Pointer Analysis in the Presence of Dynamic Class Loading

Similar documents
Pointer Analysis in the Presence of Dynamic Class Loading. Hind Presented by Brian Russell

Pointer Analysis in the Presence of Dynamic Class Loading

Pointer Analysis in the Presence of Dynamic Class Loading

IBM Research Report. Fast Online Pointer Analysis

Advanced Program Analyses for Object-oriented Systems

Vertical Profiling: Understanding the Behavior of Object-Oriented Applications

Write Barrier Removal by Static Analysis

Towards Dynamic Interprocedural Analysis in JVMs

Design, Implementation, and Evaluation of a Compilation Server

Field Analysis. Last time Exploit encapsulation to improve memory system performance

Experiences with Multi-threading and Dynamic Class Loading in a Java Just-In-Time Compiler

Free-Me: A Static Analysis for Automatic Individual Object Reclamation

Making Context-sensitive Points-to Analysis with Heap Cloning Practical For The Real World

Dynamic Selection of Application-Specific Garbage Collectors

Software Speculative Multithreading for Java

A Trace-based Java JIT Compiler Retrofitted from a Method-based Compiler

A Study of Type Analysis for Speculative Method Inlining in a JIT Environment

Phase-based Adaptive Recompilation in a JVM

Alias Analysis. Advanced Topics. What is pointer analysis? Last Time

Phases in Branch Targets of Java Programs

SABLEJIT: A Retargetable Just-In-Time Compiler for a Portable Virtual Machine p. 1

Myths and Realities: The Performance Impact of Garbage Collection

Reducing the Overhead of Dynamic Compilation

Complex, concurrent software. Precision (no false positives) Find real bugs in real executions

Points-to Analysis for Java Using Annotated Constraints*

Reducing the Overhead of Dynamic Compilation

Method-Level Phase Behavior in Java Workloads

Introduction to Visual Basic and Visual C++ Introduction to Java. JDK Editions. Overview. Lesson 13. Overview

A JAVA VIRTUAL MACHINE FOR RISC-V PORTING THE JIKES RESEARCH VM

Write Barrier Removal by Static Analysis

Demand-Driven Points-To Analysis For Java

IBM Research Report. Efficient Memory Management for Long-Lived Objects

Running class Timing on Java HotSpot VM, 1

Cycle Tracing. Presented by: Siddharth Tiwary

Jazz: A Tool for Demand-Driven Structural Testing

Lecture Notes on Advanced Garbage Collection

Agenda. CSE P 501 Compilers. Java Implementation Overview. JVM Architecture. JVM Runtime Data Areas (1) JVM Data Types. CSE P 501 Su04 T-1

Interprocedural Analysis with Data-Dependent Calls. Circularity dilemma. A solution: optimistic iterative analysis. Example

Compiler construction 2009

Compact Garbage Collection Tables

Debunking Dynamic Optimization Myths

The VMKit project: Java (and.net) on top of LLVM

Understanding the Connectivity of Heap Objects Technical Report: CU-CS

Towards Parallel, Scalable VM Services

Scaling Java Points-to Analysis Using Spark

20 Most Important Java Programming Interview Questions. Powered by

Scaling Java Points-To Analysis using Spark

Shenandoah: An ultra-low pause time garbage collector for OpenJDK. Christine Flood Principal Software Engineer Red Hat

Thin Locks: Featherweight Synchronization for Java

Probabilistic Calling Context

Calvin Lin The University of Texas at Austin

SSA Based Mobile Code: Construction and Empirical Evaluation

A Framework for Optimistic Program Optimization

Delft-Java Link Translation Buffer

Reference Analyses. VTA - Variable Type Analysis

Interprocedural Analysis. Motivation. Interprocedural Analysis. Function Calls and Pointers

Implementing Higher-Level Languages. Quick tour of programming language implementation techniques. From the Java level to the C level.

Java On Steroids: Sun s High-Performance Java Implementation. History

6.828: OS/Language Co-design. Adam Belay

Safety Checks and Semantic Understanding via Program Analysis Techniques

Context-sensitive points-to analysis: is it worth it?

CSE P 501 Compilers. Java Implementation JVMs, JITs &c Hal Perkins Winter /11/ Hal Perkins & UW CSE V-1

CO444H. Ben Livshits. Datalog Pointer analysis

YETI. GraduallY Extensible Trace Interpreter VEE Mathew Zaleski, Angela Demke Brown (University of Toronto) Kevin Stoodley (IBM Toronto)

Run-Time Environments/Garbage Collection

Sista: Improving Cog s JIT performance. Clément Béra

Connectivity-Based Garbage Collection

Accurate Garbage Collection in Uncooperative Environments with Lazy Pointer Stacks

Wednesday, October 15, 14. Functions

Expressing high level optimizations within LLVM. Artur Pilipenko

Featherweight Monitors with Bacon Bits

Instrumentation in Software Dynamic Translators for Self-Managed Systems

Connectivity-Based Garbage Collection

Static Java Program Features for Intelligent Squash Prediction

JOVE. An Optimizing Compiler for Java. Allen Wirfs-Brock Instantiations Inc.

Efficient Context Sensitivity for Dynamic Analyses via Calling Context Uptrees and Customized Memory Management

Managed runtimes & garbage collection

Managed runtimes & garbage collection. CSE 6341 Some slides by Kathryn McKinley

Dimensions of Precision in Reference Analysis of Object-oriented Programming Languages. Outline

RUNTIME TECHNIQUES AND INTERPROCEDURAL ANALYSIS IN JAVA VIRTUAL MACHINES

Static Program Analysis Part 9 pointer analysis. Anders Møller & Michael I. Schwartzbach Computer Science, Aarhus University

Untyped Memory in the Java Virtual Machine

Escape Analysis in the Context of Dynamic Compilation and Deoptimization

Flow-sensitive rewritings and Inliner improvements for the Graal JIT compiler

Accelerating Ruby with LLVM

CS711 Advanced Programming Languages Pointer Analysis Overview and Flow-Sensitive Analysis

ONLINE PROFILING AND FEEDBACK-DIRECTED OPTIMIZATION OF JAVA

Reference Object Processing in On-The-Fly Garbage Collection

Analysis of Object-oriented Programming Languages

CS260 Intro to Java & Android 02.Java Technology

Kasper Lund, Software engineer at Google. Crankshaft. Turbocharging the next generation of web applications

Limits of Parallel Marking Garbage Collection....how parallel can a GC become?

Just-In-Time Compilation

Parley: Federated Virtual Machines

CSE 501: Compiler Construction. Course outline. Goals for language implementation. Why study compilers? Models of compilation

Eliminating Exception Constraints of Java Programs for IA-64

Context Threading: A flexible and efficient dispatch technique for virtual machine interpreters

Running R Faster. Tomas Kalibera

Uncovering Performance Problems in Java Applications with Reference Propagation Profiling

Shenandoah: An ultra-low pause time garbage collector for OpenJDK. Christine Flood Roman Kennke Principal Software Engineers Red Hat

Transcription:

Pointer Analysis in the Presence of Dynamic Class Loading Martin Hirzel, Amer Diwan University of Colorado at Boulder Michael Hind IBM T.J. Watson Research Center 1

Pointer analysis motivation Code a = new C( ); // G b = new C( ); // H a = b; a.f = b; Clients Tools Optimizations What is it good for? What does it do? Code browsing Code transformations Error detection Devirtualization Load elimination Parallelization Connectivity-based garbage collection Points-to sets pointsto(a) == {G,H} pointsto(b) == {H} pointsto(g.f ) == {H} pointsto(h.f ) == {H} 2

Static flow- and context-insensitive pointer analysis by Andersen Analysis components Analysis data structures Call graph builder Code Method compilation Constraint finder Constraint propagator Clients Points-to sets Constraint graph 3

Static analysis can not deal with all of Java Class loading may be implicitly triggered by any Constructor call Static field access Static method call Classes may come from the web or be generated on the fly Pretending a static world fails for most real-world applications 4

Java challenges Analysis components Call graph builder Analysis data structures 1. Online call graph building Method compilation 4. Reflection and native code Constraint finder 3. Unresolved types 2. Re-propagation Constraint propagator Clients Constraint graph 5

1. Online call graph building caller a = x.m(b); callee A::m(c) { return d; } 6

1. Online call graph building caller a = x.m(b); e = y.m(f ); callee A::m(c) { return d; } 7

1. Online call graph building caller a = x.m(b); e = y.m(f ); callee A::m(c) { return d; } B::m(g) { return h; } 8

Architecture for online call graph building Analysis components Call graph builder Analysis data structures Caller/callee look-up Method compilation Constraint finder Constraint propagator Clients Constraint graph 9

Java challenges Analysis components Call graph builder Analysis data structures Caller/callee look-up Method compilation 4. Reflection and native code Constraint finder 3. Unresolved types 2. Re-propagation Constraint propagator Clients Constraint graph 10

2. Focused re-propagation Code a = new C( ); // G b = new C( ); // H a.f = b; a = b; Points-to sets pointsto(a) == {G} pointsto(b) == {H} pointsto(g.f ) == {H} pointsto(h.f ) == { } 11

2. Focused re-propagation Code a = new C( ); // G b = new C( ); // H a.f = b; a = b; Points-to sets pointsto(a) == {G,H} pointsto(b) == {H} pointsto(g.f ) == {H} pointsto(h.f ) == { } 12

2. Focused re-propagation Code a = new C( ); // G b = new C( ); // H a.f = b; a = b; Points-to sets pointsto(a) == {G,H} pointsto(b) == {H} pointsto(g.f ) == {H} pointsto(h.f ) == {H} 13

Architecture for focused re-propagation Analysis components Call graph builder Analysis data structures Caller/callee look-up Method compilation Constraint finder Propagator worklist Constraint propagator Clients Constraint graph 14

Java challenges Analysis components Call graph builder Analysis data structures Caller/callee look-up Method compilation 4. Reflection and native code Constraint finder 3. Unresolved types Constraint propagator Clients Propagator worklist Constraint graph 15

3. Unresolved types caller X x = ; a = x.m(b);? Can X have a subclass that inherits m from Y? callee Y::m(c) { return d; }! Cannot tell before X is resolved! 16

Architecture for managing unresolved types Virtual machine events Analysis components Analysis data structures Call graph builder Caller/callee look-up Method compilation Type resolution Constraint finder Resolution manager Constraint propagator Clients Deferred constraints Propagator worklist Constraint graph 17

Java challenges Virtual machine events Analysis components Analysis data structures Call graph builder Caller/callee look-up Method compilation 4. Reflection and native code Type resolution Constraint finder Resolution manager Constraint propagator Clients Deferred constraints Propagator worklist Constraint graph 18

4. Reflection and native code Reflection Field f = B.class.getField( ); B b = ; f.set(b,v); Java-side code a = b.m(c); Native code Object VM_JNIFunctions. CallObjectMethod(method, args) { return method.invoke(args); } Native-side code 00100101 01001110 10010011 01001001 10001111 10001111 00100101 19

Architecture for dealing with reflection and native code Virtual machine events Analysis components Analysis data structures Call graph builder Caller/callee look-up Method compilation Reflection execution Native code execution Type resolution Constraint finder Resolution manager Constraint propagator Clients Deferred constraints Propagator worklist Constraint graph 20

Other events leading to constraints Virtual machine events Analysis components Analysis data structures Building and start-up Bytecode attributes Method compilation Reflection execution Native code execution Type resolution Call graph builder Constraint finder Resolution manager Constraint propagator Clients Caller/callee look-up Deferred constraints Propagator worklist Constraint graph 21

Clients using our pointer analysis Virtual machine events Analysis components Analysis data structures Building and start-up Bytecode attributes Method compilation Reflection execution Native code execution Type resolution Call graph builder Constraint finder Resolution manager Constraint propagator Clients Caller/callee look-up Deferred constraints Propagator worklist Constraint graph 22

Dealing with invalidated results Many techniques from prior work Guard optimized code (extant analysis) Pre-existence based inlining On-stack replacement and more Connectivity-based garbage collection Trigger propagator only before collection Merge partitions if necessary 23

Evaluation methodology Java virtual machine Jikes RVM from IBM, is itself written in Java Benchmarks SPECjvm98 suite, xalan, hsql Results not comparable to static analysis Analyze more code: Jikes RVM adds a lot of Java code Analyze less code: Not all application classes get loaded 24

Propagation cost Eager At GC At End Count Avg. Total Count Avg. Total Total hsql 391 10.1s 1h06m 6 1m17s 7m40s 7m07s jess 734 16.8s 3h26m 3 1m58s 5m53s 3m02s javac 1,103 12.5s 3h50m 5 1m54s 9m32s 6m27s xalan 1,726 11.2s 5h22m 1 2m01s 2m01s 7m45s Eagerness trades off average cost against total cost On average, focused re-propagation is much cheaper than full propagation Total cost is a function of code size and propagator eagerness 25

How long does a program have to run to amortize the analysis cost? Eager At GC At End Count Avg. Total Count Avg. Total Total hsql 391 10.1s 1h06m 6 1m17s 7m40s 7m07s jess 734 16.8s 3h26m 3 1m58s 5m53s 3m02s javac 1,103 12.5s 3h50m 5 1m54s 9m32s 6m27s xalan 1,726 11.2s 5h22m 1 2m01s 2m01s 7m45s Analysis cost to amortize Application runtime 5m 15m 1h 5h Overall analysis overhead 10% 5% 2.5% 50m 1h40m 3h20m 2h30m 5h 10h 10h 20h 1d16h 1d16h 4d04h 8d08h Long-running applications can amortize not-too-eager analysis cost 26

Validation Virtual machine events Analysis components Analysis data structures Building and start-up Bytecode attributes Method compilation Reflection execution Native code execution Type resolution Call graph builder Constraint finder Resolution manager Constraint propagator Clients Validation Caller/callee look-up Deferred constraints Propagator worklist Constraint graph 27

Validation Piggy-back validation on garbage collection For each pointer, check consistency with analysis results Incorrect analysis would lead to tricky bugs in clients 28

Related work Andersen s analysis for static Java [RountevMilanovaRyder 01] [LiangPenningsHarrold 01] [WhaleyLam 02] [LhotakHendren 03] Weaker analyses with dynamic class loading DOIT [PechtchanskiSarkar 01] XTA [QianHendren 04] Ruf s escape analysis [BogdaSingh 01, King 03] Demand-driven / incremental analysis 29

Conclusions 1 st non-trivial pointer analysis for all of Java Identified and solved the challenges: 1. Online call graph building 2. Focused re-propagation 3. Managing unresolved types 4. Reflection and native code Evaluated efficiency Validated correctness 30

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback