StaticDynamic Analysis Tools Alex Aiken David Evans Dawson

Static/Dynamic Analysis Tools Alex Aiken David Evans Dawson Engler Henny Sipma Scott Mc. Peak Klaus Havelund Yuan Yu

Intro • PL and Compilers background • Interests in – Static analysis – Dynamic analysis – Scalability (1 M+ LOC)

2010 2009 2008 2007 2006 2005 2014 2013 2012 2011 2015

Rare Buffer Overrun Wrecks Ship SAN JOSE, COSTA RICA --- A rare form of software error known as a “buffer overrun” has caused the only ship in the Costa Rican navy to run aground on the Atlantic Coast of this Central American country. The ship was using decades-old software by Microsoft, a once giant company that dominated the software industry until the introduction of software liability laws earlier in the century …

Low-Level Bugs Becoming Rare • Buffer overruns are gone – Tools + annotation for legacy code – Recompiled with special tools – New code written in safe languages • Tools much improved – – – Static analysis routinely used on 100 MLOC Many new properties can be handled Educated user population Dividing line between static/dynamic analysis much clearer Less diversity • Possible problem – Everything becomes more dynamic over time

Robotic Dog Bites Owner SAN JOSE, CA --- A robotic pet bit and then chased its owner to the roof of a house during the early morning hours Monday. The normally friendly robot is the first case of the “rabies virus” in the San Jose area. It is believed the disease was acquired while visiting Los Angeles, where a major rabies outbreak is still being contained. Robot owners are cautioned against allowing pets to share tricks with other …

Higher-Level Bugs Still Problematic • Lack of specifications – Still hard to write – But even harder to imagine – Programmers don’t know the spec • Specifications come late – Usually after the code – Often after a disaster • Dynamic analysis will be important here – Analysis of runs in the field by users – Doesn’t require a specification to notice problems – E. g. , Watson, Talk. Back

What is a Verification Grand Challenge? • Something industry won’t do – But this area has industrial interest. . . – Caution: The Human Genome project • Something where verification is needed – Not just bug finding – Cost of failure must be extremely high

Suggestions • Contest – $2 M prize to verify X – X = { NASA control software, critical public infrastructure, medical application } • Tax on large government projects – Crazy suggestion: 2% of future government software development bids go to research on building the same artifact.