Hybrid top-down and bottom-up interprocedural analysis

Interprocedural static analyses are broadly classified into top-down and bottom-up, depending upon how they compute, instantiate, and reuse procedure summaries. Both kinds of analyses are challenging to scale: top-down analyses are hindered by ineffective reuse of summaries whereas bottom-up analyses are hindered by inefficient computation and instantiation of summaries. This paper presents a hybrid approach Swift that combines top-down and bottom-up analyses in a manner that gains their benefits without suffering their drawbacks. Swift is general in that it is parametrized by the top-down and bottom-up analyses it combines. We show an instantiation of Swift on a type-state analysis and evaluate it on a suite of 12 Java programs of size 60-250 KLOC each. Swift outperforms both conventional approaches, finishing on all the programs while both of those approaches fail on the larger programs.

[1]  Antoine Meyer,et al.  A logic of reachable patterns in linked data-structures , 2006, J. Log. Algebraic Methods Program..

[2]  Sumit Gulwani,et al.  Computing Procedure Summaries for Interprocedural Analysis , 2007, ESOP.

[3]  Ravichandhran Madhavan,et al.  Modular Heap Analysis for Higher-Order Programs , 2012, SAS.

[4]  Eran Yahav,et al.  Interprocedural Shape Analysis for Cutpoint-Free Programs , 2005, SAS.

[5]  Martin C. Rinard,et al.  Purity and Side Effect Analysis for Java Programs , 2005, VMCAI.

[6]  Bertrand Jeannet,et al.  A relational approach to interprocedural shape analysis , 2004, TOPL.

[7]  Aws Albarghouthi,et al.  Parallelizing top-down interprocedural analyses , 2012, PLDI '12.

[8]  Barbara G. Ryder,et al.  Relevant context inference , 1999, POPL '99.

[9]  Eran Yahav,et al.  Generating precise and concise procedure summaries , 2008, POPL '08.

[10]  Patrick Cousot,et al.  Modular Static Program Analysis , 2002, CC.

[11]  Eran Yahav,et al.  Effective typestate verification in the presence of aliasing , 2006, TSEM.

[12]  Thomas W. Reps,et al.  Precise Interprocedural Dataflow Analysis with Applications to Constant Propagation , 1995, TAPSOFT.

[13]  Laurie J. Hendren,et al.  Connection Analysis: A Practical Interprocedural Heap Analysis for C , 2016, International Journal of Parallel Programming.

[14]  Sriram K. Rajamani,et al.  Bebop: a path-sensitive interprocedural dataflow engine , 2001, PASTE '01.

[15]  Isil Dillig,et al.  Precise and compact modular procedure summaries for heap manipulating programs , 2011, PLDI '11.

[16]  Reinhard Wilhelm,et al.  A semantics for procedure local heaps and its abstractions , 2005, POPL '05.

[17]  Supratik Chakraborty,et al.  Bottom-up shape analysis using LISF , 2011, TOPL.

[18]  Peter W. O'Hearn,et al.  Compositional Shape Analysis by Means of Bi-Abduction , 2011, JACM.

[19]  Martin C. Rinard,et al.  Compositional pointer and escape analysis for Java programs , 1999, OOPSLA '99.

[20]  Alexander Aiken,et al.  Saturn: A scalable framework for error detection using Boolean satisfiability , 2007, TOPL.

[21]  Patrick Cousot,et al.  Static Determination of Dynamic Properties of Recursive Procedures , 1977, Formal Description of Programming Concepts.

[22]  Thomas W. Reps,et al.  Precise interprocedural dataflow analysis via graph reachability , 1995, POPL '95.