Static dependence analysis for java

Πολλές εφαρμογές λειτουργούν χρησιμοποιώντας ευαίσθητα ή αναξιόπιστα δεδομένα, όπως τα δεδομένα που παίρνουν από τον χρήστη. Για αυτόν τον λόγο, είναι χρήσιμο να μπορεί κάποιος να δει τη ροή τέτοιου είδους δεδομένων μέσα σε μια εφαρμογή, καθώς και τα μέρη της εφαρμογής των οποίων η εκτέλεση επηρεάζεται από αυτά. Παρουσιάζουμε μία ανάλυση εξαρτήσεων, η οποία δεδομένων κάποιων εντολών εισόδου σε ένα πρόγραμμα Java, υπολογίζει μια υπερτίμηση των μερών του προγράμματος η εκτέλεση των οποίων μπορεί να επηρεαστεί από αυτή την είσοδο. Η κεντρική ιδέα είναι πως τα δεδομένα που δίνει ο χρήστης δεν θα πρέπει να επηρεάζουν κάποιο ευαίσθητο σημείο του προγράμματος, αλλά και πως, αντιστρόφως, ο χρήστης δεν θα πρέπει να λαμβάνει πληροφορίες που αφορούν ευαίσθητα δεδομένα. Η ανάλυση γράφτηκε στην γλώσσα Datalog και βασίζεται στο Doop framework. Συγκεκριμένα, η λογική της ανάλυσης υλοποιείται σε περίπου 200 γραμμές Datalog, κάτι που είναι ενδεικτικό για τις δυνατότητες του Doop στην δημιουργία συμπαγών και εκφραστικών στατικών ανάλυσεων.Many applications use sensitive or untrusted data, such as data provided by a user. For this reason, it is useful to be able to discern the flow of such kinds of data inside an application, as well as the parts of the application whose execution is dependent on them. We present a dependence analysis which, given some source instructions in a Java pro- gram, computes an overapproximation of the parts of the program whose execution can be influenced by these instructions. The central idea is that user-supplied data should not be able to influence critical parts of the program and that, inversely, sensitive data in the program should not leak out information to the user. The analysis was written in the Datalog language and is based on the Doop framework. Specifically, the analysis logic was implemented in about 200 lines of Datalog code, some- thing that demonstrates the capabilities of Doop in the creation of compact and expressive static analyses

The Java system dependence graph

The Program Dependence Graph was introduced by Ottenstein and Ottenstein in 1984 [14]. It was suggested to be a suitable internal program representation for monolithic programs, for the purpose of carrying out certain software engineering operations such as slicing and the computation of program metrics. Since then, Horwitz et al. have introduced the multi-procedural equivalent System Dependence Graph [9]. Many authors have proposed object-oriented dependence graph construction approaches [11, 10, 20, 12]. Every approach provides its own benefits, some of which are language specific. This paper is based on Java and combines the most important benefits from a range of approaches. The result is a Java System Dependence Graph, which summarises the key benefits offered by different approaches and adapts them (if necessary) to the Java language

A sound dependency analysis for secure information flow (extended version)

In this paper we present a flow-sensitive analysis for secure information flow for Java bytecode. Our approach consists in computing, at different program points, a dependency graph which tracks how input values of a method may influence its outputs. This computation subsumes a points-to analysis (reflecting how objects depend on each others) by addressing dependencies arising from data of primitive type and from the control flow of the program. Our graph construction is proved to be sound by establishing a non-interference theorem stating that an output value is unrelated with an input one in the dependency graph if the output remains unchanged when the input is modified. In contrast with many type-based information flow techniques, our approach does not require security levels to be known during the computation of the graph: security aspects of information flow are checked by labeling "a posteriori" the dependency graph with security levels

Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependance graphs

Information flow control (IFC) checks whether a program can leak secret data to public ports, or whether critical computations can be influenced from outside. But many IFC analyses are imprecise, as they are flow-insensitive, context-insensitive, or object-insensitive; resulting in false alarms. We argue that IFC must better exploit modern program analysis technology, and present an approach based on pro-gram dependence graphs (PDG). PDGs have been developed over the last 20 years as a standard device to represent information flow in a program, and today can handle realistic programs. In particular, our dependence graph generator for full Java bytecode is used as the basis for an IFC implementation which is more precise and needs less annotations than traditional approaches. We explain PDGs for sequential and multi-threaded pro-grams, and explain precision gains due to flow-, context-, and object-sensitivity. We then augment PDGs with a lattice of security levels and introduce the flow equations for IFC. We describe algorithms for flow computation in detail and prove their correctness. We then extend flow equations to handle declassification, and prove that our algorithm respects monotonicity of release. Finally, examples demonstrate that our implementation can check realistic sequential programs in full Java bytecode

Dynamic optimization through the use of automatic runtime specialization

Thesis (S.B. and M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1999.Includes bibliographical references (leaves 99-115).by John Whaley.S.B.and M.Eng

Guided Testing of Concurrent Programs Using Value Schedules

Testing concurrent programs remains a difficult task due to the non-deterministic nature of concurrent execution. Many approaches have been proposed to tackle the complexity of uncovering potential concurrency bugs. Static analysis tackles the problem by analyzing a concurrent program looking for situations/patterns that might lead to possible errors during execution. In general, static analysis cannot precisely locate all possible concurrent errors. Dynamic testing examines and controls a program during its execution also looking for situations/patterns that might lead to possible errors during execution. In general, dynamic testing needs to examine all possible execution paths to detect all errors, which is intractable. Motivated by these observation, a new testing technique is developed that uses a collaboration between static analysis and dynamic testing to find the first potential error but using less time and space. In the new collaboration scheme, static analysis and dynamic testing interact iteratively throughout the testing process. Static analysis provides coarse-grained flow-information to guide the dynamic testing through the relevant search space, while dynamic testing collects concrete runtime-information during the guided exploration. The concrete runtime-information provides feedback to the static analysis to refine its analysis, which is then feed forward to provide more precise guidance of the dynamic testing. The new collaborative technique is able to uncover the first concurrency-related bug in a program faster using less storage than the state-of-the-art dynamic testing-tool Java PathFinder. The implementation of the collaborative technique consists of a static-analysis module based on Soot and a dynamic-analysis module based on Java PathFinder

Hybrid analysis of memory references and its application to automatic parallelization

Executing sequential code in parallel on a multithreaded machine has been an elusive goal of the academic and industrial research communities for many years. It has recently become more important due to the widespread introduction of multicores in PCs. Automatic multithreading has not been achieved because classic, static compiler analysis was not powerful enough and program behavior was found to be, in many cases, input dependent. Speculative thread level parallelization was a welcome avenue for advancing parallelization coverage but its performance was not always optimal due to the sometimes unnecessary overhead of checking every dynamic memory reference. In this dissertation we introduce a novel analysis technique, Hybrid Analysis, which unifies static and dynamic memory reference techniques into a seamless compiler framework which extracts almost maximum available parallelism from scientific codes and incurs close to the minimum necessary run time overhead. We present how to extract maximum information from the quantities that could not be sufficiently analyzed through static compiler methods, and how to generate sufficient conditions which, when evaluated dynamically, can validate optimizations. Our techniques have been fully implemented in the Polaris compiler and resulted in whole program speedups on a large number of industry standard benchmark applications