Advertisement

Points-to analysis by type inference of programs with structures and unions

  • Bjarne Steensgaard
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1060)

Abstract

We present an interprocedural flow-insensitive points-to analysis algorithm based on monomorphic type inference. The source language model the important features of C including pointers, pointer arithmetic, pointers to functions, structured objects, and unions. The algorithm is based on a non-standard type system where types represent nodes and edges in a storage shape graph.

This work is an extension of previous work on performing points-to analysis of C programs in almost linear time. This work makes three new contributions. The first is an extension of a type system for describing storage shape graphs to include objects with internal structure. The second is a constraint system that can deal with arbitrary use of pointers and which incorporates a two-tier domain of pointer offsets to improve the results of the analysis. The third is an efficient inference algorithm for the constraint system, leading to an algorithm that has close to linear time and space performance in practice.

Keywords

interprocedural program analysis points-to analysis C programs non-standard types constraint solving 

References

  1. [Ame89]
    American National Standards Institute, Inc. Programming language —C, December 1989.Google Scholar
  2. [And94]
    Lars Ole Andersen. Program Analysis and Specialization for the. C Programming Language. PhD thesis, Department of Computer Science, University of Copenhagen, May 1994.Google Scholar
  3. [ASU86]
    Alfred V. Aho, Ravi Sethi, and Jeffrey D. Ullman. Compilers—Principles, Techniques, and Tools. Addison-Wesley, 1986.Google Scholar
  4. [BCCH95]
    Michael Burke, Paul Carini, Jong-Deok Choi, and Michael Hind. Flow-insensitive interprocedural alias analysis in the presence of pointers. In Proceedings from the 7th International Workshop on Languages and Compilers for Parallel Computing, volume 892 of Lecture Notes in Computer Science, pages 234–250. Springer-Verlag, 1995. Extended version published as Research Report RC 19546, IBM T.J. Watson Research Center, September 1994.Google Scholar
  5. [CBC93]
    Jong-Deok Choi, Michael Burke, and Paul Carini. Efficient flow-sensitive interprocedural computation of pointer-induced aliases and side effects. In Proceedings of the Twentieth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 232–245, January 1993.Google Scholar
  6. [CR91]
    William Clinger and Jonathan Rees (editors). Revised4 report on the algorithmic language Scheme, November 1991.Google Scholar
  7. [CWZ90]
    David R. Chase, Mark Wegman, and F. Kenneth Zadeck. Analysis of pointers and structures. In Proceedings of the SIGPLAN '90 Conference on Programming Language Design and Implementation, pages 296–310, June 1990.Google Scholar
  8. [EGH94]
    Maryam Emami, Rakesh Ghiya, and Laurie J. Hendren. Context-sensitive interprocedural points-to analysis in the presence of function pointers. In SIGPLAN'94: Conference on Programming Language Design and Implementation, pages 242–256, June 20–24 1994.Google Scholar
  9. [Hen91]
    Fritz Henglein. Efficient type inference for higher-order binding-time analysis. In Functional Programming and Computer Architecture, pages 448–472, 1991.Google Scholar
  10. [KR88]
    Brian W. Kernighan and Dennis M. Ritchie. The C Programming Language, Second edition. Prentice Hall, 1988.Google Scholar
  11. [Lan95]
    William Landi. Almost linear time points-to analyses. Personal communication at POPL'95, January 1995.Google Scholar
  12. [LR92]
    William Landi and Barbara G. Ryder. A safe approximate algorithm for interprocedural pointer aliasing. In Proceedings of the SIGPLAN '92 Conference on Programming Language Design and Implementation, pages 235–248, June 1992.Google Scholar
  13. [LRZ93]
    William A. Landi, Barbara G. Ryder, and Sean Zhang. Interprocedural modification side effect analysis with pointer aliasing. In Proceedings of the SIGPLAN '93 Conference on Programming Language Design and Implementation, pages 56–67, June 1993.Google Scholar
  14. [Mor95]
    David Morgenthaler. Poster presentation at PLDI'95, June 1995.Google Scholar
  15. [OJ95]
    Robert O'Callahan and Daniel Jackson. Detecting shared representations using type inference. Technical Report CMU-CS-95-202, School of Computer Science, Carnegie Mellon University, September 1995.Google Scholar
  16. [Ruf95]
    Erik Ruf. Context-insensitive alias analysis reconsidered. In SIGPLAN'95 Conference on Programming Language Design and Implementation, pages 13–22, June 1995.Google Scholar
  17. [Ste95]
    Bjarne Steensgaard. Points-to analysis in almost linear time. Technical Report MSR-TR-95-08, Microsoft Research, March 1995.Google Scholar
  18. [Ste96]
    Bjarne Steensgaard. Points-to analysis in almost linear time. In Proceedings 23rd SIGPLAN-SIGACT Symposium on Principles of Programming Languages, January 1996.Google Scholar
  19. [Tar83]
    Robert E. Tarjan. Data structures and network flow algorithms. In Regional Conference Series in Applied Mathematics, volume CMBS 44. SIAM, 1983.Google Scholar
  20. [WCES94]
    Daniel Weise, Roger F. Crew, Michael Ernst, and Bjarne Steensgaard. Value dependence graphs: Representation without taxation. In Proceedings 21st SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 297–310, January 1994.Google Scholar
  21. [WL95]
    Robert P. Wilson and Monica S. Lam. Efficient context-sensitive pointer analysis for C programs. In SIGPLAN'95 Conference on Programming Language Design and Implementation, pages 1–12, June 1995.Google Scholar
  22. [Zha95]
    Sean Zhang. Poster presentation at PLDI'95, June 1995.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  1. 1.Microsoft ResearchUSA

Personalised recommendations