Program Analysis Scenarios in Rascal

Rascal is a meta programming language focused on the implementation of domain-specific languages and on the rapid construction of tools for software analysis and software transformation. In this paper we focus on the use of Rascal for software analysis. We illustrate a range of scenarios for building new software analysis tools through a number of examples, including one showing integration with an existing Maude-based analysis. We then focus on ongoing work on alias analysis and type inference for PHP, showing how Rascal is being used, and sketching a hypothetical solution in Maude. We conclude with a high-level discussion on the commonalities and differences between Rascal and Maude when applied to program analysis.

[1]  D. T. Lee,et al.  Securing web application code by static analysis and runtime protection , 2004, WWW '04.

[2]  Arie van Deursen,et al.  The ASF+SDF Meta-environment: A Component-Based Language Development Environment , 2001 .

[3]  Stanley M. Sutton,et al.  Accelerating the creation of customized, language-Specific IDEs in Eclipse , 2009, OOPSLA.

[4]  Marcelo d'Amorim,et al.  Tainted Flow Analysis on e-SSA-Form Programs , 2011, CC.

[5]  Pierre-Etienne Moreau A Choice-Point Library for Backtrack Programming , 1998, Implementation Technology for Programming Languages based on Logic.

[6]  Paul Klint,et al.  A Case of Visitor versus Interpreter Pattern , 2011, TOOLS.

[7]  Christopher Krügel,et al.  Pixy: a static analysis tool for detecting Web application vulnerabilities , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[8]  Paul Klint,et al.  Rascal: From Algebraic Specification to Meta-Programming , 2011, AMMSE.

[9]  Jong-Deok Choi,et al.  Interprocedural pointer alias analysis , 1999, TOPL.

[10]  James R. Cordy,et al.  The TXL source transformation language , 2006, Sci. Comput. Program..

[11]  Grigore Rosu,et al.  Rule-Based Analysis of Dimensional Safety , 2003, RTA.

[12]  Dirk Beyer,et al.  Relational programming with CrocoPat , 2006, ICSE.

[13]  Christopher Krügel,et al.  Precise alias analysis for static detection of web application vulnerabilities , 2006, PLAS '06.

[14]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[15]  Oscar Nierstrasz,et al.  Traits: Composable Units of Behaviour , 2002, ECOOP.

[16]  MeseguerJosé Conditional rewriting logic as a unified model of concurrency , 1992 .

[17]  Paul Anderson,et al.  The CodeSurfer software understanding platform , 2005, 13th International Workshop on Program Comprehension (IWPC'05).

[18]  Pierre-Etienne Moreau,et al.  Tom: Piggybacking Rewriting on Java , 2007, RTA.

[19]  Terence Parr The Definitive ANTLR Reference: Building Domain-Specific Languages , 2007 .

[20]  Paul Klint,et al.  Efficient annotated terms , 2000, Softw. Pract. Exp..

[21]  Richard C. Holt Grokking Software Architecture , 2008 .

[22]  Eelco Visser,et al.  Stratego/XT 0.17. A language and toolset for program transformation , 2008, Sci. Comput. Program..

[23]  Feng Chen,et al.  Certifying measurement unit safety policy , 2003, 18th IEEE International Conference on Automated Software Engineering, 2003. Proceedings..

[24]  Arie van Deursen,et al.  The Asf+Sdf Meta-Environment: a Component-Based Language Development Environment , 2001, LDTA@ETAPS.

[25]  Paul Klint,et al.  Scripting a refactoring with Rascal and Eclipse , 2012, WRT '12.

[26]  José Meseguer,et al.  The Maude LTL Model Checker , 2004, WRLA.

[27]  Paul Klint Using Rscript for Software Analysis , 2008 .

[28]  Grigore Rosu,et al.  A Rewriting Logic Approach to Static Checking of Units of Measurement in C , 2012, RULE.

[29]  Paul Klint,et al.  EASY Meta-programming with Rascal , 2009, GTTSE.

[30]  Ole Agesen The Cartesian Product Algorithm: Simple and Precise Type Inference Of Parametric Polymorphism , 1995, ECOOP.

[31]  João Saraiva,et al.  Generative and Transformational Techniques in Software Engineering II , 2007, Lecture Notes in Computer Science.

[32]  Richard C. Holt WCRE 1998 Most Influential Paper: Grokking Software Architecture , 2008, 2008 15th Working Conference on Reverse Engineering.

[33]  Paul Klint,et al.  RLSRunner: Linking Rascal with K for Program Analysis , 2011, SLE.

[34]  Grigore Rosu,et al.  A Rewriting Logic Semantics Approach to Modular Program Analysis , 2010, RTA.

[35]  Antonio Vallecillo,et al.  Objects, Models, Components, Patterns , 2011, Lecture Notes in Computer Science.

[36]  Philip Wadler Call-by-Value Is Dual to Call-by-Name - Reloaded , 2005, RTA.

[37]  José Meseguer,et al.  Formal Analysis of Java Programs in JavaFAN , 2004, CAV.

[38]  Martin Wirsing,et al.  Algebraic Specification , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[39]  Christopher G. Lasater,et al.  Design Patterns , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[40]  Grigore Rosu,et al.  An overview of the K semantic framework , 2010, J. Log. Algebraic Methods Program..

[41]  Luca Cardelli,et al.  ECOOP 2003 – Object-Oriented Programming , 2003, Lecture Notes in Computer Science.

[42]  Grigore Rosu,et al.  A Rewrite Framework for Language Definitions and for Generation of Efficient Interpreters , 2006, WRLA.

[43]  Narciso Martí-Oliet,et al.  All About Maude - A High-Performance Logical Framework, How to Specify, Program and Verify Systems in Rewriting Logic , 2007, All About Maude.

[44]  Chucky Ellison,et al.  An executable formal semantics of C with applications , 2011, POPL '12.

[45]  D. T. Lee,et al.  Verifying Web applications using bounded model checking , 2004, International Conference on Dependable Systems and Networks, 2004.

[46]  José Meseguer,et al.  The Rewriting Logic Semantics Project , 2006, SOS@ICALP.

[47]  Paul Klint,et al.  The syntax definition formalism SDF—reference manual— , 1989, SIGP.

[48]  Adrián Riesco,et al.  A Complete Declarative Debugger for Maude , 2010, AMAST.

[49]  Matthias Jarke,et al.  Logic Programming and Databases , 1984, Expert Database Workshop.

[50]  Tijs van der Storm,et al.  RASCAL: A Domain Specific Language for Source Code Analysis and Manipulation , 2009, 2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation.

[51]  William F. Opdyke,et al.  Refactoring object-oriented frameworks , 1992 .

[52]  Paul Klint,et al.  Using The Meta-Environment for Maintenance and Renovation , 2007, 11th European Conference on Software Maintenance and Reengineering (CSMR'07).