Join us for a panel discussion on data protection at the IT&Media congress.
Thursday, May 31st, 16:0-17:00, Darmstadtium, Darmstadt
Panel discussion on data protection
Eric | May 29, 2012New Tech Report: A Safe and Practical Decoupling of Aspects with Join Point Interfaces
Eric | May 18, 2012We have made available a new Technical Report giving information about the current state of the art of our programming language for Join Point Interfaces:
In current aspect-oriented systems, aspects usually carry, through their pointcuts, explicit references to the base code. Those references are fragile and give up important software engineering properties such as modular reasoning and independent evolution of aspects and base code. In this work, we introduce a novel abstraction called Join Point Interfaces, which, by design, supports modular reasoning and independent evolution by decoupling aspects from base code and by providing a modular type-checking algorithm. Join point interfaces can be used both with implicit announcement through pointcuts, and with explicit announcement, using closure join points. Join point interfaces further offer polymorphic dispatch on join points, with an advice-dispatch semantics akin to multi-methods. In this work, we show how our proposal solves a large number of problems observed in previous related approaches. We have implemented join point interfaces as an open-source extension to AspectJ. A first study on existing aspect-oriented programs supports our initial design in general, but also highlights some limitations, which we then address by introducing parametric polymorphism and a more permissive quantification mechanism. As a result, join point interfaces are a safe and practical way of decoupling aspects.
Partially evaluating finite-state runtime monitors ahead of time (to appear at TOPLAS)
Eric | May 10, 2012Soon to appear at ACM TOPLAS:
Finite-state properties account for an important class of program properties, typically related to the order of operations invoked on objects. Many library implementations therefore include manually-written finite-state monitors to detect violations of finite-state properties at runtime. Researchers have recently proposed the explicit specification of finite-state properties and automatic generation of monitors from the specification. However, runtime monitoring only shows the presence of violations, and typically cannot prove their absence. Moreover, inserting a runtime monitor into a program under test can slow down the program by several orders of magnitude.
In this work, we therefore present a set of four static whole-program analyses that partially evaluate runtime monitors at compile time, with increasing cost and precision. As we show, ahead-of-time evaluation can often evaluate the monitor completely statically. This may prove that the program cannot violate the property on any execution or may prove that violations do exist. In the remaining cases, the partial evaluation converts the runtime monitor into a residual monitor. This monitor only receives events from program locations that the analyses failed to prove irrelevant. This makes the residual monitor much more efficient than a full monitor, while still capturing all property violations at runtime.
We implemented the analyses in Clara, a novel framework for the partial evaluation of AspectJ-based runtime monitors, and validated our approach by applying Clara to finite-state properties over several large-scale Java programs. Clara proved that most of the programs never violate our example properties. Some programs required monitoring, but in those cases Clara could often reduce the monitoring overhead to below 10%. We observed that several programs did violate the stated properties.
Inter-procedural Data-flow Analysis with IFDS/IDE and Soot
Eric | May 7, 2012And here is our second paper to appear at SOAP… Hope to see you all at Beijing!
The IFDS and IDE frameworks by Reps, Horwitz and Sagiv are two general frameworks for the inter-procedural analysis of data-flow problems with distributive flow functions over finite domains. Many data-flow problems do have distributive flow functions and are thus expressible as IFDS or IDE problems, reaching from basic analyses like truly-live variables to complex analyses for problems from the current literature such as typestate and secure information-flow.
In this work we describe our implementation of a generic IFDS/IDE solver on top of Soot and contrast it with an IFDS implementation in the Watson Libraries for Analysis (WALA), both from a user’s perspective and in terms of the implementation. While WALA’s implementation is geared much towards memory efficiency, ours is currently geared more towards extensibility and ease of use and we focus on efficiency as a secondary goal.
We further discuss possible extensions to our IFDS/IDE implementation that may be useful to support a wider range of analyses.
TAOSD: Special Issue on Runtime Verification and Analysis
Eric | May 5, 2012Shahar Maoz (RWTH Aachen) and I will be guest-editing a special issue of the Springer Journal Transactions on Aspect-Oriented Software Development. We invite you all to contribute! Papers may address any aspect of runtime verification related to aspects, including but not limited to:
- historical or comparative surveys related to aspects and runtime verification / dynamic analysis
- transformations from high-level specifications or models to monitoring aspects
- correctness of monitoring aspects
- static and dynamic optimizations of monitoring aspects
- aspects for security and traceability
- domain-specific AOP language abstractions or visual formalisms for runtime verification
- modularity and composability of runtime monitors or dynamic analysis code
- runtime verification of hardware or hardware descriptions
Submission deadline is August 15th, 2012. Find more information here.
InvokeDynamic support in Soot
Eric | May 2, 2012Accepted for publication at SOAP:
Java Specification Request (JSR) 292, which was realized with Java 7, defines a new java bytecode called invokedynamic, which can be used to call methods by name, without determining statically where the implementation of the called method is to be found. This mechanism eases the implementation of highly dynamic languages for the Java Virtual Machine.
In this work we explain how we extended the Soot framework for static analysis and transformation of Java programs to properly handle invokedynamic bytecodes. Our implementation required changes on all levels of Soot, as all intermediate representations needed to be adapted appropriately. We comment on the design decisions taken and how users can use our implementation to statically process or generate invokedynamic instructions.
Our support has been integrated into Soot release 2.5.0 and is thus already available for everyone to use.