1 / 15

Runtime Checking of Expressive Heap Assertions for Reliable Software Systems

This paper presents a novel approach to runtime checking of expressive heap assertions, aiming to enhance the reliability of large software systems. It addresses the limitations of static analysis in identifying concurrency bugs and interface misuse by providing runtime semantic analysis with minimal overhead. The study leverages existing system cores for efficient analysis, enabling comprehensive reasoning about object and thread ownership, access, and reachability in real applications. The implementation is evaluated on the IBM J9 virtual machine, showcasing its effectiveness in practical scenarios.

rashad
Télécharger la présentation

Runtime Checking of Expressive Heap Assertions for Reliable Software Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Runtime checking of expressive heap assertions Greta Yorsh, Martin Vechev, EranYahav, Bard Bloom

  2. Motivation • Reliability of large software systems • illusive concurrency bugs, misuse of interfaces • static analysis are inherently limited • Vision: runtime analysis of deep semantic properties with low overhead • testing, debugging, and production • real applications • leverage available system cores

  3. Our goal • Checking expressive heap assertions at runtime with low overhead • reuse components of parallel GC • Enable reasoning about path properties • sharing • reachability through/avoiding • disjointness • domination • object ownership (encapsulation) • thread ownership (concurrency) • stack ownership (escape analysis)

  4. Motivating Example: JdbF public class ConnectionSource { private Connection conn; private boolean used; public Connection getConnection() throws SQLEx { if (!used) { used = true; return conn; } throw new SQLEx(...); } public class Database { private ConnectionManager cm; public int insert(...) throws MappingEx { Connection c = cm.getConnection(...); ... } ... } public class ConnectionManager { private Map conns = Collections.synchronizedMap(new HashMap()); public Connection getConnection(String s) throws MappingException { try { ConnectionSource c = conns.get(s); if (c != null) return c.getConnection(); throw new MappingException(...); } catch (SQLEx e) { ... } } ... }

  5. Root current thread Running Running Static Thread Database Thread Stack Connection Manager Stack HashMap Connection Source Connection Source Connection Source Connection Connection Connection every connection is reachable from at most one thread

  6. Root current thread Running Running Static Thread Database Thread Stack Connection Manager Stack HashMap Connection Source Connection Source Connection Source Connection Connection Connection every connection is reachable from at most one thread

  7. Motivating Example: JdbF public class ConnectionSource { private Connection conn; private boolean used; public Connection getConnection() throws SQLEx { if (!used) { used = true; return conn; } throw new SQLEx(...); } public class Database { private ConnectionManager cm; public int insert(...) throws MappingEx { Connection c = cm.getConnection(...); assert Phalanx.getThreadReach(c,cm) == 1 ... } ... } every connection is only reachable from one thread (avoiding connection manager) public class ConnectionManager { private Map conns = Collections.synchronizedMap(new HashMap()); public Connection getConnection(String s) throws MappingException { try { ConnectionSource c = conns.get(s); if (c != null) return c.getConnection(); throw new MappingException(...); } catch (SQLEx e) { ... } } ... }

  8. Common Heap Queries

  9. Subtle Semantics • dom(x,y) = ? Root Running Thread Stack  y x

  10. Tool: Phalanx • JML extended with additional primitives • reach(Object o, Object[] avoiding) • pred(Object o) • dom(Object o1,Object o2) • … • Modified JML compiler maps common queries to efficient implementation in Phalanx runtime

  11. Experimental evaluation • Implementation on top of QVM platform • IBM J9 production virtual machine • can leverage QVM adaptive overhead manager • new parallel algorithms for common queries • Implementation based on JVMTI • less efficient, no parallel algorithms • portable

  12. Heap Assertions in Real Applications

  13. Disposal of Shared SWT Resources • replace code of the form: exp.dispose(); • with code of the form if (Phalanx.isShared(exp)) Phalanx.warning(”disposal of \ shared resource”+exp) ; exp.dispose();

  14. Redundant Synchronization • replace code of the form: synchronized(exp) { ... } • with code of the form synchronized(exp) { if(Phalanx.dom(Thread.currentThread(),exp)) Phalanx.warning(”synchronization on \ an owned object”+exp) ; ... }

  15. Summary • common heap queries and usage scenarios • new JML primitives • modified JML compiler • subtle semantics • implementation • parallel implementation in J9 production jvm • portable implementation in JVMTI • experimental evaluation • real-world applications • performance benchmarks

More Related