Abstract
Finite-state properties account for an important class of program properties, typically related to the order of operations invoked on objects. Many library implementations therefore include manually written finite-state monitors to detect violations of finite-state properties at runtime. Researchers have recently proposed the explicit specification of finite-state properties and automatic generation of monitors from the specification. However, runtime monitoring only shows the presence of violations, and typically cannot prove their absence. Moreover, inserting a runtime monitor into a program under test can slow down the program by several orders of magnitude.
In this work, we therefore present a set of four static whole-program analyses that partially evaluate runtime monitors at compile time, with increasing cost and precision. As we show, ahead-of-time evaluation can often evaluate the monitor completely statically. This may prove that the program cannot violate the property on any execution or may prove that violations do exist. In the remaining cases, the partial evaluation converts the runtime monitor into a residual monitor. This monitor only receives events from program locations that the analyses failed to prove irrelevant. This makes the residual monitor much more efficient than a full monitor, while still capturing all property violations at runtime.
We implemented the analyses in Clara, a novel framework for the partial evaluation of AspectJ-based runtime monitors, and validated our approach by applying Clara to finite-state properties over several large-scale Java programs. Clara proved that most of the programs never violate our example properties. Some programs required monitoring, but in those cases Clara could often reduce the monitoring overhead to below 10%. We observed that several programs did violate the stated properties.
- Allan, C., Avgustinov, P., Christensen, A. S., Hendren, L., Kuzins, S., Lhoták, O., de Moor, O., Sereni, D., Sittampalam, G., and Tibble, J. 2005. Adding trace matching with free variables to AspectJ. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 345--364. Google Scholar
Digital Library
- Avgustinov, P., Christensen, A. S., Hendren, L., Kuzins, S., Lhoták, J., Lhoták, O., de Moor, O., Sereni, D., Sittampalam, G., and Tibble, J. 2005. abc: An extensible AspectJ compiler. In Proceedings of the International Conference on Aspect-Oriented Software Development. ACM Press, 87--98. Google Scholar
Digital Library
- Avgustinov, P., Tibble, J., Bodden, E., Lhoták, O., Hendren, L., de Moor, O., Ongkingco, N., and Sittampalam, G. 2006. Efficient trace monitoring. Tech. rep. abc-2006-1.Google Scholar
- Avgustinov, P., Tibble, J., and de Moor, O. 2007. Making trace monitors feasible. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 589--608. Google Scholar
Digital Library
- Bierhoff, K. and Aldrich, J. 2007. Modular typestate checking of aliased objects. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. 301--320. Google Scholar
Digital Library
- Blackburn, S. M., Garner, R., et al. 2006. The DaCapo benchmarks: Java benchmarking development and analysis. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 169--190. Google Scholar
Digital Library
- Bodden, E. 2005. J-LO - A tool for runtime-checking temporal assertions. M.S. thesis, RWTH Aachen University.Google Scholar
- Bodden, E. 2009. Verifying finite-state properties of large-scale programs. Ph.D. thesis, McGill University. Google Scholar
Digital Library
- Bodden, E. 2010. Efficient hybrid typestate analysis by determining continuation-equivalent states. In Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering (ICSE’10). ACM, New York, NY, 5--14. Google Scholar
Digital Library
- Bodden, E., Hendren, L. J., and Lhoták, O. 2007. A staged static program analysis to improve the performance of runtime monitoring. In Proceedings of the European Conference on Object-Oriented Programming. Lecture Notes in Computer Science, vol. 4609, Springer, 525--549. Google Scholar
Digital Library
- Bodden, E., Lam, P., and Hendren, L. 2008a. Finding programming errors earlier by evaluating runtime monitors ahead-of-time. In Proceedings of the Symposium on the Foundations of Software Engineering. ACM Press, 36--47. Google Scholar
Digital Library
- Bodden, E., Lam, P., and Hendren, L. 2008b. Object representatives: A uniform abstraction for pointer information. In Visions of Computer Science: Proceedings of the BCS International Academic Conference. British Computing Society. Google Scholar
Digital Library
- Bodden, E., Chen, F., and Roşu, G. 2009. Dependent advice: A general approach to optimizing history-based aspects. In Proceedings of the International Conference on Aspect-Oriented Software Development. ACM Press, 3--14. Google Scholar
Digital Library
- Bodden, E., Hendren, L., Lam, P., Lhoták, O., and Naeem, N. A. 2010a. Collaborative runtime verification with tracematches. J. Logic Comput. 20, 3, 707--723. Google Scholar
Digital Library
- Bodden, E., Lam, P., and Hendren, L. 2010b. Clara: A framework for statically evaluating finite-state runtime monitors. In Proceedings of the 1st International Conference on Runtime Verification. Lecture Notes in Computer Science, vol. 6418, Springer, 74--88. Google Scholar
Digital Library
- Bodden, E., Sewe, A., Sinschek, J., Oueslati, H., and Mezini, M. 2011. Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders. In Proceedings of the International Conference on Software Engineering (ICSE’11). ACM, 241--250. Google Scholar
Digital Library
- Brzozowski, J. A. 1962. Canonical regular expressions and minimal state graphs for definite events. In Proceedings of the Symposium on Mathematical Theory of Automata. Polytechnic Institute of Brooklyn, 529--561.Google Scholar
- Chen, F. and Roşu, G. 2007. MOP: An efficient and generic runtime verification framework. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 569--588. Google Scholar
Digital Library
- Chen, F. and Roşu, G. 2009. Parametric trace slicing and monitoring. In Proceedings of the International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Lecture Notes in Computer Science, vol. 5505, Springer, 246--261. Google Scholar
Digital Library
- Copeland, T. 2005. PMD Applied. Centennial Books.Google Scholar
- Cytron, R., Ferrante, J., Rosen, B., Wegman, M., and Zadeck, F. 1991. Efficiently computing static single assignment form and the control dependence graph. ACM Trans. Program. Lang. Syst. 13, 4, 451--490. Google Scholar
Digital Library
- Das, M., Lerner, S., and Seigle, M. 2002. ESP: Path-sensitive program verification in polynomial time. In Proceedings of the Conference on Programming Language Design and Implementation. 57--68. Google Scholar
Digital Library
- DeLine, R. and Fähndrich, M. 2004. Typestates for objects. In Proceedings of the European Conference on Object-Oriented Programming. Lecture Notes in Computer Science, vol. 3086, Springer, 465--490.Google Scholar
Cross Ref
- Dor, N., Adams, S., Das, M., and Yang, Z. 2004. Software validation via scalable path-sensitive value flow analysis. In Proceedings of the International Symposium on Software Testing and Analysis. 12--22. Google Scholar
Digital Library
- Drossopoulou, S., Damiani, F., Dezani-Ciancaglini, M., and Giannini, P. 2002. More dynamic object reclassification: Fickle II. ACM Trans. Program. Lang. Syst. 24, 2, 153--191. Google Scholar
Digital Library
- Dwyer, M. B. and Purandare, R. 2007. Residual dynamic typestate analysis: Exploiting static analysis results to reformulate and reduce the cost of dynamic analysis. In Proceedings of the International Conference on Automated Software Engineering. ACM Press, 124--133. Google Scholar
Digital Library
- Fink, S., Yahav, E., Dor, N., Ramalingam, G., and Geay, E. 2006. Effective typestate verification in the presence of aliasing. In Proceedings of the International Symposium on Software Testing and Analysis. ACM Press, 133--144. Google Scholar
Digital Library
- Goldsmith, S., O’Callahan, R., and Aiken, A. 2005. Relational queries over program traces. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 385--402. Google Scholar
Digital Library
- Horwitz, S., Reps, T., and Sagiv, M. 1995. Demand interprocedural dataflow analysis. In Proceedings of the Symposium on the Foundations of Software Engineering. 104--115. Google Scholar
Digital Library
- Hovemeyer, D. and Pugh, W. 2004. Finding bugs is easy. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 132--136. Google Scholar
Digital Library
- Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., and Griswold, W. G. 2001. An overview of AspectJ. In Proceedings of the European Conference on Object Oriented Programming (ECOOP’01). Lecture Notes in Computer Science, vol. 2072, Springer, 327--353. Google Scholar
Digital Library
- Kim, C. H. P., Batory, D., Bodden, E., and Khurshid, S. 2010. Reducing configurations to monitor in a software product line. In Proceedings of the 1st International Conference on Runtime Verification. Lecture Notes in Computer Science, Springer. Google Scholar
Digital Library
- Krüger, I. H., Lee, G., and Meisinger, M. 2006. Automating software architecture exploration with M2Aspects. In Proceedings of the Workshop on Scenarios and State Machines: Models, Algorithms, and Tools. ACM Press, 51--58. Google Scholar
Digital Library
- Lhoták, O. and Hendren, L. 2003. Scaling Java points-to analysis using Spark. In Proceedings of the International Conference on Compiler Construction. Lecture Notes in Computer Science, vol. 2622, Springer, 153--169. Google Scholar
Digital Library
- Maoz, S. and Harel, D. 2006. From multi-modal scenarios to code: Compiling LSCs into AspectJ. In Proceedings of the Symposium on the Foundations of Software Engineering. ACM Press, 219--230. Google Scholar
Digital Library
- Martin, M., Livshits, B., and Lam, M. S. 2005. Finding application errors using PQL: A program query language. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 365--383. Google Scholar
Digital Library
- Masuhara, H., Kiczales, G., and Dutchyn, C. 2003. A compilation and optimization model for aspect-oriented programs. In Proceedings of the International Conference on Compiler Construction. Lecture Notes in Computer Science, vol. 2622, Springer, 46--60. Google Scholar
Digital Library
- Naeem, N. A. and Lhoták, O. 2008. Typestate-like analysis of multiple interacting objects. In Proceedings of the International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM Press, 347--366. Google Scholar
Digital Library
- Rungta, N., Mercer, E. G., and Visser, W. 2009. E_cient testing of concurrent programs with abstraction-guided symbolic execution. In Proceedings of the 16th International SPIN Workshop on Model Checking Software. Springer, 174--191. Google Scholar
Digital Library
- Sridharan, M. and Bodík, R. 2006. Refinement-based context-sensitive points-to analysis for Java. In Proceedings of the Conference on Programming Language Design and Implementation. ACM Press, 387--400. Google Scholar
Digital Library
- Strom, R. E. and Yemini, S. 1986. Typestate: A programming language concept for enhancing software reliability. IEEE Trans. Softw. Engin. 12, 1, 157--171. Google Scholar
Digital Library
Index Terms
Partially Evaluating Finite-State Runtime Monitors Ahead of Time
Recommendations
Finding programming errors earlier by evaluating runtime monitors ahead-of-time
SIGSOFT '08/FSE-16: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineeringRuntime monitoring allows programmers to validate, for instance, the proper use of application interfaces. Given a property specification, a runtime monitor tracks appropriate runtime events to detect violations and possibly execute recovery code. ...
The Clara framework for hybrid typestate analysis
A typestate property describes which operations are available on an object or a group of inter-related objects, depending on this object's or group's internal state, the typestate. Researchers in the field of static analysis have devised static program ...
Optimizing monitoring of finite state properties through monitor compaction
ISSTA 2013: Proceedings of the 2013 International Symposium on Software Testing and AnalysisRuntime monitoring has proven effective in detecting property violations, but it can incur high overhead when monitoring just a single property - particularly when the property relates multiple objects. In practice developers will likely monitor ...






Comments