Verasco: a Formally Verified C Static Analyzer

Abstract : In order to develop safer software for critical applications, some static analyzers aim at establishing, with mathematical certitude, the absence of some classes of bug in the input program. A possible limit to this approach is the possibility of a soundness bug in the static analyzer itself, which would nullify the guarantees it is supposed to deliver. In this thesis, we propose to establish formal guarantees on the static analyzer itself: we present the design, implementation and proof of soundness using Coq of Verasco, a formally verified static analyzer based on abstract interpretation handling most of the ISO C99 language, including IEEE754 floating-point arithmetic (except recursion and dynamic memory allocation). Verasco aims at establishing the absence of erroneous behavior of the given programs. It enjoys a modular extendable architecture with several abstract domains and well-specified interfaces. We present the abstract iterator of Verasco, its handling of bounded machine arithmetic, its interval abstract domain, its symbolic abstract domain and its abstract domain of octagons. Verasco led to the development of new techniques for implementing data structure with sharing in Coq.
Complete list of metadatas

Cited literature [102 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/tel-01327023
Contributor : Jacques-Henri Jourdan <>
Submitted on : Monday, June 6, 2016 - 12:07:50 PM
Last modification on : Thursday, April 26, 2018 - 10:28:01 AM

Licence


Distributed under a Creative Commons Attribution - NonCommercial - ShareAlike 4.0 International License

Identifiers

  • HAL Id : tel-01327023, version 1

Collections

Citation

Jacques-Henri Jourdan. Verasco: a Formally Verified C Static Analyzer. Programming Languages [cs.PL]. Universite Paris Diderot-Paris VII, 2016. English. ⟨tel-01327023⟩

Share

Metrics

Record views

1089

Files downloads

367