Interprocedural Shape Analysis for Recursive Programs - PowerPoint PPT Presentation

About This Presentation
Title:

Interprocedural Shape Analysis for Recursive Programs

Description:

Interprocedural shape analysis algorithm for programs manipulating linked lists ... Might not be good for all programs. Further Work. Scaling the algorithm ... – PowerPoint PPT presentation

Number of Views:54
Avg rating:3.0/5.0
Slides: 35
Provided by: csta3
Category:

less

Transcript and Presenter's Notes

Title: Interprocedural Shape Analysis for Recursive Programs


1
Interprocedural Shape Analysis for Recursive
Programs
Noam Rinetzky Mooly Sagiv

2
Shape Analysis
  • Static program analysis
  • Determines information about dynamically
    allocated storage
  • A pointer variable is not NULL
  • Two data structures are disjoint
  • The algorithm is Conservative

3
Applications of Shape Analysis
  • Cleanness
  • Dor, Rodeh, Sagiv SAS2000
  • Parallelization
  • Assmann, Weinhardt PMMPC93
  • Hendren, Nicolau TPDS90
  • Larus, Hilfinger PLDI88

4
Current State
  • Good Intraprocedural analyses
  • Sagiv, Reps, Wilhelm TOPLAS 1998
  • Analyze body of list manipulation procedures
  • reverse , insert, delete
  • Expensive, imprecise interprocedural analyses of
    recursive procedures

5
Main Results
  • Interprocedural shape analysis algorithm for
    programs manipulating linked lists
  • Handles recursive procedures
  • Prototype implementation
  • Successfully analyzed several list manipulating
    procedures
  • insert, delete, reverse, reverse_append
  • Properties verified
  • An a-cyclic list remains a-cyclic
  • No memory leaks
  • No NULL dereference

6
Running Example
  • typedef struct List
  • int data
  • struct List n
  • L
  • L create(int s)
  • L tNULL
  • if (s lt 0)
  • return NULL
  • t (L) malloc(sizeof(L))
  • t ? data s
  • l2 t ? n create(s-1)
  • return t

void main() L r NULL int k
l1 r create(k)
7
Selected Memory States
void main() L r NULL int k
l1 r create(k)
exit k3 r NULL
8
Selected Memory States
L create(int s) L tNULL if (s lt 0)
return NULL t (L) malloc(sizeof(L))
t?d s l2 t? n create(s-1)
return t
exit k3 r NULL
l1 s3 t
l2 s2 t
l2 s1 t
l2 s0 t NULL
9
Selected Memory States
L create(int s) L tNULL if (s lt 0)
return NULL t (L) malloc(sizeof(L))
t?d s l2 t? n create(s-1)
return t
exit k3 r NULL
l1 s3 t
l2 s2 t
l2 s1 t
10
Selected Memory States
1
L create(int s) L tNULL if (s lt 0)
return NULL t (L) malloc(sizeof(L))
t?d s l2 t? n create(s-1)
return t
NULL
exit k3 r NULL
l1 s3 t
l2 s2 t
11
Selected Memory States
1
3
2
L create(int s) L tNULL if (s lt 0)
return NULL t (L) malloc(sizeof(L))
t?d s l2 t? n create(s-1)
return t
NULL
exit k3 r NULL
l1 s3 t
12
Selected Memory States
1
3
2
NULL
void main() L r NULL int k
l1 r create(k)
exit k3 r
13
Where is the Challenge ?
  • Dynamic allocation
  • Unbounded number of objects
  • Recursion
  • Unbounded number of activation records
  • Properties of
  • Invisible instances of local variables
  • Dynamically allocated objects

r NULL
t
t
t
t NULL
14
Our Approach
  • Reduce the interprocedural problem shape
    analysis problem to an intraprocedural problem

Program with procedures
Program without procedures
15
Our Algorithm
  • Abstract Interpretation
  • Concrete Semantics
  • Concrete representation of memory states
  • Effect of program statements
  • Abstract Semantics
  • Abstract representation of memory states
  • Transfer functions
  • Finds abstract representation of memory states at
    every program point

16
Concrete Memory Descriptors
1
3
2
NULL
NULL
NULL
exit k3 r NULL
l1 s3 t
l2 s2 t
l2 s1 t
l2 s0 t NULL
17
Concrete Memory Descriptors
  • Properties of memory elements
  • type stack, heap
  • visibility top
  • call-site exit, csl1 , csl2

csexit
t
pr
t
csl1
t
pr
  • Relationships between memory elements
  • value of local variables t, r
  • n-successor n
  • invoked by pr

csl2
pr
csl2
pr
top csl2
18
Bounding the Representation
  • Concrete Memory Descriptors represent memory
    states
  • Every object is represented uniquely
  • Abstract Memory Descriptors
  • Conservatively represent Concrete Memory
    Descriptors
  • A bounded representation

19
3-Valued Properties
True
False
top
20
Abstraction
csexit
t
pr
t
csl1
t
pr
csl2
pr
csl2
pr
csl2 , top
21
Bounding the Representation
  • Summarize nodes according to their unary
    properties
  • Join values of relationships
  • Convert a Concrete Memory Descriptor of arbitrary
    size into an Abstract Memory Descriptor of
    bounded size
  • Does the Abstract Memory Descriptor contain
    enough information?

22
Problem
exit
exit
t
t
pr
pr
t
csl1
csl1
t
pr
t
csl2
csl2
pr
csl2
pr
csl2 , top
csl2 , top
23
Observing Properties of Invisible Variables
  • Explicitly track universal properties of
    invisible-variables
  • Different invisible instances of t cannot point
    to the same heap cell
  • Instrumentation properties
  • Track derived properties of memory elements

24
Some Instrumentation Properties
  • Pointed-to by an invisible instance of t
  • Pointed by more than one invisible
    instance of t
  • t is not NULL

25
Memory Descriptors with Instrumentation
t
exit
exit
t
t
pr
pr
csl1
t
t
csl1
pr
csl2
pr
csl2
csl2
pr
csl2 , top
csl2 , top
26
Problem - solved
exit
exit
t
t
pr
pr
t
csl1
t
csl1
pr
t
csl2
pr
csl2
csl2
pr
csl2 , top
csl2 , top
csl2 , top
27
Why Does It Work
  • Shape analysis handles linked list quite
    precisely (Sagiv, Reps, Wilhelm TOPLAS98)
  • Utilize the (intraprocedural) 3-valued logic
    framework of Sagiv, Reps and Wilhelm POPL99 to
    analyze the resulting intraprocedural problem

28
Prototype Implementation
  • Implemented in TVLA Lev-Ami, Sagiv SAS 2000
  • Analyzed some recursive list manipulating
    programs
  • Verified cleanness properties
  • No memory leaks
  • No NULL dereferences

29
Prototype Implementation
  • Number of (3VL) Structures
  • 219
  • 139
  • 344
  • 423
  • 303
  • 326
  • 414
  • 797
  • 2285
  • 208
  • Procedure
  • create
  • delAll
  • insert
  • delete
  • search
  • append
  • reverse
  • reverse_append
  • reverse_append _r
  • Running example

Time (sec) 7.31 12.74 34.61 38.29 8.07 40.64
47.56 95.35 1204.13 16.50
30
Conclusion
  • Need to know more than potential values of
    invisible variables
  • Tracking properties of invisible variables helps
    to overcome the (necessary) imprecision
    summarization of their values
  • Instrumentation
  • Generic
  • Sharing by different instances of a local
    variable
  • List specific

31
Conclusion
  • Storing the call-site enable to improve
    information propagation to return-sites
  • Shows how the intraprocedural framework of Sagiv,
    Reps and Wilhelm can be used for interprocedural
    analyses
  • Analysis of a complex data structure

32
Limitations
  • Small programs
  • No mutual recursion (Implementation)
  • Predefined instrumentation library
  • Easy to use, no need for user intervention
  • Might not be good for all programs

33
Further Work
  • Scaling the algorithm
  • Distinguishing between relevant context and
    irrelevant context
  • Analysis of programs manipulating Abstract Data
    Types

34
The End
Interprocedural shape analysis for recursive
programsNoam rinetzky and Mooly Sagiv Compiler
Construction 2001
www.cs.tau.ac.il/maon
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Interprocedural Shape Analysis for Recursive Programs" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!