Customizing Static Analysis using Codesearch
I tiakina i:
| I whakaputaina i: | arXiv.org (Apr 19, 2024), p. n/a |
|---|---|
| Kaituhi matua: | |
| Ētahi atu kaituhi: | , |
| I whakaputaina: |
Cornell University Library, arXiv.org
|
| Ngā marau: | |
| Urunga tuihono: | Citation/Abstract Full text outside of ProQuest |
| Ngā Tūtohu: |
Kāore He Tūtohu, Me noho koe te mea tuatahi ki te tūtohu i tēnei pūkete!
|
| Whakarāpopotonga: | Static analysis is a growing application of software engineering, leading to a range of essential security tools, bug-finding tools, as well as software verification. Recent years show an increase of universal static analysis tools that validate a range of properties and allow customizing parts of the scanner to validate additional properties or "static analysis rules". A commonly used language to describe a range of static analysis applications is Datalog. Unfortunately, the language is still non-trivial to use, leading to analysis that is difficult to implement in a precise but performant way. In this work, we aim to make building custom static analysis tools much easier for developers, while at the same time, providing a familiar framework for application security and static analysis experts. Our approach introduces a language called StarLang, a variant of Datalog which only includes programs with a fast runtime by the means of having low time complexity of its decision procedure. |
|---|---|
| ISSN: | 2331-8422 |
| Puna: | Engineering Database |