Safe and Sound Program Analysis with Flix

Magnus Madsen, Ondrej Lhoták

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

Abstract

Program development tools such as bug finders, build automation tools, compilers, debuggers, integrated development environments, and refactoring tools increasingly rely on static analysis techniques to reason about program behavior. Implementing such static analysis tools is a complex and difficult task with concerns about safety and soundness. Safety guarantees that the fixed point computation - inherent in most static analyses - converges and ultimately terminates with a deterministic result. Soundness guarantees that the computed result over-approximates the concrete behavior of the program under analysis. But how do we know if we can trust the result of the static analysis itself? Who will guard the guards? In this paper, we propose the use of automatic program verification techniques based on symbolic execution and SMT solvers to verify the correctness of the abstract domains used in static analysis tools. We implement a verification toolchain for Flix, a functional and logic programming language tailored for the implementation of static analyses.We apply this toolchain to several abstract domains. The experimental results show that we are able to prove 99.5% and 96.3% of the required safety and soundness properties, respectively.

OriginalsprogEngelsk
TitelISSTA 2018 - Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis
RedaktørerEric Bodden, Frank Tip
Antal sider11
UdgivelsesstedNew York, NY, USA
ForlagAssociation for Computing Machinery
Publikationsdato12 jul. 2018
Sider38-48
ISBN (Trykt)978-1-4503-5699-2
ISBN (Elektronisk)9781450356992
DOI
StatusUdgivet - 12 jul. 2018
Udgivet eksterntJa
BegivenhedACM SIGSOFT International Symposium on Software Testing and Analysis - Amsterdam, Holland
Varighed: 15 jul. 201821 jul. 2018
Konferencens nummer: 27
https://conf.researchr.org/home/issta-2018

Konference

KonferenceACM SIGSOFT International Symposium on Software Testing and Analysis
Nummer27
Land/OmrådeHolland
ByAmsterdam
Periode15/07/201821/07/2018
Internetadresse

Emneord

  • lattices, monotonicity, safety, soundness, static analysis

Fingeraftryk

Dyk ned i forskningsemnerne om 'Safe and Sound Program Analysis with Flix'. Sammen danner de et unikt fingeraftryk.

Citationsformater