Concurrent Java programs are difficult to understand and implement correctly. This difficultly leads to code faults that are the source of many real-world reliability and security problems. Many factors contribute to concurrency faults in Java code; for example, programmers may not understand Java language semantics or, when using a Java library or framework, may not understand that their resulting program is concurrent. This thesis describes a dynamic analysis tool, named FlashLight, that detects shared state and possible race conditions within a program. FlashLight illuminates the concurrency within a program for programmers who are wholly or partially in the dark about their software\u27s concurrency. FlashLight also works in concert with the Fluid assurance tool to propose Greenhouse-style lock policy models based on a program\u27s observed locking behavior. After review by a programmer to ensure reasonableness, these models can be verified by the Fluid assurance tool. The author\u27s combination of a dynamic tool with a program verification system focused on concurrency fault detection and repair is the primary contribution of this research. He applied FlashLight to several concurrent Java programs, including a large commercial web application server. His case study experiences induced him to improve FlashLight to do the following: (1) allow the programmer to specify interesting time quantums (e.g., this is the start-up phase of the program), and (2) support the common Java programming idiom of not locking shared state during object construction. Both improvements help to reduce false positives. FlashLight introduces an overhead of roughly 1.7 times the original execution time of the program. The most significant limitation of FlashLight is that it is not fully integrated into the Fluid assurance tool with respect to the user experience
