Skip to main content
SpringerLink
Log in

The Flow-Insensitive Precision of Andersen’s Analysis in Practice

  • Conference paper
Static Analysis (SAS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 6887))

Included in the following conference series:

Abstract

We present techniques for determining the precision gap between Andersen’s points-to analysis and precise flow-insensitive points-to analysis in practice. While previous work has shown that such a gap may exist, no efficient algorithm for precise flow-insensitive analysis is known, making measurement of the gap on real-world programs difficult. We give an algorithm for precise flow-insensitive analysis of programs with finite memory, based on a novel technique for refining any points-to analysis with a search for flow-insensitive witnesses. We give a compact symbolic encoding of the technique that enables computing the search using a tuned SAT solver. We also present extensions of the algorithm that enable computing lower and upper bounds on the precision gap in the presence of dynamic memory allocation. In our experimental evaluation over a suite of small- to medium-sized C programs, we never observed a precision gap between Andersen’s analysis and the precise analysis. In other words, Andersen’s analysis computed a precise flow-insensitive result for all of our benchmarks. Hence, we conclude that while better algorithms for the precise flow-insensitive analysis are still of theoretical interest, their practical impact for C programs is likely to be negligible.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Andersen, L.O.: Program Analysis and Specialization for the C Programming Language. PhD thesis, University of Copenhagen, DIKU (1994)

    Google Scholar 

  2. Berndl, M., Lhoták, O., Qian, F., Hendren, L., Umanee, N.: Points-to analysis using BDDs. In: Programming Language Design and Implementation (PLDI), pp. 103–114 (2003)

    Google Scholar 

  3. Blackshear, S., Chang, B.-Y.E., Sankaranarayanan, S., Sridharan, M.: The flow-insensitive precision of Andersen’s analysis in practice (extended version). Technical Report CU-CS-1083-11, Department of Computer Science, University of Colorado Boulder (2011)

    Google Scholar 

  4. Bouajjani, A., Esparza, J., Maler, O.: Reachability analysis of pushdown automata: Application to model-checking. In: Mazurkiewicz, A., Winkowski, J. (eds.) CONCUR 1997. LNCS, vol. 1243, pp. 135–150. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  5. Chakaravarthy, V.T.: New results on the computability and complexity of points-to analysis. In: Principles of Programming Languages (POPL), pp. 115–125 (2003)

    Google Scholar 

  6. Dutertre, B., de Moura, L.: The YICES SMT solver, http://yices.csl.sri.com/tool-paper.pdf

  7. Hardekopf, B., Lin, C.: The ant and the grasshopper: Fast and accurate pointer analysis for millions of lines of code. In: Programming Language Design and Implementation (PLDI), pp. 290–299 (2007)

    Google Scholar 

  8. Hind, M.: Pointer analysis: Haven’t we solved this problem yet? In: Program Analysis for Software Tools and Engineering (PASTE), pp. 54–61 (2001)

    Google Scholar 

  9. Horwitz, S.: Precise flow-insensitive alias analysis is NP-hard. ACM Trans. Program. Lang. Syst. 19(1) (1997)

    Google Scholar 

  10. Kahlon, V.: Bootstrapping: a technique for scalable flow and context-sensitive pointer alias analysis. In: Programming Language Design and Implementation (PLDI), pp. 249–259 (2008)

    Google Scholar 

  11. Landi, W.: Undecidability of static analysis. ACM Lett. Program. Lang. Syst. 1(4), 323–337 (1992)

    Article  Google Scholar 

  12. Muth, R., Debray, S.: On the complexity of flow-sensitive dataflow analyses. In: Principles of Programming Languages (POPL), pp. 67–80 (2000)

    Google Scholar 

  13. Necula, G., McPeak, S., Rahul, S., Weimer, W.: CIL: Intermediate language and tools for analysis and transformation of C programs. In: CC 2002. LNCS, vol. 2304, pp. 213–228. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  14. Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (1999)

    Book  MATH  Google Scholar 

  15. Ramalingam, G.: The undecidability of aliasing. ACM Trans. Program. Lang. Syst. 16(5), 1467–1471 (1994)

    Article  Google Scholar 

  16. Reps, T.: Program analysis via graph reachability. Information and Software Technology 40, 5–19 (1998)

    Article  MATH  Google Scholar 

  17. Rinetzky, N., Ramalingam, G., Sagiv, M., Yahav, E.: On the complexity of partially-flow-sensitive alias analysis. ACM Trans. Program. Lang. Syst. 30(3) (2008)

    Google Scholar 

  18. Steensgaard, B.: Points-to analysis in almost linear time. In: Principles of Programming Languages (POPL), pp. 32–41 (1996)

    Google Scholar 

  19. Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: Programming Language Design and Implementation (PLDI), pp. 131–144 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Colorado, Boulder, USA

    Sam Blackshear, Bor-Yuh Evan Chang & Sriram Sankaranarayanan

  2. IBM T.J. Watson Research Center, USA

    Manu Sridharan

Authors
  1. Sam Blackshear
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bor-Yuh Evan Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sriram Sankaranarayanan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Manu Sridharan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Deptartement, Technion, 32000, Technion City, Haifa, Israel

    Eran Yahav

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Blackshear, S., Chang, BY.E., Sankaranarayanan, S., Sridharan, M. (2011). The Flow-Insensitive Precision of Andersen’s Analysis in Practice. In: Yahav, E. (eds) Static Analysis. SAS 2011. Lecture Notes in Computer Science, vol 6887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23702-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23702-7_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23701-0

  • Online ISBN: 978-3-642-23702-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation