Sawja: Static Analysis Workshop for Java

Static analysis is a powerful technique for automatic verification of programs but raises major engineering challenges when developing a full-fledged analyzer for a realistic language such as Java. Efficiency and precision of such a tool rely partly on low level components which only depend on the syntactic structure of the language and therefore should not be redesigned for each implementation of a new static analysis. This paper describes the Sawja library: a static analysis workshop fully compliant with Java 6 which provides OCaml modules for efficiently manipulating Java bytecode programs. We present the main features of the library, including i) efficient functional data-structures for representing a program with implicit sharing and lazy parsing, ii) an intermediate stack-less representation, and iii) fast computation and manipulation of complete programs. We provide experimental evaluations of the different features with respect to time, memory and precision.

[1]  David Pichardie,et al.  Secure the Clones - Static Enforcement of Policies for Secure Object Copying , 2011, ESOP.

[2]  Ondrej Lhoták,et al.  Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation , 2008, TSEM.

[3]  Benjamin Livshits,et al.  Reflection Analysis for Java , 2005, APLAS.

[4]  Yannis Smaragdakis,et al.  Strictly declarative specification of sophisticated points-to analyses , 2009, OOPSLA '09.

[5]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[6]  Laurie Hendren,et al.  Soot: a Java bytecode optimization framework , 2010, CASCON.

[7]  Martín Abadi,et al.  A type system for Java bytecode subroutines , 1999, TOPL.

[8]  Laurent Hubert A non-null annotation inferencer for Java bytecode , 2008, PASTE '08.

[9]  Fausto Spoto,et al.  Julia: A Generic Static Analyser for the Java Bytecode , 2005 .

[10]  Troy Downing,et al.  Java Virtual Machine , 1997 .

[11]  Emmanuel Chailloux,et al.  Experience report: using objective caml to develop safety-critical embedded tools in a certification framework , 2009, ICFP.

[12]  David Pichardie,et al.  Enforcing Secure Object Initialization in Java , 2010, ESORICS.

[13]  Ondrej Lhoták,et al.  Scaling Java Points-to Analysis Using SPARK , 2003, CC.

[14]  David F. Bacon,et al.  Fast static analysis of C++ virtual function calls , 1996, OOPSLA '96.

[15]  David Grove,et al.  Optimization of Object-Oriented Programs Using Static Class Hierarchy Analysis , 1995, ECOOP.

[16]  Jens Palsberg,et al.  Scalable propagation-based call graph construction algorithms , 2000, OOPSLA '00.

[17]  David Grove,et al.  A framework for call graph construction algorithms , 2001, TOPL.

[18]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI '03.

[19]  M. Friedman,et al.  On Programming of Arithmetic Operations , .

[20]  John Whaley,et al.  Dynamic Optimization through the use of Automatic Runtime Specialization , 1999 .

[21]  Donald R. Morrison,et al.  PATRICIA—Practical Algorithm To Retrieve Information Coded in Alphanumeric , 1968, J. ACM.

[22]  Eva Rose,et al.  Lightweight Bytecode Verification , 2004, Journal of Automated Reasoning.

[23]  David Pichardie,et al.  A Provably Correct Stackless Intermediate Representation for Java Bytecode , 2010, APLAS.