research-article

Analyzing Program Analyses

Authors:
Roberto Giacobazzi

University of Verona, Verona, Italy

University of Verona, Verona, Italy
View Profile

,
Francesco Logozzo

Microsoft, Redmond, WA, USA

Microsoft, Redmond, WA, USA
View Profile

,
Francesco Ranzato

University of Padova, Padova, Italy

University of Padova, Padova, Italy
View Profile

Authors Info & Claims

ACM SIGPLAN Notices Volume 50 Issue 1January 2015pp 261–273https://doi.org/10.1145/2775051.2676987

Published:14 January 2015Publication History

ACM SIGPLAN Notices

Abstract

We want to prove that a static analysis of a given program is complete, namely, no imprecision arises when asking some query on the program behavior in the concrete (ie, for its concrete semantics) or in the abstract (ie, for its abstract interpretation). Completeness proofs are therefore useful to assign confidence to alarms raised by static analyses. We introduce the completeness class of an abstraction as the set of all programs for which the abstraction is complete. Our first result shows that for any nontrivial abstraction, its completeness class is not recursively enumerable. We then introduce a stratified deductive system to prove the completeness of program analyses over an abstract domain A. We prove the soundness of the deductive system. We observe that the only sources of incompleteness are assignments and Boolean tests --- unlikely a common belief in static analysis, joins do not induce incompleteness. The first layer of this proof system is generic, abstraction-agnostic, and it deals with the standard constructs for program composition, that is, sequential composition, branching and guarded iteration. The second layer is instead abstraction-specific: the designer of an abstract domain A provides conditions for completeness in A of assignments and Boolean tests which have to be checked by a suitable static analysis or assumed in the completeness proof as hypotheses. We instantiate the second layer of this proof system first with a generic nonrelational abstraction in order to provide a sound rule for the completeness of assignments. Orthogonally, we instantiate it to the numerical abstract domains of Intervals and Octagons, providing necessary and sufficient conditions for the completeness of their Boolean tests and of assignments for Octagons.

Supplemental Material

p261-sidebyside.mpg

mpg

896.9 MB

Download

References

Cousot, P., and Cousot, R. Static verification of dynamic type properties of variables. Research Report no. 25, Laboratoire IMAG, University of Grenoble, France, 1975.Google Scholar
Cousot, P., and Cousot, R. Static determination of dynamic properties of programs. In Proceedings of the 2nd International Symposium on Programming (1976), Dunod, Paris, pp. 106--130.Google Scholar
Cousot, P., and Cousot, R. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Conference Record of the 4th ACM Symposium on Principles of Programming Languagesrm ( POPL '77) (1977), ACM Press, pp. 238--252. Google ScholarDigital Library
Cousot, P., and Cousot, R. Systematic design of program analysis frameworks. In Conference Record of the 6th ACM Symposium on Principles of Programming Languagesrm ( POPL '79) (1979), ACM Press, pp. 269--282. Google ScholarDigital Library
Cousot, P., and Cousot, R. A Galois connection calculus for abstract interpretation. In Conference Record of the 41st ACM Symposium on Principles of Programming Languages (POPL '14) (2014), S. Jagannathan and P. Sewell, Eds., ACM Press, pp. 3--4. Google ScholarDigital Library
Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., and Rival, X. The ASTRÉE analyzer. In Proceedings of the European Symposium on Programming (ESOP '05) (2005), vol. 3444 of Lecture Notes in Computer Science, Springer, pp. 21--30. Google ScholarDigital Library
Cousot, P., Cousot, R., and Logozzo, F. A parametric segmentation functor for fully automatic and scalable array content analysis. In Conference Record of the 38th ACM Symposium on Principles of Programming Languages (POPL '11) (2011), ACM Press, pp. 105--118. Google ScholarDigital Library
Cousot, P., Cousot, R., Logozzo, F., and Barnett, M. An abstract interpretation framework for refactoring with application to extract methods with contracts. In Proceedings of the 27th ACM Inter.\ Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA '12) (2012), ACM Press, pp. 213--232. Google ScholarDigital Library
Damas, L., and Milner, R. Principal type-schemes for functional programs. In Conference Record of the 9th ACM Symposium on Principles of Programming Languages (POPL '82) (1982), ACM Press, pp. 207--212. Google ScholarDigital Library
Dekker, J. C. E. Productive sets. Trans.\ of the American Mathematical Society 78 (1955), 129--149.Google ScholarCross Ref
Fahndrich, M., and Logozzo, F. Static contract checking with abstract interpretation. In Proceedings of the Internat.\ Conf.\ on Formal Verification of Object-oriented Software (FoVeOOS 10) (2010), Springer. Google ScholarDigital Library
Giacobazzi, R. Hiding information in completeness holes -- New perspectives in code obfuscation and watermarking. In Proc.\ of the 6th IEEE International Conferences on Software Engineering and Formal Methods (SEFM '08) (2008), IEEE Press, pp. 7--20. Google ScholarDigital Library
Giacobazzi, R., Ranzato, F., and Scozzari, F. Making abstract interpretation complete. Journal of the ACM 47, 2 (2000), 361--416. Google ScholarDigital Library
Granger, P. Static analysis of arithmetical congruences. Intern.\ J.\ Computer Math. 30 (1989), 165--190.Google ScholarCross Ref
Gulwani, S., McCloskey, B., and Tiwari, A. Lifting abstract interpreters to quantified logical domains. In Conference Record of the 35th ACM Symposium on Principles of Programming Languages (POPL '08) (2008), ACM Press, pp. 35--46. Google ScholarDigital Library
Karr, M. Affine relationships among variables of a program. Acta Informatica 6 (1976), 133--151. Google ScholarDigital Library
Laviron, V., and Logozzo, F. Refining abstract interpretation-based static analyses with hints. In Proc.\ of the 2009 Asian Symp.\ on Programming Languages and Systems (APLAS '09) (2009), vol. 5904 of Lecture Notes in Computer Science, Springer, pp. 343--358. Google ScholarDigital Library
Logozzo, F., and Ball, T. Modular and verified automatic program repair. In Proceedings of the 27th ACM Internat.\ Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA '12) (2012), ACM Press, pp. 133--146. Google ScholarDigital Library
Miné, A. A new numerical abstract domain based on difference-bound matrices. In Proc. of the 2nd Symp. on Programs as Data Objects (PADO '01) (2001), vol. 2053 of Lecture Notes in Computer Science, Springer, pp. 155--172. Google ScholarDigital Library
Miné, A. The octagon abstract domain. Higher Order and Symbolic Computation 19, 1 (2006), 31--100. Google ScholarDigital Library
Müller-Olm, M., and Seidl, H. Precise interprocedural analysis through linear algebra. In Conference Record of the 31st ACM Symposium on Principles of Programming Languages (POPL '04) (2004), ACM Press, pp. 330--341. Google ScholarDigital Library
Ranzato, F. Complete abstractions everywhere. In Proc.\ of the 14th International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI'13) (2013), vol. 7737 of Lecture Notes in Computer Science, Springer, pp. 15--26.Google ScholarDigital Library
Rogers, H. Theory of Recursive Functions and Effective Computability. The MIT press, 1992. Google ScholarDigital Library
Soare, R. I. Recursively Enumerable Sets and Degrees. Springer-Verlag, 1980. Google ScholarDigital Library
Winskel, G. The Formal Semantics of Programming Languages: an Introduction. MIT press, 1993. Google ScholarCross Ref

Index Terms

Analyzing Program Analyses
1. Software and its engineering
  1. Software notations and tools
    1. Formal language definitions
      1. Semantics
  2. Software organization and properties
    1. Software functional properties
      1. Correctness
2. Theory of computation
  1. Logic
    1. Proof theory
  2. Semantics and reasoning
    1. Program semantics

Recommendations

Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints
POPL '77: Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages

A program denotes computations in some universe of objects. Abstract interpretation of programs consists in using that denotation to describe computations in another universe of abstract objects, so that the results of abstract execution give some ...
Read More
Abstract extensionality: on the properties of incomplete abstract interpretations

In this paper we generalise the notion of extensional (functional) equivalence of programs to abstract equivalences induced by abstract interpretations. The standard notion of extensional equivalence is recovered as the special case, induced by the ...
Read More
Analyzing Program Analyses
POPL '15: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

We want to prove that a static analysis of a given program is complete, namely, no imprecision arises when asking some query on the program behavior in the concrete (ie, for its concrete semantics) or in the abstract (ie, for its abstract interpretation)...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM SIGPLAN Notices Volume 50, Issue 1
POPL '15
January 2015
682 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/2775051
Editor:
Andy Gill
University of Kansas, Lawrence, KS
Issue’s Table of Contents
POPL '15: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
January 2015
716 pages
ISBN:9781450333009
DOI:10.1145/2676726
General Chair:
Sriram Rajamani
Microsoft Research, India
,
Program Chair:
David Walker
Princeton University, USA
Copyright © 2015 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 14 January 2015
Check for updates
Author Tags
abstract domain
abstract interpretation
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 34
  Total Citations
  View Citations
- 691
  Total Downloads
- Downloads (Last 12 months)25
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Analyzing Program Analyses

ACM SIGPLAN Notices

Abstract

Supplemental Material

References

Cited By

Index Terms

Recommendations

Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

Abstract extensionality: on the properties of incomplete abstract interpretations

Analyzing Program Analyses