research-article

Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders

Authors:

Mira MeziniAuthors Info & Claims

ICSE '11: Proceedings of the 33rd International Conference on Software Engineering

Pages 241 - 250

https://doi.org/10.1145/1985793.1985827

Published: 21 May 2011 Publication History

Abstract

Static program analyses and transformations for Java face many problems when analyzing programs that use reflection or custom class loaders: How can a static analysis know which reflective calls the program will execute? How can it get hold of classes that the program loads from remote locations or even generates on the fly? And if the analysis transforms classes, how can these classes be re-inserted into a program that uses custom class loaders?

In this paper, we present TamiFlex, a tool chain that offers a partial but often effective solution to these problems. With TamiFlex, programmers can use existing static-analysis tools to produce results that are sound at least with respect to a set of recorded program runs. TamiFlex inserts runtime checks into the program that warn the user in case the program executes reflective calls that the analysis did not take into account. TamiFlex further allows programmers to re-insert offline-transformed classes into a program.

We evaluate TamiFlex in two scenarios: benchmarking with the DaCapo benchmark suite and analysing large-scale interactive applications. For the latter, TamiFlex significantly improves code coverage of the static analyses, while for the former our approach even appears complete: the inserted runtime checks issue no warning. Hence, for the first time, TamiFlex enables sound static whole-program analyses on DaCapo. During this process, TamiFlex usually incurs less than 10% runtime overhead.

References

[1]

B. Alpern, C. R. Attanasio, J. J. Barton, M. G. Burke, P. Cheng, J.-D. Choi, A. Cocchi, S. J. Fink, D. Grove, M. Hind, S. F. Hummel, D. Lieber, V. Litvinov, M. F. Mergen, T. Ngo, J. R. Russell, V. Sarkar, M. J. Serrano, J. C. Shepherd, S. E. Smith, V. C. Sreedhar, H. Srinivasan, and J. Whaley. The Jalapeno virtual machine. IBM Systems Journal, 39(1):211--238, 2000.

Digital Library

[2]

Lars Ole Andersen. Program Analysis and Specialization for the C Programming Language. PhD thesis, University of Copenhagen, 1994. DIKU report 94/19.

[3]

Shay Artzi, Adam Kiezun, David Glasser, and Michael D. Ernst. Combined static and dynamic mutability analysis. In ASE'07, pages 104--113. ACM, 2007.

Digital Library

[4]

Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, and Dawson Engler. A few billion lines of code later: using static analysis to find bugs in the real world. CACM, 53(2):66--75, 2010.

Digital Library

[5]

S. M. Blackburn, R. Garner, C. Hoffman, A. M. Khan, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanovic, T. VanDrunen, D. von Dincklage, and B. Wiedermann. The DaCapo benchmarks: Java benchmarking development and analysis. In OOPSLA'06, pages 169--190. ACM, 2006.

Digital Library

[6]

Eric Bodden. Efficient Hybrid Typestate Analysis by Determining Continuation-Equivalent States. In ICSE'10, pages 5--14. ACM, 2010.

Digital Library

[7]

Eric Bodden, Patrick Lam, and Laurie Hendren. Finding Programming Errors Earlier by Evaluating Runtime Monitors Ahead-of-Time. In FSE'08, pages 36--47, 2008.

Digital Library

[8]

Eric Bodden, Andreas Sewe, Jan Sinschek, and Mira Mezini. Taming Reflection (Extended version). Technical Report TUD-CS-2010-0066, CASED, March 2010. http://cased.de/.

[9]

Michael D. Bond and Kathryn S. McKinley. Probabilistic calling context. In OOPSLA'07, pages 97--112. ACM, 2007.

Digital Library

[10]

Guillaume Brat and Willem Visser. Combining static analysis and model checking for software analysis. In ASE'01, page 262. IEEE, 2001.

Digital Library

[11]

Mathias Braux and Jacques Noyé. Towards partially evaluating reflection in java. In PEPM'99, pages 2--11. ACM, 1999.

Digital Library

[12]

Aske Christensen, Anders Møller, and Michael Schwartzbach. Precise analysis of string expressions. In SAS'03, volume 2694 of LNCS, pages 1--18. Springer, 2003.

Digital Library

[13]

Coverity static-analysis tool. http://coverity.com/.

[14]

Bruno Dufour, Barbara G. Ryder, and Gary Sevitsky. Blended analysis for performance understanding of framework-based applications. In ISSTA'07, pages 118--128. ACM, 2007.

Digital Library

[15]

Matthew B. Dwyer and Rahul Purandare. Residual dynamic typestate analysis: Exploiting static analysis results to reformulate and reduce the cost of dynamic analysis. In ASE'07, pages 124--133, 2007.

Digital Library

[16]

Stephen Fink, Eran Yahav, Nurit Dor, G. Ramalingam, and Emmanual Geay. Effective typestate verification in the presence of aliasing. In ISSTA'06, pages 133--144. ACM, 2006.

Digital Library

[17]

Michael Furr, Jong-hoon (David) An, and Jeffrey S. Foster. Profile-guided static typing for dynamic scripting languages. In OOPSLA'09, pages 283--300. ACM, 2009.

Digital Library

[18]

Mary W. Hall and Ken Kennedy. Efficient call graph analysis. ACM Letters on Programming Languages and Systems (LOPLAS), 1(3):227--242, 1992.

Digital Library

[19]

Martin Hirzel, Daniel Von Dincklage, Amer Diwan, and Michael Hind. Fast online pointer analysis. TOPLAS, 29(2):11, 2007.

Digital Library

[20]

Martin Hirzel, Amer Diwan, Michael Hind, Martin Hirzel, Amer Diwan, and Michael Hind. Pointer analysis in the presence of dynamic class loading. In ECOOP'04, pages 96--122. Springer, 2004.

[21]

Java Virtual Machine Tool Interface (JVM TI). Version 6. http://download.oracle.com/javase/6/docs/technotes/guides/jvmti/index.html.

[22]

Ondřrej Lhoták. Comparing call graphs. In PASTE'07, pages 37--42. ACM, 2007.

Digital Library

[23]

Ondřrej Lhoták and Laurie Hendren. Scaling Java points-to analysis using Spark. In CC'03, volume 2622 of LNCS, pages 153--169. Springer, 2003.

Digital Library

[24]

Benjamin Livshits, John Whaley, and Monica S. Lam. Reflection analysis for java. In Kwangkeun Yi, editor, APLAS'05, volume 3780 of LNCS, pages 139--160. Springer, 2005.

Digital Library

[25]

Gail C. Murphy, David Notkin, William G. Griswold, and Erica S. Lan. An empirical study of static call graph extractors. TOSEM, 7(2):158--191, 1998.

Digital Library

[26]

Nomair A. Naeem and Ondřrej Lhoták. Extending typestate analysis to multiple interacting objects. Technical report, University of Waterloo, 04 2008. CS-2008-04.

[27]

National Institute of Standards and Technology, Information Technology Laboratory. Secure Hash Signature Standard (SHS), 2008. FIPS PUB 180--3.

[28]

Venkatesh Ranganath and John Hatcliff. Slicing concurrent Java programs using Indus and Kaveri. STTT, 9:489--504, 2007.

Digital Library

[29]

Shmuel Sagiv, Thomas W. Reps, and Reinhard Wilhelm. Solving shape-analysis problems in languages with destructive updating. TOPLAS, 20(1):1--50, 1998.

Digital Library

[30]

R. E. Strom and S. Yemini. Typestate: A programming language concept for enhancing software reliability. TSE, 12(1):157--171, 1986.

Digital Library

[31]

Peter F. Sweeney and Frank Tip. Extracting library-based object-oriented applications. In FSE'00, pages 98--107. ACM, 2000.

Digital Library

[32]

Frank Tip, Peter F. Sweeney, Chris Laffra, Aldo Eisma, and David Streeter. Practical extraction techniques for java. TOPLAS, 24(6):625--666, 2002.

Digital Library

[33]

Raja Vallée-Rai, Phong Co, Etienne Gagnon, Laurie Hendren, Patrick Lam, and Vijay Sundaresan. Soot - a Java bytecode optimization framework. In CASCON'99, page 13. IBM, 1999.

Digital Library

Cited By

Zhang GLiu LChen ZWang JFilkov VRay BZhou M(2024)Hybrid Regression Test Selection by Integrating File and Method DependencesProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695525(1557-1569)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695525
Halalingaiah SSundaresan VMaier DNandivada V(2024)The ART of Sharing Points-to Analysis: Reusing Points-to Analysis Results Safely and EfficientlyProceedings of the ACM on Programming Languages10.1145/36898038:OOPSLA2(2606-2632)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689803
Zhang YDhawal ONandivada VChiba SUgawa TLaemmel RPereira JMosses P(2024)Reducing Write Barrier Overheads for Orthogonal PersistenceProceedings of the 17th ACM SIGPLAN International Conference on Software Language Engineering10.1145/3687997.3695646(210-223)Online publication date: 17-Oct-2024
https://dl.acm.org/doi/10.1145/3687997.3695646
Show More Cited By

Index Terms

Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders
1. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning
      1. Program analysis
    2. Program semantics

Recommendations

Understanding and Analyzing Java Reflection

Java reflection has been widely used in a variety of applications and frameworks. It allows a software system to inspect and change the behaviour of its classes, interfaces, methods, and fields at runtime, enabling the software to adapt to dynamically ...
Improving static resolution of dynamic class loading in Java using dynamically gathered environment information

In Java software, one important flexibility mechanism is dynamic class loading. Unfortunately, the vast majority of static analyses for Java treat dynamic class loading either unsoundly or too conservatively. We present a novel semi-static approach for ...
DroidRA: taming reflection to support whole-program analysis of Android apps
ISSTA 2016: Proceedings of the 25th International Symposium on Software Testing and Analysis

Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools for Android are challenged by the presence of reflective ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '11: Proceedings of the 33rd International Conference on Software Engineering

May 2011

1258 pages

ISBN:9781450304450

DOI:10.1145/1985793

General Chair:
Richard N. Taylor
UC Irvine, USA
,
Program Chairs:
Harald Gall
University of Zurich, Switzerland
,
Nenad Medvidović
University of Southern California, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 May 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICSE11

Sponsor:

SIGSOFT

ICSE11: International Conference on Software Engineering

May 21 - 28, 2011

HI, Waikiki, Honolulu, USA

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

184
Total Citations
View Citations
828
Total Downloads

Downloads (Last 12 months)58
Downloads (Last 6 weeks)3

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang GLiu LChen ZWang JFilkov VRay BZhou M(2024)Hybrid Regression Test Selection by Integrating File and Method DependencesProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695525(1557-1569)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695525
Halalingaiah SSundaresan VMaier DNandivada V(2024)The ART of Sharing Points-to Analysis: Reusing Points-to Analysis Results Safely and EfficientlyProceedings of the ACM on Programming Languages10.1145/36898038:OOPSLA2(2606-2632)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689803
Zhang YDhawal ONandivada VChiba SUgawa TLaemmel RPereira JMosses P(2024)Reducing Write Barrier Overheads for Orthogonal PersistenceProceedings of the 17th ACM SIGPLAN International Conference on Software Language Engineering10.1145/3687997.3695646(210-223)Online publication date: 17-Oct-2024
https://dl.acm.org/doi/10.1145/3687997.3695646
Laursen MXu WMøller A(2024)Reducing Static Analysis Unsoundness with Approximate InterpretationProceedings of the ACM on Programming Languages10.1145/36564248:PLDI(1165-1188)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656424
Wimmer CStancu CKozak DWürthinger T(2024)Scaling Type-Based Points-to Analysis with SaturationProceedings of the ACM on Programming Languages10.1145/36564178:PLDI(990-1013)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656417
Anand AAdithya SRustagi SSeth PSundaresan VMaier DNandivada VThakur M(2024)Optimistic Stack Allocation and Dynamic Heapification for Managed RuntimesProceedings of the ACM on Programming Languages10.1145/36563898:PLDI(296-319)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656389
Samhi JJust RBissyandé TErnst MKlein JChristakis MPradel M(2024)Call Graph Soundness in Android Static AnalysisProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680333(945-957)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680333
Blumschein CNiephaus FStancu CWimmer CLincke JHirschfeld RChristakis MPradel M(2024)Finding Cuts in Static Analysis Graphs to Debloat SoftwareProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680306(603-614)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680306
Helm DRoth TKeidel SReif MMezini MChristakis MPradel M(2024)Unimocg: Modular Call-Graph Algorithms for Consistent Handling of Language FeaturesProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652109(51-62)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652109
Santos JMirakhorli MShokri A(2024)Seneca: Taint-Based Call Graph Construction for Java Object DeserializationProceedings of the ACM on Programming Languages10.1145/36498518:OOPSLA1(1125-1153)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649851
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents