research-article

Open access

Interval Analysis and Machine Arithmetic: Why Signedness Ignorance Is Bliss

Authors:

Jorge A. Navas,

Peter Schachte,

Harald Søndergaard,

Peter J. StuckeyAuthors Info & Claims

ACM Transactions on Programming Languages and Systems (TOPLAS), Volume 37, Issue 1

Article No.: 1, Pages 1 - 35

https://doi.org/10.1145/2651360

Published: 20 January 2015 Publication History

Abstract

The most commonly used integer types have fixed bit-width, making it possible for computations to “wrap around,” and many programs depend on this behaviour. Yet much work to date on program analysis and verification of integer computations treats integers as having infinite precision, and most analyses that do respect fixed width lose precision when overflow is possible. We present a novel integer interval abstract domain that correctly handles wrap-around. The analysis is signedness agnostic. By treating integers as strings of bits, only considering signedness for operations that treat them differently, we produce precise, correct results at a modest cost in execution time.

References

[1]

Gogul Balakrishnan. 2007. WYSINWYX: What You See Is Not What You Execute. Ph.D. Dissertation. University of Wisconsin at Madison, Madison, WI.

Digital Library

[2]

Gogul Balakrishnan and Thomas Reps. 2004. Analyzing memory accesses in x86 executables. In Compiler Construction: Proceedings of the 13th International Conference, E. Duesterwald (Ed.). Lecture Notes in Computer Science, Vol. 2985. Springer, 5--23.

[3]

Sébastien Bardin, Philippe Herrmann, and Florian Perroud. 2010. An alternative to SAT-based approaches for bit-vectors. In Proceedings of the 16th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’10), J. Esparza and R. Majumdar (Eds.). Lecture Notes in Computer Science, Vol. 6015. Springer, 84--98.

Digital Library

[4]

Bruno Blanchet, Patrick Cousot, Radhia Cousot, Jérôme Feret, Laurent Mauborgne, Antoine Miné, David Monniaux, and Xavier Rival. 2002. Design and implementation of a special-purpose static program analyzer for safety-critical real-time embedded software. In The Essence of Computation: Complexity, Analysis, Transformation, T. Æ. Mogensen, D. A. Schmidt, and I. H. Sudborough (Eds.). Lecture Notes in Computer Science, Vol. 2566. Springer, 85--108.

Digital Library

[5]

Sandrine Blazy, Vincent Laporte, Andre Maroneze, and David Pichardie. 2013. Formal verification of a C value analysis based on abstract interpretation. In Static Analysis, F. Logozzo and M. Fähndrich (Eds.). Lecture Notes in Computer Science, Vol. 7935. Springer, 324--344.

[6]

Jörg Brauer and Andy King. 2010. Automatic abstraction for intervals using boolean formulae. In Static Analysis, R. Cousot and M. Martel (Eds.). Lecture Notes in Computer Science, Vol. 6337. Springer, 167--183.

Digital Library

[7]

Zack Coker and Munawar Hafiz. 2013. Program transformations to fix C integers. In Proceedings of the 35th International Conference on Software Engineering (ICSE’13). IEEE, 792--801.

Digital Library

[8]

Jeremy Condit, Matthew Harren, Scott McPeak, George C. Necula, and Westley Weimer. 2003. CCured in the real world. In Proceedings of ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation (PLDI’03). ACM, New York, NY, 232--244.

Digital Library

[9]

Patrick Cousot and Radhia Cousot. 1977. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM Symposium on Principles of Programming Languages. ACM, New York, NY, 238--252.

Digital Library

[10]

Patrick Cousot and Radhia Cousot. 1979. Systematic design of program analysis frameworks. In Proceedings of the Sixth ACM Symposium on Principles of Programming Languages. ACM, New York, NY, 269--282.

Digital Library

[11]

Patrick Cousot and Radhia Cousot. 1992. Comparing the Galois connection and widening/narrowing approaches to abstract interpretation. In Proceedings of the International Symposium on Programming Language Implementation and Logic Programming, M. Bruynooghe and M. Wirsing (Eds.). Lecture Notes in Computer Science, Vol. 631. Springer, 269--295.

Digital Library

[12]

Will Dietz, Peng Li, John Regehr, and Vikram Adve. 2012. Understanding integer overflow in C/C++. In Proceedings of the 34th International Conference on Software Engineering. IEEE, 760--770.

Digital Library

[13]

Manuel Fähndrich and Francesco Logozzo. 2010. Static contract checking with abstract interpretation. In FoVeOSS, B. Beckert and C. Marché (Eds.). Lecture Notes in Computer Science, Vol. 6528. Springer, 10--30.

Digital Library

[14]

Stephan Falke, Deepak Kapur, and Carsten Sinz. 2012. Termination analysis of imperative programs using bitvector arithmetic. In Verified Software: Theories, Tools, and Experiments, R. Joshi, P. Müller, and A. Podelski (Eds.). Lecture Notes in Computer Science, Vol. 7152. Springer, 261--277.

Digital Library

[15]

Stephan Falke, Florian Merz, and Carsten Sinz. 2013. LLBNC: Improved bounded model checking of C programs using LLVM. In Tools and Algorithms for the Construction and Analysis of Systems, N. Piterman and S. Smolka (Eds.). Lecture Notes in Computer Science, Vol. 7795. Springer, 623--626.

Digital Library

[16]

Graeme Gange, Jorge A. Navas, Peter Schachte, Harald Søndergaard, and Peter J. Stuckey. 2013a. Abstract interpretation over non-lattice abstract domains. In Static Analysis, F. Logozzo and M. Fähndrich (Eds.). Lecture Notes in Computer Science, Vol. 7935. Springer, 6--24.

[17]

Graeme Gange, Harald Søndergaard, Peter J. Stuckey, and Peter Schachte. 2013b. Solving difference constraints over modular arithmetic. In Automated Deduction, M. Bonacina (Ed.). Lecture Notes in Artificial Intelligence, Vol. 7898. Springer, 215--230.

Digital Library

[18]

Thomas Gawlitza, Jérôme Leroux, Jan Reineke, Helmut Seidl, Grégoire Sutre, and Reinhard Wilhelm. 2009. Polynomial precise interval analysis revisited. In Efficient Algorithms: Essays Dedicated to Kurt Mehlhorn on the Occasion of His 60th Birthday, S. Albers, H. Alt, and S. Näher (Eds.). Lecture Notes in Computer Science, Vol. 5760. Springer, 422--437.

Digital Library

[19]

Arnaud Gotlieb, Michel Leconte, and Bruno Marre. 2010. Constraint solving on modular integers. In Proceedings of the Ninth International Workshop on Constraint Modelling and Reformulation (ModRef’10).

[20]

Philippe Granger. 1989. Static analysis of arithmetical congruences. International Journal of Computer Mathematics 30 (1989), 165--190.

[21]

Philippe Granger. 1991. Static analyses of linear congruence equalities among variables of a program. In Theory and Practice of Software Development. Lecture Notes in Computer Science, Vol. 493. Springer, 167--192.

Digital Library

[22]

Andy King and Harald Søndergaard. 2010. Automatic abstraction for congruences. In Verification, Model Checking and Abstract Interpretation, G. Barthe and M. Hermenegildo (Eds.). Lecture Notes in Computer Science, Vol. 5944. Springer, 197--213.

Digital Library

[23]

Michel Leconte and Bruno Berstel. 2006. Extending a CP solver with congruences as domains for program verification. In Proceedings of the 1st Workshop on Software Testing, Verification and Analysis (CSTVA’06), B. Blanc, A. Gotlieb, and C. Michel (Eds.). 22--33.

[24]

Jérôme Leroux and Grégoire Sutre. 2007. Accelerated data-flow analysis. In Static Analysis, H. Riis Nielson and G. Filé (Eds.). Lecture Notes in Computer Science, Vol. 4634. Springer, 184--199.

Digital Library

[25]

Francesco Logozzo and Matthieu Martel. 2013. Automatic repair of overflowing expressions with abstract interpretation. In Semantics, Abstract Interpretation, and Reasoning about Programs, A. Banerjee, O. Danvy, K.-G. Doh, and J. Hatcliff (Eds.). Electronic Proceedings in Theoretical Computer Science, Vol. 129. 341--357.

[26]

Kim Marriott and Peter J. Stuckey. 1998. Programming with Constraints: An Introduction. MIT Press, Cambridge, MA.

[27]

Laurant D. Michel and Pascal Van Hentenryck. 2012. Constraint satisfaction over bit-vectors. In Constraint Programming: Proceedings of the 2012 Conference, M. Milano (Ed.). Lecture Notes in Computer Science, Vol. 7514. Springer, 527--543.

[28]

Antoine Miné. 2006. The octagon abstract domain. Higher-Order and Symbolic Computation 19, 1, 31--100.

Digital Library

[29]

Tsuneo Nakanishi, Kazuki Joe, Constantine D. Polychronopoulos, and Akira Fukuda. 1999. The modulo interval: A simple and practical representation for program analysis. In Parallel Architecture and Compilation Techniques. IEEE, 91--96.

[30]

Jorge A. Navas, Peter Schachte, Harald Søndergaard, and Peter J. Stuckey. 2012. Signedness-agnostic program analysis: Precise integer bounds for low-level code. In Proceedings of the 10th Asian Symposium on Programming Languages and Systems (APLAS’12), R. Jhala and A. Igarashi (Eds.). Lecture Notes in Computer Science, Vol. 7705. Springer, 115--130.

[31]

Flemming Nielson, Hanne Riis Nielson, and Chris Hankin. 1999. Principles of Program Analysis. Springer, New York, NY.

Digital Library

[32]

John Regehr and Usit Duongsaa. 2006. Deriving abstract transfer functions for analyzing embedded software. In Proceedings of the 2006 SIGPLAN/SIGBED Conference on Language, Compilers, and Tool Support for Embedded Systems (LCTES’06). ACM Press, 34--43.

Digital Library

[33]

Thomas Reps, Gogul Balakrishnan, and Junghee Lim. 2006. Intermediate-representation recovery from low-level code. In Proceedings of the 2006 ACM SIGPLAN Conference on Partial Evaluation and Semantics-Based Program Manipulation. ACM Press, New York, NY, 100--111.

Digital Library

[34]

Raphael E. Rodrigues, Victor H. Sperle Campos, and Fernando M. Quintão Pereira. 2013. A fast and low-overhead technique to secure programs against integer overflows. In Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO’13). IEEE, 1--11.

Digital Library

[35]

Helmut Seidl, Reinhard Wilhelm, and Sebastian Hack. 2012. Compiler Design: Analysis and Transformation. Springer.

Digital Library

[36]

Rathijit Sen and Y. N. Srikant. 2007. Executable analysis using abstract interpretation with circular linear progressions. In Proceedings of the Fifth IEEE/ACM International Conference on Formal Methods and Models for Codesign. IEEE, 39--48.

Digital Library

[37]

Axel Simon and Andy King. 2007. Taming the wrapping of integer arithmetic. In Static Analysis, H. Riis Nielson and G. Filé (Eds.). Lecture Notes in Computer Science, Vol. 4634. Springer, 121--136.

Digital Library

[38]

Zhendong Su and David Wagner. 2004. A class of polynomially solvable range constraints for interval analysis without widenings and narrowings. In Tools and Algorithms for the Construction and Analysis of Systems, K. Jensen and A. Podelski (Eds.). Lecture Notes in Computer Science, Vol. 2988. Springer, 280--295.

[39]

Douglas D. C. Teixera and Fernando M. Q. Pereira. 2011. The design and implementation of a non-iterative range analysis algorithm on a production compiler. In Proceedings of the 2011 Brazilian Symposium on Programming Languages.

[40]

Xi Wang, Nickolai Zeldovich, M. Frans Kaashoek, and Armando Solar-Lezama. 2013. Towards optimization-safe systems: Analyzing the impact of undefined behavior. In Proceedings of the 24th ACM Symposium on Operating Systems Principles. ACM, New York, NY, 260--275.

Digital Library

[41]

Henry S. Warren Jr. 2003. Hacker’s Delight. Addison Wesley, New York, NY.

[42]

Chao Zhang, Tielei Wang, Tao Wei, Yu Chen, and Wei Zou. 2010. IntPatch: Automatically fix integer-overflow-to-buffer-overflow vulnerability at compile-time. In Computer Security -- ESORICS 2010, D. Gritzalis, B. Preneel, and M. Theoharidou (Eds.). Lecture Notes in Computer Science, Vol. 6345. Springer, 71--86.

Digital Library

[43]

Chao Zhang, Wei Zou, Tielei Wang, Yu Chen, and Tao Wei. 2011. Using type analysis in compiler to mitigate integer-overflow-to-buffer-overflow threat. Journal of Computer Security 19, 6, 1083--1107.

Digital Library

Cited By

Milanese MMiné A(2024)Generation of Violation Witnesses by Under-Approximating Abstract InterpretationVerification, Model Checking, and Abstract Interpretation10.1007/978-3-031-50524-9_3(50-73)Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1007/978-3-031-50524-9_3
Yoon YLee WYi K(2023)Inductive Program Synthesis via Iterative Forward-Backward Abstract InterpretationProceedings of the ACM on Programming Languages10.1145/35912887:PLDI(1657-1681)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591288
Yao PKe JSun JFu HWu RRen K(2023)Demystifying Template-Based Invariant Generation for Bit-Vector Programs2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00069(673-685)Online publication date: 11-Sep-2023
https://doi.org/10.1109/ASE56229.2023.00069
Show More Cited By

Index Terms

Interval Analysis and Machine Arithmetic: Why Signedness Ignorance Is Bliss

Recommendations

A VLSI Residue Arithmetic Multiplier

Recently, residue arithmetic has received increased attention in the open literature. Using table lookup methods and high-speed memory, modular arithmetic has been demonstrated. However, the memory size limitation of ECL, bipolar, and high-speed MOS ...
The Use of Floating-Point and Interval Arithmetic in the Computation of Error Bounds

Three forms of interval floating-point arithmetic are defined in terms of absolute precision, relative precision, and combined absolute and relative precision. The absolute-precision form corresponds to the centered form of conventional rounded-interval ...
Analysis of modular arithmetic
Special Issue ESOP'05

We consider integer arithmetic modulo a power of 2 as provided by mainstream programming languages like Java or standard implementations of C. The difficulty here is that, for w > 1, the ring Z_m of integers modulo m = 2^w has zero divisors and thus cannot be ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Programming Languages and Systems

ACM Transactions on Programming Languages and Systems Volume 37, Issue 1

January 2015

170 pages

ISSN:0164-0925

EISSN:1558-4593

DOI:10.1145/2688877

Editor:
Jens Palsberg
University of California, Los Angeles, USA

Issue’s Table of Contents

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 January 2015

Accepted: 01 July 2014

Revised: 01 March 2014

Received: 01 July 2013

Published in TOPLAS Volume 37, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Australian Research Council, under ARC

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
869
Total Downloads

Downloads (Last 12 months)151
Downloads (Last 6 weeks)26

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Milanese MMiné A(2024)Generation of Violation Witnesses by Under-Approximating Abstract InterpretationVerification, Model Checking, and Abstract Interpretation10.1007/978-3-031-50524-9_3(50-73)Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1007/978-3-031-50524-9_3
Yoon YLee WYi K(2023)Inductive Program Synthesis via Iterative Forward-Backward Abstract InterpretationProceedings of the ACM on Programming Languages10.1145/35912887:PLDI(1657-1681)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591288
Yao PKe JSun JFu HWu RRen K(2023)Demystifying Template-Based Invariant Generation for Bit-Vector Programs2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00069(673-685)Online publication date: 11-Sep-2023
https://doi.org/10.1109/ASE56229.2023.00069
Machiry AKastner JMcCutchen MEline AHeadley KHicks M(2022)C to checked C by 3cProceedings of the ACM on Programming Languages10.1145/35273226:OOPSLA1(1-29)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3527322
Yao PShi QHuang HZhang C(2021)Program analysis via efficient symbolic abstractionProceedings of the ACM on Programming Languages10.1145/34854955:OOPSLA(1-32)Online publication date: 15-Oct-2021
https://dl.acm.org/doi/10.1145/3485495
Gange GMa ZNavas JSchachte PSøndergaard HStuckey P(2021)A Fresh Look at Zones and OctagonsACM Transactions on Programming Languages and Systems10.1145/345788543:3(1-51)Online publication date: 3-Sep-2021
https://dl.acm.org/doi/10.1145/3457885
Abyaneh AKirsch CGrundy J(2021)ASEProceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering10.1109/ASE51524.2021.9678584(203-214)Online publication date: 15-Nov-2021
https://dl.acm.org/doi/10.1109/ASE51524.2021.9678584
Yao PShi QHuang HZhang CKhurshid SPăsăreanu C(2020)Fast bit-vector satisfiabilityProceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3395363.3397378(38-50)Online publication date: 18-Jul-2020
https://dl.acm.org/doi/10.1145/3395363.3397378
Cousot PGiacobazzi RRanzato F(2019)A²I: abstract² interpretationProceedings of the ACM on Programming Languages10.1145/32903553:POPL(1-31)Online publication date: 2-Jan-2019
https://dl.acm.org/doi/10.1145/3290355
Miné A(2017)Tutorial on Static Inference of Numeric Invariants by Abstract InterpretationFoundations and Trends in Programming Languages10.1561/25000000344:3-4(120-372)Online publication date: 5-Dec-2017
https://dl.acm.org/doi/10.1561/2500000034
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents