java/lang/ArrayIndexOutOfBoundsException.safej
in the Joe-E distribution, you find this:

# auto-generated safej: default deny everything
class("java.lang.ArrayIndexOutOfBoundsException",
  honorary("org.joe_e.Powerless"),
  static(constructor(suppress, "ArrayIndexOutOfBoundsException()", comment("default deny")),
    constructor(suppress, "ArrayIndexOutOfBoundsException(String)", comment("default deny")),
    constructor(suppress, "ArrayIndexOutOfBoundsException(int)", comment("default deny"))))

I believe this is the output of a tool that Adrian has written
to traverse the Java class libraries and output a default taming
file for every Java API, where the default is to deny/suppress
everything.  This provides a starting point, and then one can make
taming decisions by editing the auto-generated file to allow
methods that have been analyzed and determined to be safe.

For another example, see safej/java/lang/String.safej.  Hopefully
you'll be able to puzzle out what the syntax means.  Sorry for the
shortage of documentation or tool support at the moment.

More information about the e-lang mailing list