Interprocedural Functional Shape Analysis using Local Heaps
نویسندگان
چکیده
We present a framework for interprocedural shape analysis, which is context-and flow-sensitive with the ability to perform destructive pointer updates. Instancesof the framework are precise enough to prove the absence of program errors suchas null dereferences, memory leaks and verify conformance to API specifications.Technically, our analysis computes procedure summaries as transformers frominputs to outputs while ignoring parts of the heap not relevant to the procedure.This makes the analysis modular in the heap and thus allows reusing the effect ofa procedure at different call-sites and even between different contexts occurring atthe same call-site.A prototype of our framework was implemented and used to verify interestingproperties of heap manipulating programs.
منابع مشابه
Interprocedural Shape Analysis for Effectively Cutpoint-Free Programs
We present a framework for local interprocedural shape analysis that computes procedure summaries as transformers of procedure-local heaps (the parts of the heap that the procedure may reach). A main challenge in procedurelocal shape analysis is the handling of cutpoints, objects that separate the input heap of an invoked procedure from the rest of the heap, which—from the viewpoint of that inv...
متن کاملCall-Site Heuristics for Scalable Context- Sensitive Interprocedural Analysis
When analyzing a program via an abstract interpretation (dataflow analysis) framework we would like to examine the program in a context-sensitive interprocedural manner. Analyzing the entire program in a manner that precisely considers interprocedural flow can lead to much more accurate results than local or context insensitive analyses (particularly for heap based analyses such as shape analys...
متن کاملShape Analysis via Monotonic Abstraction
We propose a new formalism for reasoning about dynamic memory heaps, using monotonic abstraction and symbolic backward reachability analysis. We represent the heaps as graphs, and introduce an ordering on these graphs. This enables us to represent the violation of a given safety property as the reachability of a finitely representable set of bad graphs. We also describe how to symbolically comp...
متن کاملProgramming Paradigm Driven Heap Analysis
The computational cost and precision of a shape style heap analysis is highly dependent on the way method calls are handled. This paper introduces a new approach to analyzing method calls that leverages the fundamental object-oriented programming concepts of encapsulation and invariants. The analysis consists of a novel partial context-sensitivity heuristic and a new take on cutpoints that, in ...
متن کاملSet Constraints for Destructive Array Update Optimization
Destructive array update optimization is critical for writing scientiic codes in functional languages. We present set constraints for an interprocedural update optimization that runs in polynomial time. This is a multi-pass optimization, involving interprocedural ow analyses for aliasing and liveness. We characterize the soundness of these analyses using small-step operational semantics. We hav...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004