
Sparta: High-Performance Static Code Analyzers Based on Abstract Interpretation - ingve
https://github.com/facebookincubator/SPARTA#sparta
======
int3
For a bit more context, see this blogpost we made: [https://code.fb.com/open-
source/sparta/](https://code.fb.com/open-source/sparta/)

~~~
saagarjha
What kinds of domains do you use when you run this on dex files?

~~~
int3
Signed Constant Domain:
[https://github.com/facebook/redex/blob/master/service/consta...](https://github.com/facebook/redex/blob/master/service/constant-
propagation/SignedConstantDomain.h)

Constant Array Domain:
[https://github.com/facebook/redex/blob/master/service/consta...](https://github.com/facebook/redex/blob/master/service/constant-
propagation/ConstantArrayDomain.h)

Pointer domain:
[https://github.com/facebook/redex/blob/master/service/escape...](https://github.com/facebook/redex/blob/master/service/escape-
analysis/LocalPointersAnalysis.h#L39)

Type domain:
[https://github.com/facebook/redex/blob/master/libredex/IRTyp...](https://github.com/facebook/redex/blob/master/libredex/IRTypeChecker.h)

------
daoxid
I haven't really looked into it, but how does Sparta compare to Ikos
([https://ti.arc.nasa.gov/opensource/ikos/](https://ti.arc.nasa.gov/opensource/ikos/))?

~~~
cofibered
IKOS has been originally designed to perform formal verification of embedded
software and is heavily skewed toward numerical abstractions (intervals,
octagons, interleaved widening/narrowing fixpoint iterator, etc.), which are
computationally expensive. Since the goal is to verify critical pieces of
software, it's OK to have an analysis take several hours to complete. Using
IKOS also requires a deeper understanding of the theory Abstract
Interpretation.

SPARTA has been designed with different goals in mind: speed and ease of use.
The API is more streamlined and one can implement an analysis with minimal
background in Abstract Interpretation. The algorithms in SPARTA have also been
fine-tuned for maximum performance. SPARTA is meant to be used in compilers
and optimizers, where speed of execution is critical.

------
Darmani
This is really confusing.

There's another static analysis engine....also for Android....also called
SPARTA!

[https://types.cs.washington.edu/sparta/](https://types.cs.washington.edu/sparta/)

------
TACIXAT
Disclaimer, I'm on my phone so I haven't dug into the source yet.

How is this used? For an unimplemented language, would I be coming up with how
that language's instructions map into Sparta rules?

Anyhow, this looks awesome.

~~~
TACIXAT
For anyone who comes across this in the future, this is a good way to
understand the terms of abstract interpretation without getting a PhD.

[https://wiki.mozilla.org/Abstract_Interpretation](https://wiki.mozilla.org/Abstract_Interpretation)

------
pltnr
what languages does it support out of box? Or is it just a backend engine?

~~~
int3
It's a backend engine; it doesn't support languages out-of-the-box. That said,
it's extensively used by the open-source Android bytecode optimizer
[Redex]([https://github.com/facebook/redex](https://github.com/facebook/redex)),
so there's code readily available if you want to do Android bytecode analysis
with SPARTA.

