Virtual Machine-Assisted Collaborative Junk Object Detection

Memory leak is unrecoverable software bug that causes performance degradation and re- liability issues to software applications. Although memory management systems exist in modern Object Oriented Language to reclaim unused memory store, memory leak can still happen, and continue to exhaust memory resource. In Java, where there is garbage col- lection for releasing unused objects, memory leaks manifest itself in the form of unused object retention. Since Java Programming language allocates objects on heap, the lifetime of an object deviates from the stack discipline, which can be a challenge in detecting Java memory leak. In this thesis, we propose a collaborative approach in detecting Java memory leaks through verifying Object Lifetime Specification at runtime. We designed a runtime verifier that leverages Java Virtual Machine technologies to monitor and extract annotated infor- mation from the user application, and use that information to verify against Java Virtual Machine events to detect unintentional object retention in the Java application under test. We implemented our runtime verifier with Maxine Virtual Machine, an open source, meta-circular virtual machine developed by Oracle Lab, and conducted experiments and DaCapo benchmark to evaluate its accuracy and performance efficiency. The results show that the runtime verification tool successfully identifies junk objects for different semantic cases proposed in this thesis with certain runtime overhead. Through the research and experimental results, we further make implications on how to improve the performance overhead associated with current design and implementation methods in detecting unused object retention, which in the long term constitute memory leak and performance bug

Towards an embedded real-time Java virtual machine

Most computers today are embedded, i.e. they are built into some products or system that is not perceived as a computer. It is highly desirable to use modern safe object-oriented software techniques for a rapid development of reliable systems. However, languages and run-time platforms for embedded systems have not kept up with the front line of language development. Reasons include complex and, in some cases, contradictory requirements on timing, concurrency, predictability, safety, and flexibility. A carefully tailored Java virtual machine (called IVM) is proposed as an approach to overcome these difficulties. In particular, real-time garbage collection has been considered an essential part. The set of bytecodes has been revised to require less memory and to facilitate predictable execution. To further reduce the memory footprint, the class loader can be located outside the embedded processor. Since the accomplished concurrency is crucial for the function of many embedded applications, the scheduling can be defined on the application level in Java. Finally considering future needs for flexibility and on-line configuration of embedded system, the IVM has a unique structure with which, for instance, methods being objects that can be replaced and GCed. The approach has been experimentally verified by a full prototype implementation of such a virtual machine. By making the prototype available for development of real products, this in turn has confronted the solutions with real industrial demands. It was found that the IVM can be easily integrated in typical systems today and the mentioned requirements are fulfilled. Based on experiences from more than 10 projects utilising the novel Java-oriented techniques, there are reasons to believe that the proposed approach is very promising for future flexible embedded systems

A programming logic for Java bytecode programs

One significant disadvantage of interpreted bytecode languages, such as Java, is their low execution speed in comparison to compiled languages like C. The mobile nature of bytecode adds to the problem, as many checks are necessary to ensure that downloaded code from untrusted sources is rendered as safe as possible. But there do exist ways of speeding up such systems. One approach is to carry out static type checking at load time, as in the case of the Java Bytecode Verifier. This reduces the number of runtime checks that must be done and also allows certain instructions to be replaced by faster versions. Another approach is the use of a Just In Time (JIT) Compiler, which takes the bytecode and produces corresponding native code at runtime. Some JIT compilers also carry out some code optimization. There are, however, limits to the amount of optimization that can safely be done by the Verifier and JITs; some operations simply cannot be carried out safely without a certain amount of runtime checking. But what if it were possible to prove that the conditions the runtime checks guard against would never arise in a particular piece of code? In this case it might well be possible to dispense with these checks altogether, allowing optimizations not feasible at present. In addition to this, because of time constraints, current JIT compilers tend to produce acceptable code as quickly as possible, rather than producing the best code possible. By removing the burden of analysis from them it may be possible to change this. We demonstrate that it is possible to define a programming logic for bytecode programs that allows the proof of bytecode programs containing loops. The instructions available to use in the programs are currently limited, but the basis is in place to extend these. The development of this logic is non-trivial and addresses several difficult problems engendered by the unstructured nature of bytecode programs

Practical pluggable types for Java

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Includes bibliographical references (p. 109-115).This paper introduces the Checker Framework, which supports adding pluggable type systems to the Java language in a backward-compatible way. A type system designer defines type qualifiers and their semantics, and a compiler plug-in enforces the semantics. Programmers can write the type qualifiers in their programs and use the plug-in to detect or prevent errors. The Checker Framework is useful both to programmers who wish to write error-free code, and to type system designers who wish to evaluate and deploy their type systems. The Checker Framework includes new Java syntax for expressing type qualifiers; declarative and procedural mechanisms for writing type-checking rules; and support for flow-sensitive local type qualifier inference and for polymorphism over types and qualifiers. The Checker Framework is well-integrated with the Java language and toolset. We have evaluated the Checker Framework by writing five checkers and running them on over 600K lines of existing code. The checkers found real errors, then confirmed the absence of further errors in the fixed code. The case studies also shed light on the type systems themselves.by Matthew M. Papi.M.Eng

Static analysis of concurrrent and distributed systems: concurrent objects and Ethereum Bytecode

Tesis de la Universidad Complutense de Madrid, Facultad de Informática, leída el 23-01-2020Hoy en día la concurrencia y la distribución se han convertido en una parte fundamental del proceso de desarrollo de software. Indiscutiblemente, Internet y el uso cada vez más extendido de los procesadores multicore ha influido en el tipo de aplicaciones que se desarrollan. Esto ha dado lugar a la creación de distintos modelos de concurrencia .En particular, uno de los modelos de concurrencia que está ganando importancia es el modelo de objetos concurrentes basado en actores. En este modelo, los objetos (denominados actores) son las unidades de concurrencia. Cada objeto tiene su propio procesador y un estado local. La comunicación entre los mismos se lleva a cabo mediante el paso de mensajes. Cuando un objeto recibe un mensaje puede: actualizar su estado, mandar mensajes o crear nuevos objetos. Es bien sabido que la creación de programas concurrentes correctos es más compleja que la de programas secuenciales ya que es necesario tener en cuenta distintos aspectos inherentes a la concurrencia como los errores asociados a las carreras de datos o a los interbloqueos. Con el n de asegurar el correcto comportamiento de estos programas concurrentes se han desarrollado distintas técnicas de análisis estático y verificación para los diversos modelos de concurrencia existentes...Nowadays concurrency and distribution have become a fundamental part in the softwaredevelopment process. The Internet and the more extended use of multicore processorshave in uenced the type of the applications which are being developed. This has lead tothe creation of several concurrency models. In particular, a concurrency model that isgaining popularity is the actor model, the basis for concurrent objects. In this model,the objects (actors) are the concurrent units. Each object has its own processor and alocal state, and the communication between them is carried out using message passing.In response to receiving a message, an actor can update its local state, send messages orcreate new objects.Developing correct concurrent programs is known to be harder than writing sequentialones because of inherent aspects of concurrency such as data races or deadlocks. To ensurethe correct behavior of concurrent programs, static analyses and verication techniqueshave been developed for the diverse existent concurrency models...Fac. de InformáticaTRUEunpu

Code Renewability for Native Software Protection

Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications dynamically. Renewed and diversified code and data belonging to either the original application or to linked-in protections are delivered from a secure server to a client on demand. This results in frequent changes to the software components when they are under attack, thus making attacks harder. By supporting various forms of diversification and renewability, novel protection combinations become available, and existing combinations become stronger. The prototype implementation is evaluated on a number of industrial use cases

Code renewability for native software protection

Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This article presents an architecture and supporting tool flow to renew parts of native applications dynamically. Renewed and diversified code and data belonging to either the original application or to linked-in protections are delivered from a secure server to a client on demand. This results in frequent changes to the software components when they are under attack, thus making attacks harder. By supporting various forms of diversification and renewability, novel protection combinations become available and existing combinations become stronger. The prototype implementation is evaluated on several industrial use cases

A Termination Analyzer for Java Bytecode based on Path-Length

It is important to prove that supposedly terminating programs actuallyterminate, particularly if those programs must berun on critical systems or downloaded into a client such as a mobile phone.Although termination of computer programs is generally undecidable,it is possible and useful to provetermination of a large, non-trivial subset of the terminating programs.In this paper we present our termination analyser for sequential Java bytecode,based on a program property called path-length. We describe theanalyses which are needed before the path-length can be computed, such assharing, cyclicity and aliasing. Then weformally define the path-length analysis and prove it correct wrt areference denotational semantics of the bytecode. We show that a constraintlogic program P_CLPcan be built from the result of the path-length analysisof a Java bytecode program P andformally prove that if P_CLP terminates then also P terminates.Hence a termination prover for constraint logic programs can be appliedto prove the termination of P. We conclude with some discussion of thepossibilities and limitations of our approach.Ours is the first existing termination analyser for Java bytecodedealing with any kind of data structures dynamically allocated on the heapand which does not require any help or annotation on the part of the user

Application of partial evaluation in dynamic code generation for Java

Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2000.Includes bibliographical references (p. 64-66).This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Java is a popular new language with enormous potential; however, its lack of speed is a major drawback. Staged compilation and runtime specialization through procedure cloning are techniques used to improve code generation and execution performance. The research described in this paper applies these techniques in the design and implementation of a runtime system to improve Java performance. Analyses indicate that staged compilation results in a major improvement in performance. In this current implementation, runtime specialization and constant propagation provides a smaller incremental benefit, but with more aggressive and new forms of specialization, the benefits of dynamic specialization will likely increase.by Tony Chao.M.Eng