Abstract
We describe a parameterized framework with which users can take advantage of unification over analysis variables to implement efficient or precise analyses, or even both. To be illustrative we instantiate the framework with reaching definition analysis and conduct a systematic evaluation of performance and precision of the analysis. We compare our result with that of a state-of-the-art solver, the Succinct Solver and show our solver is at least 10-times faster than the Succinct Solver. On some benchmarks linearity is reached by the use of unification. Although the result of unification is often imprecise, a heuristic study is conducted to detect where the loss of precision may happen. We apply the heuristics on benchmarks and achieve not only efficient but also precise analysis.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aiken, A.: Introduction to set constraint-based program analysis. Sci. Comput. Program. 35(2), 79–111 (1999)
Bettini, L., Bono, V., Nicola, R.D., Ferrari, G.L., Gorla, D., Loreti, M., Moggi, E., Pugliese, R., Tuosto, E., Venneri, B.: The Klaim Project: Theory and Practice. In: Priami, C. (ed.) GC 2003. LNCS, vol. 2874, pp. 88–150. Springer, Heidelberg (2003)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Static validation of security protocols. Journal of Computer Security 13(3), 347–390 (2005)
Buchholtz, M., Nielson, H.R., Nielson, F.: Experiments with succinct solvers. Technical report, Informatics and Mathematical Modelling, Richard Petersens Plads, Building 321, DK-2800 Kgs. Lyngby, Denmark (February 2002)
Charatonik, W., Podelski, A.: Set constraints with intersection. Inf. Comput. 179(2), 213–229 (2002)
Das, M., Liblit, B., Fähndrich, M., Rehof, J.: Estimating the Impact of Scalable Pointer Analysis on Optimization. In: Cousot, P. (ed.) SAS 2001. LNCS, vol. 2126, Springer, Heidelberg (2001)
Fähndrich, M., Aiken, A.: Program analysis using mixed term and set constraints. In: Van Hentenryck, P. (ed.) SAS 1997. LNCS, vol. 1302, pp. 114–126. Springer, Heidelberg (1997)
Fecht, C., Seidl, H.: Propagating differences: An efficient new fixpoint algorithm for distributive constraint systems. Nord. J. Comput. 5(4), 304–329 (1998)
Fecht, C., Seidl, H.: A faster solver for general systems of equations. Sci. Comput. Program. 35(2), 137–161 (1999)
Gao, H.: Using the Succinct Solver to implement flow logic specifications of classical data flow analysis. Master’s thesis, Technical University of Denmark (2004)
Heintze, N., Jaffar, J.: A decision procedure for a class of set constraints (extended abstract). In: LICS, pp. 42–51. IEEE Computer Society, Los Alamitos (1990)
Heintze, N., McAllester, D.A.: Linear-time subtransitive control flow analysis. In: SIGPLAN Conference on Programming Language Design and Implementation, pp. 261–272 (1997)
Henglein, F.: Global tagging optimization by type inference. In: LISP and Functional Programming, pp. 205–215 (1992)
Kodumal, J., Aiken, A.: Banshee: A scalable constraint-based analysis toolkit. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 218–234. Springer, Heidelberg (2005)
Le Charlier, B., Van Hentenryck, P.: A universal top-down fixpoint algorithm. Technical Report CS-92-25, Brown University (1992)
Melski, D., Reps, T.W.: Interconveritibility of set constraints and context-free language reachability. In: PEPM, pp. 74–89 (1997)
Milner, R.: A theory of type polymorphism in programming. J. Comput. Syst. Sci. 17(3), 348–375 (1978)
Nielson, F., Nielson, H.R., Hankin, C.L.: Principles of Program Analysis. Springer, Heidelberg (1999)
Nielson, F., Seidl, H., Nielson, H.R.: A succinct solver for ALFP. Nord. J. Comput. 9(4), 335–372 (2002)
Nielson, H.R., Nielson, F., Buchholtz, M.: Security for mobility. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2001. LNCS, vol. 2946, pp. 207–265. Springer, Heidelberg (2004)
Pilegaard, H.: A feasibility study: The Succinct Solver v2.0, XSB prolog v2.6, and flow-logic based program analysis for carmel. Technical Report SECSAFE-IMM-008-1.0, Technical University of Denmark (2003)
Steensgaard, B.: Points-to analysis in almost linear time. In: POPL, pp. 32–41 (1996)
Tarjan, R.E.: Data Structures and Network Algorithms, volume CMBS44 of Regional Conference Series in Applied Mathematics. SIAM (1983)
Whaley, J., Avots, D., Carbin, M., Lam, M.S.: Using datalog with binary decision diagrams for program analysis. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 97–118. Springer, Heidelberg (2005)
Zhang, Y.: Static analysis for protocol validation in hierarchical networks. Master’s thesis, Technical University of Denmark (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Y., Nielson, F. (2008). A Scalable Inclusion Constraint Solver Using Unification. In: King, A. (eds) Logic-Based Program Synthesis and Transformation. LOPSTR 2007. Lecture Notes in Computer Science, vol 4915. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78769-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-78769-3_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78768-6
Online ISBN: 978-3-540-78769-3
eBook Packages: Computer ScienceComputer Science (R0)