A Library Modeling Language for the Static Analysis of C Programs

Ouadjaout, Abdelraouf; Miné, Antoine

doi:10.1007/978-3-030-65474-0_11

Cited by 6 publications

(8 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We reuse the states defined in the work of Monat et al [33] for Python and Ouadjaout and Miné [37] for C. A set of heap addresses Addr (potentially infinite) is common to the states. Previous works [11,33,37] define the semantics of Python and C. Python state (Figure 3). Python objects are split into a nominal part and a structural part.…”

Section: Concrete Semanticsmentioning

confidence: 99%

“…We assume the abstract semantics of Python and C are provided through E # p • , E # c • . These can be instantiated in practice using previous works [37,34]. We assume that each language's abstract state relies on an address allocation abstraction (such as the callsite abstraction or the recency abstraction [2]) and a numeric abstraction (such as intervals, octagons, …).…”

Section: Abstract Semanticsmentioning

confidence: 99%

“…A specific feature of Mopsa is to provide loosely-coupled abstract domains that the user combines through a configuration file to define the analysis. We were able to reuse off-the-shelf value analyses of C programs [37] and Python programs [34] already implemented into Mopsa. The only modification needed was to add a multilanguage domain, implementing the semantics of the operators at the boundary, just as our semantics (both concrete and abstract) do.…”

Section: Experimental Evaluationmentioning

confidence: 99%

“…Our analyzer works by induction on the syntax and switches from one language to the other just as the concrete program execution does. We present a multilanguage static analysis built upon pre-existing value static analyses by abstract interpretation [9] of C [37] and Python [33,34]. It detects runtime errors in the native C code (invalid pointer operations, invalid memory accesses, integer overflows), in the Python code (raised exceptions), and at the boundary between the languages.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Multilanguage Static Analysis of Python Programs with Native C Extensions

Monat

Ouadjaout

Miné

2021

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Modern programs are increasingly multilanguage, to benefit from each programming language's advantages and to reuse libraries. For example, developers may want to combine high-level Python code with low-level, performance-oriented C code. In fact, one in five of the 200 most downloaded Python libraries available on GitHub contains C code. Static analyzers tend to focus on a single language and may use stubs to model the behavior of foreign function calls. However, stubs are costly to implement and undermine the soundness of analyzers. In this work, we design a static analyzer by abstract interpretation that can handle Python programs calling C extensions. It analyses directly and fully automatically both the Python and the C source codes. It reports runtime errors that may happen in Python, in C, and at the interface. We implemented our analysis in a modular fashion: it reuses off-the-shelf C and Python analyses written in the same analyzer. This approach allows sharing between abstract domains of different languages. Our analyzer can tackle tests of real-world libraries a few thousand lines of C and Python long in a few minutes.

show abstract

Section: Concrete Semanticsmentioning

confidence: 99%

Section: Abstract Semanticsmentioning

confidence: 99%

Section: Experimental Evaluationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Multilanguage Static Analysis of Python Programs with Native C Extensions

Monat

Ouadjaout

Miné

2021

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Yet, DV à la Dijkstra [24] is the tool of choice for proving them for all possible executions. Abstract interpretation à la Cousot [49] is also possible [18,45], as well as model checking [6], even if several logical properties cannot be easily verified with these techniques. Nowadays, most tools based on BISL support both RAC and DV, e.g.…”

Section: Behavioral Interface Specification Languagesmentioning

confidence: 99%

The e-ACSL perspective on runtime assertion checking

Signoles

2021

Proceedings of the 5th ACM International Workshop on Verification and mOnitoring at Runtime EXecution

View full text Add to dashboard Cite

Runtime Assertion Checking (RAC) is the discipline of verifying program assertions at runtime, i.e. when executing the code. Nowadays, RAC usually relies on Behavioral Interface Specification Languages (BISL) à la Eiffel for writing powerful code specifications. Since now more than 20 years, several works have studied RAC. Most of them have focused on BISL. Some others have also considered combinations of RAC with others techniques, e.g. deductive verification (DV). Very few tackle RAC as a verification technique that soundly generates efficient code from formal annotations. Here, we revisit these three RAC's research areas by emphasizing the works done in E-ACSL, which is both a BISL and a RAC tool for C code. We also compare it to others languages and tools.

show abstract

Mopsa-C: Modular Domains and Relational Abstract Interpretation for C Programs (Competition Contribution)

Monat

Ouadjaout²,

Miné³

2023

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Mopsa is a multilanguage static analysis platform relying on abstract interpretation. It is able to analyze C, Python, and programs mixing these two languages; we focus on the C analysis here. It provides a novel way to combine abstract domains, in order to offer extensibility and cooperation between them, which is especially beneficial when relational numerical domains are used. The analyses are currently flow-sensitive and fully context-sensitive. We focus only on proving programs to be correct, as our analyses are designed to be sound and terminating but not complete. We present our first participation to SV-Comp, where Mopsa earned a bronze medal in the SoftwareSystems category.

show abstract

A Library Modeling Language for the Static Analysis of C Programs

Cited by 6 publications

References 14 publications

A Multilanguage Static Analysis of Python Programs with Native C Extensions

A Multilanguage Static Analysis of Python Programs with Native C Extensions

The e-ACSL perspective on runtime assertion checking

Mopsa-C: Modular Domains and Relational Abstract Interpretation for C Programs (Competition Contribution)

Contact Info

Product

Resources

About