Advertisement

Existential Label Flow Inference Via CFL Reachability

  • Polyvios Pratikakis
  • Jeffrey S. Foster
  • Michael Hicks
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4134)

Abstract

In programming languages, existential quantification is useful for describing relationships among members of a structured type. For example, we may have a list in which there exists some mutual exclusion lock l in each list element such that l protects the data stored in that element. With this information, a static analysis can reason about the relationship between locks and locations in the list even when the precise identity of the lock and/or location is unknown. To facilitate the construction of such static analyses, this paper presents a context-sensitive label flow analysis algorithm with support for existential quantification. Label flow analysis is a core part of many static analysis systems. Following Rehof et al, we use context-free language (CFL) reachability to develop an efficient O(n 3) label flow inference algorithm. We prove the algorithm sound by reducing its derivations to those in a system based on polymorphically-constrained types, in the style of Mossin. We have implemented a variant of our analysis as part of a data race detection tool for C programs.

Keywords

Inference Algorithm Type Rule Type Inference Context Free Language Concrete Type 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Das, M.: Unification-based Pointer Analysis with Directional Assignments. In: The 2000 Conference on Programming Language Design and Implementation, Vancouver, BC, Canada, pp. 35–46 (2000)Google Scholar
  2. 2.
    Mitchell, J.C., Plotkin, G.D.: Abstract types have existential type. ACM Transactions on Programming Languages and Systems 10, 470–502 (1988)CrossRefGoogle Scholar
  3. 3.
    Xi, H., Pfenning, F.: Dependent Types in Practical Programming. In: The 26th Annual Symposium on Principles of Programming Languages, San Antonio, Texas, pp. 214–227 (1999)Google Scholar
  4. 4.
    Pratikakis, P., Foster, J.S., Hicks, M.: Context-Sensitive Correlation Analysis for Race Detection. In: The 2006 Conference on Programming Language Design and Implementation, Ottawa, Canada (to appear, 2006)Google Scholar
  5. 5.
    Flanagan, C., Abadi, M.: Types for Safe Locking. In: Swierstra, S.D. (ed.) ESOP 1999. LNCS, vol. 1576, pp. 91–108. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  6. 6.
    Minamide, Y., Morrisett, G., Harper, R.: Typed closure conversion. In: The 23rd Annual Symposium on Principles of Programming Languages, St. Petersburg Beach, Florida, pp. 271–283 (1996)Google Scholar
  7. 7.
    Fähndrich, M., Rehof, J., Das, M.: Scalable Context-Sensitive Flow Analysis using Instantiation Constraints. In: The 2000 Conference on Programming Language Design and Implementation, Vancouver, BC, Canada, pp. 253–263 (2000)Google Scholar
  8. 8.
    Das, M., Liblit, B., Fähndrich, M., Rehof, J.: Estimating the Impact of Scalable Pointer Analysis on Optimization. In: Cousot, P. (ed.) Static Analysis, Eighth International Symposium, Paris, France, pp. 260–278 (2001)Google Scholar
  9. 9.
    Myers, A.C.: Practical Mostly-Static Information Flow Control. In: The 26th Annual Symposium on Principles of Programming Languages, San Antonio, Texas, pp. 228–241 (1999)Google Scholar
  10. 10.
    Foster, J.S., Johnson, R., Kodumal, J., Aiken, A.: Flow-insensitive type qualifiers. ACM Transactions on Programming Languages and Systems (to appear)Google Scholar
  11. 11.
    Kodumal, J., Aiken, A.: The Set Constraint/CFL Reachability Connection in Practice. In: The 2004 Conference on Programming Language Design and Implementation, Washington, DC, pp. 207–218 (2004)Google Scholar
  12. 12.
    Johnson, R., Wagner, D.: Finding User/Kernel Bugs With Type Inference. In: The 13th Usenix Security Symposium, San Diego, CA (2004)Google Scholar
  13. 13.
    Mossin, C.: Flow Analysis of Typed Higher-Order Programs. PhD thesis, DIKU, Department of Computer Science, University of Copenhagen (1996)Google Scholar
  14. 14.
    Rehof, J., Fähndrich, M.: Type-Based Flow Analysis: From Polymorphic Subtyping to CFL-Reachability. In: The 28th Annual Symposium on Principles of Programming Languages, London, United Kingdom, pp. 54–66 (2001)Google Scholar
  15. 15.
    Fähndrich, M., Rehof, J., Das, M.: From Polymorphic Subtyping to CFL Reachability: Context-Sensitive Flow Analysis Using Instantiation Constraints. Technical Report MS-TR-99-84, Microsoft Research (2000)Google Scholar
  16. 16.
    Flanagan, C., Felleisen, M.: Componential Set-Based Analysis. In: The 1997 Conference on Programming Language Design and Implementation, Las Vegas, Nevada, pp. 235–248 (1997)Google Scholar
  17. 17.
    Fähndrich, M., Aiken, A.: Making Set-Constraint Based Program Analyses Scale. In: First Workshop on Set Constraints at CP 1996, Available as CSD-TR-96-917, University of California at Berkeley (1996)Google Scholar
  18. 18.
    Fähndrich, M.: BANE: A Library for Scalable Constraint-Based Program Analysis. PhD thesis, University of California, Berkeley (1999)Google Scholar
  19. 19.
    von Behren, R., Condit, J., Zhou, F., Necula, G.C., Brewer, E.: Capriccio: Scalable threads for internet services. In: ACM Symposium on Operating Systems Principles (2003)Google Scholar
  20. 20.
    Pratikakis, P., Hicks, M., Foster, J.S.: Existential Label Flow Inference via CFL Reachability. Technical Report CS-TR-4700, University of Maryland, Computer Science Department (2005)Google Scholar
  21. 21.
    Henglein, F.: Type Inference with Polymorphic Recursion. ACM Transactions on Programming Languages and Systems 15, 253–289 (1993)CrossRefGoogle Scholar
  22. 22.
    Botlan, D.L., Rémy, D.: MLF—Raising ML to the Power of System F. In: The Eighth International Conference on Functional Programming, Uppsala, Sweden, pp. 27–38 (2003)Google Scholar
  23. 23.
    Läufer, K., Odersky, M.: Polymorphic type inference and abstract data types. ACM Transactions on Programming Languages and Systems 16, 1411–1430 (1994)CrossRefGoogle Scholar
  24. 24.
    Rémy, D.: Programming objects with MLART: An extension to ML with abstract and record types. In: The International Symposium on Theoretical Aspects of Computer Science, Sendai, Japan, pp. 321–346 (1994)Google Scholar
  25. 25.
    Simonet, V.: An Extension of HM(X) with Bounded Existential and Universal Data Types. In: The Eighth International Conference on Functional Programming, Uppsala, Sweden, pp. 39–50 (2003)Google Scholar
  26. 26.
    Mitchell, J.C.: Type inference with simple subtypes. Journal of Functional Programming 1, 245–285 (1991)CrossRefMathSciNetMATHGoogle Scholar
  27. 27.
    Reps, T., Horwitz, S., Sagiv, M.: Precise Interprocedural Dataflow Analysis via Graph Reachability. In: The 22nd Annual Symposium on Principles of Programming Languages, San Francisco, California, pp. 49–61 (1995)Google Scholar
  28. 28.
    Pierce, B.C.: Types and Programming Languages. MIT Press, Cambridge (2002)Google Scholar
  29. 29.
    Wells, J.B.: Typability and type checking in System F are equivalent and undecidable. Ann. Pure Appl. Logic 98, 111–156 (1999)CrossRefMathSciNetMATHGoogle Scholar
  30. 30.
    Odersky, M., Sulzmann, M., Wehr, M.: Type inference with constrained types. Theory and Practice of Object Systems 5, 35–55 (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Polyvios Pratikakis
    • 1
  • Jeffrey S. Foster
    • 1
  • Michael Hicks
    • 1
  1. 1.University of MarylandCollege Park

Personalised recommendations