Abstract
In order to analyze programs that manipulate pointers, it is necessary to have safe information about what each pointer might point to. There are many algorithms that can be used to determine this information, with varying degrees of accuracy. However, there has been very little previous work that addresses how much the relative accuracies of different pointer-analysis algorithms affect “transitive” results: the results of a subsequent analysis.
We have carried out a number of experiments with flow-insensitive and context-insensitive pointer analyses to address the following questions:
-
- How are the transitive effects of pointer analysis affected by the precision of the analysis?
-
- How good are the “direct” effects of pointer analysis (the sizes of the computed points-to sets) at predicting the transitive effects?
-
- What are the time trade-offs?
We found that using a more precise pointer analysis does in general lead to more precise transitive results. However, the magnitude of the payoff in precision depends on the particular use of the points-to information. We also found that direct effects are good predictors of transitive effects, and that increased precision in points-to information not only causes a subsequent analysis to produce more precise results, it also causes the subsequent analysis to run faster.
This work was supported in part by the National Science Foundation under grant CCR-9625656, and by the Army Reserach Office under grant DAAH04-85-1-0482.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
T. Austin, S. Breach, and G. Sohi. Efficient detection of all pointer and array access errors. In SIGPLAN Conference on Programming Languages Design and Implementation, pages 290–301, June 1994.
L. O. Andersen. Program Analysis and Specialization for the C Programming Language. PhD thesis, DIKU, University of Copenhagen, May 1994. (DIKU report 94/19).
M. Emami, R. Ghiya, and L. Hendren. Context-sensitive interprocedural points-to analysis in the presence of function pointers. In SIGPLAN Conference on Programming Languages Design and Implementation, 1994.
R. Giegerich, U. Moncke, and R. Wilhelm. Invariance of approximative semantics with respect to program transformation. In GI 81-11th GI Annual Conference, Informatik-Fachberichte 50, pages 1–10, New York, NY, 1981. Springer-Verlag.
S. Horwitz, T. Reps, and D. Binkley. Interprocedural slicing using dependence graphs. ACM Transactions on Programming Languages and Systems, 12(1):26–60, January 1990.
S. Horwitz, T. Reps, M. Sagiv, and G. Rosay. Speeding up slicing. In Proceedings of the Third ACM SIGSOFT Symposium on the Foundations of Software Engineering, pages 11–20, December 1994. (Available on the WWW from URL http://www.cs.wisc.edu/wpis/papers/fse94.ps).
G.A. Kildall. A unified approach to global program optimization. In ACM Symposium on Principles of Programming Languages, pages 194–206, January 1973.
W. Landi and B. Ryder. A safe approximate algorithm for interprocedural pointer aliasing. In SIGPLAN Conference on Programming Languages Design and Implementation, pages 235–248, June 1992.
W. Landi, B. Ryder, and S. Zhang. Interprocedural modification side effect analysis with pointer aliasing. In SIGPLAN Conference on Programming Languages Design and Implementation, pages 56–67, June 1993.
John Neter and William Wasserman. Applied Linear Statistical Models, chapter 5.5, pages 156–159. Richard D. Irwin, Inc., 1974.
T. Reps, S. Horwitz, and M. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In ACM Symposium on Principles of Programming Languages, pages 49–61, January 1995. (Available on the WWW from URL http://www.cs.wisc.edu/wpis/papers/popl95.ps).
E. Ruf. Context-sensitive alias analysis reconsidered. In SIGPLAN Conference on Programming Languages Design and Implementation, pages 13–22, June 1995.
M. Shapiro and S. Horwitz. Fast and accurate flow-insensitive points-to analysis. In ACM Symposium on Principles of Programming Languages. ACM, New York, January 1997.
B. Steensgaard. Points-to analysis in almost linear time. In ACM Symposium on Principles of Programming Languages, pages 32–41, January 1996.
R. Tarjan. Data structures and network flow algorithms. volume CMBS44 of Regional Conference Series in Applied Mathematics. SIAM, 1983.
M. Weiser. Program slicing. IEEE Transactions on Software Engineering, SE-10(4):352–357, July 1984.
R. Wilson and M. Lam. Efficient context-sensitive pointer analysis for C programs. In SIGPLAN Conference on Programming Language Design and Implementation, pages 1–12, June 1995.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shapiro, M., Horwitz, S. (1997). The effects of the precision of pointer analysis. In: Van Hentenryck, P. (eds) Static Analysis. SAS 1997. Lecture Notes in Computer Science, vol 1302. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0032731
Download citation
DOI: https://doi.org/10.1007/BFb0032731
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63468-3
Online ISBN: 978-3-540-69576-9
eBook Packages: Springer Book Archive