AdaCore Debuts GNATstack Analysis Tool for Safety-Critical Applications

AdaCore, provider of the highest quality Ada tools and support services, announced the immediate availability of GNATstack, a static analysis tool that helps developers predict the maximum stack usage requirements for their applications. GNATstack is available separately or as part of AdaCore’s GNAT Pro High-Integrity Edition products, supporting development for DO-178B, DO-278 and other related safety-critical standards.

The GNATstack tool statically calculates the maximum stack space required by each task in an application. The computed bounds can be used to ensure that sufficient space is reserved, thus guaranteeing safe, predictable execution with respect to stack usage. GNATstack uses conservative analysis to deal with complexities such as subprogram recursion, while avoiding unnecessarily pessimistic estimates. The tool’s output data can be used directly to satisfy DO-178B requirements (Table A-5, Objective 6, which relates to the Accuracy and consistency issues itemised in Section 6.3.4f) and the associated sections from DO-278 for native safety systems.

“AdaCore always strives to reduce the cost of software development for our customers,” said Robert Dewar, President of AdaCore. “GNATstack can save a large amount of time and effort by proving what an application’s maximum memory requirements will be. This information can be used to select the appropriate hardware platform. It can also be used to prove that the selected platform will meet the application’s memory requirements, which is required by DO-178B and similar safety standards where exhausting available memory is not an option.”

GNATstack exploits data generated by the compiler to compute worst-case stack requirements. It performs per-subprogram stack usage computation combined with control flow analysis. GNATstack is a static analysis tool in that its computation is based on information known at compile time. Thus when the tool indicates that the result is accurate, the computed bound can never be exceeded.

On the other hand, there may be situations in which the results will not be accurate (the tool will indicate such situations) because of some missing information (due to subprogram recursion, indirect calls, etc.). AdaCore provides the infrastructure to allow users to specify this missing call graph and stack usage information.

GNATstack’s main output is the worst-case stack usage for every entry point, together with the paths that lead to these stack needs. The list of entry points can be automatically computed (all the tasks, including the environment task) or can be specified by the user (a list of entry points or all the subprograms matching a certain regular expression).

Price and Availability
GNATstack is available with all GNAT Pro High-Integrity Edition Family products. Please contact AdaCore ( for the latest information on pricing and supported configurations.

About AdaCore
Founded in 1994, AdaCore is the leading provider of commercial software solutions for Ada, a modern programming language designed for large, long-lived applications where safety, security, and reliability are critical. AdaCore’s flagship product is GNAT Pro, which comes with expert online support. AdaCore has a large world-wide customer base in high-integrity and safety-certified applications, including avionics, defense, air traffic control, railroad systems, and financial services. AdaCore has North American headquarters in New York and European headquarters in Paris.