DOCSLIB.ORG

CDC Runtime Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CDC Runtime Guide CDC Runtime Guide Java™ Platform, Micro Edition Connected Device Configuration, Version 1.1.2 Foundation Profile, Version 1.1.2 Optimized Implementation Sun Microsystems, Inc. www.sun.com December 2008 Copyright © 2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, Solaris and HotSpot are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the United States and other countries. The Adobe logo is a registered trademark of Adobe Systems, Incorporated. Products covered by and information contained in this service manual are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries. Nuclear, missile, chemical biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited. Export or reexport to countries subject to U.S. embargo or to entities identified on U.S. export exclusion lists, including, but not limited to, the denied persons and specially designated nationals lists is strictly prohibited. DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. Copyright © 2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, États-Unis. Tous droits réservés. Sun Microsystems, Inc. détient les droits de propriété intellectuelle relatifs à la technologie incorporée dans le produit qui est décrit dans ce document. En particulier, et ce sans limitation, ces droits de propriété intellectuelle peuvent inclure un ou plusieurs des brevets américains listés à l’adresse suivante: http://www.sun.com/patents et un ou plusieurs brevets supplémentaires ou les applications de brevet en attente aux États - Unis et dans les autres pays. Droits du gouvernement des États-Unis ? Logiciel Commercial. Les droits des utilisateur du gouvernement des États-Unis sont soumis aux termes de la licence standard Sun Microsystems et aux conditions appliquées de la FAR et de ces compléments. Cette distribution peut inclure des éléments développés par des tiers. Des parties de ce produit pourront être dérivées des systèmes Berkeley BSD licenciés par l’Université de Californie. UNIX est une marque déposée aux États-Unis et dans d’autres pays et licenciée exclusivement par X/Open Company, Ltd. Sun, Sun Microsystems, le logo Sun, Java, Solaris et HotSpot sont des marques de fabrique ou des marques déposées enregistrées de Sun Microsystems, Inc. ou ses filiales aux États-Unis et dans d’autres pays. Le logo Adobe est une marque déposée de Adobe Systems, Incorporated. Les produits qui font l’objet de ce manuel d’entretien et les informations qu’il contient sont regis par la legislation americaine en matière de contrôle des exportations et peuvent être soumis au droit d’autres pays dans le domaine des exportations et importations. Les utilisations finales, ou utilisateurs finaux, pour des armes nucleaires, des missiles, des armes biologiques et chimiques ou du nucleaire maritime, directement ou indirectement, sont strictement interdites. Les exportations ou reexportations vers des pays sous embargo des États-Unis, ou vers des entites figurant sur les listes d’exclusion d’exportation americaines, y compris, mais de maniere non exclusive, la liste de personnes qui font objet d’un ordre de ne pas participer, d’une façon directe ou indirecte, aux exportations des produits ou des services qui sont regi par la legislation americaine sur le contrôle des exportations et la liste de ressortissants specifiquement designes, sont rigoureusement interdites. LA DOCUMENTATION EST FOURNIE "EN L’ÉTAT" ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE À LA QUALITE MARCHANDE, À L’APTITUDE À UNE UTILISATION PARTICULIERE OU À L’ÀBSENCE DE CONTREFAÇON. Contents Preface xi 1. Introduction 1–1 1.1 Goals 1–2 1.2 Usage Contexts 1–2 1.3 CDC Technology Implementations 1–3 1.4 CDC Target Device Requirements 1–4 1.5 Java ME Technology Standards 1–4 1.6 Java ME API Choices 1–6 1.7 CDC Application Features 1–7 1.8 Developer Tools 1–7 2. Software Layout 2–1 2.1 Standard Files 2–2 2.2 Security Files 2–3 2.3 Development Files 2–4 2.4 Test and Demonstration Files 2–5 3. Running Applications 3–1 3.1 Installing the CDC Java Runtime Environment 3–1 3.2 Launching a Java Application 3–1 iii 3.3 Class Search Path Basics 3–2 3.3.1 Java Class Search Path 3–2 3.3.2 Native Method Search Path 3–3 3.4 Memory Management 3–4 3.4.1 The Java Heap 3–5 3.4.2 Garbage Collection 3–5 3.4.2.1 Garbage Collection in the CDC HotSpot Implementation 3–6 3.4.2.2 Default Generational Collector 3–7 3.4.2.3 Tuning Options 3–8 3.4.3 Class Preloading 3–8 Class Preloading and Verification 3–9 3.4.4 Setting the Maximum Working Memory for the Dynamic Compiler 3–10 3.5 Tuning Dynamic Compiler Performance 3–10 3.5.1 Dynamic Compiler Overview 3–11 3.5.2 Dynamic Compiler Policies 3–12 3.5.2.1 Managing the Popularity Threshold 3–13 3.5.2.2 Managing Compiled Code Quality 3–14 3.5.2.3 Managing the Code Cache 3–14 3.6 Ahead-of-Time Compilation 3–15 3.6.1 Using AOTC 3–15 3.6.2 How to Create methodsList.txt 3–16 4. Security 4–1 4.1 Overview 4–2 4.1.1 Built-in Security Features 4–2 4.1.2 Security Policy Framework 4–2 4.1.3 Security Provider Architecture 4–3 4.1.4 Custom JSSE Provider Plug-ins 4–4 iv CDC Runtime Guide • December 2008 4.1.5 Sun JSSE Ciphersuite Support 4–4 4.1.6 Self-Integrity Checks 4–4 4.2 Security Procedures 4–4 4.2.1 Using Alternate Security Providers 4–4 4.2.2 Public Key Management 4–5 4.2.3 Security Policy Management 4–5 4.2.4 Seed Generation for Random Number Generation 4–5 5. Localization 5–1 5.1 Setting Locale System Properties 5–1 5.2 Timezone Information Files 5–2 6. Developer Tools 6–1 6.1 Compiling With javac 6–1 6.1.1 CDC and Java SE 6–1 6.1.2 Compiling Java Source Code for the Java SE Platform 6–3 6.1.3 Compiling Java Source Code for CDC 6–3 6.1.4 Determining the Target Class Library 6–4 6.1.5 Useful javac Command-Line Options 6–4 6.1.5.1 -classpath classpath 6–5 6.1.5.2 -bootclasspath classpath 6–5 6.1.5.3 -extdirs classpath 6–5 6.1.5.4 -source release 6–5 6.1.5.5 -target version 6–5 6.1.5.6 -deprecation 6–5 6.1.6 Compiling an Example CDC Program 6–6 6.2 Application Debugging With jdb 6–6 6.2.1 Application Debugging Command-Line Options 6–6 6.2.2 Using the Application Debug Features of cvm 6–7 Contents v 6.2.3 Running jdb on the Host Development System 6–7 6.3 Profiling with hprof 6–8 6.3.1 Profiling Command-Line Options 6–9 6.3.2 Running cvm With hprof 6–9 A. cvm Reference A–1 A.1 Synopsis A–1 A.2 Description A–1 A.3 Options A–2 B. Java ME System Properties B–1 C. Serial Port Configuration Notes C–1 C.1 Serial Port Setup C–2 C.2 OS-Level Testing C–3 vi CDC Runtime Guide • December 2008 Figures FIGURE 1-1 CDC Target Device Categories 1–1 FIGURE 1-2 An Example CDC Java Runtime Environment 1–6 FIGURE 3-1 GC Generations 3–7 FIGURE 3-2 Interpreter-Based Method Execution 3–11 FIGURE 3-3 Compiling a Method 3–11 FIGURE 3-4 Executing a Compiled Method 3–12 FIGURE 4-1 Java Security Policy Model 4–3 FIGURE 6-1 CDC and Java SE API Compatibility 6–2 FIGURE 6-2 Compiling Java Source Code for the Java SE Platform 6–3 FIGURE 6-3 Compiling Java Source Code for CDC 6–4 vii viii CDC Runtime Guide • December 2008 Tables TABLE 1-1 Java ME API Standards 1–5 TABLE 2-1 Standard Files 2–2 TABLE 2-2 Security Files 2–3 TABLE 2-3 Development Files 2–4 TABLE 2-4 Test and Demonstration Files 2–5 TABLE 4-1 Security Documentation for the Java SE Platform 4–1 TABLE 5-1 Locale System Properties 5–1 TABLE 6-1 cvm Debugging Options 6–6 TABLE 6-2 hprof Command-Line Options 6–9 TABLE A-1 Java SE Command-Line Options A–2 TABLE A-2 CDC-Specific Command-Line Options A–4 TABLE A-3 -Xgc:suboption A–5 TABLE A-4 -Xopt:suboption A–6 TABLE A-5 -Xtrace:flags (unsupported) A–6 TABLE A-6 JVMTI Options A–7 TABLE A-7 -Xjit:options A–7 TABLE A-8 -Xjit:inline=suboption A–9 TABLE A-9 -Xjit:compile=suboption A–10 TABLE A-10 -Xjit:trace=option A–10 TABLE B-1 CDC System Properties B–1 ix TABLE C-1 Serial Communications References C–1 x CDC Runtime Guide • December 2008 Preface This runtime guide describes how to use a Java runtime environment based on the Connected Device Configuration (CDC) with its related profiles and optional packages.
Load more

Recommended publications
  • CDC Runtime Guide
    CDC Runtime Guide for the Sun Java Connected Device Configuration Application Management System Version 1.0 Sun Microsystems, Inc. www.sun.com November 2005 Copyright © 2005 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. THIS PRODUCT CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF SUN MICROSYSTEMS, INC. USE, DISCLOSURE OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF SUN MICROSYSTEMS, INC. U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, J2ME, Java ME, Sun Corporate Logo and Java Logo are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Products covered by and information contained in this service manual are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries.
    [Show full text]
  • The Java Hotspot VM Under the Hood
    The Java HotSpot VM Under the Hood Tobias Hartmann Principal Member of Technical Staff Compiler Group – Java HotSpot Virtual Machine Oracle Corporation August 2017 Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | About me • Joined Oracle in 2014 • Software engineer in the Java HotSpot VM Compiler Team – Based in Baden, Switzerland • German citizen • Master’s degree in Computer Science from ETH Zurich • Worked on various compiler-related projects – Currently working on future Value Type support for Java Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 Outline • Intro: Why virtual machines? • Part 1: The Java HotSpot VM – JIT compilation in HotSpot – Tiered Compilation • Part 2: Projects – Segmented Code Cache – Compact Strings – Ahead-of-time Compilation – Minimal Value Types Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 A typical computing platform User Applications Application Software Java SE Java EE Java Virtual Machine System Software Operating system Hardware Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 5 A typical computing platform User Applications Application Software Java SE Java EE Java Virtual Machine System Software Operating system Hardware Copyright © 2017, Oracle and/or its affiliates.
    [Show full text]
  • Technique: HTTP the Java Way
    Technique: HTTP the Java way An article from Android in Practice EARLY ACCESS EDITION Charlie Collins, Michael D. Galpin, and Matthias Kaeppler MEAP Release: July 2010 Softbound print: Spring 2011 | 500 pages ISBN: 9781935182924 This article is taken from the book Android in Practice. The authors demonstrate how to send simple HTTP requests to a Web server using Java’s standard HTTP networking facilities. Tweet this button! (instructions here) Get 35% off any version of Android in Practice with the checkout code fcc35. Offer is only valid through www.manning.com. The standard Java class library already has a solution for HTTP messaging. An open-source implementation of these classes is bundled with Android’s class library, which is based on Apache Harmony. It’s simple and bare- bones in its structure and, while it supports features like proxy servers, cookies (to some degree), and SSL, the one thing that it lacks more than anything else is a class interface and component structure that doesn’t leave you bathed in tears. Still, more elaborate HTTP solutions are often wrappers around the standard Java interfaces and, if you don’t need all the abstraction provided, for example, by Apache HttpClient interfaces, the stock Java classes may not only be sufficient, they also perform much better thanks to a much slimmer, more low-level implementation. Problem You must perform simple networking tasks via HTTP (such as downloading a file) and you want to avoid the performance penalty imposed by the higher-level, much larger, and more complex Apache HttpClient implementation. Solution If you ever find yourself in this situation, you probably want to do HTTP conversations through a java.net.HttpURLConnection.
    [Show full text]
  • Exploiting SAS Software Using Java Technology
    Exploiting SAS® Software Using Java™ Technology Barbara Walters, SAS Institute Inc., Cary, NC Java programs are often delivered via the Internet. In order to protect the local machine from malicious programs, the Java language and the JVM Abstract provide a secure environment for application execution. The secure This paper describes how to use Java™ technology with SAS software. environment ensures that the client machine (the machine where the SAS Institute currently offers several Java development tools that allow browser is running) is not corrupted by the downloaded program and that applications to access SAS data and take advantage of SAS no information is stolen from the client machine. computational capabilities. This paper describes how to use these class libraries and address client/server configuration and performance Java security is based upon the “sandbox” model. The sandbox is the issues. set of resources (threads, socket connections, local files, etc.) that the downloaded Java code is allowed to access. The code is restricted from accessing resources outside of its sandbox. In executing Java applets, Introduction each Web browser defines the limits of the sandbox. Since its introduction in mid-1995, Java have become an integral part of The Security Manager enforces the limits of the sandbox. For applets, the World Wide Web. Java is a rich programming language that enables the Web browser controls the Security Manager. Each browser may put Web programmers to create sophisticated and responsive client/server different restrictions on applet behavior. The default limits imposed by applications. Because Java is portable and secure, users of Web the Security Manager are: applications can be confident that those applications will execute • Classes cannot access the local file system properly and not corrupt their computers.
    [Show full text]
  • CDC Build System Guide
    CDC Build System Guide Java™ Platform, Micro Edition Connected Device Configuration, Version 1.1.2 Foundation Profile, Version 1.1.2 Optimized Implementation Sun Microsystems, Inc. www.sun.com December 2008 Copyright © 2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, Solaris and HotSpot are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the United States and other countries. The Adobe logo is a registered trademark of Adobe Systems, Incorporated. Products covered by and information contained in this service manual are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries. Nuclear, missile, chemical biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited.
    [Show full text]
  • CDC: Java Platform Technology for Connected Devices
    CDC: JAVA™ PLATFORM TECHNOLOGY FOR CONNECTED DEVICES Java™ Platform, Micro Edition White Paper June 2005 2 Table of Contents Sun Microsystems, Inc. Table of Contents Introduction . 3 Enterprise Mobility . 4 Connected Devices in Transition . 5 Connected Devices Today . 5 What Users Want . 5 What Developers Want . 6 What Service Providers Want . 6 What Enterprises Want . 6 Java Technology Leads the Way . 7 From Java Specification Requests… . 7 …to Reference Implementations . 8 …to Technology Compatibility Kits . 8 Java Platform, Micro Edition Technologies . 9 Configurations . 9 CDC . 10 CLDC . 10 Profiles . 11 Optional Packages . 11 A CDC Java Runtime Environment . 12 CDC Technical Overview . 13 CDC Class Library . 13 CDC HotSpot™ Implementation . 13 CDC API Overview . 13 Application Models . 15 Standalone Applications . 16 Managed Applications: Applets . 16 Managed Applications: Xlets . 17 CLDC Compatibility . 18 GUI Options and Tradeoffs . 19 AWT . 19 Lightweight Components . 20 Alternate GUI Interfaces . 20 AGUI Optional Package . 20 Security . 21 Developer Tool Support . 22 3 Introduction Sun Microsystems, Inc. Chapter 1 Introduction From a developer’s perspective, the APIs for desktop PCs and enterprise systems have been a daunting combination of complexity and confusion. Over the last 10 years, Java™ technology has helped simplify and tame this world for the benefit of everyone. Developers have benefited by seeing their skills become applicable to more systems. Users have benefited from consistent interfaces across different platforms. And systems vendors have benefited by reducing and focusing their R&D investments while attracting more developers. For desktop and enterprise systems, “Write Once, Run Anywhere”™ has been a success. But if the complexities of the desktop and enterprise world seem, well, complex, then the connected device world is even scarier.
    [Show full text]
  • 100% Pure Java Cookbook Use of Native Code
    100% Pure Java Cookbook Guidelines for achieving the 100% Pure Java Standard Revision 4.0 Sun Microsystems, Inc. 901 San Antonio Road Palo Alto, California 94303 USA Copyrights 2000 Sun Microsystems, Inc. All rights reserved. 901 San Antonio Road, Palo Alto, California 94043, U.S.A. This product and related documentation are protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Restricted Rights Legend Use, duplication, or disclosure by the United States Government is subject to the restrictions set forth in DFARS 252.227-7013 (c)(1)(ii) and FAR 52.227-19. The product described in this manual may be protected by one or more U.S. patents, foreign patents, or pending applications. Trademarks Sun, the Sun logo, Sun Microsystems, Java, Java Compatible, 100% Pure Java, JavaStar, JavaPureCheck, JavaBeans, Java 2D, Solaris,Write Once, Run Anywhere, JDK, Java Development Kit Standard Edition, JDBC, JavaSpin, HotJava, The Network Is The Computer, and JavaStation are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and certain other countries. UNIX is a registered trademark in the United States and other countries, exclusively licensed through X/Open Company, Ltd. All other product names mentioned herein are the trademarks of their respective owners. Netscape and Netscape Navigator are trademarks of Netscape Communications Corporation in the United States and other countries. THIS PUBLICATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
    [Show full text]
  • Java (Software Platform) from Wikipedia, the Free Encyclopedia Not to Be Confused with Javascript
    Java (software platform) From Wikipedia, the free encyclopedia Not to be confused with JavaScript. This article may require copy editing for grammar, style, cohesion, tone , or spelling. You can assist by editing it. (February 2016) Java (software platform) Dukesource125.gif The Java technology logo Original author(s) James Gosling, Sun Microsystems Developer(s) Oracle Corporation Initial release 23 January 1996; 20 years ago[1][2] Stable release 8 Update 73 (1.8.0_73) (February 5, 2016; 34 days ago) [±][3] Preview release 9 Build b90 (November 2, 2015; 4 months ago) [±][4] Written in Java, C++[5] Operating system Windows, Solaris, Linux, OS X[6] Platform Cross-platform Available in 30+ languages List of languages [show] Type Software platform License Freeware, mostly open-source,[8] with a few proprietary[9] compo nents[10] Website www.java.com Java is a set of computer software and specifications developed by Sun Microsyst ems, later acquired by Oracle Corporation, that provides a system for developing application software and deploying it in a cross-platform computing environment . Java is used in a wide variety of computing platforms from embedded devices an d mobile phones to enterprise servers and supercomputers. While less common, Jav a applets run in secure, sandboxed environments to provide many features of nati ve applications and can be embedded in HTML pages. Writing in the Java programming language is the primary way to produce code that will be deployed as byte code in a Java Virtual Machine (JVM); byte code compil ers are also available for other languages, including Ada, JavaScript, Python, a nd Ruby.
    [Show full text]
  • Kawa - Compiling Dynamic Languages to the Java VM
    Kawa - Compiling Dynamic Languages to the Java VM Per Bothner Cygnus Solutions 1325 Chesapeake Terrace Sunnyvale CA 94089, USA <[email protected]> Abstract: in a project in conjunction with Java. A language im- plemented on top of Java gives programmers many of Many are interested in Java for its portable bytecodes the extra-linguistic benefits of Java, including libraries, and extensive libraries, but prefer a different language, portable bytecodes, web applets, and the existing efforts especially for scripting. People have implemented other to improve Java implementations and tools. languages using an interpreter (which is slow), or by translating into Java source (with poor responsiveness The Kawa toolkit supports compiling and running vari- for eval). Kawa uses an interpreter only for “simple” ous languages on the Java Virtual Machine. Currently, expressions; all non-trivial expressions (such as function Scheme is fully supported (except for a few difficult fea- definitions) are compiled into Java bytecodes, which are tures discussed later). An implementation of ECMA- emitted into an in-memory byte array. This can be saved Script is coming along, but at the time of writing it is for later, or quickly loaded using the Java ClassLoader. not usable. Kawa is intended to be a framework that supports mul- Scheme [R RS] is a simple yet powerful language. It tiple source languages. Currently, it only supports is a non-pure functional language (i.e. it has first-class Scheme, which is a lexically-scoped language in the Lisp functions, lexical scoping, non-lazy evaluation, and side family. The Kawa dialect of Scheme implements almost effects).
    [Show full text]
  • A Security Policy Oracle: Detecting Security Holes Using Multiple API Implementations
    A Security Policy Oracle: Detecting Security Holes Using Multiple API Implementations Varun Srivastava Michael D. Bond Kathryn S. McKinley Vitaly Shmatikov Yahoo! The Ohio State University The University of Texas at Austin varun [email protected] [email protected] fmckinley,[email protected] Abstract 1. Introduction Even experienced developers struggle to implement security poli- Demand for secure software is increasing, but ensuring that soft- cies correctly. For example, despite 15 years of development, stan- ware is secure remains a challenge. Developers are choosing dard Java libraries still suffer from missing and incorrectly applied memory-safe systems [9, 39] and languages such as Java and permission checks, which enable untrusted applications to execute C# in part because they improve security by reducing memory- native calls or modify private class variables without authorization. corruption attacks. Even memory-safe systems, however, rely on Previous techniques for static verification of authorization enforce- the access-rights model to ensure that the program has the appro- ment rely on manually specified policies or attempt to infer the pol- priate permissions before performing sensitive actions. Unfortu- icy by code-mining. Neither approach guarantees that the policy nately, even experienced developers find it difficult to specify and used for verification is correct. implement access-rights policies correctly. Consequently, semantic In this paper, we exploit the fact that many modern APIs have mistakes—such as missing permission checks which enable mali- multiple, independent implementations. Our flow- and context- cious code to bypass protection—have become a significant cause sensitive analysis takes as input an API, multiple implementations of security vulnerabilities [26].
    [Show full text]
  • The Java Object Model
    Java Object Model The Java Object Model Topics in this section include: • Java classes, including the use of access rights, inheritance, method definitions, constructors, and instance versus class members • Java packages. • Java interfaces, and why are they are so important • Java dynamic loading, and how application classes are loaded on demand Introduction A Java program consists of a set of class definitions, optionally grouped into packages. Each class encapsulates state and behavior appropriate to whatever the class models in the real world and may dictate access privileges of its members. In this chapter, you will learn how Java supports the primary features of an object- oriented programming system: encapsulation, data hiding, polymorphism, and inheritance. We assume a knowledge of the object-oriented paradigm. Classes Minimally, a class defines a collection of state variables, as well as the functionality for working with these variables. Classes are like C struct or Pascal record definitions that allow function definitions within them. The syntax for defining a class is straightforward: class ClassName { variables methods } For example, an Employee class might resemble: class Employee { String name; ... } Typically, Java classes are defined one per .java file so Employee would be in Employee.java and compiled to Employee.class. When a class references another class, the Java compiler finds the associated class definition to perform type checking and so on. For example, Employee references String, which the © 1996-2003 jGuru.com. All Rights Reserved. Java Object Model -1 Java Object Model compiler finds in file String.class stored in the standard Java class library. Variable Definitions Variable definitions are of the form: modifiers TypeName name; where modifiers include access specifiers (discussed in a section below) and static if the variable is a class variable.
    [Show full text]
  • Java SE 7 Fundamentals
    Java SE 7 Fundamentals Student Guide - Volume I D67234GC20 Edition 2.0 November 2011 D74786 Use Only Oracle Internal & Oracle Academy Author Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Jill Moritz Disclaimer Kenneth Somerville This document contains proprietary information and is protected by copyright and Cindy Church other intellectual property laws. You may copy and print this document solely for your own use in an Oracle training course. The document may not be modified or altered in any way. Except where your use constitutes "fair use" under copyright law, you Technical Contributors may not use, share, download, upload, copy, print, display, perform, reproduce, publish, license, post, transmit, or distribute this document in whole or in part without and Reviewers the express authorization of Oracle. Mike Williams The information contained in this document is subject to change without notice. If you Tom McGinn find any problems in the document, please report them in writing to: Oracle University, Matt Heimer 500 Oracle Parkway, Redwood Shores, California 94065 USA. This document is not warranted to be error-free. Joe Darcy Restricted Rights Notice Brian Goetz Alex Buckley If this documentation is delivered to the United States Government or anyone using the documentation on behalf of the United States Government, the following notice is Adam Messenger applicable: Steve Watts U.S. GOVERNMENT RIGHTS The U.S. Government’s rights to use, modify, reproduce, release, perform, display, or Editors disclose these training materials are restricted by the terms of the applicable Oracle license agreement and/or the applicable U.S. Government contract.
    [Show full text]