Continuous Reasoning for Real-World Program Analysis Tools

Having high-quality and reliable software is an increasingly stringent requirement for most organisations. While traditional static program analysis techniques, such as symbolic execution and formal verification, can help produce error-free software, their successful application to large, rapidly-changing codebases has been limited. In response to this, recent years have seen the development of a number of tools that specifically target their analysis at real-world projects. At Facebook, the Infer tool has been successfully deployed to find lightweight bugs in codebases spanning millions of lines of code, by leveraging various continuous reasoning techniques. This project extends Gillian, a multi-language platform for symbolic analysis developed in the Verified Software group at Imperial, with continuous reasoning foundations that substantially advance its applicability to real-world projects. In particular, we have: extended its instantiations for C and JavaScript in order to allow them to analyse multi-file projects; and incorporated a mechanism for reusing previously-stored results in order to focus analysis on only the fragments of the source program that have changed. Finally, by analysing two real-world JavaScript and C projects, we have demonstrated the significant improvement in the usability of Gillian by a general developer, as well as the correctness of our implementation.

[1]  C. Peirce,et al.  Collected Papers of Charles Sanders Peirce , 1936, Nature.

[2]  James C. King,et al.  Symbolic execution and program testing , 1976, CACM.

[3]  Richard E. Fairley,et al.  Tutorial: Static Analysis and Dynamic Testing of Computer Software , 1978, Computer.

[4]  David R. O'Hallaron,et al.  Computer Systems: A Programmer's Perspective , 1991 .

[5]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.

[6]  Peter W. O'Hearn,et al.  Local Reasoning about Programs that Alter Data Structures , 2001, CSL.

[7]  Cristiano Calcagno,et al.  Modular Automatic Assertion Checking with Separation Logic , 2005 .

[8]  Patrick Cousot,et al.  The ASTREÉ Analyzer , 2005, ESOP.

[9]  Peter W. O'Hearn,et al.  Symbolic Execution with Separation Logic , 2005, APLAS.

[10]  Peter W. O'Hearn,et al.  Smallfoot: Modular Automatic Assertion Checking with Separation Logic , 2005, FMCO.

[11]  Sriram K. Rajamani,et al.  Thorough static analysis of device drivers , 2006, EuroSys.

[12]  Peter W. O'Hearn,et al.  Scalable Shape Analysis for Systems Code , 2008, CAV.

[13]  Peter W. O'Hearn,et al.  Space Invading Systems Code , 2009, LOPSTR.

[14]  Dawson R. Engler,et al.  RWset: Attacking Path Explosion in Constraint-Based Test Generation , 2008, TACAS.

[15]  Peter W. O'Hearn,et al.  Compositional Shape Analysis by Means of Bi-Abduction , 2011, JACM.

[16]  D. Engler,et al.  A few billion lines of code later , 2010, Commun. ACM.

[17]  Frank Piessens,et al.  A Quick Tour of the VeriFast Program Verifier , 2010, APLAS.

[18]  Sarfraz Khurshid,et al.  Symbolic execution for software testing in practice: preliminary assessment , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[19]  Frank Piessens,et al.  VeriFast: A Powerful, Sound, Predictable, Fast Verifier for C and Java , 2011, NASA Formal Methods.

[20]  Cristiano Calcagno,et al.  Infer: An Automatic Program Verifier for Memory Safety of C Programs , 2011, NASA Formal Methods.

[21]  Dror G. Feitelson,et al.  Development and Deployment at Facebook , 2013, IEEE Internet Computing.

[22]  Lauretta O. Osho,et al.  Axiomatic Basis for Computer Programming , 2013 .

[23]  Peter W. O'Hearn,et al.  Moving Fast with Software Verification , 2015, NFM.

[24]  Philippa Gardner,et al.  JaVerT: JavaScript verification toolchain , 2017, Proc. ACM Program. Lang..

[25]  Peter W. O'Hearn,et al.  Continuous Reasoning: Scaling the impact of formal methods , 2018, LICS.

[26]  Philippa Gardner,et al.  JaVerT 2.0: compositional symbolic execution for JavaScript , 2019, Proc. ACM Program. Lang..

[27]  Balaji Varanasi,et al.  Continuous Integration , 2019, Introducing Maven.

[28]  Philippa Gardner,et al.  Gillian, part i: a multi-language platform for symbolic execution , 2020, PLDI.