Computer Science Stack Exchange
Computer Science Stack Exchange

Questions tagged [static-analysis]

43 questions
26
votes
4 answers

Is the halting problem decidable for pure programs on an ideal computer?

It's fairly simple to understand why the halting problem is undecidable for impure programs (i.e., ones that have I/O and/or states dependent on the machine-global state); but intuitively, it seems that a pure program's halting on an ideal computer…
Jules
  • 632
  • 6
  • 19
6
votes
1 answer

Memory needed for computational graph

Suppose we have a set of equations like this p7=f(p1+p6); p6=f(p2+p5); p5=f(p3+p4); p4=f(p3); p3=f(p2); p2=f(p1); p1=f() It can be represented by computational graph below If each intermediate value takes 1 unit of memory, you need at least 4…
Yaroslav Bulatov
  • 201
  • 2
  • 12
5
votes
1 answer

Loop-local variable in Cytron's SSA algorithm

I am trying to write a compiler that converts a simple imperative language to SSA form, but I am having trouble with loops. As an example, I have some code that looks like: fun count() { i = 0; while(i < 10) { x = i + 1 i =…
taktoa
  • 384
  • 1
  • 16
4
votes
0 answers

Relation between dominance and post-dominance

Dominator and post-dominator trees are useful data structures which are used to encode static analysis information. Dominator trees for example are used to compute the dominance frontiers for SSA conversion, whereas post-dominator trees are used to…
Amir
  • 141
  • 1
3
votes
0 answers

Why LLVM is not suitable to design a static analyzer?

I'm reading a paper, and there is this paragraph about LLVM: ''it heavily relies on the static single assignment form (SSA) which cannot be readily used to design an abstract interpreter. The $\phi$-nodes need to be eliminated and other…
sean
  • 532
  • 5
  • 12
3
votes
2 answers

What counts as automatic program analysis?

I'm trying to understand the definition of program analysis on Wikipedia: Program analysis is the process of automatically analyzing the behavior of computer programs regarding a property such as correctness, robustness, safety and liveness. What…
Matt Zeunert
  • 133
  • 4
3
votes
1 answer

How to build a label flow graph for static analysis

I'm new to world of static analysis and am trying to build a new analysis of C programs for llvm compiler. I've started with the build of the graph of the constraints of the program: The edges represent the flow of data through the program…
eternalStudent
  • 131
  • 4
3
votes
1 answer

What is a program analysis technique for tracing assignments (mutations)?

I am looking to write a program analysis for Java programs that tracks assignments and is able to discern: whether a class field (static or not) is read and where the read originated whether a class field (static or not) is written and where the…
ragnacode
  • 145
  • 3
3
votes
0 answers

SSA Copy Folding

When can we fold copies in SSA? We are clearly allowed to fold a copy such as a0 = call foo() b0 = a0 But what about a program such as a0 = call foo() C0 = call bar() // ignore sinking briefly, assume this is used later if(a0) { a1 = C0 } a2 =…
user135438
  • 238
  • 1
  • 7
3
votes
1 answer

How to leverage the fact that I'm solving 1000's of very similar SMT instances?

I have a core SMT solver problem consisting of 100,000 bit-vector array clauses, and one 10000-dimensional bit-vector array. Then, my program takes as input k << 100,000 new clauses, and adds them to the core SMT problem. My goal is, for any input…
lightning
  • 225
  • 1
  • 7
2
votes
0 answers

What is synonym propagation?

I am currently reading SmartCheck: Static Analysis of Ethereum Smart Contracts (Tikhomirov et al., WETSEB'18; PDF). In section 3.1 it talks briefly about synonym propagation. What is synonym propagation? I searched in the Dragon Book, but I did not…
Briomkez
  • 107
  • 7
2
votes
1 answer

What is a hyper property?

I am reading the paper Foundations and tools for the static analysis of Ethereum contracts, by Grischenko et al. Sometimes the authors speak about hyper properties (e.g. Section 5). What exactly is a hyper property in this context?
Briomkez
  • 107
  • 7
2
votes
0 answers

Is there a language-independent, static analysis framework?

I'm looking for a generic static analysis framework that could be used to detect problems that aren't necessarily specific to a particular programming language; for example: Variable taint checking / unvalidated user input Detecting when a variable…
Eric Pruitt
  • 121
  • 2
2
votes
0 answers

State-of-the-art for Set Constraints?

I've recently stumbled across the field of Set constraints for program analysis, that is, solving equations of the form $exp_1 \subseteq exp_2$, where (depending on the particular variant of the problem), $exp_i$ is a term involving $\cup, \cap,…
Joey Eremondi
  • 30,277
  • 5
  • 67
  • 122
2
votes
1 answer

Pseudocode for constructing control flow graph

I'm trying to build a complexity analysis tool and I need an algorithm for constructing the control flow graph (to get cyclomatic and eventually essential complexity). I couldn't find any pseudocode online so I just got down to writing it. Using…
parssignum
  • 21
  • 1
1
2 3