# NullAway: Practical Type-Based Null Safety for Java

**Authors:** Subarno Banerjee, Lazaro Clapp, Manu Sridharan

arXiv: 1907.02127 · 2019-07-05

## TL;DR

NullAway is a practical, low-overhead type-based null safety checker for Java that effectively reduces null pointer exceptions in large-scale projects by minimizing build-time costs and annotation burdens.

## Contribution

It introduces NullAway, a null safety tool for Java that is optimized for low overhead and minimal annotation effort, improving null safety in large codebases.

## Key findings

- NullAway has 1.15X build overhead, significantly lower than comparable tools.
- On Android apps, remaining NPEs are mainly due to third-party libraries and reflection, not NullAway.
- NullAway effectively prevents false negatives in checked code with targeted assumptions.

## Abstract

NullPointerExceptions (NPEs) are a key source of crashes in modern Java programs. Previous work has shown how such errors can be prevented at compile time via code annotations and pluggable type checking. However, such systems have been difficult to deploy on large-scale software projects, due to significant build-time overhead and / or a high annotation burden. This paper presents NullAway, a new type-based null safety checker for Java that overcomes these issues. NullAway has been carefully engineered for low overhead, so it can run as part of every build. Further, NullAway reduces annotation burden through targeted unsound assumptions, aiming for no false negatives in practice on checked code. Our evaluation shows that NullAway has significantly lower build-time overhead (1.15X) than comparable tools (2.8-5.1X). Further, on a corpus of production crash data for widely-used Android apps built with NullAway, remaining NPEs were due to unchecked third-party libraries (64%), deliberate error suppressions (17%), or reflection and other forms of post-checking code modification (17%), never due to NullAway's unsound assumptions for checked code.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1907.02127/full.md

## Figures

4 figures with captions in the complete paper: https://tomesphere.com/paper/1907.02127/full.md

## References

39 references — full list in the complete paper: https://tomesphere.com/paper/1907.02127/full.md

---
Source: https://tomesphere.com/paper/1907.02127