Institute for Software Research
School of Computer Science, Carnegie Mellon University
Proper Plugin Protocols
Ciera N.C. Jaspan
Ph.D. Thesis (SE)
The ability of the software engineering community to achieve high levels of reuse from software frameworks has been tempered by the difficulty in understanding how to reuse them properly. When written correctly, a plugin can take advantage of the framework‚s code and architecture to provide a rich application with relatively few lines of code. Unfortunately, doing this correctly is difficult because frameworks frequently require plugin developers to be aware of complex protocols between objects, and improper use of these protocols causes exceptions and unexpected behavior at run time. This dissertation introduces collaboration constraints, rules governing how multiple objects may interact in a complex protocol. These constraints are particularly difficult to understand and analyze because they may extend across type boundaries and even programming language boundaries. This thesis improves the state of the art through two mechanisms. First, it provides a deep understanding of these collaboration constraints and the framework designs which create them. Second, it introduces Fusion, an adoptable specification language and static analysis tool, that detects broken collaboration constraints in plugin code and demonstrates how to achieve this goal in a cost-effective manner that is practical for industry use.
In this dissertation, I have done an empirical study of framework help forums which showed that collaboration constraints are burdensome for developers, as they take hours or even days to resolve. From this empirical study, I have identified several common properties of collaboration constraints. This motivated a new specification language, called Fusion, that is tailored for specifying collaboration constraints in a practical way. The specification language uses relationships to describe the abstract associations between objects and allows developers to specify collaboration constraints as logical predicates of relationships. Since a relationship is an abstraction above the code, this allows developers to easily specify constraints that cross type and language boundaries. There are three variants of the analysis: a sound variant that has false positives but no false negatives, a complete variant that has false negatives but no false positives, and a pragmatic variant that attempts to balance this tradeoff. In this dissertation, I successfully used Fusion to specify and analyze constraints from examples found in the help forums of the ASP.NET and Spring frameworks. Additionally, I ran Fusion on DaCapo, a 1.5 MLOC DaCapo benchmark for program analysis, to show that Fusion is scalable and provides precise enough results for industry with low specification cost.
This dissertation examines many tradeoffs: the tradeoffs of framework designs, the tradeoffs of specification precision, and the tradeoffs of program analysis results are all featured. A central theme of this work is that there is no single right solution to collaboration constraints; there are only solutions that work better for a particular instance of the problem.