Principles of Program Analysis

Program analysis utilizes static techniques for computing reliable information about the dynamic behavior of programs. Applications include compilers (for code improvement), software validation (for detecting errors) and transformations between data representation (for solving problems such as Y2K). This book is unique in providing an overview of the four major approaches to program analysis: data flow analysis, constraint-based analysis, abstract interpretation, and type and effect systems. The presentation illustrates the extensive similarities between the approaches, helping readers to choose the best one to utilize.

[1]  John C. Reynolds,et al.  Automatic computation of data set definitions , 1968, IFIP Congress.

[2]  Gary A. Kildall,et al.  A unified approach to global program optimization , 1973, POPL.

[3]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[4]  Jeffrey D. Ullman,et al.  Global Data Flow Analysis and Iterative Algorithms , 1976, J. ACM.

[5]  John Cocke,et al.  A program data flow analysis procedure , 1976, CACM.

[6]  Patrick Cousot,et al.  Static determination of dynamic properties of generalized type unions , 1977 .

[7]  Matthew S. Hecht,et al.  Flow Analysis of Computer Programs , 1977 .

[8]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[9]  Barry K. Rosen,et al.  High-level data flow analysis , 1977, CACM.

[10]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[11]  Patrick Cousot,et al.  Systematic design of program analysis frameworks , 1979, POPL.

[12]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[13]  Neil D. Jones,et al.  Flow analysis and optimization of LISP-like structures , 1979, POPL.

[14]  Micha Sharir,et al.  Structural Analysis: A New Approach to Flow Analysis in Optimizing Compilers , 2015 .

[15]  Robert E. Tarjan,et al.  A Unified Approach to Path Problems , 1981, JACM.

[16]  Robert E. Tarjan,et al.  Fast Algorithms for Solving Path Problems , 1981, JACM.

[17]  Patrick Cousot,et al.  Semantic foundations of program analysis , 1981 .

[18]  Neil D. Jones,et al.  A flexible approach to interprocedural data flow analysis and programs with recursive data structures , 1982, POPL '82.

[19]  Flemming Nielson,et al.  Abstract interpretation using domain theory , 1984 .

[20]  Flemming Nielson,et al.  Program transformations in a denotational setting , 1981, ACM Trans. Program. Lang. Syst..

[21]  Barbara G. Ryder,et al.  Elimination algorithms for data flow analysis , 1986, CSUR.

[22]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[23]  Jörg H. Siekmann,et al.  Unification theory , 1986, Decis. Support Syst..

[24]  Chris Hankin,et al.  Strictness Analysis for Higher-Order Functions , 1986, Sci. Comput. Program..

[25]  Pierre Jouvelot,et al.  Semantic parallelization: a practical exercise in abstract interpretation , 1987, POPL '87.

[26]  Olin Shivers,et al.  Control flow analysis in scheme , 1988, PLDI '88.

[27]  Bowen Alpern,et al.  Detecting equality of variables in programs , 1988, POPL '88.

[28]  James R. Larus,et al.  Detecting conflicts between structure accesses , 1988, PLDI '88.

[29]  A. P. Ershov,et al.  A Formal Type System for Comparing Partial Evaluators , 1988 .

[30]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[31]  Pierre Jouvelot,et al.  Reasoning about continuations with control effects , 1989, PLDI '89.

[32]  Flemming Nielson,et al.  The Typed lambda-Calculus with First-Class Processes , 1989, PARLE.

[33]  Flemming Nielson,et al.  Two-Level Semantics and Abstract Interpretation , 1989, Theor. Comput. Sci..

[34]  Alain Deutsch,et al.  On determining lifetime and aliasing of dynamically allocated data in higher-order functional specifications , 1989, POPL '90.

[35]  Peter Sestoft,et al.  Replacing function parameters by global variables , 1989, FPCA.

[36]  Philippe Granger Static analysis of arithmetical congruences , 1989 .

[37]  Prateek Mishra,et al.  Polymorphic Subtype Inference: Closing the Theory-Practice Gap , 1989, TAPSOFT, Vol.2.

[38]  Olin Shivers,et al.  Data-flow analysis and type recovery in Scheme , 1990 .

[39]  Didier Parigot,et al.  Techniques for Improving Grammar Flow Analysis , 1990, ESOP.

[40]  Mads Tofte,et al.  Type Inference for Polymorphic References , 1990, Inf. Comput..

[41]  Prateek Mishra,et al.  Type Inference with Subtypes , 1990, Theor. Comput. Sci..

[42]  M. Wegman,et al.  Constant propagation with conditional branches , 1991, TOPL.

[43]  Pierre Jouvelot,et al.  Algebraic reconstruction of types and effects , 1991, POPL '91.

[44]  Philippe Granger,et al.  Static Analysis of Linear Congruence Equalities among Variables of a Program , 1991, TAPSOFT, Vol.1.

[45]  Mark N. Wegman,et al.  Efficiently computing static single assignment form and the control dependence graph , 1991, TOPL.

[46]  Barbara G. Ryder,et al.  Pointer-induced aliasing: a problem classification , 1991, POPL '91.

[47]  John C. Mitchell,et al.  Type inference with simple subtypes , 1991, Journal of Functional Programming.

[48]  Olin Shivers,et al.  The semantics of Scheme control-flow analysis , 1991, PEPM '91.

[49]  Thomas P. Jensen,et al.  Strictness Analysis in Logical Form , 1991, FPCA.

[50]  Thomas P. Jensen,et al.  Disjunctive strictness analysis , 1992, [1992] Proceedings of the Seventh Annual IEEE Symposium on Logic in Computer Science.

[51]  Jan Stransky,et al.  A Lattice for Abstract Interpretation of Dynamic (LISP-Like) Structures , 1992, Information and Computation.

[52]  Pierre Jouvelot,et al.  Polymorphic type, region and effect inference , 1992, Journal of Functional Programming.

[53]  Charles N. Fischer,et al.  SPARE: A Development Environment For Program Analysis Algorithms , 1992, IEEE Trans. Software Eng..

[54]  Andrew K. Wright Typing References by Effect Inference , 1992, ESOP.

[55]  François Bourdoncle,et al.  Abstract interpretation by dynamic partitioning , 1992, Journal of Functional Programming.

[56]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[57]  Nick Benton Strictness Logic and Polymorphic Invariance , 1992, LFCS.

[58]  Patrick Cousot,et al.  Comparing the Galois Connection and Widening/Narrowing Approaches to Abstract Interpretation , 1992, PLILP.

[59]  Joxan Jaffar,et al.  An engine for logic program analysis , 1992, [1992] Proceedings of the Seventh Annual IEEE Symposium on Logic in Computer Science.

[60]  Pascal Van Hentenryck,et al.  Experimental evaluation of a generic abstract interpretation algorithm for Prolog , 1992, ICCL.

[61]  Flemming Nielson,et al.  Bounded fixed point iteration , 1991, POPL '92.

[62]  R. Nigel Horspool,et al.  Compile-Time Analysis of Object-Oriented Programs , 1992, CC.

[63]  Pierre Jouvelot,et al.  The type and effect discipline , 1992, [1992] Proceedings of the Seventh Annual IEEE Symposium on Logic in Computer Science.

[64]  Mark P. Jones A Theory of Qualified Types , 1992, ESOP.

[65]  Flemming Nielson,et al.  Finiteness conditions for fixed point iteration , 1992, LFP '92.

[66]  Steven W. K. Tjiang,et al.  Sharlit—a tool for building optimizers , 1992, PLDI '92.

[67]  Flemming Nielson,et al.  Semantics with applications - a formal introduction , 1992, Wiley professional computing.

[68]  Alexander Aiken,et al.  Type inclusion constraints and type inference , 1993, FPCA '93.

[69]  Geoffrey Smith Polymorphic Type Inference with Overloading and Subtyping , 1993, TAPSOFT.

[70]  Bruno Monsuez,et al.  Polymorphic Types and Widening Operators , 1993, WSA.

[71]  Nick Benton,et al.  Strictness Properties of Lazy Algebraic Datatypes , 1993, WSA.

[72]  F. Nielson,et al.  From CML to process Algebras , 1993 .

[73]  Bernhard Steffen,et al.  Generating Data Flow Analysis Algorithms from Modal Specifications , 1993, Sci. Comput. Program..

[74]  Kwangkeun Yi,et al.  Automatic generation and management of interprocedural program analyses , 1993, POPL '93.

[75]  François Bourdoncle,et al.  Efficient chaotic iteration strategies with widenings , 1993, Formal Methods in Programming and Their Applications.

[76]  Laurie J. Hendren,et al.  Context-sensitive interprocedural points-to analysis in the presence of function pointers , 1994, PLDI '94.

[77]  Pierre Jouvelot,et al.  The Type and Effect Discipline , 1994, Inf. Comput..

[78]  Nevin Heintze,et al.  Set-based analysis of ML programs , 1994, LFP '94.

[79]  Alexander Aiken,et al.  Set Constraints: Results, Applications, and Future Directions , 1994, PPCP.

[80]  Alexander Aiken,et al.  Soft typing with conditional types , 1994, POPL '94.

[81]  Alain Deutsch,et al.  Interprocedural may-alias analysis for pointers: beyond k-limiting , 1994, PLDI '94.

[82]  Suresh Jagannathan,et al.  Analyzing stores and references in a parallel symbolic language , 1994, LFP '94.

[83]  Fritz Henglein,et al.  Polymorphic Binding-Time Analysis , 1994, ESOP.

[84]  Matthias Felleisen,et al.  Well-Founded Touch Optimization for Futures , 1994 .

[85]  Flemming Nielson,et al.  Higher-order concurrent programs with finite communication topology (extended abstract) , 1994, POPL '94.

[86]  Matthias Felleisen,et al.  A Syntactic Approach to Type Soundness , 1994, Inf. Comput..

[87]  Geoffrey Smith,et al.  Principal Type Schemes for Functional Programs with Overloading and Subtyping , 1994, Sci. Comput. Program..

[88]  Witold Charatonik,et al.  Set constraints with projections are in NEXPTIME , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[89]  Dan C. Stefanescu,et al.  An equational framework for the flow analysis of higher order functional programs , 1994, LFP '94.

[90]  Jens Palsberg,et al.  Type inference of SELF: Analysis of objects with dynamic and multiple inheritance , 1995, Softw. Pract. Exp..

[91]  Karl-Filip Faxén Optimizing Lazy Functional Programs Using Flow Inference , 1995, SAS.

[92]  Suresh Jagannathan,et al.  A unified treatment of flow analysis in higher-order languages , 1995, POPL '95.

[93]  Thomas W. Reps,et al.  Precise Interprocedural Dataflow Analysis with Applications to Constant Propagation , 1995, TAPSOFT.

[94]  Nevin Heintze Control-Flow Analysis and Type Systems , 1995, SAS.

[95]  Suresh Jagannathan,et al.  Effective Flow Analysis for Avoiding Run-Time Checks , 1995, SAS.

[96]  Erik Ruf,et al.  Context-insensitive alias analysis reconsidered , 1995, PLDI '95.

[97]  Monica S. Lam,et al.  Efficient context-sensitive pointer analysis for C programs , 1995, PLDI '95.

[98]  Jens Palsberg,et al.  Closure analysis in constraint form , 1995, TOPL.

[99]  Christopher Colby Determining Storage Properties of Sequential and Concurrent Programs with Assignment and Structured Data , 1995, SAS.

[100]  Matthias Felleisen,et al.  The semantics of future and its use in program optimization , 1995, POPL '95.

[101]  Christopher Colby Analyzing the communication topology of concurrent programs , 1995, PEPM '95.

[102]  Laurie J. Hendren,et al.  Connection Analysis: A Practical Interprocedural Heap Analysis for C , 1996, International Journal of Parallel Programming.

[103]  Laurie J. Hendren,et al.  Is it a tree, a DAG, or a cyclic graph? A shape analysis for heap-directed pointers in C , 1996, POPL '96.

[104]  Flemming Nielson,et al.  Polymorphic Subtyping for Effect Analysis: The Algorithm , 1996, LOMAPS.

[105]  Flemming Nielson,et al.  Polymorphic Subtyping for Effect Analysis: The Dynamic Semantics , 1996, LOMAPS.

[106]  Flemming Nielson,et al.  From CML to its Process Algebra , 1996, Theor. Comput. Sci..

[107]  Flemming Nielson,et al.  Polymorphic Subtyping for Effect Analysis: The Static Semantics , 1996, LOMAPS.

[108]  Bjarne Steensgaard,et al.  Points-to analysis in almost linear time , 1996, POPL '96.

[109]  Karl-Filip Faxén Polyvariance, Polymorphism and Flow Analysis , 1996, LOMAPS.

[110]  Uwe Aßmann,et al.  How to Uniformly Specify Program Analysis and Transformation with Graph Rewrite Systems , 1996, CC.

[111]  Reinhard Wilhelm,et al.  Solving shape-analysis problems in languages with destructive updating , 1998, TOPL.

[112]  Roberto Giacobazzi,et al.  Compositional Optimization of Disjunctive Abstract Interpretations , 1996, ESOP.

[113]  Helmut Seidl,et al.  An Even Faster Solver for General Systems of Equations , 1996, SAS.

[114]  Flemming Nielson,et al.  Operational Semantics of Termination Types , 1996, Nord. J. Comput..

[115]  Flemming Nielson,et al.  Semantics-Directed Program Analysis: A Tool-Maker's Perspective , 1996, SAS.

[116]  Barbara G. Ryder,et al.  Data-Flow-Based Virtual Function Resolution , 1996, SAS.

[117]  Helmut Seidl,et al.  Propagating Differences: An Efficient New Fixpoint Algorithm for Distributive Constraint Systems , 1998, Nord. J. Comput..

[118]  Patrick Cousot,et al.  Types as abstract interpretations , 1997, POPL '97.

[119]  Flemming Nielson,et al.  Communication Analysis for Concurrent ML , 1997 .

[120]  Andreas Podelski,et al.  Set Constraints: A Pearl in Research on Constraints , 1997, CP.

[121]  Flemming Nielson,et al.  Systematic realisation of control flow analyses for CML , 1997, ICFP '97.

[122]  Anindya Banerjee A modular, polyvariant and type-based closure analysis , 1997, ICFP '97.

[123]  Flemming Nielson,et al.  Type and Behaviour Reconstruction for Higher-Order Concurrent Programs , 1997, J. Funct. Program..

[124]  Susan Horwitz,et al.  Fast and accurate flow-insensitive points-to analysis , 1997, POPL '97.

[125]  Sandip K. Biswas A demand-driven set-based analysis , 1997, POPL '97.

[126]  Mads Tofte,et al.  Region-based Memory Management , 1997, Inf. Comput..

[127]  Steven S. Muchnick,et al.  Advanced Compiler Design and Implementation , 1997 .

[128]  Agostino Cortesi,et al.  Complementation in abstract interpretation , 1997, TOPL.

[129]  Flemming Nielson,et al.  Infinitary control flow analysis: a collecting semantics for closure analysis , 1997, POPL '97.

[130]  Flemming Nielson,et al.  Prescriptive Frameworks for Multi-Level Lambda-Calculi , 1997 .

[131]  Flemming Nielson,et al.  Flow Logic and Operational Semantics , 1997, Electron. Notes Theor. Comput. Sci..

[132]  Adam Brooks Webber Program analysis using binary relations , 1997, PLDI '97.

[133]  Alexander Aiken,et al.  A Toolkit for Constructing Type- and Constraint-Based Program Analyses , 1998, Types in Compilation.

[134]  Flemming Nielson,et al.  Flow Logic for Imperative Objects , 1998, MFCS.

[135]  Florian Martin,et al.  PAG – an efficient program analyzer generator , 1998, International Journal on Software Tools for Technology Transfer.

[136]  Flemming Nielson,et al.  Control Flow Analysis for the pi-calculus , 1998, CONCUR.

[137]  Jon G. Riecke,et al.  The SLam calculus: programming with secrecy and integrity , 1998, POPL '98.

[138]  Flemming Nielson,et al.  Flow Logics for Constraint Based Analysis , 1998, CC.

[139]  David A. Schmidt Data flow analysis is model checking of abstract interpretations , 1998, POPL '98.

[140]  Roberto Giacobazzi,et al.  Optimal Domains for Disjunctive Abstract Intepretation , 1998, Sci. Comput. Program..

[141]  Flemming Nielson,et al.  Behaviour Analysis and Safety Conditions: A Case Study in CML , 1998, FASE.

[142]  Lars Birkedal,et al.  A region inference algorithm , 1998, TOPL.

[143]  Martín Abadi,et al.  A core calculus of dependency , 1999, POPL '99.

[144]  Flemming Nielson,et al.  Interprocedural Control Flow Analysis , 1999, ESOP.

[145]  Frank Tip,et al.  Aggregate structure identification and its application to program analysis , 1999, POPL '99.

[146]  Reinhard Wilhelm,et al.  Parametric shape analysis via 3-valued logic , 1999, POPL '99.

[147]  Alexander Aiken,et al.  Introduction to Set Constraint-Based Program Analysis , 1999, Sci. Comput. Program..

[148]  H. Seidl,et al.  A Faster Solver for General Systems of Equations , 1999, Sci. Comput. Program..

[149]  Fritz Henglein,et al.  AnnoDomini: from type theory to Year 2000 conversion tool , 1999, POPL '99.

[150]  Flemming Nielson,et al.  Type and effect systems - behaviours for concurrency , 1999 .

[151]  Flemming Nielson,et al.  Static Analysis of Processes for No and Read-Up nad No Write-Down , 1999, FoSSaCS.

[152]  Flemming Nielson,et al.  Abstract Interpretation of Mobile Ambients , 1999, SAS.