The Julia Static Analyzer for Java

The Julia static analyzer applies abstract interpretation to the analysis and verification of Java bytecode. It is the result of 13 years of engineering effort based on theoretical research on denotational and constraint-based static analysis through abstract interpretation. Julia is a library for static analysis, over which many checkers have been built, that verify the absence of a large set of typical errors of software: among them are null-pointer accesses, non-termination, wrong synchronization and injection threats to security. This article recaps the history of Julia, describes the technology under the hood of the tool, reports lessons learned from the market, current limitations and future work.

[1]  Neil D. Jones,et al.  The size-change principle for program termination , 2001, POPL '01.

[2]  Fausto Spoto,et al.  Class analyses as abstract interpretations of trace semantics , 2003, TOPL.

[3]  Michael D. Ernst,et al.  Boolean Formulas for the Static Identification of Injection Attacks in Java , 2015, LPAR.

[4]  David Holmes,et al.  Java Concurrency in Practice , 2006 .

[5]  Étienne Payet,et al.  Magic-Sets Transformation for the Analysis of Java Bytecode , 2007, SAS.

[6]  Fausto Spoto Precise null-pointer analysis , 2009, Software & Systems Modeling.

[7]  David L. Dill,et al.  Timing Assumptions and Verification of Finite-State Concurrent Systems , 1989, Automatic Verification Methods for Finite State Systems.

[8]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[9]  Frédéric Mesnard,et al.  A new look at the automatic synthesis of linear ranking functions , 2012, Inf. Comput..

[10]  Jens Palsberg,et al.  Object-oriented type inference , 1991, OOPSLA 1991.

[11]  Anders Göransson Efficient Android Threading - Asynchronous Processing Techniques for Android Applications , 2014 .

[12]  Andreas Krause,et al.  Learning programs from noisy data , 2016, POPL.

[13]  Stefano Secci,et al.  Pair-Sharing Analysis of Object-Oriented Programs , 2005, SAS.

[14]  Peter J. Stuckey,et al.  Testing for Termination with Monotonicity Constraints , 2005, ICLP.

[15]  Fausto Spoto,et al.  Detecting Non-cyclicity by Abstract Compilation into Boolean Functions , 2006, VMCAI.

[16]  Roberto Bagnara,et al.  The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems , 2006, Sci. Comput. Program..

[17]  Étienne Payet,et al.  A termination analyzer for Java bytecode based on path-length , 2010, TOPL.

[18]  Glynn Winskel,et al.  The formal semantics of programming languages - an introduction , 1993, Foundation of computing series.

[19]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[20]  Elvira Albert,et al.  COSTA: Design and Implementation of a Cost and Termination Analyzer for Java Bytecode , 2008, FMCO.

[21]  Michael D. Ernst,et al.  Inference of field initialization , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[22]  Andreas Podelski,et al.  A Complete Method for the Synthesis of Linear Ranking Functions , 2004, VMCAI.

[23]  Étienne Payet,et al.  Static analysis of Android programs , 2012, Inf. Softw. Technol..

[24]  Michael D. Ernst,et al.  Locking Discipline Inference and Checking , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).

[25]  Fausto Spoto,et al.  Definite Expression Aliasing Analysis for Java Bytecode , 2012, ICTAC.

[26]  Saumya K. Debray,et al.  Global Flow Analysis as a Practical Compilation Tool , 1992, J. Log. Program..

[27]  Fausto Spoto,et al.  Reachability Analysis of Program Variables , 2012, IJCAR.

[28]  Michael D. Ernst,et al.  Semantics for Locking Specifications , 2015, NFM.