BT

Your opinion matters! Please fill in the InfoQ Survey!

Facebook’s New AL Language Aims to Simplify Static Program Analysis

| by Sergio De Simone Follow 5 Followers on May 27, 2017. Estimated reading time: 1 minute |

AL is a simple, declarative language for reasoning about abstract syntax trees that allows a developer to extend the Facebook Infer static analyzer.

Written in OCaml, Infer is able to signal Null pointer accesses, resource and memory leaks, and other detectable errors in C, Java, and Objective-C code. According to Facebook, Infer correctly identifies bugs in 80% of the cases in their mobile apps for iOS and Android.

AL tries to overcome one of Infer’s limitations by making it more easy to extend it, a task that required both static analysis expertise and knowledge about Infer’s internals. In particular, AL aims to simplify the definitions of checkers of new types of intra-procedural bugs, i.e. bugs confined to the code of a single procedure. Such bugs can be detected through simpler analysis leveraging the syntax of the program, common language idioms, and custom conventions. For example, in Objective-C a delegate of an object should not be usually treated as a strong reference to avoid retain cycles. Using AL, a checker for this requirement could be defined as:

DEFINE-CHECKER STRONG_DELEGATE_WARNING = {
    
    LET name_contains_delegate =     
        declaration_has_name(REGEXP("[dD]elegate"));
      
    SET report_when =
        WHEN
           name_contains_delegate 
           AND is_strong_property()
        HOLDS-IN-NODE ObjCPropertyDecl;
    
    SET message = "Property or ivar %decl_name% declared strong";
    SET suggestion = "In general delegates should be declared weak or assign";
  };

The most interesting part in the AL code above is the report_when clause, which defines a condition on a ObjCPropertyDecl object – the AST node associated to a property declaration in Objective-C – that is declared as a strong reference (is_strong_property).

According to Facebook, a new checker can normally be defined with few lines of AL code and immediately used, without requiring re-building Infer, which ensures quick feedback on the new checker. AL supports, though, the definition of more complex formulas based on a temporal logic model where an AST node is associated to a point in time and all its descendants can be seen as possible futures. AL provides operators to define properties of future nodes, e.g. the HOLDS-EVENTUALLY operator can be associated to an expression that shall be verified at some future point in time for the program to be valid.

AL is part of Infer, available on GitHub, and can be used for C, C++, and Objective-C.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT