Abstract
A calling context is an important piece of information used widely to help developers understand program executions (e.g., for debugging). While calling contexts offer useful control information, information regarding data involved in a bug (e.g., what data structure holds a leaking object), in many cases, can bring developers closer to the bug's root cause. Such data information, often exhibited as heap reference paths, has already been needed by many tools.
The only way for a dynamic analysis to record complete reference paths is to perform heap dumping, which incurs huge runtime overhead and renders the analysis impractical. This paper presents a novel static analysis that can precisely infer, from a calling context of a method that contains a use (e.g., read or write) of an object, the heap reference paths leading to the object at the time the use occurs. Since calling context recording is much less expensive, our technique provides benefits for all dynamic techniques that need heap information, significantly reducing their overhead.
Supplemental Material
- Edward E. Aftandilian and Samuel Z. Guyer. 2009. GC Assertions: Using the Garbage Collector to Check Heap Properties. In PLDI. 235– 244. Google Scholar
Digital Library
- Rajeev Alur. 2007. Marrying Words and Trees. In PODS. 233–242. Google Scholar
Digital Library
- Rajeev Alur, Michael Benedikt, Kousha Etessami, Patrice Godefroid, Thomas Reps, and Mihalis Yannakakis. 2005. Analysis of Recursive State Machines. ACM Trans. Program. Lang. Syst. 27, 4 (2005), 786–818. Google Scholar
Digital Library
- Rajeev Alur and P. Madhusudan. 2004. Visibly Pushdown Languages. In STOC. 202–211. Google Scholar
Digital Library
- Osbert Bastani, Saswat Anand, and Alex Aiken. 2015. Specification Inference Using CFL Reachability. In POPL. 553–566. Google Scholar
Digital Library
- S. M. Blackburn, R. Garner, C. Hoffman, A. M. Khan, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanović, T. VanDrunen, D. von Dincklage, and B. Wiedermann. 2006. The DaCapo Benchmarks: Java Benchmarking Development and Analysis. In OOPSLA. 169–190. Google Scholar
Digital Library
- Michael D. Bond, Graham Z. Baker, and Samuel Z. Guyer. 2010. Breadcrumbs: Efficient Context Sensitivity for Dynamic Bug Detection Analyses. In PLDI. 13–24. Google Scholar
Digital Library
- Michael D. Bond and Kathryn S. McKinley. 2006. Bell: Bit-encoding online memory leak detection. In ASPLOS. 61–72. Google Scholar
Digital Library
- Michael D. Bond and Kathryn S. McKinley. 2007. Probabilistic Calling Context. In OOPSLA. 97–112. Google Scholar
Digital Library
- Swarat Chaudhuri. 2008. Subcubic Algorithms for Recursive State Machines. In POPL. 159–169. Google Scholar
Digital Library
- Cormac Flanagan and Stephen N. Freund. 2009. FastTrack: Efficient and Precise Dynamic Race Detection. In PLDI. 121–133. Google Scholar
Digital Library
- Nevin Heintze and David McAllester. 1997. On the Cubic Bottleneck in Subtyping and Flow Analysis. In LICS. 342–351. Google Scholar
Digital Library
- Susan Horwitz, Thomas Reps, and Mooly Sagiv. 1995. Demand interprocedural dataflow analysis. In FSE. 104–115. Google Scholar
Digital Library
- Jipeng Huang and Michael D. Bond. 2013. Efficient context sensitivity for dynamic analyses via calling context uptrees and customized memory management. In OOPSLA. 53–72. Google Scholar
Digital Library
- IBM. 2017. Whole System Analysis of Idle Time (WAIT). https://wait. ibm.com/ . (2017).Google Scholar
- John Kodumal and Alex Aiken. 2004. The Set Constraint/CFL Reachability Connection in Practice. In PLDI. 207–218. Google Scholar
Digital Library
- John Kodumal and Alex Aiken. 2007. Regularly annotated set constraints. In PLDI. 331–341. Google Scholar
Digital Library
- Jens Krinke. 2004. Context-Sensitivity Matters, But Context Does Not. In SCAM. 29–35. Google Scholar
Digital Library
- Jianjun Li, Zhenjiang Wang, Chenggang Wu, Wei-Chung Hsu, and Di Xu. 2014. Dynamic and Adaptive Calling Context Encoding. In CGO. 120–131. Google Scholar
Digital Library
- Ying Liu and Ana Milanova. 2008. Static analysis for inference of explicit information flow. In PASTE. 50–56. Google Scholar
Digital Library
- Evan K. Maxwell, Godmar Back, and Naren Ramakrishnan. 2010. Diagnosing Memory Leaks Using Graph Mining on Heap Dumps. In KDD. 115–124. Google Scholar
Digital Library
- David Melski and Thomas Reps. 2000. Interconvertibility of a Class of Set Constraints and Context-Free-Language Reachability. Theoretical Computer Science 248 (2000), 29–98. Google Scholar
Digital Library
- Nick Mitchell, Edith Schonberg, and Gary Sevitsky. 2009. Making Sense of Large Heaps. In ECOOP. 77–97. Google Scholar
Digital Library
- J. Rehof and M. Fähndrich. 2001. Type-Based Flow Analysis: From Polymorphic Subtyping to CFL-Reachability. In POPL. 54–66. Google Scholar
Digital Library
- Christoph Reichenbach, Neil Immerman, Yannis Smaragdakis, Edward Aftandilian, and Samuel Z. Guyer. 2010. What Can the GC Compute Efficiently? A Language for Heap Assertions at GC Time. In OOPSLA. 256–269. Google Scholar
Digital Library
- Thomas Reps. 1994. Solving demand versions of interprocedural analysis problems. In CC. 389–403. Google Scholar
Digital Library
- Thomas Reps. 1995. Shape analysis as a generalized path problem. In PEPM. 1–11. Google Scholar
Digital Library
- Thomas Reps. 1998. Program Analysis via Graph Reachability. Information and Software Technology 40, 11-12 (1998), 701–726.Google Scholar
Cross Ref
- Thomas Reps. 2000. Undecidability of context-sensitive dataindependence analysis. ACM TOPLAS 22, 1 (2000), 162–186. Google Scholar
Digital Library
- Thomas Reps, Susan Horwitz, Mooly Sagiv, and Genevieve Rosay. 1994. Speeding up slicing. In FSE. 11–20. Google Scholar
Digital Library
- Thomas Reps, Susan Horwitz, and Shmuel Sagiv. 1995. Precise Interprocedural Dataflow Analysis via Graph Reachability. In popl. 49–61. Google Scholar
Digital Library
- Nathan P. Ricci, Samuel Z. Guyer, and J. Eliot B. Moss. 2013. Elephant Tracks: Portable Production of Complete and Precise GC Traces. In ISMM. 109–118. Google Scholar
Digital Library
- Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. 1999. Parametric Shape Analysis via 3-Valued Logic. ACM TOPLAS 24, 3 (1999), 217–298. Google Scholar
Digital Library
- Julian Seward and Nicholas Nethercote. 2005. Using Valgrind to Detect Undefined Value Errors with Bit-precision. In USENIX. 17–30. Google Scholar
Digital Library
- Soot 2017. Soot. http://sable.github.io/soot/ . (2017).Google Scholar
- Johannes Späth, Lisa Nguyen Quang Do, Karim Ali, and Eric Bodden. 2016. Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java. In ECOOP. 12:1–12:2.Google Scholar
- Manu Sridharan and Rastislav Bodik. 2006. Refinement-Based ContextSensitive Points-To Analysis for Java. In PLDI. 387–400. Google Scholar
Digital Library
- Manu Sridharan, Denis Gopan, Lexin Shan, and Rastislav Bodik. 2005. Demand-driven points-to analysis for Java. In OOPSLA. 59–76. Google Scholar
Digital Library
- William N. Sumner, Yunhui Zheng, Dasarath Weeratunge, and Xiangyu Zhang. 2010. Precise Calling Context Encoding. In ICSE. 525–534. Google Scholar
Digital Library
- Hao Tang, Xiaoyin Wang, Lingming Zhang, Bing Xie, Lu Zhang, and Hong Mei. 2015. Summary-Based Context-Sensitive Data-Dependence Analysis in Presence of Callbacks. In POPL. 83–95. Google Scholar
Digital Library
- Rei Thiessen and Ondrej Lhoták. 2017. Context transformations for pointer analysis. In PLDI. 263–277. Google Scholar
Digital Library
- Rongxin Wu, Xiao Xiao, Shing-Chi Cheung, Hongyu Zhang, and Charles Zhang. 2016. Casper: an efficient approach to call trace collection. In POPL. 678–690. Google Scholar
Digital Library
- Guoqing Xu, Michael D. Bond, Feng Qin, and Atanas Rountev. 2011. LeakChaser: Helping programmers narrow down causes of memory leaks. In PLDI. 270–282. Google Scholar
Digital Library
- Guoqing Xu and Atanas Rountev. 2008. Precise Memory Leak Detection for Java Software Using Container Profiling. In ICSE. 151–160. Google Scholar
Digital Library
- Guoqing Xu, Atanas Rountev, and Manu Sridharan. 2009. Scaling CFL-reachability-based points-to analysis using context-sensitive must-notalias analysis. In ECOOP. 98–122. Google Scholar
Digital Library
- Dacong Yan, Guoqing Xu, and Atanas Rountev. 2011. Demand-Driven Context-Sensitive Alias Analysis for Java. In ISSTA. 155–165. Google Scholar
Digital Library
- Mihalis Yannakakis. 1990. Graph-theoretic Methods in Database Theory. In PODS. 230–242. Google Scholar
Digital Library
- YourKit. 2017. YourKit Profiler. https://www.yourkit.com . (2017).Google Scholar
- Hao Yuan and Patrick Eugster. 2009. An Efficient Algorithm for Solving the Dyck-CFL-Reachability Problem on Trees. In ESOP. 175–189. Google Scholar
Digital Library
- Qirun Zhang, Michael R. Lyu, Hao Yuan, and Zhendong Su. 2013. Fast Algorithms for Dyck-CFL-reachability with Applications to Alias Analysis. In PLDI. 435–446. Google Scholar
Digital Library
- Qirun Zhang and Zhendong Su. 2017. Context-sensitive datadependence analysis via linear conjunctive language reachability. In POPL. 344–358. Google Scholar
Digital Library
- Qirun Zhang, Xiao Xiao, Charles Zhang, Hao Yuan, and Zhendong Su. 2014. Efficient Subcubic Alias Analysis for C. In OOPSLA. 829–845. Google Scholar
Digital Library
- Xin Zheng and Radu Rugina. 2008. Demand-Driven Alias Analysis for C. In POPL. 197–208. Google Scholar
Digital Library
- Xiaotong Zhuang, Mauricio J. Serrano, Harold W. Cain, and Jong-Deok Choi. 2006. Accurate, Efficient, and Adaptive Calling Context Profiling. In PLDI. 263–271. Google Scholar
Digital Library
Index Terms
Calling-to-reference context translation via constraint-guided CFL-reachability
Recommendations
Calling-to-reference context translation via constraint-guided CFL-reachability
PLDI 2018: Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and ImplementationA calling context is an important piece of information used widely to help developers understand program executions (e.g., for debugging). While calling contexts offer useful control information, information regarding data involved in a bug (e.g., what ...
Selective context-sensitivity guided by impact pre-analysis
PLDI '14: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and ImplementationWe present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to improve the precision that matters for resolving given queries. ...
Precision-guided context sensitivity for pointer analysis
Context sensitivity is an essential technique for ensuring high precision in Java pointer analyses. It has been observed that applying context sensitivity partially, only on a select subset of the methods, can improve the balance between analysis ...







Comments