A Framework for Memory Efficient Context-Sensitive Program Analysis

Static program analysis is in general more precise if it is sensitive to execution contexts (execution paths). But then it is also more expensive in terms of memory consumption. For languages with conditions and iterations, the number of contexts grows exponentially with the program size. This probl...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Theory of computing systems Ročník 66; číslo 5; s. 911 - 956
Hlavní autoři: Hedenborg, Mathias, Lundberg, Jonas, Löwe, Welf, Trapp, Martin
Médium: Journal Article
Jazyk:angličtina
Vydáno: New York Springer US 01.10.2022
Springer Nature B.V
Témata:
Algorithms
Approximation
Computer and Information Sciences Computer Science
Computer Science
Context
Context-sensitivity
Cost analysis
Data analysis
Data flow analysis
Data- och informationsvetenskap
Graph theory
Mathematical analysis
Program verification (computers)
Redundancy
Static program analysis
Theory of Computation
Static program analysis
Data-flow analysis
Context-sensitivity
ISSN:1432-4350, 1433-0490, 1433-0490
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Static program analysis is in general more precise if it is sensitive to execution contexts (execution paths). But then it is also more expensive in terms of memory consumption. For languages with conditions and iterations, the number of contexts grows exponentially with the program size. This problem is not just a theoretical issue. Several papers evaluating inter-procedural context-sensitive data-flow analysis report severe memory problems, and the path-explosion problem is a major issue in program verification and model checking. In this paper we propose χ -terms as a means to capture and manipulate context-sensitive program information in a data-flow analysis. χ -terms are implemented as directed acyclic graphs without any redundant subgraphs. We introduce the k -approximation and the l -loop-approximation that limit the size of the context-sensitive information at the cost of analysis precision. We prove that every context-insensitive data-flow analysis has a corresponding k , l -approximated context-sensitive analysis, and that these analyses are sound and guaranteed to reach a fixed point. We also present detailed algorithms outlining a compact, redundancy-free, and DAG-based implementation of χ -terms.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1432-4350
1433-0490
1433-0490
DOI:10.1007/s00224-022-10093-w