skip to main content
research-article

ShadowVM: robust and comprehensive dynamic program analysis for the java platform

Authors Info & Claims
Published:27 October 2013Publication History
Skip Abstract Section

Abstract

Dynamic analysis tools are often implemented using instrumentation, particularly on managed runtimes including the Java Virtual Machine (JVM). Performing instrumentation robustly is especially complex on such runtimes: existing frameworks offer limited coverage and poor isolation, while previous work has shown that apparently innocuous instrumentation can cause deadlocks or crashes in the observed application. This paper describes ShadowVM, a system for instrumentation-based dynamic analyses on the JVM which combines a number of techniques to greatly improve both isolation and coverage. These centre on the offload of analysis to a separate process; we believe our design is the first system to enable genuinely full bytecode coverage on the JVM. We describe a working implementation, and use a case study to demonstrate its improved coverage and to evaluate its runtime overhead.

References

  1. A. Sewe, et al. new Scala() instance of Java: a comparison of the memory behaviour of Java and Scala programs. In Proc. ISMM '12, pages 97--108. ACM, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. B. Cantrill, et al. Dynamic instrumentation of production systems. In Proc. ATEC '04, pages 15--28. USENIX Association, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. F. Bellard. QEMU, a fast and portable dynamic translator. In Proc. ATEC '05, pages 41--41. USENIX Association, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Hans-J. Boehm. Destructors, finalizers, and synchronization. In Proc. POPL '03, pages 262--272. ACM, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. D. L. Bruening. Efficient, transparent, and comprehensive runtime code manipulation. PhD thesis, MIT, 2004. AAI0807735. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. C. Luk, et al. Pin: building customized program analysis tools with dynamic instrumentation. In Proc. PLDI '05, pages 190--200. ACM, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. S. Chiba. Load-time structural reflection in Java. In Proc. ECOOP'00, pages 313--336. Springer-Verlag, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. J. Chow, T. Garfinkel, and P. M. Chen. Decoupling dynamic program analysis from execution in virtual environments. In Proc. ATC'08, pages 1--14. USENIX Association, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. M. Factor, A. Schuster, and K. Shagin. Instrumentation of standard libraries in object-oriented languages: the twin class hierarchy approach. In Proc. OOPSLA '04, pages 288--300. ACM, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. C. Flanagan and S. N. Freund. FastTrack: efficient and precise dynamic race detection. In Proc. PLDI '09, pages 121--133. ACM, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. C. Flanagan and S. N. Freund. The RoadRunner dynamic analysis framework for concurrent programs. In Proc. PASTE '10, pages 1--8. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. S. L. Graham, P. B. Kessler, and M. K. Mckusick. Gprof: A call graph execution profiler. In Proc. SIGPLAN '82, pages 120--126. ACM, 1982. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. J. Gosling, et al. Java(TM) Language Specification, The (Java SE 7 Edition, 4th Edition). Addison-Wesley Professional, 2013.Google ScholarGoogle Scholar
  14. J. Ha, et al. A concurrent dynamic analysis framework for multicore hardware. In Proc. OOPSLA '09, pages 155--174. ACM, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. K. Ogata, et al. A study of Java's non-Java memory. In Proc. OOPSLA '10, pages 191--204. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. L. Marek, et al. DiSL: a domain-specific language for bytecode instrumentation. In Proc. AOSD '12, pages 239--250. ACM, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. P. Moret, W. Binder, and É. Tanter. Polymorphic bytecode instrumentation. In Proc. AOSD '11, pages 129--140. ACM, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Mayur Naik. Chord user guide, March 2011. URL http://pag-www.gtisc.gatech.edu/chord/user_guide/. Retrieved on 2013/3/28.Google ScholarGoogle Scholar
  19. N. Nethercote and J. Seward. Valgrind: a framework for heavyweight dynamic binary instrumentation. SIGPLAN Not., 42 (6): 89--100, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Q. Zhao, et al. Pipa: pipelined profiling and analysis on multi-core systems. In Proc. CGO '08, pages 185--194. ACM, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. R. Vallée-Rai, et al. Optimizing Java bytecode using the Soot framework: Is it feasible? In Proc. CC '00, pages 18--34. Springer-Verlag, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. S. Kell, et al. The JVM is not observable enough (and what to do about it). In Proc. VMIL '12, pages 33--38. ACM, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. S. M. Blackburn, et al. The DaCapo benchmarks: Java benchmarking development and analysis. In Proc. OOPSLA '06, pages 169--190. ACM, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. D. Saff, S. Artzi, J. H. Perkins, and M. D. Ernst. Automatic test factoring for Java. In Proc. ASE '05, pages 114--123. ACM, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. K. Sen, D. Marinov, and G. Agha. Cute: a concolic unit testing engine for c. In Proc. ESEC/FSE-13, pages 263--272. ACM, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. T. Moseley, et al. Shadow profiling: Hiding instrumentation costs with parallelism. In Proc. CGO '07, pages 198--208. IEEE Computer Society, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. E. Tilevich and Y. Smaragdakis. Transparent program transformations in the presence of opaque code. In Proc. GPCE '06, pages 89--94. ACM, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. W. Enck, et al. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proc. OSDI'10, pages 1--6. USENIX Association, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. S. Wallace and K. Hazelwood. Superpin: Parallelizing dynamic instrumentation for real-time performance. In Proc. CGO '07, pages 209--220. IEEE Computer Society, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. ShadowVM: robust and comprehensive dynamic program analysis for the java platform

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM SIGPLAN Notices
      ACM SIGPLAN Notices  Volume 49, Issue 3
      GPCE '13
      March 2014
      181 pages
      ISSN:0362-1340
      EISSN:1558-1160
      DOI:10.1145/2637365
      Issue’s Table of Contents
      • cover image ACM Conferences
        GPCE '13: Proceedings of the 12th international conference on Generative programming: concepts & experiences
        October 2013
        198 pages
        ISBN:9781450323734
        DOI:10.1145/2517208

      Copyright © 2013 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 27 October 2013

      Check for updates

      Qualifiers

      • research-article

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!