skip to main content
article
Public Access

A vision for online verification-validation

Published:20 October 2016Publication History
Skip Abstract Section

Abstract

Today's programmers face a false choice between creating software that is extensible and software that is correct. Specifically, dynamic languages permit software that is richly extensible (via dynamic code loading, dynamic object extension, and various forms of reflection), and today's programmers exploit this flexibility to "bring their own language features" to enrich extensible languages (e.g., by using common JavaScript libraries). Meanwhile, such library-based language extensions generally lack enforcement of their abstractions, leading to programming errors that are complex to avoid and predict.

To offer verification for this extensible world, we propose online verification-validation (OVV), which consists of language and VM design that enables a "phaseless" approach to program analysis, in contrast to the standard static-dynamic phase distinction. Phaseless analysis freely interposes abstract interpretation with concrete execution, allowing analyses to use dynamic (concrete) information to prove universal (abstract) properties about future execution.

In this paper, we present a conceptual overview of OVV through a motivating example program that uses a hypothetical database library. We present a generic semantics for OVV, and an extension to this semantics that offers a simple gradual type system for the database library primitives. The result of instantiating this gradual type system in an OVV setting is a checker that can progressively type successive continuations of the program until a continuation is fully verified. To evaluate the proposed vision of OVV for this example, we implement the VM semantics (in Rust), and show that this design permits progressive typing in this manner.

References

  1. Jong-hoon (David) An, Avik Chaudhuri, and Jeffrey S. Foster. Static typing for Ruby on Rails. In Automated Software Engineering (ASE), 2009.Google ScholarGoogle Scholar
  2. Esben Andreasen and Anders Møller. Determinacy in static analysis for jQuery. In Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Kenichi Asai. Reflection in direct style. In Generative Programming and Component Engineering (GPCE), 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Kenichi Asai, Satoshi Matsuoka, and Akinori Yonezawa. Duplication and partial evaluation for a better understanding of reflective languages. Lisp and Symbolic Computation, 9(2-3), 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. SungGyeong Bae, Hyunghun Cho, Inho Lim, and Sukyoung Ryu. SAFEWAPI: web API misuse detector for web applications. In Foundations of Software Engineering (FSE), 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Nels E. Beckman, Aditya V. Nori, Sriram K. Rajamani, Robert J. Simmons, Sai Deep Tetali, and Aditya V. Thakur. Proofs from tests. IEEE Transactions on Software Engineering, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Pramod Bhatotia, Alexander Wieder, Rodrigo Rodrigues, Umut A. Acar, and Rafael Pasquin. Incoop: MapReduce for incremental computations. In Cloud Computing (SoCC), 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Pramod Bhatotia, Pedro Fonseca, Umut A. Acar, Björn B. Brandenburg, and Rodrigo Rodrigues. iThreads: A threading library for parallel incremental computation. In Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Eric Bodden, Andreas Sewe, Jan Sinschek, Hela Oueslati, and Mira Mezini. Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders. In International Conference on Software Engineering (ICSE), 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Adam Chlipala, Leaf Petersen, and Robert Harper. Strict bidirectional type checking. 2005.Google ScholarGoogle Scholar
  11. Ravi Chugh, David Herman, and Ranjit Jhala. Dependent types for JavaScript. In Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Ravi Chugh, Patrick Maxim Rondon, and Ranjit Jhala. Nested refinements: a logic for duck typing. In Principles of Programming Languages (POPL), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Olivier Danvy and Karoline Malmkjær. Intensions and extensions in a reflective tower. In LISP and Functional Programming, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Jim des Rivières and Brian Cantwell Smith. The implementation of procedurally reflective languages. In LISP and Functional Programming, 1984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Bruno Dufour, Barbara G. Ryder, and Gary Sevitsky. Blended analysis for performance understanding of framework-based applications. In Software Testing and Analysis (ISSTA), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Joshua Dunfield and Neelakantan R. Krishnaswami. Sound and complete bidirectional typechecking for higher-rank polymorphism with existentials and indexed types. CoRR, abs/1601.05106, 2016.Google ScholarGoogle Scholar
  17. Sebastian Erdweg, Oliver Bracevac, Edlira Kuci, Matthias Krebs, and Mira Mezini. A co-contextual formulation of type rules and its application to incremental type checking. In Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Jean-Christophe Filliˆatre and Sylvain Conchon. Type-safe modular hash-consing. In Proceedings of the 2006 Workshop on ML. ACM, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Daniel P. Friedman and Mitchell Wand. Reification: Reflection without metaphysics. In LISP and Functional Programming, 1984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Michael Furr, Jong hoon (David) An, and Jeffrey S. Foster. Profile-guided static typing for dynamic scripting languages. In Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Philippa Gardner, Sergio Maffeis, and Gareth David Smith. Towards a program logic for JavaScript. In Principles of Programming Languages (POPL), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Patrice Godefroid, Nils Klarlund, and Koushik Sen. DART: Directed automated random testing. In Programming Language Design and Implementation (PLDI), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Neville Grech, Julian Rathke, and Bernd Fischer. Preemptive type checking in dynamically typed languages. In Theoretical Aspects of Computing - ICTAC, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  24. Philip J. Guo and Dawson Engler. Using automatic persistent memoization to facilitate data analysis scripting. In Software Testing and Analysis (ISSTA), 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Matthew A. Hammer, Yit Phang Khoo, Michael Hicks, and Jeffrey S. Foster. Adapton: Composable, demand-driven incremental computation. In Programming Language Design and Implementation (PLDI), 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Matthew A. Hammer, Joshua Dunfield, Kyle Headley, Nicholas Labich, Jeffrey S. Foster, Michael W. Hicks, and David Van Horn. Incremental computation with names. In Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Simon Holm Jensen, Anders Møller, and Peter Thiemann. Type analysis for JavaScript. In Static Analysis (SAS), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Vineeth Kashyap, Kyle Dewey, Ethan A. Kuefner, John Wagner, Kevin Gibbons, John Sarracino, Ben Wiedermann, and Ben Hardekopf. JSAI: a static analysis platform for JavaScript. In Foundations of Software Engineering (FSE), 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Benjamin S. Lerner, Liam Elberty, Jincheng Li, and Shriram Krishnamurthi. Combining form and function: Static types for jQuery programs. In Object-Oriented Programming (ECOOP), 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Paul Blain Levy. Call-by-push-value: A subsuming paradigm. In Typed Lambda Calculi and Applications (TLCA), 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Paul Blain Levy. Call-by-push-value: A Functional/imperative Synthesis, volume 2. 2003.Google ScholarGoogle Scholar
  32. Changhee Park and Sukyoung Ryu. Scalable and precise static analysis of JavaScript applications via loop-sensitivity. In Object-Oriented Programming (ECOOP), 2015.Google ScholarGoogle Scholar
  33. William Pugh. Incremental Computation via Function Caching. PhD thesis, Cornell University, 1988.Google ScholarGoogle Scholar
  34. William Pugh and Tim Teitelbaum. Incremental computation via function caching. In Principles of Programming Languages (POPL), 1989. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Max Schäfer, Manu Sridharan, Julian Dolby, and Frank Tip. Dynamic determinacy analysis. In Programming Language Design and Implementation (PLDI), 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Jeremy G. Siek and Walid Taha. Gradual typing for functional languages. In Scheme and Functional Programming Workshop, 2006.Google ScholarGoogle Scholar
  37. Jeremy G. Siek and Walid Taha. Gradual typing for objects. In Object-Oriented Programming (ECOOP), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Brian Cantwell Smith. Reflection and semantics in Lisp. In Principles of Programming Languages (POPL), 1984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Manu Sridharan, Julian Dolby, Satish Chandra, Max Schäfer, and Frank Tip. Correlation tracking for points-to analysis of JavaScript. In Object-Oriented Programming (ECOOP), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Mitchell Wand and Daniel P. Friedman. The mystery of the tower revealed: A nonreflective description of the reflective tower. Lisp and Symbolic Computation, 1(1), 1988.Google ScholarGoogle Scholar
  41. Shiyi Wei and Barbara G. Ryder. Practical blended taint analysis for JavaScript. In Software Testing and Analysis (ISSTA), 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Introduction Overview OVV Machine Semantics Gradual Typing for Simple Databases Discussion Related Work ConclusionGoogle ScholarGoogle Scholar

Index Terms

  1. A vision for online verification-validation

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Article Metrics

            • Downloads (Last 12 months)21
            • Downloads (Last 6 weeks)5

            Other Metrics

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!