We are now going to abstract the Call and Return primitives. Let (g, r) be the current abstract stack. We use the following notations: g = ~ P , c , h , ~ , ~ / r = {(gi, ui)}iEl , , = r(g) E ~ ~ [ . ] The abstract store v = v[p] thus corresponds to the current generalized control point g, and p is the set of locations accessible to procedure P. In order to deal with the locations created during procedure calls, we will use the function A +t,_,u + : SVal [p-] --+ S--V-~[# +] which takes and abstract store defined o v e r / t and inserts the new locations in #+ / ~ with undefined values. The function At,_~-#,+ does the same but assigns the value of the location ~ to the new locations. On the opposite, the function A~+,u_ : SVal [it+] ~ SVal[p-] forgets every information about the locations in #+ # . A formal definition is given below. Def in i t i on 16 For any sets # C_ it +, let T(I~ +) be an upper approzimation of the lattice "P(Iz + --* SVal) , a ± and 7 ± being the abstraction and meaning functions. The functions A + A"+,u_, and A ~ " u + are defined by: ~x+ (P ) = ,~+({, , e (it+ ~ SVal) : % e : ( e ) } ) / t d.t+ A~+,,,_(p) = a-({%,:a E ,,/+(e)}) zX~-#,+ (P) = a+({oE (~+ --, SVal): %,e "t-(P) ^V2~+ E (it+ / t ) : a(,~+) = a(.~-)}) 7 . 1 P r o c e d u r e c a l l s Let us call {g', r ~} the abstract stack after the procedure call. The generalized control point g~ = (P ~, c~, h ~, g~, ~ ) is easily determined using the formal parameter binding function II, and the environment ~. We call # ' the set of locations accessible to P~. We have # ' = #sUpvUPAUPL,~ ~ ~ ' where P3 = #$ contains the locations shared between procedure P and procedure P~, namely the locations accessible to plo (for pl° < p by construction), and t i #v , PA and p~ are the locations that are local to Pt and respectively belong to Value, Alias and Local. The second element r ~ is defined by: r' = p,,(r[/g, ~/ / /g," / ] U {/g', v'/}) The first abstract store ~ is what remains of the abstract store v after the call to procedure P~. Remember that all the shared locations in #$ must be "erased" to be consistent with our abstraction ~. This is achieved through the use of A ~ , ~ , where PH = P -PS is the set of "hidden" locations of procedure P.
[1]
Patrick Cousot,et al.
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints
,
1977,
POPL.
[2]
Alfred V. Aho,et al.
Compilers: Principles, Techniques, and Tools
,
1986,
Addison-Wesley series in computer science / World student series edition.
[3]
Patrick Cousot,et al.
Semantic foundations of program analysis
,
1981
.
[4]
Patrick Cousot,et al.
Static Determination of Dynamic Properties of Recursive Procedures
,
1977,
Formal Description of Programming Concepts.
[5]
Nicolas Halbwachs,et al.
Automatic discovery of linear restraints among variables of a program
,
1978,
POPL.
[6]
Edmund M. Clarke.
The characterization problem for Hoare logics
,
1984
.
[7]
Edmund M. Clarke.
Programming language constructs for which it is impossible to obtain good hoare-like axiom systems
,
1977,
POPL '77.
[8]
Edmund M. Clarke,et al.
Programming Language Constructs for Which It Is Impossible To Obtain Good Hoare Axiom Systems
,
1979,
JACM.
[9]
John Banning,et al.
: An Efficient
,
2022
.
[10]
Neil D. Jones,et al.
A flexible approach to interprocedural data flow analysis and programs with recursive data structures
,
1982,
POPL '82.
[11]
Chris Hankin,et al.
Abstract Interpretation of Declarative Languages
,
1987
.
[12]
Philippe Granger.
Static analysis of arithmetical congruences
,
1989
.
[13]
Prakash Panangaden,et al.
Computation of aliases and support sets
,
1987,
POPL '87.
[14]
G. A. Venkatesh.
A framework for construction and evaluation of high-level specifications for program analysis techniques
,
1989,
PLDI '89.