Control-flow analysis of higher-order languages of taming lambda
Control-flow analysis of higher-order languages of taming lambda
Precise interprocedural dataflow analysis with applications to constant propagation
TAPSOFT '95 Selected papers from the 6th international joint conference on Theory and practice of software development
Data flow analysis is model checking of abstract interpretations
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Partial online cycle elimination in inclusion constraint graphs
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Using static single assignment form to improve flow-insensitive pointer analysis
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Ultra-fast aliasing analysis using CLA: a million lines of C code in a second
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Points-to analysis for Java using annotated constraints
OOPSLA '01 Proceedings of the 16th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Parameterized object sensitivity for points-to and side-effect analyses for Java
ISSTA '02 Proceedings of the 2002 ACM SIGSOFT international symposium on Software testing and analysis
Optimization of Object-Oriented Programs Using Static Class Hierarchy Analysis
ECOOP '95 Proceedings of the 9th European Conference on Object-Oriented Programming
Reachability Analysis of Pushdown Automata: Application to Model-Checking
CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Soot - a Java bytecode optimization framework
CASCON '99 Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research
Fast and effective optimization of statically typed object-oriented languages
Fast and effective optimization of statically typed object-oriented languages
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Efficient Relational Calculation for Software Analysis
IEEE Transactions on Software Engineering
Demand-driven points-to analysis for Java
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Weighted pushdown systems and their application to interprocedural dataflow analysis
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
Refinement-based context-sensitive points-to analysis for Java
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Client-driven pointer analysis
SAS'03 Proceedings of the 10th international conference on Static analysis
Dimensions of precision in reference analysis of object-oriented programming languages
CC'03 Proceedings of the 12th international conference on Compiler construction
Scaling Java points-to analysis using SPARK
CC'03 Proceedings of the 12th international conference on Compiler construction
Conditional weighted pushdown systems and applications
Proceedings of the 2010 ACM SIGPLAN workshop on Partial evaluation and program manipulation
Stacking-based context-sensitive points-to analysis for java
HVC'09 Proceedings of the 5th international Haifa verification conference on Hardware and software: verification and testing
| Hi-index | 0.00 |
Points-to analysis is a prerequisite of program verification and static analysis on Java programs. It is known that call graph is typically constructed on-the-fly when points-to analysis proceeds for a better precision. In this work, we propose an ahead-of-time yet context-sensitive points-to analysis for Java as all-in-one weighted pushdown model checking. The analysis is context-sensitive in the sense that, (i) method calls and returns match with each other (a.k.a., valid paths); and (ii) targets of dynamic dispatch are analyzed separately for different calling contexts (a.k.a., context-sensitive call graph). The insight of our approach is that, by encoding dataflow as weights, invalid control flows that violate Java semantics on dynamic dispatch are detected as those carrying conflicted dataflow. Our analysis is presented as field-sensitive and flow-sensitive. Flow-insensitivity is shown to be easily obtained as a hierarchy considering efficiency and concurrent behaviors. Due to the lack of control flow structure and the explicit stack-based design, program analysis on bytecode is not an easy matter. We implemented the analysis in the framework of Soot compiler, and utilized the Weighted PDS Library as the back-end analysis engine. The analysis works on Jimple, a typed three-address intermediate representation of bytecode supported by Soot. The results of the analysis can be encoded into the class file as attributes for the further analysis or verification on bytecode.