On the Relative Completeness of Bytecode Analysis versus Source Code Analysis

We discuss the challenges faced by bytecode analyzers designed for code verification compared to similar analyzers for source code.

While a bytecode-level analysis brings many simplifications, eg, fewer cases, independence from source syntax, name resolution, etc., it also introduces precision loss that must be recovered either via preprocessing, more precise abstract domains, more precise transfer functions, or a combination thereof.

The paper studies the relative completeness of a static analysis for bytecode compared to the analysis of the program source. We illustrate it through examples originating from the design and the implementation of Clousot, a generic static analyzer

based on Abstract Interpretation for the analysis of MSIL.

cc08.pdf
PDF file

In  Proceedings of the International Conference on Compiler Construction

Publisher  Springer Verlag
All copyrights reserved by Springer 2007.

Details

TypeInproceedings
URLhttp://www.sable.mcgill.ca/~hendren/CC2008/
> Publications > On the Relative Completeness of Bytecode Analysis versus Source Code Analysis