基于类文件的Java程序运行时异常分析技术

提出一种基于类文件的Java运行时异常分析技术.它可在没有Java源代码文件的情况下,直接对类文件进行处理,分析可能抛出的异常信息,并根据分析结果在类文件中添加适当的异常追踪代码.这种处理后的类文件可无缝替换原类文件运行,并在运行中抛出异常时,能够给出详尽的异常分析报告,从而提高技术人员调试和开发的效率.     

Exploring the Interaction between Java's Implicitly Thrown Exceptions and Instruction Scheduling

The frequent occurrence of implicitly thrown exceptions poses one of the challenges present in a Java compiler. Not only do these implicitly thrown exceptions directly affect the performance by requiring explicit checks, they also indirectly impact the performance by restricting code movement in order to satisfy the precise exception model in Java. In particular, instruction scheduling is one transformation that is restricted by implicitly thrown exceptions due to the heavy reliance on reordering instructions to exploit maximum hardware performance. The goal of this study is two-fold: first, investigate the degree to which implicitly thrown exceptions in Java hinder instruction scheduling, and second, find new techniques for allowing more efficient execution of Java programs containing implicitly thrown exceptions. Experimental results show that with aggressive scheduling techniques, such as superblock scheduling, the negative performance impact can be greatly reduced.     

A hierarchical exception handler binding mechanism

A mechanism is proposed for binding exception handlers to exceptions. Hierarchical exception classes can be defined and changed during program execution. In addition, the action taken when an exception of a particular class is raised depends upon the type of the current exception handler for that class. The mechanism can be implemented in programming languages that allow runtime determination of an identifier's binding; most dynamically scoped programming languages meet this criterion.     

分支混淆中的条件异常代码构造研究

当前分支混淆技术通过构造条件异常代码和异常处理替代条件跳转指令,隐藏分支选择指令的地址,提高约束条件获取的难度,从而对抗符号执行。当前方法构造的条件异常代码中,关键数据具有二值性问题,有利于分支混淆的检测、发现和约束条件获取,降低了混淆的隐蔽性和与符号执行的对抗性;基于该缺点,提出一种使关键数据具有多样性特征的条件异常代码构造方法,增加了混淆的隐蔽性和约束条件的获取难度,提高分支混淆对抗符号执行的强度;通过结构化异常处理实现了基于新型条件异常代码构造的分支混淆原型系统,并对混淆进行了测试和分析。     

Debugging mixed‐environment programs with Blink

Programmers build large‐scale systems with multiple languages to leverage legacy code and languages best suited to their problems. For instance, the same program may use Java for ease of programming and C to interface with the operating system. These programs pose significant debugging challenges, because programmers need to understand and control code across languages, which often execute in different environments. Unfortunately, traditional multilingual debuggers require a single execution environment. This paper presents a novel composition approach to building portable mixed‐environment debuggers, in which an intermediate agent interposes on language transitions, controlling and reusing single‐environment debuggers. We implement debugger composition in Blink, a debugger for Java, C, and the Jeannie programming language. We show that Blink is (i) simple: it requires modest amounts of new code; (ii) portable: it supports multiple Java virtual machines, C compilers, operating systems, and component debuggers; and (iii) powerful: composition eases debugging, while supporting new mixed‐language expression evaluation and Java native interface bug diagnostics. To demonstrate the generality of interposition, we build prototypes and demonstrate debugger language transitions with C for five of six other languages (Caml, Common Lisp, C#, Perl 5, Python, and Ruby) without modifications to their debuggers. Using real‐world case studies, we show that diagnosing language interface errors require prior single‐environment debuggers to restart execution multiple times, whereas Blink directly diagnoses them with one execution. Copyright © 2014 John Wiley & Sons, Ltd.     

Dynamic state restoration using versioning exceptions

We explore the semantics and analysis of a new kind of control structure called a versioning exception that ensures the state of the program, at the point when an exception handler is invoked, reflects the program state at the point when the handler is installed. Versioning exceptions provide a transaction-like versioning semantics to the code protected by a handler: modifications performed within the dynamic context of the corresponding handler are versioned, and committed to the store only if the computation completes normally. Similar to the role of backtracking in logic programming, this facility allows unwanted effects of computations to be discarded when exceptional or undesirable conditions are detected. We define a novel points-to analysis to efficiently track changes to the store within handler-protected scopes. The role of the analysis is to facilitate optimizations that minimize the number of locations which must be restored when a versioning exception is raised. The analysis is defined by a reachability approximation over locations that indicates which objects have been potentially modified within a handler scope. The analysis is defined for programs which support first-class procedures, locations, and exceptions.     

Exception handlers in functional programming languages

Constructs for expressing exception handling can greatly help to avoid clutter in code by allowing the programmer to separate the code to handle unusual situations from the code for the normal case. The author proposes a new approach to embed exception handlers in functional languages. The proposed approach discards the conventional view of treating exceptions, as a means of effecting a control transfer; instead, exceptions are used to change the state of an object. The two types of exceptions, terminate and resume, are treated differently. A terminate exception, when raised, is viewed as shielding the input object. On the other hand, a resume exception designates the input object as curable and requires the immediate application of a handler function. This approach enables the clean semantics of functions raising exceptions without associating any implementation restriction and without loss of the referential transparency and the commutativity properties of functions     

Client ahead‐of‐time compiler for embedded Java platforms

Many embedded Java platforms execute two types of Java classes: those installed statically on the client device and those downloaded dynamically from service providers at run time. For achieving higher performance, the static Java classes can be compiled into machine code by ahead‐of‐time compiler (AOTC) in the server, and the translated machine code can be installed on the client device. Unfortunately, AOTC cannot be applicable to the dynamically downloaded classes. This paper proposes client‐AOTC (c‐AOTC), which performs AOTC on the client device using the just‐in‐time compiler (JITC) module installed on the device, obviating the JITC overhead and complementing the server‐AOTC. The machine code of a method translated by JITC is cached on a persistent memory of the device, and when the method is invoked again in a later run of the program, the machine code is loaded and executed directly without any translation overhead. A major issue in c‐AOTC is relocation because some of the address constants embedded in the cached machine code are not correct when the machine code is loaded and used in a different run; those addresses should be corrected before they are used. Constant pool resolution and inlining complicate the relocation problem, and we propose our solutions. The persistent memory overhead for saving the relocation information is also an issue, and we propose a technique to encode the relocation information and compress the machine code efficiently. We developed a c‐AOTC on Sun's CDC VM reference implementation, and our evaluation results indicate that c‐AOTC can improve the performance significantly, as much as an average of 12% for EEMBC and 4% for SpecJVM98, with a persistent memory overhead of 1% on average. Copyright © 2008 John Wiley & Sons, Ltd.     

C++程序中异常处理的分析与测试技术研究

异常处理机制是一种运行时错误通知机制，将程序的正常控制代码和错误处理代码分离．然而异常机制的引入使得程序控制信息变得更为复杂；且开发人员一般难以熟练使用它，导致程序中会潜伏许多异常错误．扩展已有的显式异常分析技术，对隐式异常也进行了全面的分析并提出了过程间（内）控制流图的构造方法，并以此为基础给出了一个C＋＋程序健壮性改进模型．同时还提出了针对异常的两种动态测试策略：基于约束求解的异常测试策略和统计结构性异常测试策略．最后实现了一个初步的异常分析与测试原型工具并进行了初步实验分析，其结果表明本文提出的分析与测试方法对程序质量有较大程度的提高．     

On the modularization and reuse of exception handling with aspects

This paper presents an in‐depth study of the adequacy of the AspectJ language for modularizing and reusing exception‐handling code. The study consisted of refactoring existing applications so that the code responsible for implementing error‐handling strategies was moved to newly created exception handler aspects. We have performed quantitative assessments of five systems—four object‐oriented and one aspect‐oriented—based on four key quality attributes, namely separation of concerns, coupling, cohesion, and conciseness. Our investigation also included a multi‐perspective analysis of the refactored systems, including (i) the extent to which error‐handling aspects can be reused, (ii) the beneficial and harmful aspectization scenarios for exception handling, and (iii) the scalability of AOP to support the modularization of exception handling in the presence of other aspects. Copyright © 2009 John Wiley & Sons, Ltd.     

Platform‐independent profiling in a virtual execution environment

Virtual execution environments, such as the Java virtual machine, promote platform‐independent software development. However, when it comes to analyzing algorithm complexity and performance bottlenecks, available tools focus on platform‐specific metrics, such as the CPU time consumption on a particular system. Other drawbacks of many prevailing profiling tools are high overhead, significant measurement perturbation, as well as reduced portability of profiling tools, which are often implemented in platform‐dependent native code. This article presents a novel profiling approach, which is entirely based on program transformation techniques, in order to build a profiling data structure that provides calling‐context‐sensitive program execution statistics. We explore the use of platform‐independent profiling metrics in order to make the instrumentation entirely portable and to generate reproducible profiles. We implemented these ideas within a Java‐based profiling tool called JP. A significant novelty is that this tool achieves complete bytecode coverage by statically instrumenting the core runtime libraries and dynamically instrumenting the rest of the code. JP provides a small and flexible API to write customized profiling agents in pure Java, which are periodically activated to process the collected profiling information. Performance measurements point out that, despite the presence of dynamic instrumentation, JP causes significantly less overhead than a prevailing tool for the profiling of Java code. Copyright © 2008 John Wiley & Sons, Ltd.     

Automated test‐data generation for exception conditions

This paper presents a technique for automatically generating test‐data to test exceptions. The approach is based on the application of a dynamic global optimization based search for the required test‐data. The authors' work has focused on test‐data generation for safety‐critical systems. Such systems must be free from anomalous and uncontrolled behaviour. Typically, it is easier to prove the absence of any exceptions than proving that the exception handling is safe. A process for integrating automated testing with exception freeness proofs is presented as a way forward for tackling the special needs of safety critical systems. The results of a number of simple case‐studies are presented and show the technique to be effective. The major result shows the application of the technique to a commercial aircraft engine controller system as part of a proof of exception freeness. This illustrates how automated testing can be effectively integrated into a formal safety‐critical process to reduce costs and add value. Copyright © 2000 John Wiley & Sons, Ltd.     

Flow‐sensitive runtime estimation: an enhanced hot spot detection heuristics for embedded Java just‐in‐time compilers

Java just‐in‐time compilers often compile only hot methods because the compilation overhead is a part of the running time. This requires precise and efficient hot spot detection, which includes distinguishing hot methods from cold ones, detecting them as early as possible, and paying a small detection overhead. Hot spot detection is especially important in embedded applications because they show more of a start‐up phase behavior of a regular application where methods are not executed heavily, so the hot methods are not definite. Because a long‐running method is likely to be a hot method, we can detect a hot method by measuring its running time during interpretation. However, precise measurement of the running time during execution is too expensive, especially in embedded systems, so many counter‐based heuristics have been proposed to estimate it such as Oracle's HotSpot heuristic. One problem is that although the overhead of these heuristics is low, they do not estimate the running time precisely, which may lead to imprecise hot spot detection.This paper proposes a new hot spot detection heuristic called flow‐sensitive runtime estimation, which can estimate the running time more precisely than others with a relatively low overhead. It only counts important bytecode instructions dynamically, but it can obtain the precise count of all interpreted bytecode instructions with a simple arithmetic calculation. We also propose a static analysis technique to predict those hot methods which spends a huge execution time once invoked, so as to compile them at their first invocation. Our experimental results show that these techniques can improve the performance by as much as an average of 7.4% compared with the HotSpot heuristic for the benchmarks when they run once, which is often regarded as showing the start‐up phase behavior. Even for real embedded Java applications such as the digital TV Java Xlet applications, our techniques can improve the user response time by an average of 7.1%. Copyright © 2015 John Wiley & Sons, Ltd.     

Modular type checking of anchored exception declarations

Checked exceptions improve the robustness of software, but they also decrease its adaptability because they must be propagated explicitly, and because they must often be handled even if they cannot be thrown. Anchored exception declarations solve both problems by allowing a method to declare its exceptional behavior in terms of other methods.The original type checking analyses for anchored exception declarations, however, are not modular. In this paper, we present algorithms for modular verification of soundness in an object-oriented language without parametric polymorphism.     

一个基于混合并发模型的Java虚拟机

从解释执行到及时编译的转变极大地提高了Java程序的运行速度.但是,现有的Java虚拟机还有待进一步的改进.提出了一种新的Java虚拟机编译与执行模型--混合并发模型HCCEM(hybrid concurrent compilation and execution model).该模型通过多线程控制方式将字节码的编译与执行过程相重叠,从而获取加速的效果.另外还给出了基于HCCEM的Java虚拟机JAFFE的设计方案,并就实现中的执行模式切换、异常处理以及层次线程等问题进行了讨论.实验结果表明,HCCEM能     

UCov: a user‐defined coverage criterion for test case intent verification

The goal of regression testing is to ensure that the behaviour of existing code, believed correct by previous testing, is not altered by new program changes. This paper argues that the primary focus of regression testing should be on code associated with (1) earlier bug fixes and (2) particular application scenarios considered to be important by the developer or tester. Existing coverage criteria do not enable such focus, for example, 100% branch coverage does not guarantee that a given bug fix is exercised or a given application scenario is tested. Therefore, there is a need for a new and complementary coverage criterion in which the user can definea test requirement characterizing a given behaviour to be covered as opposed to choosing from a pool of pre‐defined and generic program elements. This paper proposes this new methodology and calls it UCov, a user‐defined coverage criterion wherein a test requirement is an execution pattern of program elements, and possibly predicates, that a test case must satisfy. The proposed criterion is not meant to replace existing criteria, but to complement them as it focuses the testing on important code patterns that could go untested otherwise. UCov supports test case intent verification. For example, following a bug fix, the testing team may augment the regression suite with the test case that revealed the bug. However, this test case might become obsolete due to code modifications not related to the bug. But if a test requirement characterizing the bug was defined by the user, UCov would determine that test case intent verification failed. The UCov methodology was implemented for the Java platform, was successfully applied onto 10 real‐life case studies and was shown to have advantages over JUnit. The implementation comprises the following tools: (1) TRSpec: allows the user to easily specify complex test requirements; (2) TRCheck: checks whether user‐defined test requirements were satisfied, that is, supports test case intent verification; and (3) TRMigrate: migrates user‐defined test requirements to subsequent versions of a given program. Copyright © 2016 John Wiley & Sons, Ltd.     

Java异常处理策略研究

异常处理机制是程序设计语言的重要标志之一,在程序设计过程中用来处理程序运行中的异常。传统的程序设计语言里异常处理较为繁杂。Java是一种面向对象的程序设计语言,且引入了异常处理机制。合理完备的异常处理可以增强程序运行的可靠性、提高软件的健壮性,可以较为快速地确定错误的位置。文章分析了Java异常处理的逻辑,阐述了异常类、异常处理机制以及异常处理方法,提出了异常处理的一些策略。综合运用这些策略可以使编程人员编写出更加简洁、高效的程序代码。     

Efficient exception handling in Java bytecode-to-C ahead-of-time compiler for embedded systems

One of the most promising approaches to Java acceleration in embedded systems is a bytecode-to-C ahead-of-time compiler (AOTC). It improves the performance of a Java virtual machine (JVM) by translating bytecode into C code, which is then compiled into machine code via an existing C compiler. One important design issue in AOTC is efficient exception handling. Since the excepting point and the exception handler may locate in different methods on a call stack, control transfer between them should be streamlined, while an exception would be an “exceptional” event, so it should not slow down normal execution paths. Previous AOTCs often employed a technique called stack cutting based on a setjmp()/longjmp() pair, which we found is involved with too much performance overheads. Also, when the AOTC and the interpreter are employed concurrently (e.g., some methods are AOTCed while other methods are interpreted), the performance of normal execution paths is affected more seriously. This paper proposes a simpler solution based on an exception check after each method call, merged with garbage collection check for reducing its overhead. Our evaluation results on SPECjvm98 on Sun's CVM indicate that our technique can improve the performance of stack cutting by more than 25%. A similar performance benefit can be noted on a hybrid execution environment of both the AOTC and the interpreter.     

一种基于网格服务路线的异常处理方法

网格服务是提供一组定义明确接口并遵守一定规范的Web服务．网格服务异常(exception)是指在服务请求、响应和执行过程中可能发生的问题．网格服务异常处理与网格服务运行状态、上下文有关．网格服务异常处理的主要内容包括网格服务检查点(checkpoint)设置、服务运行跟踪、以及服务回卷(rollback)．传统处理方法是使用一个错误码：一个函数检测到错误,将错误码传送给调用者．这一处理过程可能要多级连续处理,直到该错误码被传送到响应该错误的处理函数．如果一个函数调用连接比较弱,将会造成整个处理过程失败．网格服务异常处理一方面应尽量减少传统处理单元内部错误代码繁殖的现象,另一方面要考虑服务异常向外部单元或网格服务传送的功能．这里,从网格系统结构出发,首先对网格服务异常处理进行讨论;然后提出了用于网格服务异常处理的A/B—Back算法;最后给出了基于Globus Toolkit 3．0的模拟实验结果分析．