LiSA (Library for Static Analysis) aims to ease the creation and implementation of static analyzers based on the Abstract Interpretation theory. LiSA provides an analysis engine that works on a generic and extensible control flow graph representation of the program to analyze. Abstract interpreters in LiSA are built for analyzing such representation, providing a unique analysis infrastructure for all the analyzers that will rely on it.

Building an analyzer upon LiSA boils down to writing a parser for the language that one aims to analyze, translating the source code or the compiled code towards the control flow graph representation of LiSA. Then, simple checks iterating over the results provided by the semantic analyses of LiSA can be easily defined to translate semantic information into warnings that can be of value for the final user.

For more information, documentation and useful guides, refer to the project website!

LiSA is developed and maintained by the Software and System Verification (SSV) group @ Università Ca' Foscari in Venice, Italy. External contributions are always welcome! Check out our contributing guidelines for information on how to contribute to LiSA.

We foresee at least five alpha releases that are meant as intermediate building blocks for starting to experiment with analyzers on several languages.

• Extend and finalize the program model
• Add more heap and value analyses
• Add more call graph abstractions

The 1.0 release will be delivered as we reach a stable version of all the main ingredients for the analysis (call graphs and abstractions) as well as a flexible enough control flow graph representation that enables the modeling of most languages.