Conference Paper

Sofya: Supporting Rapid Development of Dynamic Program Analyses for Java

University of Nebraska-Lincoln, USA
DOI: 10.1109/ICSECOMPANION.2007.68 Conference: Software Engineering - Companion, 2007. ICSE 2007 Companion. 29th International Conference on
Source: IEEE Xplore


Dynamic analysis is an increasingly important means of supporting software validation and maintenance. To date, developers of dynamic analyses have used low-level instrumentation and debug interfaces to realize their analyses. Many dynamic analyses, however, share multiple common high-level requirements, e.g., capture of program data state as well as events, and efficient and accurate event capture in the presence of threading. We present SOFYA -- an infra-structure designed to provide high-level, efficient, concurrency-aware support for building analyses that reason about rich observations of program data and events. It provides a layered, modular architecture, which has been successfully used to rapidly develop and evaluate a variety of demanding dynamic program analyses. In this paper, we describe the SOFYA framework, the challenges it addresses, and survey several such analyses.

Full-text preview

Available from:
  • Source
    • "(The use of multiple systems enabled faster data collection, and does not bias our results since we focus only on relative performances on particular objects.) We implemented our algorithms within the Sofya analysis system [15] [17] "
    [Show abstract] [Hide abstract]
    ABSTRACT: A wide range of techniques for supporting software maintenance tasks rely on representations of program control flow. The accuracy of these representations can be important to the effectiveness and efficiency of these techniques. The Java programming language has introduced structured exception handling features that complicate the task of representing control flow. Previous work has attempted to address these complications by using type inference algorithms to analyze the control flow effects of exceptions, but to date, there has been no study of whether the use of these algorithms is justified. In this paper we report results of an empirical study addressing this issue. We find that type inference algorithms can lead to more accurate representations of control flow, but this improvement does not necessarily translate into benefits for maintenance techniques that use them. It follows that type inference algorithms should not just automatically be applied; rather, the tradeoffs of applying them must first be assessed with respect to particular maintenance techniques and workloads.
    Preview · Conference Paper · Nov 2008
  • Source
    • "The test object instrumentation and CFG generation tasks are performed statically with the aid of the Sofya framework [3], and must precede the test case generation and evaluation phases so as to allow tracing the structural entities traversed during test case execution. Probe insertion is executed on the Java Bytecode level, and CFGs are built with basis on the high-level information extracted from the Bytecode of the test object. "
    [Show abstract] [Hide abstract]
    ABSTRACT: In evolutionary testing, meta-heuristic search techniques are used to generate high-quality test data. The focus of our on- going work is on employing evolutionary algorithms for the structural unit-testing of object-oriented Java programs. Test cases are evolved using the Strongly-Typed Genetic Programming technique. Test data quality evaluation in- cludes instrumenting the test object, executing it with the generated test cases, and tracing the structures traversed in order to derive coverage metrics. The strategy for eciently guiding the search process towards achieving full structural coverage involves favouring test cases that exercise problem- atic structures and control-ow paths. Static analysis and instrumentation is performed solely with basis on the infor- mation extracted from the test objects' Java Bytecode. Relevant contributions include the introduction of novel methodologies for automation, search guidance and input domain reduction, and the presentation of the eCrash auto- mated test case generation tool.
    Full-text · Conference Paper · Jan 2008
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: To analyze an open system, one needs to close it with a definition of its environment, i.e., its execution context. Environment modeling is a significant challenge: environment models should be general enough to permit analysis of large portions of a system's possible behaviors, yet sufficiently precise to enable cost-effective reasoning. This thesis presents the Bandera Environment Generator (BEG), a toolset that automates generation of environment models to provide a restricted form of modular model checking of Java programs, where the module's source code is the subject of analysis along with an abstract model of the environment's behavior. Since the most general environments do not allow for tractable model checking, BEG has support for restricting the environment behavior based on domain-specific knowledge and assumptions about the environment behavior, which can be acquired from a variety of sources. When the environment code is not available, developers can encode their assumptions as an explicit formal specification. When the environment code is available, BEG employs static analyses to extract environment assumptions. Both specifications and static analyses can be tuned to reflect domain-specific knowledge, i.e., to describe domain-specific aspects of the environment behavior. Initially, BEG was implemented to handle general Java applications; later, it was extended to handle two specific domains: Graphical User Interfaces (GUI) implemented using the Swing/AWT libraries and web applications implemented using the J2EE framework. BEG was evaluated on several non-trivial case studies, including industrial applications from NASA, SUN, and Fujitsu. This thesis presents the domain-specific environment generation for GUI and web applications and describes BEG, its extensible architecture, usage, and how it can be extended to handle new domains. Doctor of Philosophy Doctoral Department of Computing and Information Sciences Matthew Dwyer John M. Hatcliff
    Preview · Article ·
Show more