Analysis of pointers and structures
PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
Automatic construction of sparse data flow evaluation graphs
POPL '91 Proceedings of the 18th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficiently computing static single assignment form and the control dependence graph
ACM Transactions on Programming Languages and Systems (TOPLAS)
Points-to analysis in almost linear time
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Path-sensitive value-flow analysis
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Partial online cycle elimination in inclusion constraint graphs
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Using static single assignment form to improve flow-insensitive pointer analysis
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Interprocedural pointer alias analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Pointer and escape analysis for multithreaded programs
PPoPP '01 Proceedings of the eighth ACM SIGPLAN symposium on Principles and practices of parallel programming
Symbolic evaluation and the global value graph
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Assessing the Effects of Flow-Sensitivity on Pointer Alias Analyses
SAS '98 Proceedings of the 5th International Symposium on Static Analysis
Effective Representation of Aliases and Indirect Memory Operations in SSA Form
CC '96 Proceedings of the 6th International Conference on Compiler Construction
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Path-sensitive, value-flow optimizations of programs (program analysis)
Path-sensitive, value-flow optimizations of programs (program analysis)
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Symbolic pointer analysis revisited
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Software validation via scalable path-sensitive value flow analysis
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Towards scalable flow and context sensitive pointer analysis
Proceedings of the 42nd annual Design Automation Conference
Transformational Derivation of an Improved Alias Analysis Algorithm
Higher-Order and Symbolic Computation
Refinement-based context-sensitive points-to analysis for Java
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
How is aliasing used in systems software?
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Making context-sensitive points-to analysis with heap cloning practical for the real world
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
The ant and the grasshopper: fast and accurate pointer analysis for millions of lines of code
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Practical memory leak detection using guarded value-flow analysis
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Effective typestate verification in the presence of aliasing
ACM Transactions on Software Engineering and Methodology (TOSEM)
Bootstrapping: a technique for scalable flow and context-sensitive pointer alias analysis
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Semi-sparse flow-sensitive pointer analysis
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Pointer analysis: building a foundation for effective program analysis
Pointer analysis: building a foundation for effective program analysis
Proceedings of the 8th annual IEEE/ACM international symposium on Code generation and optimization
Practical and effective symbolic analysis for buffer overflow detection
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Points-to analysis with efficient strong updates
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient flow-sensitive interprocedural data-flow analysis in the presence of pointers
CC'06 Proceedings of the 15th international conference on Compiler Construction
Exploiting pointer and location equivalence to optimize pointer analysis
SAS'07 Proceedings of the 14th international conference on Static Analysis
Static deep error checking in large system applications using parfait
Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering
Design and implementation of sparse global analyses for C-like languages
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Static memory leak detection using full-sparse value-flow analysis
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Scalable flow-sensitive pointer analysis for java with strong updates
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
Analyzing memory ownership patterns in C libraries
Proceedings of the 2013 international symposium on memory management
Precise and scalable context-sensitive pointer analysis via value flow graph
Proceedings of the 2013 international symposium on memory management
Parallel flow-sensitive pointer analysis by graph-rewriting
PACT '13 Proceedings of the 22nd international conference on Parallel architectures and compilation techniques
Accelerating Dynamic Detection of Uses of Undefined Values with Static Value-Flow Analysis
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Time- and space-efficient flow-sensitive points-to analysis
ACM Transactions on Architecture and Code Optimization (TACO)
| Hi-index | 0.00 |
Points-to analysis is a fundamental static analysis technique which computes the set of memory objects that a pointer may point to. Many different applications, such as security-related program analyses, bug checking, and analyses of multi-threaded programs, require precise points-to information to be effective. Recent work has focused on improving the precision of points-to analysis through flow-sensitivity and great progress has been made. However, even with all recent progress, flow-sensitive points-to analysis can still be much slower than a flow-insensitive analysis. In this paper, we propose a novel method that simplifies flow-sensitive points-to analysis to a general graph reachability problem in a value flow graph. The value flow graph summarizes dependencies between pointer variables, including those memory dependencies via pointer dereferences. The points-to set for each pointer variable can then be computed as the set of memory objects that can reach it in the graph. We develop an algorithm to build the value flow graph efficiently by examining the pointed-to-by set of a memory object, i.e., the set of pointers that point to an object. The pointed-to-by information of memory objects is very useful for applications such as escape analysis, and information flow analysis. Our approach is intuitive, easy to implement and very efficient. The implementation is around 2000 lines of code and it is more efficient than existing flow-sensitive points-to analyses. The runtime is comparable with the state-of-the-art flow-insensitive points-to analysis.