Extracting a Data Flow Analyser in Constructive Logic

Cachera, David; Jensen, Thomas; Pichardie, David; Rusu, Vlad

doi:10.1007/978-3-540-24725-8_27

Cited by 32 publications

(20 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most of the previous works on mechanized verification of static analyzes focused on standard data-flow frameworks [4,8,15,23] or abstract interpretation for small imperative structured languages [3,10,27]. Klein and Nipkow instantiate such a framework for inference of Java bytecode types [23]; Coupet-Grimal and Delobel [15] and Bertot et al [4] for compiler optimizations, and Cachera et al [8] for data-flow analysis.…”

Section: Related Workmentioning

confidence: 98%

See 1 more Smart Citation

Verified Abstract Interpretation Techniques for Disassembling Low-level Self-modifying Code

2016

Self Cite

View full text Add to dashboard Cite

Version étendue de l'article de la conférence ITP 2014International audienceStatic analysis of binary code is challenging for several reasons. In particular, standard static analysis techniques operate over control-flow graphs, which are not available when dealing with self-modifying programs which can modify their own code at runtime. We formalize in the Coq proof assistant some key abstract interpretation techniques that automatically extract memory safety properties from binary code. Our analyzer is formally proved correct and has been run on several self-modifying challenges, provided by Cai et al. in their PLDI 2007 article

show abstract

Section: Related Workmentioning

confidence: 98%

“…Klein and Nipkow instantiate such a framework for inference of Java bytecode types [23]; Coupet-Grimal and Delobel [15] and Bertot et al [4] for compiler optimizations, and Cachera et al [8] for data-flow analysis.…”

Section: Related Workmentioning

confidence: 99%

Verified Abstract Interpretation Techniques for Disassembling Low-level Self-modifying Code

2016

Self Cite

View full text Add to dashboard Cite

show abstract

“…In earlier work, we already introduced the lattice library [4]. However, we mainly discussed the semantic proofs required for certified analyses.…”

Section: Related Workmentioning

confidence: 99%

“…In our previous work [4] we considered the ascending chain condition but in this work we are interested in more general criterion: the existence of a widening operator.…”

Section: Module Signatures For Latticesmentioning

confidence: 99%

“…We use the extraction mechanism of the Coq proof assistant to extract Ocaml programs from constructive proofs. In earlier work, we presented a lattice library which allows the construction of complex lattices in a modular fashion [4]. It was shown how this library was used to construct large termination proofs based on the ascending chain condition.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Building Certified Static Analysers by Modular Construction of Well-founded Lattices

Pichardie

2008

Electronic Notes in Theoretical Computer Science

Self Cite

View full text Add to dashboard Cite

This paper presents fixpoint calculations on lattice structures as example of highly modular programming in a dependently typed functional language. We propose a library of Coq module functors for constructing complex lattices using efficient data structures. The lattice signature contains a well-foundedness proof obligation which ensures termination of generic fixpoint iteration algorithms. With this library, complex well-foundedness proofs can hence be constructed in a functorial fashion. This paper demonstrates the ability of the recent Coq module system in manipulating algebraic structures and extracting efficient Ocaml implementations from them. The second contribution of this work is a generic result, based on the constructive notion of accessibility predicate, about preservation of accessibility properties when combining relations.

show abstract

QuickChecking static analysis properties

Midtgaard

Möller

2017

Software Testing Verif & Rel

View full text Add to dashboard Cite

Abstract-A static analysis can check programs for potential errors. A natural question that arises is therefore: who checks the checker? Researchers have given this question varying attention, ranging from basic testing techniques, informal monotonicity arguments, thorough pen-and-paper soundness proofs, to verified fixed point checking. In this paper we demonstrate how quickchecking can be useful for testing a range of static analysis properties with limited effort. We show how to check a range of algebraic lattice properties, to help ensure that an implementation follows the formal specification of a lattice. Moreover, we offer a number of generic, type-safe combinators to check transfer functions and operators on lattices, to help ensure that these are, e.g., monotone, strict, or invariant. We substantiate our claims by quickchecking a type analysis for the Lua programming language.

show abstract

Extracting a Data Flow Analyser in Constructive Logic

Cited by 32 publications

References 11 publications

Verified Abstract Interpretation Techniques for Disassembling Low-level Self-modifying Code

Verified Abstract Interpretation Techniques for Disassembling Low-level Self-modifying Code

Building Certified Static Analysers by Modular Construction of Well-founded Lattices

QuickChecking static analysis properties

Contact Info

Product

Resources

About