1

Comparing Transparent Static Analyzers with Open Verification Dashboard

Given an input program, sound static analyzers compute a list of potential runtime errors in it. Static analysis practitioners have difficulties measuring the precision of static analyzers and comparing their results. In this work, we formalize a …

The Virtual Recency Abstraction: Strong Updates for Abstract Interpreters with Shared State

Abstract interpreters enable sound static analysis, but are hard to develop. In recent years, researchers have proposed a component-based approach to developing abstract interpreters, where different parts of the abstract domain (e.g., numeric, call …

DelExp: a Relational Container Abstraction with Applications to Compositional Analysis

Mopsa-C: Towards Incorrectness and Termination Verdicts (Competition Contribution)

We present advances we brought to Mopsa for SV-COMP 2026. Mopsa now supports a backward analysis mode which computes an under-approximation of the weakest liberal precondition for the alarms found during a verification pass, which generates an input …

Try-Mopsa: Relational Static Analysis in Your Pocket (Tool Paper)

Static analyzers are complex pieces of software with large dependencies. They can be difficult to install, which hinders adoption and creates barriers for students learning static analysis. This work introduces Try-Mopsa: a scaled-down version of the …

Compositional Static Value Analysis for Higher-Order Numerical Programs

Static analyzers have been successfully developed to detect runtime errors in many languages. However, the automatic analysis of functional languages remains a challenge due to their recursive functions, recursive algebraic data types, and …

Mopsa-C with Trace Partitioning and Autosuggestions (Competition Contribution)

We present advances we brought to Mopsa for SV-Comp 2025. Most notably, Mopsa now supports bounded trace partitioning, constant widening with thresholds, and can check that all memory has been correctly deallocated. Further, Mopsa now integrates a …

CUTECat: Concolic Execution for Computational Law

Many legal computations, including the amount of tax owed by a citizen, whether they are eligible to social benefits, or the wages due to civil state servants, are specified by computational laws. Their application, however, is performed by expert …

Mopsa-C: Improved Verification for C Programs, Simple Validation of Correctness Witnesses (Competition Contribution)

We present advances we brought to Mopsa for SV-Comp 2024. We significantly improved the precision of our verifier in the presence of dynamic memory allocation, library calls such as memset, goto-based loops, and integer abstractions. We introduced a …

Formalizing Date Arithmetic and Statically Detecting Ambiguities for the Law

Legal expert systems routinely rely on date computations to determine the eligibility of a citizen to social benefits or whether an application has been filed on time. Unfortunately, date arithmetic exhibits many corner cases, which are handled …