Abstract
Abstract interpretation is a methodology for defining sound static analysis. Yet, building sound static analyses for modern programming languages is difficult, because these static analyses need to combine sophisticated abstractions for values, environments, stores, etc. However, static analyses often tightly couple these abstractions in the implementation, which not only complicates the implementation, but also makes it hard to decide which parts of the analyses can be proven sound independently from each other. Furthermore, this coupling makes it hard to combine soundness lemmas for parts of the analysis to a soundness proof of the complete analysis.
To solve this problem, we propose to construct static analyses modularly from reusable analysis components. Each analysis component encapsulates a single analysis concern and can be proven sound independently from the analysis where it is used. We base the design of our analysis components on arrow transformers, which allows us to compose analysis components. This composition preserves soundness, which guarantees that a static analysis is sound, if all its analysis components are sound. This means that analysis developers do not have to worry about soundness as long as they reuse sound analysis components. To evaluate our approach, we developed a library of 13 reusable analysis components in Haskell. We use these components to define a k-CFA analysis for PCF and an interval and reaching definition analysis for a While language.
Supplemental Material
Available for Download
Soundness proofs of the analysis components used for the kCFA analysis for PCF.
- P. Cousot. 1999. The Calculational Design of a Generic Abstract Interpreter. In Calculational System Design, M. Broy and R. Steinbrüggen (Eds.). NATO ASI Series F. IOS Press, Amsterdam.Google Scholar
- Patrick Cousot and Radhia Cousot. 1979. Systematic design of program analysis frameworks. In Proceedings of Symposium on Principles of Programming Languages (POPL). ACM, 269–282.Google Scholar
Digital Library
- Patrick Cousot and Radhia Cousot. 1992. Comparing the Galois Connection and Widening/Narrowing Approaches to Abstract Interpretation. In Programming Language Implementation and Logic Programming, 4th International Symposium, PLILP’92, Leuven, Belgium, August 26-28, 1992, Proceedings. 269–295.Google Scholar
- David Darais, Nicholas Labich, Phuc C. Nguyen, and David Van Horn. 2017. Abstracting definitional interpreters (functional pearl). PACMPL 1, ICFP (2017), 12:1–12:25.Google Scholar
- David Darais, Matthew Might, and David Van Horn. 2015. Galois transformers and modular abstract interpreters: reusable metatheory for program analysis. In Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2015, part of SPLASH 2015, Pittsburgh, PA, USA, October 25-30, 2015. 552–571.Google Scholar
Digital Library
- Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, and Raymie Stata. 2002. Extended Static Checking for Java. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI ’02). ACM, New York, NY, USA, 234–245.Google Scholar
Digital Library
- Jeremy Gibbons (Ed.). 2010. Proceedings of the 3rd ACM SIGPLAN Symposium on Haskell, Haskell 2010, Baltimore, MD, USA, 30 September 2010. ACM.Google Scholar
- Cordelia V Hall, Kevin Hammond, Simon L Peyton Jones, and Philip L Wadler. 1996. Type classes in Haskell. ACM Transactions on Programming Languages and Systems (TOPLAS) 18, 2 (1996), 109–138.Google Scholar
Digital Library
- Makoto Hamana and Marcelo P. Fiore. 2011. A foundation for GADTs and inductive families: dependent polynomial functor approach. In Proceedings of the seventh ACM SIGPLAN workshop on Generic programming, [email protected] 2011, Tokyo, Japan, September 19-21, 2011. 59–70.Google Scholar
- David Van Horn and Matthew Might. 2010. Abstracting abstract machines. In Proceeding of the 15th ACM SIGPLAN international conference on Functional programming, ICFP 2010, Baltimore, Maryland, USA, September 27-29, 2010. 51–62.Google Scholar
Digital Library
- John Hughes. 2000. Generalising monads to arrows. Sci. Comput. Program. 37, 1-3 (2000), 67–111.Google Scholar
Digital Library
- Jacques-Henri Jourdan, Vincent Laporte, Sandrine Blazy, Xavier Leroy, and David Pichardie. 2015. A Formally-Verified C Static Analyzer. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015, Mumbai, India, January 15-17, 2015. 247–259.Google Scholar
Digital Library
- Sven Keidel, Casper Bach Poulsen, and Sebastian Erdweg. 2018. Compositional Soundness Proofs of Abstract Interpreters. PACMPL ICFP (2018).Google Scholar
- Jens Knoop and Oliver Rüthing. 1999. Optimization Under the Perspective of Soundness, Completeness, and Reusability. In Correct System Design, Recent Insight and Advances, (to Hans Langmaack on the occasion of his retirement from his professorship at the University of Kiel). 288–315.Google Scholar
- Sheng Liang, Paul Hudak, and Mark P. Jones. 1995. Monad Transformers and Modular Interpreters. In Conference Record of POPL’95: 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, San Francisco, California, USA, January 23-25, 1995. 333–343.Google Scholar
Digital Library
- Magnus Madsen and Ondrej Lhoták. 2018. Safe and Sound Program Analysis with Flix. In Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’18).Google Scholar
Digital Library
- Fadi Meawad, Gregor Richards, Floréal Morandat, and Jan Vitek. 2012. Eval Begone!: Semi-automated Removal of Eval from Javascript Programs. In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA ’12). ACM, New York, NY, USA, 607–620.Google Scholar
Digital Library
- Flemming Nielson, Hanne Riis Nielson, and Chris Hankin. 1999. Principles of program analysis. Springer.Google Scholar
Digital Library
- Oystein Ore. 1944. Galois connexions. Trans. Amer. Math. Soc. 55, 3 (1944), 493–513.Google Scholar
Cross Ref
- David Lorge Parnas. 1972. On the Criteria To Be Used in Decomposing Systems into Modules. Communication of the ACM 15, 12 (1972), 1053–1058.Google Scholar
Digital Library
- Ross Paterson. 2001. A New Notation for Arrows. In Proceedings of International Conference on Functional Programming (ICFP). ACM, 229–240.Google Scholar
Digital Library
- Gordon D. Plotkin. 1977. LCF Considered as a Programming Language. Theor. Comput. Sci. 5, 3 (1977), 223–255.Google Scholar
Cross Ref
- Nick Rutar, Christian B. Almazan, and Jeffrey S. Foster. 2004. A Comparison of Bug Finding Tools for Java. In 15th International Symposium on Software Reliability Engineering (ISSRE 2004), 2-5 November 2004, Saint-Malo, Bretagne, France. 245–256.Google Scholar
Digital Library
- Ilya Sergey, Dominique Devriese, Matthew Might, Jan Midtgaard, David Darais, Dave Clarke, and Frank Piessens. 2013. Monadic Abstract Interpreters. In Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’13). ACM, New York, NY, USA, 12.Google Scholar
Digital Library
- Olin Shivers. 1991. Control-flow analysis of higher-order languages. Ph.D. Dissertation. Carnegie Mellon University.Google Scholar
Digital Library
- Yannis Smaragdakis, George Balatsouras, George Kastrinis, and Martin Bravenboer. 2015. More Sound Static Handling of Java Reflection. In Programming Languages and Systems - 13th Asian Symposium, APLAS 2015, Pohang, South Korea, November 30 - December 2, 2015, Proceedings. 485–503.Google Scholar
- Arnaud Venet. 1996. Abstract Cofibered Domains: Application to the Alias Analysis of Untyped Programs. In Static Analysis, Third International Symposium, SAS’96, Aachen, Germany, September 24-26, 1996, Proceedings. 366–382.Google Scholar
Digital Library
Index Terms
Sound and reusable components for abstract interpretation
Recommendations
On the power of abstract interpretation
Increasingly sophisticated applications of static analysis make it important to precisely characterize the power of static analysis techniques. Sekar et al. recently studied the power of strictness analysis techniques and showed that strictness analysis ...
Relational Thread-Modular Static Value Analysis by Abstract Interpretation
VMCAI 2014: Proceedings of the 15th International Conference on Verification, Model Checking, and Abstract Interpretation - Volume 8318We study thread-modular static analysis by abstract interpretation to infer the values of variables in concurrent programs. We show how to go beyond the state of the art and increase an analysis precision by adding the ability to infer some relational ...
Selective X-Sensitive Analysis Guided by Impact Pre-Analysis
We present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to improve the precision that matters for resolving given queries. ...






Comments