Abstract
We present a strictly bottom-up, summary-based, and precise heap analysis targeted for program verification that performs strong updates to heap locations at call sites. We first present a theory of heap decompositions that forms the basis of our approach; we then describe a full analysis algorithm that is fully symbolic and efficient. We demonstrate the precision and scalability of our approach for verification of real C and C++ programs.
- Aiken, A., Bugrara, S., Dillig, I., Dillig, T., Hackett, B., Hawkins, P.: An overview of the saturn project. In: PASTE, ACM (2007) 43--48 Google Scholar
Digital Library
- Bush, W., Pincus, J., Sielaff, D.: A static analyzer for finding dynamic programming errors. Software: Practice and Experience 30(7) (2000) 775--802 Google Scholar
Digital Library
- Reps, T.W., Sagiv, S., Wilhelm, R.: Static program analysis via 3-valued logic. In: CAV. Volume 3114., Springer (2004) 15--30Google Scholar
- Dillig, I., Dillig, T., Aiken, A.: Fluid updates: Beyond strong vs. weak updates. In: ESOP. (2010) Google Scholar
Digital Library
- Landi, W., Ryder, B.G.: A safe approximate algorithm for interprocedural aliasing. SIGPLAN Not. 27(7) (1992) 235--248 Google Scholar
Digital Library
- Wilson, R.P., Lam, M.S.: Efficient context-sensitive pointer analysis for c programs. In: PLDI. (1995) Google Scholar
Digital Library
- Chatterjee, R., Ryder, B., Landi, W.: Relevant context inference. In: POPL, ACM (1999) 133--146 Google Scholar
Digital Library
- Dillig, I., Dillig, T., Aiken, A.: Sound, complete and scalable path-sensitive analysis. In: PLDI, ACM (2008) 270--280 Google Scholar
Digital Library
- Whaley, J., Rinard, M.: Compositional pointer and escape analysis for Java programs. In: OOPSLA, ACM (1999) 187--206 Google Scholar
Digital Library
- Salcinau, A.: Pointer Analysis for Java Programs: Novel Techniques and Applications. PhD thesis, MIT (2006) Google Scholar
Digital Library
- Calcagno, C., Distefano, D., O'Hearn, P., Yang, H.: Compositional shape analysis by means of bi-abduction. POPL (2009) 289--300 Google Scholar
Digital Library
- Gulavani, B., Chakraborty, S., Ramalingam, G., Nori, A.: Bottom-up shape analysis. SAS (2009) 188--204 Google Scholar
Digital Library
- Cousot, P., Cousot, R.: Modular static program analysis. In: CC. (2002) 159--178 Google Scholar
Digital Library
- Gulwani, S., Tiwari, A.: Computing procedure summaries for interprocedural analysis. ESOP (2007) 253--267 Google Scholar
Digital Library
- Pnueli, M.: Two approaches to interprocedural data flow analysis. Program Flow Analysis: Theory and Applications (1981) 189--234Google Scholar
- Yorsh, G., Yahav, E., Chandra, S.: Generating precise and concise procedure summaries. POPL 43(1) (2008) 221--234 Google Scholar
Digital Library
- Reps, T.W., Horwitz, S., Sagiv, S.: Precise interprocedural dataflow analysis via graph reachability. In: POPL. (1995) 49--61 Google Scholar
Digital Library
- Sagiv, S., Reps, T.W., Horwitz, S.: Precise interprocedural dataflow analysis with applications to constant propagation. Theor. Comput. Sci. 167(1&2) (1996) 131--170 Google Scholar
Digital Library
Index Terms
Precise and compact modular procedure summaries for heap manipulating programs
Recommendations
Generating precise and concise procedure summaries
POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languagesWe present a framework for generating procedure summaries that are (a) precise - applying the summary in a given context yields the same result as re-analyzing the procedure in that context, and(b) concise - the summary exploits the commonalitiesin the ...
Precise and compact modular procedure summaries for heap manipulating programs
PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and ImplementationWe present a strictly bottom-up, summary-based, and precise heap analysis targeted for program verification that performs strong updates to heap locations at call sites. We first present a theory of heap decompositions that forms the basis of our ...
Flexible pointer analysis using assign-fetch graphs
SAC '08: Proceedings of the 2008 ACM symposium on Applied computingWe propose a new abstraction for pointer analysis that represents reads and writes to memory instead of traditional points-to relations. Compared to points-to graphs, our Assign-Fetch Graph (AFG) leads to concise procedure summaries that can be used in ...







Comments