Parameter reference immutability: formal definition, inference tool, and comparison

  • Shay Artzi
  • Adam Kieżun
  • Jaime Quinonez
  • Michael D. Ernst
Article

Abstract

Knowing which method parameters may be mutated during a method’s execution is useful for many software engineering tasks. A parameter reference is immutable if it cannot be used to modify the state of its referent object during the method’s execution. We formally define this notion, in a core object-oriented language. Having the formal definition enables determining correctness and accuracy of tools approximating this definition and unbiased comparison of analyses and tools that approximate similar definitions.

We present Pidasa, a tool for classifying parameter reference immutability. Pidasa combines several lightweight, scalable analyses in stages, with each stage refining the overall result. The resulting analysis is scalable and combines the strengths of its component analyses. As one of the component analyses, we present a novel dynamic mutability analysis and show how its results can be improved by random input generation. Experimental results on programs of up to 185 kLOC show that, compared to previous approaches, Pidasa increases both run-time performance and overall accuracy of immutability inference.

Keywords

Readonly Reference immutability Definition Combined analysis 

References

  1. Artzi, S., Ernst, M.D., Kieżun, A., Pacheco, C., Perkins, J.H.: Finding the needles in the haystack: Generating legal test inputs for object-oriented programs. In: M-TOOS 2006: 1st Workshop on Model-Based Testing and Object-Oriented Systems. Portland, OR, USA (2006) Google Scholar
  2. Artzi, S., Kieżun, A., Glasser, D., Ernst, M.D.: Combined static and dynamic mutability analysis. In: ASE 2007: Proceedings of the 22nd Annual International Conference on Automated Software Engineering, pp. 104–113. Atlanta, GA, USA (2007) Google Scholar
  3. Bacon, D.F., Sweeney, P.F.: Fast static analysis of C++ virtual function calls. In: Conference on Object-Oriented Programming, Systems, Languages, and Applications, pp. 324–341. San Jose, CA, USA (1996). http://doi.acm.org/10.1145/236337.236371
  4. Banning, J.P.: An efficient way to find the side effects of procedure calls and the aliases of variables. In: Proceedings of the Sixth Annual ACM Symposium on Principles of Programming Languages, pp. 29–41 (1979) Google Scholar
  5. Biberstein, M., Gil, J., Porat, S.: Sealing, encapsulation, and mutability. In: ECOOP 2001—Object-Oriented Programming, 15th European Conference, pp. 28–52. Budapest, Hungary (2001) Google Scholar
  6. Birka, A., Ernst, M.D.: A practical type system and language for reference immutability. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2004), pp. 35–49. Vancouver, BC, Canada (2004) Google Scholar
  7. Boyland, J.: Why we should not add readonly to Java (yet). In: FTfJP’2005: 7th Workshop on Formal Techniques for Java-like Programs. Glasgow, Scotland (2005) Google Scholar
  8. Boyland, J., Noble, J., Retert, W.: Capabilities for sharing: A generalisation of uniqueness and read-only. In: ECOOP 2001—Object-Oriented Programming, 15th European Conference, pp. 2–27. Budapest, Hungary (2001) Google Scholar
  9. Burdy, L., Cheon, Y., Cok, D., Ernst, M.D., Kiniry, J., Leavens, G.T., Leino, K.R.M., Poll, E.: An overview of JML tools and applications. Int. J. Softw. Tools Technol. Transf. 7(3), 212–232 (2005) CrossRefGoogle Scholar
  10. Cataño, N., Huisman, M.: Chase: a static checker for JML’s assignable clause. In: VMCAI’03, Fourth International Conference on Verification, Model Checking and Abstract Interpretation, pp. 26–40. New York, New York (2003) Google Scholar
  11. Choi, J.D., Burke, M., Carini, P.: Efficient flow-sensitive interprocedural computation of pointer-induced aliases and side effects. In: Proceedings of the Twentieth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 232–245. Charleston, SC (1993) Google Scholar
  12. Clausen, L.R.: A Java bytecode optimizer using side-effect analysis. Concurr. Pract. Exp. 9(11), 1031–1045 (1997) CrossRefGoogle Scholar
  13. Cooper, K.D., Kennedy, K.: Interprocedural side-effect analysis in linear time. In: PLDI 1988, Proceedings of the SIGPLAN’88 Conference on Programming Language Design and Implementation, pp. 57–66. Atlanta, GA, USA (1988) Google Scholar
  14. Correa Jr., T.L., Quinonez, J., Ernst, M.D.: Tools for enforcing and inferring reference immutability in Java. In: Companion to Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2007), pp. 866–867. Montréal, Canada (2007) Google Scholar
  15. Dallmeier, V., Lindig, C., Wasylkowski, A., Zeller, A.: Mining object behavior with ADABU. In: WODA 2006: Workshop on Dynamic Analysis, pp. 17–24. Shanghai, China (2006) Google Scholar
  16. Dean, J., Grove, D., Chambers, C.: Optimization of object-oriented programs using static class hierarchy analysis. In: ECOOP’95, the 9th European Conference on Object-Oriented Programming, pp. 77–101. Åarhus, Denmark (1995) Google Scholar
  17. Demsky, B., Rinard, M.: Role-based exploration of object-oriented programs. In: ICSE’02, Proceedings of the 24th International Conference on Software Engineering, pp. 313–324. Orlando, Florida (2002) Google Scholar
  18. Dietl, W., Müller, P.: Universes: Lightweight ownership for JML. J. Object Technol. 4(8), 5–32 (2005) Google Scholar
  19. Diwan, A., Moss, J.E.B., McKinley, K.S.: Simple and effective analysis of statically-typed object-oriented programs. In: Conference on Object-Oriented Programming, Systems, Languages, and Applications, pp. 292–305. San Jose, CA, USA (1996) Google Scholar
  20. Dolado, J.J., Harman, M., Otero, M.C., Hu, L.: An empirical investigation of the influence of a type of side effects on program comprehension. IEEE Trans. Softw. Eng. 29(7), 665–670 (2003) CrossRefGoogle Scholar
  21. Ernst, M.D., Cockrell, J., Griswold, W.G., Notkin, D.: Dynamically discovering likely program invariants to support program evolution. IEEE Trans. Softw. Eng. 27(2), 99–123 (2001). A previous version appeared in ICSE’99, Proceedings of the 21st International Conference on Software Engineering, pp. 213–224. Los Angeles, CA, USA, 19–21 May 1999 CrossRefGoogle Scholar
  22. Foster, J.S., Fähndrich, M., Aiken, A.: A theory of type qualifiers. In: PLDI 1999, Proceedings of the ACM SIGPLAN’99 Conference on Programming Language Design and Implementation, pp. 192–203. Atlanta, GA, USA (1999) Google Scholar
  23. Fowler, M.: Refactoring: Improving the Design of Existing Code. Addison-Wesley, Reading (2000) Google Scholar
  24. Greenfieldboyce, D., Foster, J.S.: Type qualifier inference for Java. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2007), pp. 321–336. Montréal, Canada (2007) Google Scholar
  25. Guo, P.J.: A scalable mixed-level approach to dynamic analysis of C and C++ programs. Master’s thesis, MIT Department of Electrical Engineering and Computer Science, Cambridge, MA (2006) Google Scholar
  26. Hind, M.: Pointer analysis: Haven’t we solved this problem yet? In: ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’01), pp. 54–61. Snowbird, Utah, USA (2001) Google Scholar
  27. Hogg, J.: Islands: Aliasing protection in object-oriented languages. In: Conference on Object-Oriented Programming, Systems, Languages, and Applications, pp. 271–285. Phoeniz, AZ, USA (1991) Google Scholar
  28. Igarashi, A., Pierce, B.C., Wadler, P.: Featherweight Java: a minimal core calculus for Java and GJ. ACM Trans. Program. Lang. Syst. 23(3), 396–450 (2001) CrossRefGoogle Scholar
  29. Kniesel, G., Theisen, D.: JAC — access right based encapsulation for Java. Softw. Pract. Exp. 31(6), 555–576 (2001) MATHCrossRefGoogle Scholar
  30. Landi, W., Ryder, B.G.: A safe approximate algorithm for interprocedural pointer aliasing. In: PLDI 1992, Proceedings of the SIGPLAN’92 Conference on Programming Language Design and Implementation, pp. 235–248. San Francisco, Calif. (1992) Google Scholar
  31. Landi, W., Ryder, B.G., Zhang, S.: Interprocedural modification side effect analysis with pointer aliasing. In: PLDI 1993, Proceedings of the SIGPLAN’93 Conference on Programming Language Design and Implementation, pp. 56–67. Albuquerque, NM, USA (1993) Google Scholar
  32. Le, A., Lhoták, O., Hendren, L.: Using inter-procedural side-effect information in JIT optimizations. In: Compiler Construction: 14th International Conference, CC 2005, pp. 287–304. Edinburgh, Scotland (2005) Google Scholar
  33. Mariani, L., Pezzè, M.: Behavior capture and test: Automated analysis of component integration. In: International Conference on Engineering of Complex Computer Systems, pp. 292–301. Shanghai, China (2005) Google Scholar
  34. Milanova, A., Rountev, A., Ryder, B.G.: Parameterized object sensitivity for points-to and side-effect analyses for Java. In: ISSTA 2002, Proceedings of the 2002 International Symposium on Software Testing and Analysis, pp. 1–11. Rome, Italy (2002) Google Scholar
  35. Noble, J., Vitek, J., Potter, J.: Flexible alias protection. In: ECOOP’98, the 12th European Conference on Object-Oriented Programming, pp. 158–185. Brussels, Belgium (1998) Google Scholar
  36. O’Callahan, R., Choi, J.D.: Hybrid dynamic data race detection. In: Proceedings of the 9th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming, pp. 167–178. San Diego, CA, USA (2003). http://doi.acm.org/10.1145/781498.781528
  37. Pacheco, C., Lahiri, S.K., Ernst, M.D., Ball, T.: Feedback-directed random test generation. In: ICSE’07, Proceedings of the 29th International Conference on Software Engineering, pp. 75–84. Minneapolis, MN, USA (2007) Google Scholar
  38. Papi, M.M., Ali, M., Correa Jr., T.L., Perkins, J.H., Ernst, M.D.: Practical pluggable types for Java. In: ISSTA 2008, Proceedings of the 2008 International Symposium on Software Testing and Analysis, pp. 201–212. Seattle, WA, USA (2008) Google Scholar
  39. Pechtchanski, I., Sarkar, V.: Immutability specification and its applications. In: Joint ACM-ISCOPE Java Grande Conference, pp. 202–211. Seattle, WA (2002) Google Scholar
  40. Pierce, B.C.: Types and Programming Languages. MIT Press, Cambridge (2002) Google Scholar
  41. Polishchuk, M., Liblit, B., Schulze, C.: Dynamic heap type inference for program understanding and debugging. In: Proceedings of the 34rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 39–46. Nice, France (2007) Google Scholar
  42. Porat, S., Biberstein, M., Koved, L., Mendelson, B.: Automatic detection of immutable fields in Java. In: CASCON. Mississauga, Ontario, Canada (2000) Google Scholar
  43. Quinonez, J.: Inference of reference immutability in Java. Master’s thesis, MIT Department of Electrical Engineering and Computer Science, Cambridge, MA (2008) Google Scholar
  44. Quinonez, J., Tschantz, M.S., Ernst, M.D.: Inference of reference immutability. In: ECOOP 2008—Object-Oriented Programming, 22nd European Conference, pp. 616–641. Paphos, Cyprus (2008) Google Scholar
  45. Razafimahefa, C.: A study of side-effect analyses for Java. Master’s thesis, School of Computer Science, McGill University, Montreal, Canada (1999) Google Scholar
  46. Rountev, A.: Precise identification of side-effect-free methods in Java. In: ICSM 2004, Proceedings of the International Conference on Software Maintenance, pp. 82–91. Chicago, Illinois (2004) Google Scholar
  47. Rountev, A., Ryder, B.G.: Points-to and side-effect analyses for programs built with precompiled libraries. In: Compiler Construction: 10th International Conference, CC 2001, pp. 20–36. Genova, Italy (2001) Google Scholar
  48. Rountev, A., Milanova, A., Ryder, B.G.: Points-to analysis for Java based on annotated constraints. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2001), pp. 43–55. Tampa Bay, FL, USA (2001) Google Scholar
  49. Ruf, E.: Context-insensitive alias analysis reconsidered. In: PLDI 1995, Proceedings of the SIGPLAN’95 Conference on Programming Language Design and Implementation, pp. 13–22. La Jolla, CA, USA (1995) Google Scholar
  50. Ryder, B.G., Landi, W.A., Stocks, P.A., Zhang, S., Altucher, R.: A schema for interprocedural modification side-effect analysis with pointer aliasing. ACM Trans. Program. Lang. Syst. 23(2), 105–186 (2001) CrossRefGoogle Scholar
  51. Sălcianu, A.: Pointer analysis for Java programs: Novel techniques and applications. Ph.D. thesis, MIT Department of Electrical Engineering and Computer Science, Cambridge, MA (2006) Google Scholar
  52. Sălcianu, A., Rinard, M.C.: Purity and side-effect analysis for Java programs. In: VMCAI’05, Sixth International Conference on Verification, Model Checking and Abstract Interpretation, pp. 199–215. Paris, France (2005) Google Scholar
  53. Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., Anderson, T.: Eraser: A dynamic data race detector for multi-threaded programs. In: Proceedings of the 16th ACM Symposium on Operating Systems Principles, pp. 27–37. St. Malo, France (1997) Google Scholar
  54. Skoglund, M., Wrigstad, T.: A mode system for read-only references in Java. In: FTfJP’2001: 3rd Workshop on Formal Techniques for Java-like Programs. Glasgow, Scotland (2001) Google Scholar
  55. Stroustrup, B.: The C++ Programming Language, special edn. Addison-Wesley, Reading, (2000) Google Scholar
  56. Tip, F., Palsberg, J.: Scalable propagation-based call graph construction algorithms. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2000), pp. 281–293. Minneapolis, MN, USA (2000) Google Scholar
  57. Tkachuk, O., Dwyer, M.B.: Adapting side effects analysis for modular program model checking. In: ESEC/FSE 2003: Proceedings of the 9th European Software Engineering Conference and the 11th ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 188–197. Helsinki, Finland (2003) Google Scholar
  58. Tschantz, M.S.: Javari: Adding reference immutability to Java. Master’s thesis, MIT Department of Electrical Engineering and Computer Science, Cambridge, MA (2006) Google Scholar
  59. Tschantz, M.S., Ernst, M.D.: Javari: Adding reference immutability to Java. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2005), pp. 211–230. San Diego, CA, USA (2005) Google Scholar
  60. Vaziri, M., Tip, F., Fink, S., Dolby, J.: Declarative object identity using relation types. In: ECOOP 2007—Object-Oriented Programming, 21st European Conference, pp. 54–78. Berlin, Germany (2007) Google Scholar
  61. Weiser, M.: Program slicing. IEEE Trans. Softw. Eng. SE-10(4), 352–357 (1984) CrossRefGoogle Scholar
  62. Xie, T.: Augmenting automatically generated unit-test suites with regression oracle checking. In: ECOOP 2006—Object-Oriented Programming, 20th European Conference, pp. 380–403. Nantes, France (2006) Google Scholar
  63. Xu, H., Pickett, C.J.F., Verbrugge, C.: Dynamic purity analysis for Java programs. In: ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE 2007), pp. 75–82. San Diego, CA, USA (2007) Google Scholar
  64. Zibin, Y., Potanin, A., Ali, M., Artzi, S., Kieżun, A., Ernst, M.D.: Object and reference immutability using Java generics. In: ESEC/FSE 2007: Proceedings of the 11th European Software Engineering Conference and the 15th ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 75–84. Dubrovnik, Croatia (2007) Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2008

Authors and Affiliations

  • Shay Artzi
    • 1
  • Adam Kieżun
    • 1
  • Jaime Quinonez
    • 1
  • Michael D. Ernst
    • 1
  1. 1.MIT Computer Science and Artificial Intelligence LaboratoryCambridgeUSA

Personalised recommendations