skip to main content
research-article
Open Access

Partial (In)Completeness in abstract interpretation: limiting the imprecision in program analysis

Published:12 January 2022Publication History
Skip Abstract Section

Abstract

Imprecision is inherent in any decidable (sound) approximation of undecidable program properties. In abstract interpretation this corresponds to the release of false alarms, e.g., when it is used for program analysis and program verification. As all alarming systems, a program analysis tool is credible when few false alarms are reported. As a consequence, we have to live together with false alarms, but also we need methods to control them. As for all approximation methods, also for abstract interpretation we need to estimate the accumulated imprecision during program analysis. In this paper we introduce a theory for estimating the error propagation in abstract interpretation, and hence in program analysis. We enrich abstract domains with a weakening of a metric distance. This enriched structure keeps coherence between the standard partial order relating approximated objects by their relative precision and the effective error made in this approximation. An abstract interpretation is precise when it is complete. We introduce the notion of partial completeness as a weakening of precision. In partial completeness the abstract interpreter may produce a bounded number of false alarms. We prove the key recursive properties of the class of programs for which an abstract interpreter is partially complete with a given bound of imprecision. Then, we introduce a proof system for estimating an upper bound of the error accumulated by the abstract interpreter during program analysis. Our framework is general enough to be instantiated to most known metrics for abstract domains.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

video 5min talk of our paper

References

  1. Andrea Asperti. 2008. The intensional content of Rice’s theorem. ACM SIGPLAN Notices, 43, 1 (2008), 113–119. https://doi.org/10.1145/1328438.1328455 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Manuel Blum. 1967. A machine-independent theory of the complexity of recursive functions. Journal of the ACM (JACM), 14, 2 (1967), 322–336. https://doi.org/10.1145/321386.321395 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Roberto Bruni, Roberto Giacobazzi, Roberta Gori, Isabel Garcia-Contreras, and Dusko Pavlovic. 2020. Abstract extensionality: on the properties of incomplete abstract interpretations. PACMPL, 4, POPL (2020), 28:1–28:28. https://doi.org/10.1145/3371096 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Roberto Bruni, Roberto Giacobazzi, Roberta Gori, and Francesco Ranzato. 2021. A Logic for Locally Complete Abstract Interpretations. In Proc. 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS 2021). IEEE Computer Society, 1–13. https://doi.org/10.1109/LICS52264.2021.9470608 Distinguished paper Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Marco Campion, Mila Dalla Preda, and Roberto Giacobazzi. 2019. Abstract Interpretation of Indexed Grammars. In International Static Analysis Symposium. Springer, 121–139. https://doi.org/10.1007/978-3-030-32304-2_7 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Ignacio Casso, José F Morales, Pedro López-García, Roberto Giacobazzi, and Manuel V. Hermenegildo. 2019. Computing abstract distances in logic programs. In International Symposium on Logic-Based Program Synthesis and Transformation. Springer, 57–72. https://doi.org/10.1007/978-3-030-45260-5_4 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Mariano Ceccato, Paolo Tonella, Cataldo Basile, Paolo Falcarin, Marco Torchiano, Bart Coppens, and Bjorn De Sutter. 2019. Understanding the behaviour of hackers while performing attack tasks in a professional setting and in a public challenge. Empir. Softw. Eng., 24, 1 (2019), 240–286. https://doi.org/10.1007/s10664-018-9625-6 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Christian Collberg and Jasvir Nagra. 2009. Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Addison-Wesley Professional. isbn:0321549252Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Christian S. Collberg, Jack W. Davidson, Roberto Giacobazzi, Yuan Xiang Gu, Amir Herzberg, and Fei-Yue Wang. 2011. Toward Digital Asset Protection. IEEE Intelligent Systems, 26, 6 (2011), 8–13. https://doi.org/10.1109/MIS.2011.106 Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Patrick Cousot. 2021. Principles of Abstract Interpretation. The MIT Press, Cambridge, Mass..Google ScholarGoogle Scholar
  11. Patrick Cousot and Radhia Cousot. 1976. Static determination of dynamic properties of programs. In Proceedings of the 2nd International Symposium on Programming. Dunod, Paris, 106–130. https://doi.org/10.1145/390019.808314 Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Patrick Cousot and Radhia Cousot. 1977. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages. ACM Press, 238–252. https://doi.org/10.1145/512950.512973 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Patrick Cousot and Radhia Cousot. 1979. Systematic design of program analysis frameworks. In Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages. ACM Press, 269–282. https://doi.org/10.1145/567752.567778 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Patrick Cousot and Radhia Cousot. 1992. Abstract interpretation frameworks. J. Logic and Comput., 2, 4 (1992), 511–547. https://doi.org/10.1093/logcom/2.4.511 Google ScholarGoogle ScholarCross RefCross Ref
  15. Patrick Cousot and Radhia Cousot. 1992. Comparing the Galois connection and widening/narrowing approaches to abstract interpretation (Invited Paper). In Proc. of the 4th Internat. Symp. on Programming Language Implementation and Logic Programming ( PLILP ’92), M. Bruynooghe and M. Wirsing (Eds.) (Lecture Notes in Computer Science, Vol. 631). Springer-Verlag, 269–295. https://doi.org/10.1007/3-540-55844-6_142 Google ScholarGoogle ScholarCross RefCross Ref
  16. Patrick Cousot, Roberto Giacobazzi, and Francesco Ranzato. 2018. Program analysis is harder than verification: A computability perspective. In International Conference on Computer Aided Verification. Springer, 75–95. https://doi.org/10.1007/978-3-319-96142-2_8 Google ScholarGoogle ScholarCross RefCross Ref
  17. Patrick Cousot, Roberto Giacobazzi, and Francesco Ranzato. 2019. A²I: Abstract² Interpretation. Proc. ACM Program. Lang., 3, POPL (2019), Article 42, Jan., 31 pages. https://doi.org/10.1145/3290355 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Patrick Cousot and Nicolas Halbwachs. 1978. Automatic discovery of linear restraints among variables of a program. In Conference Record of the Fifth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, New York, NY, Tucson, Arizona. 84–97. https://doi.org/10.1145/512760.512770 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Federico Crazzolara. 1997. Quasi-metric Spaces as Domains for Abstract Interpretation. In 1997 Joint Conf. on Declarative Programming, APPIA-GULP-PRODE’97, Grado, Italy, June 16-19, 1997, Moreno Falaschi, Marisa Navarro, and Alberto Policriti (Eds.). 45–56.Google ScholarGoogle Scholar
  20. Alessandra Di Pierro and Herbert Wiklicky. 2000. Measuring the precision of abstract interpretations. In International Workshop on Logic-Based Program Synthesis and Transformation. Springer, 147–164.Google ScholarGoogle Scholar
  21. Dino Distefano, Manuel Fähndrich, Francesco Logozzo, and Peter W. O’Hearn. 2019. Scaling static analyses at Facebook. Commun. ACM, 62, 8 (2019), 62–70. https://doi.org/10.1145/3338112 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Roberto Giacobazzi. 2008. Hiding Information in Completeness Holes - New perspectives in code obfuscation and watermarking. In Proc. of The 6th IEEE International Conferences on Software Engineering and Formal Methods (SEFM’08). IEEE Press., 7–20. https://doi.org/10.1109/SEFM.2008.41 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Roberto Giacobazzi, Francesco Logozzo, and Francesco Ranzato. 2015. Analyzing Program Analyses. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015, Mumbai, India, January 15-17, 2015, Sriram K. Rajamani and David Walker (Eds.). ACM, 261–273. isbn:978-1-4503-3300-9 https://doi.org/10.1145/2676726.2676987 Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Roberto Giacobazzi and Isabella Mastroeni. 2012. Making abstract interpretation incomplete: Modeling the potency of obfuscation. In International Static Analysis Symposium. Springer, 129–145. https://doi.org/10.1007/978-3-642-33125-1_11 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Roberto Giacobazzi, Isabella Mastroeni, and Mila Dalla Preda. 2017. Maximal incompleteness as obfuscation potency. Formal Aspects of Computing, 29, 1 (2017), 3–31. https://doi.org/10.1007/s00165-016-0374-2 Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Roberto Giacobazzi, Francesco Ranzato, and Francesca Scozzari.. 2000. Making Abstract Interpretation Complete. Journal of the ACM, 47, 2 (2000), March, 361–416. https://doi.org/10.1145/333979.333989 Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Dexter Kozen. 1997. Kleene algebra with tests. ACM Transactions on Programming Languages and Systems (TOPLAS), 19, 3 (1997), 427–443. https://doi.org/10.1145/256167.256195 Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Vincent Laviron and Francesco Logozzo. 2009. Refining Abstract Interpretation-Based Static Analyses with Hints. In Proc. of APLAS’09 (Lecture Notes in Computer Science, Vol. 5904). Springer-Verlag, 343–358. https://doi.org/10.1007/978-3-642-10672-9_24 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Francesco Logozzo. 2009. Towards a Quantitative Estimation of Abstract Interpretations. In Workshop on Quantitative Analysis of Software (workshop on quantitative analysis of software ed.). Microsoft. https://www.microsoft.com/en-us/research/publication/towards-a-quantitative-estimation-of-abstract-interpretations/Google ScholarGoogle Scholar
  30. Antoine Miné. 2017. Tutorial on Static Inference of Numeric Invariants by Abstract Interpretation. Foundations and Trends in Programming Languages, 4, 3-4 (2017), 120–372. https://doi.org/10.1561/2500000034 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Hartley Rogers. 1992. Theory of recursive functions and effective computability. The MIT press.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Pascal Sotin. 2010. Quantifying the precision of numerical abstract domains. INRIA. https://hal.inria.fr/inria-00457324Google ScholarGoogle Scholar
  33. Bjorn De Sutter, Christian S. Collberg, Mila Dalla Preda, and Brecht Wyseur. 2019. Software Protection Decision Support and Evaluation Methodologies (Dagstuhl Seminar 19331). Dagstuhl Reports, 9, 8 (2019), 1–25. https://doi.org/10.4230/DagRep.9.8.1 Google ScholarGoogle ScholarCross RefCross Ref
  34. Arnaud Venet. 1996. Abstract cofibered domains: Application to the alias analysis of untyped programs. In International Static Analysis Symposium. Springer, 366–382. https://doi.org/10.1007/3-540-61739-6_53 Google ScholarGoogle ScholarCross RefCross Ref
  35. Wallace Alvin Wilson. 1931. On quasi-metric spaces. American Journal of Mathematics, 53, 3 (1931), 675–684. https://doi.org/10.2307/2371174 Google ScholarGoogle ScholarCross RefCross Ref
  36. Glynn Winskel. 1993. The formal semantics of programming languages: an introduction. MIT press.Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Partial (In)Completeness in abstract interpretation: limiting the imprecision in program analysis

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!