Global Mutable State Analysis in Spring MVC Applications

Global Mutable State Analysis in Spring MVC Applications

John L. Singleton

University of Central Florida

Formal Methods @ UCF

The Problem: Global Mutable State

• Web applications make extensive use of a form of Global Mutable State called “session.”

• The behavior of session closely resembles global variables, which are widely considered a form of code smell.

• But more importantly, the use of global variables increase module coupling.


Goal: Investigate Use of Global Mutable State in Spring-Based Web Applications• Test Hypothesis:

“The use of global mutable state leads to tighter coupling and therefore results in lower program reliability.”

• Static Analysis Question:

Which program executions may be influenced by the modification of a given GMS variable.


Approach: Static Analysis of Spring-Based Web Applications

• Since Verily already has support for static checking, the tool was built within Verily.

• Verily internally leverages ANTLR to handle parsing and AST building.

• Build data sets for finding problematic uses of GMS and making specific recommendations about use of GMS in web applications.


Analysis Method

Our tool performed 4 types of graph analysis:• Module • Variable• Behavior (read/write >=0)• Behavior (read/write > 0 – must use the value)

Additionally, we generated plot data for computing metrics we define in this presentation.

Module Example


• Large Squares represent modules.

• “Points” represent use of a single GMS variable.

• Multiple arrows leaving a point implies multiple usages within a module.

• Arrows point to module in which the variable is modified

Shared Issues Application

Variable Example


• Variable analysis gives more specific information about the use of variables.

• Line number, module, etc.

• Useful for interpreting the other two types of behavior analysis.

• These networks are huge and hard to display in slides.

ELTabique Application

Behavior Example (with single writes)


• Behavior analysis makes it easy to visualize application GMS behavior.

• Possible to quickly classify the type of behavior being used for a specific GMS variable.

• With writes shows variables that are only written to but never read.

NCLodger Application

Behavior Example (w/o single writes)


• Same type of analysis as other type of Behavior analysis.

• Excludes GMS variables that are written to but never used again.

MivProject Application

Results


Network Classification

Analysis revealed several different types of networks.

• These networks appear to recur in application designs.

• Each subnetwork represents the behavior over a GMS variable.


Type 1: Ideal GMS Usage

• The ideal usage of GMS is such that there exists exactly one universal sink in a subgraph.

• Lowest amount of cross module coupling.

• (Verily’s GMS recipe enforces this check)


Type 2: Less Ideal GMS Usage

• This type of network has multiple sinks and multiple reads within the network.

• Multiple Reads, Multiple Writes


Type 3: Least Ideal GMS Usage

• This type of network has many different write operations compared to the number of reads.

• This results in the highest form of coupling since it crosses the most number of modules.

• High Writes, Low Reads


Quantifying GMS Use

We define two sets for analyzing these networks:


Quantifying GMS Use: GMC

We then calculate Global Mutable Coupling as a measure of GMS use:


Quantifying GMS Use: Network Impact


Example: The Ideal Case


• For both networks, GMC = 1 and are therefore ideal.

• Note that we don’t consider more “readers” to increase the value of GMC.

Example: Less Ideal Cases


• GMC = 16, which shows a high degree of coupling impact.

• Modifications in 4 different program points influence the network in two difference places.

Example: Less Ideal Cases


• GMC = 49, which shows a very high degree of coupling impact.

• This application is coupled across 7 possible modules.

Case Studies


Source Data


To inform our analysis, we randomly pulled projects off of Github that made use of Spring MVC and Global Mutable State

There are approximately 184,000 such projects available for analysis.

Our analysis was based on the following projects:

• MivProject• TwitterApp• SharedIssues• NCLodger• EITabique

GMS Analysis: MivProject


0 1 2 3 4 5 6 7 80

0.5

1

1.5

2

2.5

3

3.5

4

4.5

0.0071430.007143000 1.4

0.160714 0.342857

0.0071430.007143

0.1607140.010714

0.007143

0.017857

0.2857140.0071430.007143 0.1285710.1285710.0071430.0071430.007143

Read/Write + Network Size(GMI Value Inside Circle)

Writes

Rea

ds

GMS Analysis: MivProject


GMS Analysis: SOEN387


0 1 2 3 4 5 6 7 80

2

4

6

8

10

12

14

0.930233

1.8895351.889535

5.412791

0.523256

0

1.889535

Read/Write + Network Size(GMI Value Inside Circle)

Writes

Rea

ds

GMS Analysis: SOEN387


Other Findings


Many Usages of GMS are to Deliver Information to Other Tiers


The Use of Session in Web Applications Can Be Quite Complex


And Even Beautiful…


Thank You

• To learn more about Verily:• http://goverily.org

• More about Formal Methods @ UCF:• http://www.eecs.ucf.edu/~leavens/formal-methods-lab/


http://goverily.org/

http://www.eecs.ucf.edu/~leavens/formal-methods-lab/

http://www.eecs.ucf.edu/~leavens/formal-methods-lab/

Global Mutable State Analysis in Spring MVC Applications

Technology

Transcript of Global Mutable State Analysis in Spring MVC Applications