skip to main content
research-article

A Formally-Verified C Static Analyzer

Published:14 January 2015Publication History
Skip Abstract Section

Abstract

This paper reports on the design and soundness proof, using the Coq proof assistant, of Verasco, a static analyzer based on abstract interpretation for most of the ISO C 1999 language (excluding recursion and dynamic allocation). Verasco establishes the absence of run-time errors in the analyzed programs. It enjoys a modular architecture that supports the extensible combination of multiple abstract domains, both relational and non-relational. Verasco integrates with the CompCert formally-verified C compiler so that not only the soundness of the analysis results is guaranteed with mathematical certitude, but also the fact that these guarantees carry over to the compiled code.

Skip Supplemental Material Section

Supplemental Material

p247-sidebyside.mpg

References

  1. A. Ahmed, A. W. Appel, C. D. Richards, K. N. Swadi, G. Tan, and D. C. Wang. Semantic foundations for typed assembly languages. ACM Trans. Program. Lang. Syst., 32(3), 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. A. W. Appel. Program Logics for Certified Compilers. Cambridge University Press, 2014. Google ScholarGoogle ScholarCross RefCross Ref
  3. A. W. Appel and S. Blazy. Separation logic for small-step Cminor. In TPHOLs, volume 4732 of LNCS, pages 5--21. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. A. W. Appel and D. A. McAllester. An indexed model of recursive types for foundational proof-carrying code. ACM Trans. Program. Lang. Syst., 23(5):657--683, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Y. Bertot. Structural abstract interpretation: A formal study using Coq. In Language Engineering and Rigorous Software Development, LerNet Summer School, pages 153--194. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. A static analyzer for large safety-critical software. In PLDI, pages 196--207. ACM, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. S. Blazy, Z. Dargaye, and X. Leroy. Formal verification of a C compiler front-end. In Formal Methods, volume 4085 of LNCS, pages 460--475. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. S. Blazy, V. Laporte, A. Maroneze, and D. Pichardie. Formal verification of a C value analysis based on abstract interpretation. In SAS, volume 7935 of LNCS, pages 324--344. Springer, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  9. S. Boldo and G. Melquiond. Flocq: A unified library for proving floating-point algorithms in Coq. In ARITH, pages 243--252. IEEE, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. T. Braibant, J.-H. Jourdan, and D. Monniaux. Implementing and reasoning about hash-consed data structures in Coq. J. Autom. Reasoning, 53(3):271--304, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. D. Cachera, T. P. Jensen, D. Pichardie, and V. Rusu. Extracting a data flow analyser in constructive logic. Theor. Comput. Sci., 342(1):56--78, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. A. Chlipala. Modular development of certified program verifiers with a proof assistant,. J. Funct. Program., 18(5--6):599--647, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. S. Cho, J. Kang, J. Choi, C.-K. Hur, and K. Yi. SparrowBerry: A verified validator for an industrial-strength static analyzer.texttthttp://ropas.snu.ac.kr/sparrowberry/, 2013.Google ScholarGoogle Scholar
  14. P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In POPL, pages 238--252. ACM, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. P. Cousot and R. Cousot. Systematic design of program analysis frameworks. In POPL, page 269--282. ACM, 1979. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, and X. Rival. Why does Astrée scale up? Formal Methods in System Design, 35(3):229--264, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. Combination of abstractions in the Astrée static analyzer. In ASIAN, volume 4435 of LNCS, pages 272--300. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. A. Fouilhé, D. Monniaux, and M. Périn. Efficient generation of correctness certificates for the abstract domain of polyhedra. In SAS, volume 7935 of LNCS, pages 345--365. Springer, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  19. A. Fouilhé and S. Boulmé. A certifying frontend for (sub)polyhedral abstract domains. In VSTTE, volume 8471 of LNCS, pages 200--215. Springer, 2014.Google ScholarGoogle ScholarCross RefCross Ref
  20. D. Greenaway, J. Andronick, and G. Klein. Bridging the gap: Automatic verified abstraction of C. In ITP, volume 7406 of LNCS, pages 99--115. Springer, 2012.Google ScholarGoogle ScholarCross RefCross Ref
  21. S. Gulwani, A. Tiwari, and G. C. Necula. Join algorithms for the theory of uninterpreted functions. In FSTTCS, volume 3328 of LNCS, pages 311--323. Springer, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. N. Halbwachs and M. Péron. Discovering properties about arrays in simple programs. In PLDI, pages 339--348. ACM, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. P. Herms, C. Marché, and B. Monate. A certified multi-prover verification condition generator. In VSTTE, volume 7152 of LNCS, pages 2--17. Springer, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. M. Hofmann, A. Karbyshev, and H. Seidl. Verifying a local generic solver in Coq. In SAS, volume 6337 of LNCS, pages 340--355, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. G. Klein and T. Nipkow. A machine-checked model for a Java-like language, virtual machine, and compiler. ACM Trans. Program. Lang. Syst., 28(4):619--695, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. X. Leroy. Formal verification of a realistic compiler. Comm. ACM, 52(7):107--115, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. X. Leroy. A formally verified compiler back-end. J. Automated Reasoning, 43(4):363--446, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. A. Miné. The octagon abstract domain. Higher-Order and Symbolic Computation, 19(1):31--100, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. A. Miné. Symbolic methods to enhance the precision of numerical abstract domains. In VMCAI, volume 3855 of LNCS, pages 348--363. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. D. Monniaux. Réalisation mécanisée d'interpréteurs abstraits. Master's thesis, U. Paris 7, 1998.Google ScholarGoogle Scholar
  31. J. A. Navas, P. Schachte, H. Søndergaard, and P. J. Stuckey. Signedness-agnostic program analysis: Precise integer bounds for low-level code. In APLAS, volume 7705 of LNCS, pages 115--130. Springer, 2012.Google ScholarGoogle ScholarCross RefCross Ref
  32. F. Nielson, H. Nielson, and C. Hankin. Principles of Program Analysis. Springer, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. T. Nipkow. Abstract interpretation of annotated commands. In ITP, volume 7406 of LNCS, pages 116--132. Springer, 2012.Google ScholarGoogle ScholarCross RefCross Ref
  34. D. Pichardie. Interprétation abstraite en logique intuitionniste: extraction d'analyseurs Java certifiés. PhD thesis, U. Rennes 1, 2005.Google ScholarGoogle Scholar
  35. D. Pichardie. Building certified static analysers by modular construction of well-founded lattices. Electr. Notes Theor. Comput. Sci., 212:225--239, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. T. W. Reps, G. Balakrishnan, and J. Lim. Intermediate-representation recovery from low-level code. In PEPM, pages 100--111. ACM, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. X. Rival and L. Mauborgne. The trace partitioning abstract domain. ACM Trans. Program. Lang. Syst., 29(5), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. A Formally-Verified C Static Analyzer

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              • Published in

                cover image ACM SIGPLAN Notices
                ACM SIGPLAN Notices  Volume 50, Issue 1
                POPL '15
                January 2015
                682 pages
                ISSN:0362-1340
                EISSN:1558-1160
                DOI:10.1145/2775051
                • Editor:
                • Andy Gill
                Issue’s Table of Contents
                • cover image ACM Conferences
                  POPL '15: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
                  January 2015
                  716 pages
                  ISBN:9781450333009
                  DOI:10.1145/2676726

                Copyright © 2015 ACM

                Publisher

                Association for Computing Machinery

                New York, NY, United States

                Publication History

                • Published: 14 January 2015

                Check for updates

                Qualifiers

                • research-article

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!