Type inclusion constraints and type inference
FPCA '93 Proceedings of the conference on Functional programming languages and computer architecture
Set based program analysis
Set-based analysis of ML programs
LFP '94 Proceedings of the 1994 ACM conference on LISP and functional programming
Points-to analysis in almost linear time
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Componential set-based analysis
Proceedings of the ACM SIGPLAN 1997 conference on Programming language design and implementation
Fast and accurate flow-insensitive points-to analysis
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Partial online cycle elimination in inclusion constraint graphs
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Effective whole-program analysis in the presence of pointers
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Proceedings of the 1999 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Projection merging: reducing redundancies in inclusion constraint graphs
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Unification-based pointer analysis with directional assignments
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Off-line variable substitution for scaling points-to analysis
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Polymorphic versus Monomorphic Flow-Insensitive Points-to Analysis for C
SAS '00 Proceedings of the 7th International Symposium on Static Analysis
A Toolkit for Constructing Type- and Constraint-Based Program Analyses
TIC '98 Proceedings of the Second International Workshop on Types in Compilation
On the Cubic Bottleneck in Subtyping and Flow Analysis
LICS '97 Proceedings of the 12th Annual IEEE Symposium on Logic in Computer Science
Flow-Insensitive Points-to Analysis with Term and Set Constraints
Flow-Insensitive Points-to Analysis with Term and Set Constraints
Demand-driven pointer analysis
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Pointer analysis: haven't we solved this problem yet?
PASTE '01 Proceedings of the 2001 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Aliasing analysis for a million lines of C
ASIA-PEPM '02 Proceedings of the ASIAN symposium on Partial evaluation and semantics-based program manipulation
Searching for points-to analysis
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
Pointer analysis for structured parallel programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Searching for points-to analysis
ACM SIGSOFT Software Engineering Notes
Semantics-Based Composition of Class Hierarchies
ECOOP '02 Proceedings of the 16th European Conference on Object-Oriented Programming
Speeding Up Dataflow Analysis Using Flow-Insensitive Pointer Analysis
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
An Efficient Inclusion-Based Points-To Analysis for Strictly-Typed Languages
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Data size optimizations for java programs
Proceedings of the 2003 ACM SIGPLAN conference on Language, compiler, and tool for embedded systems
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Checking and inferring local non-aliasing
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Joeq: a virtual machine and compiler infrastructure
Proceedings of the 2003 workshop on Interpreters, virtual machines and emulators
Tracking pointers with path and context sensitivity for bug detection in C programs
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
A safe approximate algorithm for interprocedural pointer aliasing
ACM SIGPLAN Notices - Best of PLDI 1979-1999
Efficient field-sensitive pointer analysis for C
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Symbolic pointer analysis revisited
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
The set constraint/CFL reachability connection in practice
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Precise and efficient static array bound checking for large embedded C programs
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Static Checking of Dynamically Generated Queries in Database Applications
Proceedings of the 26th International Conference on Software Engineering
Software validation via scalable path-sensitive value flow analysis
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Online Cycle Detection and Difference Propagation: Applications to Pointer Analysis
Software Quality Control
A brief survey of program slicing
ACM SIGSOFT Software Engineering Notes
Improving software security with a C pointer analysis
Proceedings of the 27th international conference on Software engineering
Context-sensitive program analysis as database queries
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Towards scalable flow and context sensitive pointer analysis
Proceedings of the 42nd annual Design Automation Conference
Incremental and demand-driven points-to analysis using logic programming
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Program Slicing with Dynamic Points-To Sets
IEEE Transactions on Software Engineering
Demand-driven points-to analysis for Java
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Continuous code-quality assurance with SAFE
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Effective typestate verification in the presence of aliasing
Proceedings of the 2006 international symposium on Software testing and analysis
Logical characterizations of heap abstractions
ACM Transactions on Computational Logic (TOCL)
Flow-insensitive type qualifiers
ACM Transactions on Programming Languages and Systems (TOPLAS)
Joeq: a virtual machine and compiler infrastructure
Science of Computer Programming - Special issue on advances in interpreters, virtual machines and emulators (IVME'03)
ACM Transactions on Programming Languages and Systems (TOPLAS)
An empirical study of static program slice size
ACM Transactions on Software Engineering and Methodology (TOSEM)
Static Analysis of Object References in RMI-Based Java Software
IEEE Transactions on Software Engineering
The ant and the grasshopper: fast and accurate pointer analysis for millions of lines of code
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Regularly annotated set constraints
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Interactive, scalable, declarative program analysis: from prototype to implementation
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Static checking of dynamically generated queries in database applications
ACM Transactions on Software Engineering and Methodology (TOSEM)
Empirical study of optimization techniques for massive slicing
ACM Transactions on Programming Languages and Systems (TOPLAS)
Efficient field-sensitive pointer analysis of C
ACM Transactions on Programming Languages and Systems (TOPLAS)
Securing software by enforcing data-flow integrity
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
A practical and precise inference and specializer for array bound checks elimination
PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Precise static type analysis in component based programming environment
ISEC '08 Proceedings of the 1st India software engineering conference
Effective typestate verification in the presence of aliasing
ACM Transactions on Software Engineering and Methodology (TOSEM)
Bootstrapping: a technique for scalable flow and context-sensitive pointer alias analysis
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Relations as an abstraction for BDD-based program analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation
ACM Transactions on Software Engineering and Methodology (TOSEM)
Towards the Integration of Symbolic and Numerical Static Analysis
Verified Software: Theories, Tools, Experiments
Splitting the Control Flow with Boolean Flags
SAS '08 Proceedings of the 15th international symposium on Static Analysis
From generic to specific: off-line optimization for a general constraint solver
GPCE '08 Proceedings of the 7th international conference on Generative programming and component engineering
Semi-sparse flow-sensitive pointer analysis
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A bottom-up pointer analysis using the update history
Information and Software Technology
An Interval-Based Inference of Variant Parametric Types
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Wave Propagation and Deep Propagation for Pointer Analysis
Proceedings of the 7th annual IEEE/ACM International Symposium on Code Generation and Optimization
From datalog rules to efficient programs with time and space guarantees
ACM Transactions on Programming Languages and Systems (TOPLAS)
The Complexity of Andersen's Analysis in Practice
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Optimizing Pointer Analysis Using Bisimilarity
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Mapping kernel objects to enable systematic integrity checking
Proceedings of the 16th ACM conference on Computer and communications security
An Ahead-of-time Yet Context-Sensitive Points-to Analysis for Java
Electronic Notes in Theoretical Computer Science (ENTCS)
Scalable Context-Sensitive Points-to Analysis Using Multi-dimensional Bloom Filters
APLAS '09 Proceedings of the 7th Asian Symposium on Programming Languages and Systems
Dimensions of precision in reference analysis of object-oriented programming languages
CC'03 Proceedings of the 12th international conference on Compiler construction
Scaling Java points-to analysis using SPARK
CC'03 Proceedings of the 12th international conference on Compiler construction
IDE dataflow analysis in the presence of large object-oriented libraries
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Parallel inclusion-based points-to analysis
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Points-to analysis as a system of linear equations
SAS'10 Proceedings of the 17th international conference on Static analysis
LOCKSMITH: Practical static race detection for C
ACM Transactions on Programming Languages and Systems (TOPLAS)
Points-to analysis with efficient strong updates
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ISoLA'10 Proceedings of the 4th international conference on Leveraging applications of formal methods, verification, and validation - Volume Part I
LeakProber: a framework for profiling sensitive data leakage paths
Proceedings of the first ACM conference on Data and application security and privacy
Cycle elimination for invocation graph-based context-sensitive pointer analysis
Information and Software Technology
Approximating inclusion-based points-to analysis
Proceedings of the 2011 ACM SIGPLAN Workshop on Memory Systems Performance and Correctness
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Optimizing c multithreaded memory management using thread-local storage
CC'05 Proceedings of the 14th international conference on Compiler Construction
A GPU implementation of inclusion-based points-to analysis
Proceedings of the 17th ACM SIGPLAN symposium on Principles and Practice of Parallel Programming
Banshee: a scalable constraint-based analysis toolkit
SAS'05 Proceedings of the 12th international conference on Static Analysis
Widening polyhedra with landmarks
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Polymorphism, subtyping, whole program analysis and accurate data types in usage analysis
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Automating security mediation placement
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Interprocedural dataflow analysis in the presence of large libraries
CC'06 Proceedings of the 15th international conference on Compiler Construction
Prioritizing constraint evaluation for efficient points-to analysis
CGO '11 Proceedings of the 9th Annual IEEE/ACM International Symposium on Code Generation and Optimization
Exploiting the structure of the constraint graph for efficient points-to analysis
Proceedings of the 2012 international symposium on Memory Management
Parallel replication-based points-to analysis
CC'12 Proceedings of the 21st international conference on Compiler Construction
Tracking rootkit footprints with a practical memory analysis system
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Scalable flow-sensitive pointer analysis for java with strong updates
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
Exploiting pointer and location equivalence to optimize pointer analysis
SAS'07 Proceedings of the 14th international conference on Static Analysis
Operating system kernel data disambiguation to support security analysis
NSS'12 Proceedings of the 6th international conference on Network and System Security
Practical Integrated Analysis of Pointers, Dataflow and Control Flow
ACM Transactions on Programming Languages and Systems (TOPLAS)
Compiler-Guided identification of critical sections in parallel code
CC'13 Proceedings of the 22nd international conference on Compiler Construction
Fast algorithms for Dyck-CFL-reachability with applications to alias analysis
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Efficient construction of approximate call graphs for JavaScript IDE services
Proceedings of the 2013 International Conference on Software Engineering
DriverGuard: Virtualization-Based Fine-Grained Protection on I/O Flows
ACM Transactions on Information and System Security (TISSEC)
Alias analysis for object-oriented programs
Aliasing in Object-Oriented Programming
| Hi-index | 0.00 |
We describe the design and implementation of a system for very fast points-to analysis. On code bases of about million lines of unpreprocessed C code, our system performs field-based Andersen-style points-to analysis in less than a second and uses less than 10MB of memory. Our two main contributions are a database-centric analysis architecture called compile-link-analyze (CLA), and a new algorithm for implementing dynamic transitive closure. Our points-to analysis system is built into a forward data-dependence analysis tool that is deployed within Lucent to help with consistent type modifications to large legacy C code bases.