LiSA (Library for Static Analysis) aims to ease the creation and implementation of static analyzers based on the Abstract Interpretation theory. LiSA provides an analysis engine that works on a generic and extensible control flow graph representation of the program to analyze. Abstract interpreters in LiSA are built for analyzing such representation, providing a unique analysis infrastructure for all the analyzers that will rely on it.
Building an analyzer upon LiSA boils down to writing a parser for the language that one aims to analyze, translating the source code or the compiled code towards the control flow graph representation of LiSA. Then, simple checks iterating over the results provided by the semantic analyses of LiSA can be easily defined to translate semantic information into warnings that can be of value for the final user.
For more information, documentation and useful guides, refer to the project website!
LiSA is developed and maintained by the Software and System Verification (SSV) group @ Università Ca' Foscari in Venice, Italy. External contributions are always welcome! Check out our contributing guidelines for information on how to contribute to LiSA.
Head to the Releases page for the full list of releases.
The snapshot of the last commit of the master
branch is always available on GitHub Packages. Be aware that you will need a personal access token to use packages as server for resolving dependencies. You can refer to the official GitHub guide for Maven or Gradle for more information.