DescriptionMany modern applications (e.g. web applications) are composed of a relatively small amount of application code that calls a large number of third-party libraries and frameworks. Such framework-intensive systems typically exhibit different
characteristics from traditional applications. Current tools and techniques
are often inadequate in analyzing applications of such scale and complexity. Approaches based on static analysis suffer problems of insufficient scalability and/or insufficient precision. Purely dynamic analyses,
introduce too much execution overhead, especially for production systems, or are too limited in the information gathered.
The main contribution of this thesis is a new analysis paradigm, blended analysis, combines elements of static and dynamic analyses in order to enable analyses of framework-intensive applications that achieve good precision at a practical cost. This is accomplished by narrowing the focus of a static analysis to a set of executions of interest identified using a lightweight dynamic analysis. We also present an optimization technique that further reduces the amount of code to be analyzed by removing infeasible basic blocks, and leads to significant increases in scalability and precision of the analysis. We contribute Elude, a publicly available framework for blended analysis of Java programs.
We demonstrate the usefuless of blended analysis in practice by applying it to object churn, a common problem in framework-intensive applications caused by the excessive usage of temporary objects. We present a set of new metrics to characterize the usage and complexity of temporaries. We use an instantiation of the blended analysis paradigm, blended escape analysis, to compute these metrics for a set of real framework-intensive applications. Using these results we perform a detailed analysis of temporaries in these
applications. We also use our technique to identify a set of problematic scenarios in a commercial application.