Witness Generation for Data-flow Analysis
Kuupäev
2020
Autorid
Ajakirja pealkiri
Ajakirja ISSN
Köite pealkiri
Kirjastaja
Tartu Ülikool
Abstrakt
A program analyzer, which determines whether a given program satisfies or violates the
specification, may itself contain bugs and thus be untrustworthy. Hence, the analyzer
should back its claims with witnesses, which can be understood by the programmer
and automatically checked by independent tools. Interprocedural data-flow analysis is
well-suited for certain problems but its abstractions do not directly correspond to required
witnesses. We show that witnesses can be generated with data-flow analysis by designing
the necessary methods to handle interprocedurality and adapting a technique from model
checking to increase precision of the generated witnesses. The ideas are implemented
and experimentally evaluated in the data-flow analyzer Goblint. This allows improving
trustworthiness and usability of data-flow analyzers and enables their comparison with
other verifiers.
Kirjeldus
Märksõnad
static analysis, software verification, witnesses, data-flow analysis, reachability, interprocedural analysis, Goblint