effective soundness guided reflection analysis
play

Effective Soundness-Guided Reflection Analysis Yue Li , Tian Tan and - PowerPoint PPT Presentation

Mar 15, 2024 •343 likes •1.22k views

Effective Soundness-Guided Reflection Analysis Yue Li , Tian Tan and Jingling Xue Complier Research Group @ UNSW, Australia September 10, 2015 SAS 2015 Saint-Malo Static analysis for OO in practice ? Static analysis for OO in practice ? re re

  1. Effective Soundness-Guided Reflection Analysis Yue Li , Tian Tan and Jingling Xue Complier Research Group @ UNSW, Australia September 10, 2015 SAS 2015 Saint-Malo

  2. Static analysis for OO in practice ?

  3. Static analysis for OO in practice ? re re re … reflection !

  4. Class Person { void setName(String nm) {…}; … … } Person p = new Person(); p.setName(“John”);

  5. Class Person { void setName(String nm) {…}; … … } Person p = new Person(); p.setName(“John”);

  6. Class Person { void setName(String nm) {…}; … … } Person p = new Person(); p.setName(“John”);

  7. Class Person { void setName(String nm) {…}; … … } Person p = new Person(); class p.setName(“John”); field method

  8. Class Person { void setName(String nm) {…}; … … } Person p = new Person(); class p.setName(“John”); field method

  9. Class c = Class.forName(“Person”); Method m = c.getMethod(“setName”, …); Object p = c.newInstance(); m.invoke(p, “John”); Class Person { void setName(String nm) {…}; … … } Person p = new Person(); class p.setName(“John”); field method

  10. Class c = Class.forName(“Person”); Method m = c.getMethod(“setName”, …); Object p = c.newInstance(); m.invoke(p, “John”); Class Person { void setName(String nm) {…}; … … Compile Time } Person p = new Person(); class p.setName(“John”); field method

  11. Class c = Class.forName(“Person”); Method m = c.getMethod(“setName”, …); Object p = c.newInstance(); m.invoke(p, “John”); Class Person { void setName(String nm) {…}; … … Compile Time } Person p = new Person(); class p.setName(“John”); field method

  12. Class c = Class.forName(“Person”); Method m = c.getMethod(“setName”, …); Runtime Object p = c.newInstance(); m.invoke(p, “John”); Class Person { void setName(String nm) {…}; … … Compile Time } Person p = new Person(); class p.setName(“John”); field method

  13. n o i t c e t e D g u B Class c = Class.forName(cName); Method m = c.getMethod(mName, …); A a = new A(); m.invoke(a, …);

  14. n o i t c e t e D g u B Class c = Class.forName(cName); Method m = c.getMethod(mName, …); A a = new A(); m.invoke(a, …); Method 1 Method 2 Method 3 Bug

  15. n o i t c e t e D g u B Class c = Class.forName(cName); Method m = c.getMethod(mName, …); A a = new A(); m.invoke(a, …); Method 1 Method 2 Method 3 Soundness Bug

  16. Soundness

  17. Soundness ECOOP’14 ICSE’11 OOPSLA’09 APLAS’05

  18. Soundness Best-Effort ECOOP’14 ICSE’11 OOPSLA’09 APLAS’05

  19. Soundness Best-Effort SAS’15 ECOOP’14 ICSE’11 OOPSLA’09 APLAS’05

  20. Soundness Best-Effort SAS’15 ECOOP’14 ICSE’11 OOPSLA’09 More sound 1 APLAS’05

  21. Unsoundness Soundness Best-Effort SAS’15 ECOOP’14 ICSE’11 OOPSLA’09 More sound 1 APLAS’05

  22. Unsoundness Soundness Best-Effort SAS’15 ECOOP’14 ICSE’11 OOPSLA’09 More sound 1 APLAS’05 Controllable 2

  23. Unsoundness Soundness Best-Effort SAS’15 ECOOP’14 Soundness-Guided ICSE’11 OOPSLA’09 More sound 1 APLAS’05 Controllable 2

  24. More sound Controllable 1 2

  25. More sound 1

  26. The Challenging Problem unknown Class c = Class.forName(cName) i: Object v = c1.newInstance( )

  27. Existing Approach unknown Class c = Class.forName(cName) i: Object v = c1.newInstance( ) A a = (A) v2 Intra-procedural post-dominant cast operations

  28. Existing Approach unknown Class c = Class.forName(cName) c A i: Object v = c1.newInstance( ) A a = (A) v2 Intra-procedural post-dominant cast operations

  29. Existing Approach unknown Class c = Class.forName(cName) c A i: Object v = c1.newInstance( ) A a = (A) v2 Intra-procedural post-dominant cast operations only works for this intra-post-dominance pattern

  30. Existing Approach unknown Class c = Class.forName(cName) c A d d e e r r o o n n i: Object v = c1.newInstance( ) g g I I A a = (A) v2 Intra-procedural post-dominant cast operations only works for this intra-post-dominance pattern

  31. Lazy Heap Modeling (LHM)

  32. Lazy Heap Modeling (LHM) Observation A reflectively created object (returned by newInstance()) is usually used in two cases in practice

  33. Lazy Heap Modeling (LHM) Observation A reflectively created object (returned by newInstance()) is usually used in two cases in practice Intuition The side effect of a newInstance() call can be modeled lazily at these usage points

  34. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) i: Object v = c1.newInstance( )

  35. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( )

  36. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) o u i

  37. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) o u i Abstract Heap Objects of newInstance() are created lazily ( at LHM points )

  38. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) o u i A a = (A) v1 B b = (B) v2 Case ( I ) Abstract Heap Objects of newInstance() are created lazily ( at LHM points )

  39. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) o u i A a = (A) v1 B b = (B) v2 Case ( I ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points )

  40. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points )

  41. Lazy Heap Modeling (LHM) unknown Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points )

  42. Lazy Heap Modeling (LHM) unknown c D Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points )

  43. Lazy Heap Modeling (LHM) unknown c D Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) v3.mName(args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points )

  44. Lazy Heap Modeling (LHM) unknown c D Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) v3.mName(args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points ) D | o D | v3 | i i

  45. Lazy Heap Modeling (LHM) unknown c D Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) v3.mName(args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points ) D | o D | v3 | i i ? B | o B v3 | i | i

  46. Lazy Heap Modeling (LHM) unknown c D Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) v3.mName(args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points ) D | o D | v3 | i i X ? B | o B v3 | i | i

  47. Lazy Heap Modeling (LHM) unknown c D Class c = Class.forName(cName) c u i: Object v = c1.newInstance( ) Method m = c2.getDeclaredMethod(mName, ...) o u i A a = (A) v1 B b = (B) v2 m1.invoke(v3, args) v3.mName(args) Case ( I ) Case ( II ) Abstract Heap Objects | | | Type Object Location Pointed by | a of newInstance() A | o A | i i are created lazily b, v4 | o B | i | o B i b B | | | B i i ( at LHM points ) D | o D | v3 | i i X ? B | o B v3 | i | i o B i b, v3 | | | B i

Recommend

ON THE COST OF TYPE-TAG SOUNDNESS Ben Greenman Zeina Migeed ON THE COST OF TYPE-TAG SOUNDNESS

ON THE COST OF TYPE-TAG SOUNDNESS Ben Greenman Zeina Migeed ON THE COST OF TYPE-TAG SOUNDNESS

ON THE COST OF TYPE-TAG SOUNDNESS Ben Greenman Zeina Migeed ON THE COST OF TYPE-TAG SOUNDNESS 1. Tag soundness 2. Performance cost of soundness 3. Evaluation method 4. Conclusions TYPE-TAG SOUNDNESS Type Soundness e : If

1.28k views • 64 slides
Towards an Effective e-Assessment System and Framework: Documentation, Reflection and

Towards an Effective e-Assessment System and Framework: Documentation, Reflection and

Towards an Effective e-Assessment System and Framework: Documentation, Reflection and Application Joane V. Serrano, PhD Associate Professor UP Open University Los Banos, Laguna, Philippines jserrano@upou.edu.ph Sherry B. Marasigan

329 views • 28 slides
Ultrasound-Guided Microthrombectomy: An Effective Symptomatic Treatment For Uncomplicated

Ultrasound-Guided Microthrombectomy: An Effective Symptomatic Treatment For Uncomplicated

Ultrasound-Guided Microthrombectomy: An Effective Symptomatic Treatment For Uncomplicated Superficial Venous Thrombophlebitis Agnieszka Witkowska MD 1 , DaeHee Kim MD 1,2 , Ali Ardestani MD MSC 1 , Christopher Bolus MD 1 , Shams Iqbal MD 1 ,

567 views • 15 slides
On 1 -soundness and Soundness of Workflow Nets Lu Ping, Hu Hao and L Jian Department of

On 1 -soundness and Soundness of Workflow Nets Lu Ping, Hu Hao and L Jian Department of

On 1 -soundness and Soundness of Workflow Nets Lu Ping, Hu Hao and L Jian Department of Computer Science Nanjing University luping@ics.nju.edu.cn, myou@ics.nju.edu.cn Contents Introduction to Workflow Nets Basic Properties of Workflow

558 views • 27 slides
A Sound Type System for Secure Flow Analysis Dennis Volpano, Geoffrey Smith, Cynthia Irvine

A Sound Type System for Secure Flow Analysis Dennis Volpano, Geoffrey Smith, Cynthia Irvine

A Sound Type System for Secure Flow Analysis Dennis Volpano, Geoffrey Smith, Cynthia Irvine Presenter: Lantian Zheng CS 711 September 29, 2003 Soundness of Denings Program Certification Mechanism Define the soundness property: S ( P )

819 views • 24 slides
Precision-Guided Context Sensitivity for Pointer Analysis Yue Li, Tian Tan, Anders Mller,

Precision-Guided Context Sensitivity for Pointer Analysis Yue Li, Tian Tan, Anders Mller,

Precision-Guided Context Sensitivity for Pointer Analysis Yue Li, Tian Tan, Anders Mller, Yannis Smaragdakis OOPSLA 2018 1 A New Pointer Analysis T echnique for Object-Oriented Programs 2 Pointer Analysis Determines which

841 views • 64 slides
The Modal Logic K Contents 1 Soundness and Completeness; Decidability 1 1.1 Soundness . . . .

The Modal Logic K Contents 1 Soundness and Completeness; Decidability 1 1.1 Soundness . . . .

The Modal Logic K Contents 1 Soundness and Completeness; Decidability 1 1.1 Soundness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Completeness: Proof idea . . . . . . . . . . . . . . . . . . . . . . 2 2

361 views • 3 slides
FFR Guided Functional FFR Guided Functional FFR Guided Functional FFR Guided Functional

FFR Guided Functional FFR Guided Functional FFR Guided Functional FFR Guided Functional

FFR Guided Functional FFR Guided Functional FFR Guided Functional FFR Guided Functional Angioplasty Angioplasty g g p p y y in Complex Anatomy in Complex Anatomy Jung-Min Ahn, MD g , Heart Institute Asan Medical Center Heart

671 views • 27 slides
MVC Guided Pathways Brief review of Guided Pathways at MVC Plan for Today Spring

MVC Guided Pathways Brief review of Guided Pathways at MVC Plan for Today Spring

MVC Guided Pathways Brief review of Guided Pathways at MVC Plan for Today Spring 2018-Summer 2019 Action Plan and Budget Guided Pathways in California A Framework for Improving Completion Multiple Guided Pathways Initiatives

407 views • 13 slides
Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection

9/10/2016 Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Spot the differences Terminology Illumination The transport

339 views • 5 slides
The Evolution of Expert Guided Sentiment Analysis William D. MacMillan, Ph.D. Evan A. Schnidman,

The Evolution of Expert Guided Sentiment Analysis William D. MacMillan, Ph.D. Evan A. Schnidman,

The Evolution of Expert Guided Sentiment Analysis William D. MacMillan, Ph.D. Evan A. Schnidman, Ph.D. QWAFAFEW, Feb. 16, 2016 Built for Amazon Reviews Sentiment Analysis Download Word Dictionaries Good - Bad Buzz ????

357 views • 21 slides
Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Spot the differences Terminology Illumination The transport of

1.08k views • 30 slides
Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Showtime Logistics Welcome back Professor Singh is away for the

1.24k views • 87 slides
An Analysis of Techniques and Methods for Technical Debt Management: a Reflection from the

An Analysis of Techniques and Methods for Technical Debt Management: a Reflection from the

An Analysis of Techniques and Methods for Technical Debt Management: a Reflection from the Architecture Perspective Carlos Fernndez Snchez, Juan Garbajosa, Carlos Vidal, Agustn Yage Technical University of Madrid (UPM) Second

204 views • 8 slides
Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection

Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection

Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection Specular Reflection diffuse reflection diffuse + specular reflection Specular Reflection n v l Specular gleem is a diffused mirror

860 views • 19 slides
Improving Virtually Guided Product Certification with Implicit Finite Element Analysis at Scale

Improving Virtually Guided Product Certification with Implicit Finite Element Analysis at Scale

Improving Virtually Guided Product Certification with Implicit Finite Element Analysis at Scale Seid Koric 1 , Robert F. Lucas 2 , Erman Guleryuz 1 1 National Center for Supercomputing Applications (NCSA) 2 Livermore Software Technology Corporation

180 views • 13 slides
Long term stability analysis of a guided wave SHM system for platelike structures V. Attarian,

Long term stability analysis of a guided wave SHM system for platelike structures V. Attarian,

Long term stability analysis of a guided wave SHM system for platelike structures V. Attarian, F.B. Cegla, P. Cawley Non-Destructive Testing Group Department of Mechanical Engineering Imperial College London SW7 2AZ United Kingdom Outline

584 views • 19 slides
Reflection is a way of thinking about learning and What is reflection? Employability skills The

Reflection is a way of thinking about learning and What is reflection? Employability skills The

Reflection is a way of thinking about learning and What is reflection? Employability skills The EURO Process How to access Advantage and the EE resources Q&A might take you Reflection is a way of thinking about learning and helping you to

457 views • 29 slides
VI. Using the Self-Reflection Rubric for Dialogue and Reflection Alicia Ausara, Senior Manager of

VI. Using the Self-Reflection Rubric for Dialogue and Reflection Alicia Ausara, Senior Manager of

VI. Using the Self-Reflection Rubric for Dialogue and Reflection Alicia Ausara, Senior Manager of Training, California Collaborative for Educational Excellence California English Learner Roadmap Launch Event Self-Reflection Rubric Purpose

274 views • 6 slides
FDP101X: Lab Assignment 2 REFLECTION SPOT ACTIVITY IMAGE ON ALU IN MICROPROCESSOR Reflection

FDP101X: Lab Assignment 2 REFLECTION SPOT ACTIVITY IMAGE ON ALU IN MICROPROCESSOR Reflection

FDP101X: Lab Assignment 2 REFLECTION SPOT ACTIVITY IMAGE ON ALU IN MICROPROCESSOR Reflection Spot time stamp : #Reflection Spot time: (12.12) Reflection Spot question What is ALU? Answer ALU is a temperory register used to hold

186 views • 15 slides
EDA045F: Program Analysis LECTURE 2: DATAFLOW ANALYSIS 1 Christoph Reichenbach In the last

EDA045F: Program Analysis LECTURE 2: DATAFLOW ANALYSIS 1 Christoph Reichenbach In the last

EDA045F: Program Analysis LECTURE 2: DATAFLOW ANALYSIS 1 Christoph Reichenbach In the last lecture. . . Uses of Program Analysis Static vs. Dynamic Program Analysis Soundness, Precision, Termination Abstraction and Simplification

4.44k views • 52 slides
Year 3 Guided Pathways Plan Presentation Presented by: Palomar Guided Pathways Team DATE: May

Year 3 Guided Pathways Plan Presentation Presented by: Palomar Guided Pathways Team DATE: May

Year 3 Guided Pathways Plan Presentation Presented by: Palomar Guided Pathways Team DATE: May 15, 2020 Presenters: Glyn Bongolan, Alex Cuatok, Kelly Falcone, Katy Farrell, Wendy Nelson And our Guided Pathways Ambassadors Focus for Today:

656 views • 50 slides
Semi-stationary reflection, stationary reflection and combinatorics Hiroshi Sakai (joint work

Semi-stationary reflection, stationary reflection and combinatorics Hiroshi Sakai (joint work

Semi-stationary reflection, stationary reflection and combinatorics Hiroshi Sakai (joint work with Boban Veli ckovi c) October 28, 2010 1.1 Stationary reflection For a cardinal 2 , the stationary reflection in [ ] is

157 views • 14 slides
1

1

{HEADSHOT}* * The*field*of*so3ware*analysis*is*highly*diverse:*there*are*many*approaches*with*different*strengths*and* limitaBons*in*aspects*such*as*soundness,*completeness,*applicability,*and*scalability.* * In* this* lesson,* we* will*

699 views • 47 slides

More recommend