Exhaustive testing of safety critical Java

With traditional testing, the test case has no control over non-deterministic scheduling decisions, and thus errors dependent on scheduling are only found by pure chance. Java Path Finder (JPF) is a specialized Java virtual machine that can systematically explore execution paths for all possible schedulings, and thus catch these errors. Unfortunately, execution-based model checkers, including JPF, cannot be easily adapted to support real-time programs. We propose a scheduling algorithm for JPF which allows testing of Safety Critical Java (SCJ) applications with periodic event handlers at SCJ levels 0 and 1 (without aperiodic event handlers). The algorithm requires that deadlines are not missed and that there is an execution time model that can give best- and worst-case execution time estimates for a given program path and specific program inputs. Our implementation, named R SJ, allows to search for scheduling dependent memory access errors, certain invalid argument errors, priority ceiling emulation protocol violations, and failed assertions in application code in SCJ programs for levels 0 and 1. It uses the execution time model of the Java Optimized Processor (JOP). We test our tool wit

A study of sharing definitions in thread-local heaps (Position Paper)

Abstract With the advent of larger heaps, multi-core processors and NUMA architectures, garbage collection scalability is evermore important. Shared memory is an important bottleneck and stress on shared memory can be reduced by using Thread-local heaps. Thread-local heaps provide a promising solution to this challenge, distinguishing between local objects that do not escape their allocating thread and shared objects that do. This allows a new type of collection that requires a single thread's co-operation and affords more intelligent object placement in the heap. We examine options for their design and suggest a new design

To-many or to-one? All-in-one! Efficient purely functional multi-maps with type-heterogeneous hash-tries

An immutable multi-map is a many-to-many map data structure with expected fast insert and lookup operations. This data structure is used for applications processing graphs or many-to-many relations as applied in compilers, runtimes of programming languages, or in static analysis of object-oriented systems. Collection data structures are assumed to carefully balance execution time of operations with memory consumption characteristics and need to scale gracefully from a few elements to multiple gigabytes at least. When processing larger in-memory data sets the overhead of the data structure encoding itself becomes a memory usage bottleneck, dominating the overall performance. In this paper we propose AXIOM, a novel hash-trie data structure that allows for a highly efficient and type-safe multi-map encoding by distinguishing inlined values of singleton sets from nested sets of multi-mappings

The Truth, the Whole Truth, and Nothing but the Truth: A Pragmatic Guide to Assessing Empirical Evaluations

An unsound claim can misdirect a field, encouraging the pursuit of unworthy ideas and the abandonment of promising ideas. An inadequate description of a claim can make it difficult to reason about the claim, for example to determine whether the claim is sound. Many practitioners will acknowledge the threat of un- sound claims or inadequate descriptions of claims to their field. We believe that this situation is exacerbated and even encouraged by the lack of a systematic approach to exploring, exposing, and addressing the source of unsound claims and poor exposition. This paper proposes a framework that identifies three sins of reasoning that lead to unsound claims and two sins of exposition that lead to poorly described claims. Sins of exposition obfuscate the objective of determining whether or not a claim is sound, while sins of reasoning lead directly to unsound claims. Our framework provides practitioners with a principled way of critiquing the integrity of their own work and the work of others. We hope that this will help individuals conduct better science and encourage a cultural shift in our research community to identify and promulgate sound claims

Replicating real-time garbage collector for Java

Real-time Java is becoming a viable platform for real-time applications, bringing new challenges to a garbage collector. A real-time collector has to be incremental as not to cause deadline misses by suspending an application for too long. In particular, a real-time collector has to relocate objects in the heap, incrementally and transparently to the application. This is usually achieved via an indirection that has to be followed on every read and write to the heap. We present an alternative solution, based on object replication, which does not need any special handling for memory reads, but writes are more expensive: every value is written twice. As writes are less frequent than reads, the total overhead is reduced. With our implementation in a research real-time Java VM and DaCapo, pseudo-jbb, and SPEC JVM 98 benchmarks, we observe an average speed-up of 3. A similar technique was implemented in Sapphire, a copying concurrent collector targeting highly parallel systems. Sapphire requires that all accesses to non-volatile shared variables in applications are protected by locks. Our uniprocessor non-concurrent mostly non-copying collector, targeting green-threading embedded systems, does not have this requirement. The mutator barriers supporting our collector are simpler and more predictable