Abstract
Many interesting properties of programs can only be proved by a path-sensitive analysis. However, path sensitivity may drastically increase analysis time and memory consumption. For existing approaches, the amount of required resources is hard to predict in advance. As a consequence, in a particular analysis run available resources may either be wasted or turn out to be insufficient.
In this paper, we propose a resource-aware approach to path-sensitive analysis that allows to control the maximal amount of required memory. It employs randomly-drawn hash functions to decide which paths to distinguish. Due to randomization, two analysis runs of the same program may yield different results. We show how to use this feature to trade analysis time for space.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Boldi, P., Vigna, S.: Mutable strings in java: design, implementation and lightweight text-search algorithms. Sci. Comput. Program. 54(1), 3–23 (2005)
Cohen, J.D.: Recursive hashing functions for n-grams. ACM Trans. Inf. Syst. 15(3), 291–320 (1997)
Cousot, P.: Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theor. Comput. Sci. 277(1–2), 47–103 (2002)
Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, POPL 1977, pp. 238–252. ACM, New York (1977)
Cousot, P., Cousot, R.: Systematic design of program transformation frameworks by abstract interpretation. In: POPL, pp. 178–190 (2002)
Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Conference Record of the Fifth Annual ACM Symposium on Principles of Programming Languages, Tucson, Arizona, USA, pp. 84–96, January 1978. http://doi.acm.org/10.1145/512760.512770
Fähndrich, M., Logozzo, F.: Static contract checking with abstract interpretation. In: Beckert, B., Marché, C. (eds.) FoVeOOS 2010. LNCS, vol. 6528, pp. 10–30. Springer, Heidelberg (2011)
Giacobazzi, R., Ranzato, F.: The reduced relative power operation on abstract domains. Theor. Comput. Sci. 216(1–2), 159–211 (1999)
Gopan, D., Reps, T.: Lookahead widening. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 452–466. Springer, Heidelberg (2006)
Gopan, D., Reps, T.: Guided static analysis. In: Riis Nielson, H., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 349–365. Springer, Heidelberg (2007)
Jeannet, B., Miné, A.: Apron: a library of numerical abstract domains for static analysis. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 661–667. Springer, Heidelberg (2009)
Karp, R.M., Rabin, M.O.: Efficient randomized pattern-matching algorithms. IBM J. Res. Dev. 31(2), 249–260 (1987)
Lattner, C., Adve, V.: LLVM: A compilation framework for lifelong program analysis & transformation. In: Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization, CGO 2004, p. 75. IEEE Computer Society, Washington, DC (2004)
Miné, A.: The octagon abstract domain. CoRR abs/cs/0703084 (2007). http://arxiv.org/abs/cs/0703084
Miné, A., Schmidt, D. (eds.) SAS 2012. LNCS, vol. 7460. Springer, Heidelberg (2012)
Monniaux, D., Gonnord, L.: Using bounded model checking to focus fixpoint iterations. In: Yahav, E. (ed.) Static Analysis. LNCS, vol. 6887, pp. 369–385. Springer, Heidelberg (2011)
Nasre, R., Rajan, K., Govindarajan, R., Khedker, U.P.: Scalable context-sensitive points-to analysis using multi-dimensional bloom filters. In: Hu, Z. (ed.) APLAS 2009. LNCS, vol. 5904, pp. 47–62. Springer, Heidelberg (2009)
Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer (2005)
Reps, T., Sagiv, M., Yorsh, G.: Symbolic implementation of the best transformer. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 252–266. Springer, Heidelberg (2004)
Rival, X., Mauborgne, L.: The trace partitioning abstract domain. ACM Trans. Program. Lang. Syst. 29(5) (2007). http://doi.acm.org/10.1145/1275497.1275501
Thakur, A.V., Elder, M., Reps, T.W.: Bilateral algorithms for symbolic abstraction. In: Miné and Schmidt [15], pp. 111–128
Thakur, A.V., Reps, T.W.: A generalization of Stålmarck’s method. In: Miné and Schmidt [15], pp. 334–351
Tripakis, S.: What is resource-aware verification? (2008). http://www-verimag.imag.fr/~tripakis/papers/what-is.pdf
Acknowledgments
The author would like to thank Jan Reineke and Reinhard Wilhelm of Saarland University for their advice and moral support and all the anonymous reviewers for their constructive comments. This work was partially supported by the Saarbrücken Graduate School of Computer Science which receives funding from the DFG as part of the Excellence Initiative of the German Federal and State Governments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Dudziak, T. (2015). Randomized Resource-Aware Path-Sensitive Static Analysis. In: Feng, X., Park, S. (eds) Programming Languages and Systems. APLAS 2015. Lecture Notes in Computer Science(), vol 9458. Springer, Cham. https://doi.org/10.1007/978-3-319-26529-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-26529-2_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26528-5
Online ISBN: 978-3-319-26529-2
eBook Packages: Computer ScienceComputer Science (R0)