Towards a cost-effective estimation of uncaught exceptions in SML programs
We present a static analysis that detects potential runtime exceptions that are raised and never handled inside Standard ML (SML) programs. This analysis will predict abrupt termination of SML programs, which is SML's only one “safety hole”.
Even though SML program's control flow and exception flow are in general mutually dependent, analyzing the two flows are safely decoupled. Program's control-flow is firstly estimated from a set of equations defined by simple case analysis of call expressions. Using this call-graph information, program's exception flow is derived as set-constraints, whose least model is our analysis result. Both of these two analyses are proven safe and the reasons behind each design decision are discussed.
A preliminary implementation of this analysis has been applied to realistic SML programs and shows a promising cost-accuracy performance. For the ML-Lex program, for example, the analysis takes 4.58 seconds and it reports 4 may-uncaught exceptions, among which 3 exceptions can really escape. Our final goal is to make the analysis overhead less than 10% of the compilation time (compiling the ML-Lex takes 6 to 7 seconds) and to analyze modules in isolation.
KeywordsConstraint System Abstract Syntax Input Program Closed Term Exception Analysis
Unable to display preview. Download preview PDF.
- [AH95]Alex Aiken and Nevin Heintze. Constraint-based program analysis. POPL'95 Tutorial, January 1995.Google Scholar
- [Ar996]Ariane 5: Flight 501 Failure. http://www.esrin.esa.it/htdocs/tide/Press/ Press96/ariane5rep.html, July 1996.Google Scholar
- [CC77]Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In ACM Symposium on Principles of Programming Languages, pages 238–252, 1977.Google Scholar
- [CC95]Patrick Cousot and Radhia Cousot. Compositional and inductive semantic definitions in fixpoint, equational, constraint, closure-condition, rule-based and game-theoretic form. In Lecture Notes in Computer Science, volume 939, pages 293–308. 1995.Google Scholar
- [FA96]Manuel Fahndrich and Alexander Aiken. Making set-constraint program analyses scale. In Workshop on Set Constraints, August 1996.Google Scholar
- [GS94]Juan Carlos Guzmán and Ascánder Suárez. A type system for exceptions. In Proceedings of the ACM SIGPLAN Workshop on ML and its Applications, June 1994.Google Scholar
- [Hei92]Nevin Heintze. Set Based Program Analysis. PhD thesis, Carnegie Mellon University, October 1992.Google Scholar
- [Hei93]Nevin Heintze. Set based analysis of ml programs. Technical Report CMU-CS-93-193, Carnegie Mellon University, July 1993.Google Scholar
- [HM97]Nevin Heintze and David McAllester. Linear-time subtransitive control flow analysis. In Proceedings of the SIGPLAN Conference on Programming Language Design and Implementation, 1997.Google Scholar
- [JW96]Suresh Jagannathan and Andrew Wright. Flow-directed inlining. In Proceedings of the SIGPLAN Conference on Programming Language Design and Implementation, pages 193–205, May 1996.Google Scholar
- [Mil78]Robin Milner. A theory of type polymorphism in programming. Journal of Computer and System Sciences, 17:348–375, 1978.Google Scholar
- [MTH90]Robin Milner, Mads Tofte, and Robert Haper. The Definition of Standard ML. MIT Press, 1990.Google Scholar
- [PS92]Jens Palsberg and Michael I. Schwartzbach. Safety analysis versus type inference. Information and Computation, 1992.Google Scholar
- [Shi91]Olin Shivers. Control-Flow Analysis of Higher-Order Languages. PhD thesis, Carnegie Mellon University, May 1991.Google Scholar
- [Yi94]Kwangkeun Yi. Compile-time detection of uncaught exceptions for Standard ML programs. In Lecture Notes in Computer Science, volume 864, pages 238–254. Proceedings of the first international static analysis symposium edition, 1994.Google Scholar