research-article

Public Access

Calling-to-reference context translation via constraint-guided CFL-reachability

Authors:

Zhendong SuAuthors Info & Claims

ACM SIGPLAN Notices, Volume 53, Issue 4

Pages 196 - 210

https://doi.org/10.1145/3296979.3192378

Published: 11 June 2018 Publication History

Abstract

A calling context is an important piece of information used widely to help developers understand program executions (e.g., for debugging). While calling contexts offer useful control information, information regarding data involved in a bug (e.g., what data structure holds a leaking object), in many cases, can bring developers closer to the bug's root cause. Such data information, often exhibited as heap reference paths, has already been needed by many tools.

The only way for a dynamic analysis to record complete reference paths is to perform heap dumping, which incurs huge runtime overhead and renders the analysis impractical. This paper presents a novel static analysis that can precisely infer, from a calling context of a method that contains a use (e.g., read or write) of an object, the heap reference paths leading to the object at the time the use occurs. Since calling context recording is much less expensive, our technique provides benefits for all dynamic techniques that need heap information, significantly reducing their overhead.

Supplementary Material

WEBM File (p196-cai.webm)

Download
103.31 MB

References

[1]

Edward E. Aftandilian and Samuel Z. Guyer. 2009. GC Assertions: Using the Garbage Collector to Check Heap Properties. In PLDI. 235– 244.

Digital Library

[2]

Rajeev Alur. 2007. Marrying Words and Trees. In PODS. 233–242.

Digital Library

[3]

Rajeev Alur, Michael Benedikt, Kousha Etessami, Patrice Godefroid, Thomas Reps, and Mihalis Yannakakis. 2005. Analysis of Recursive State Machines. ACM Trans. Program. Lang. Syst. 27, 4 (2005), 786–818.

Digital Library

[4]

Rajeev Alur and P. Madhusudan. 2004. Visibly Pushdown Languages. In STOC. 202–211.

Digital Library

[5]

Osbert Bastani, Saswat Anand, and Alex Aiken. 2015. Specification Inference Using CFL Reachability. In POPL. 553–566.

Digital Library

[6]

S. M. Blackburn, R. Garner, C. Hoffman, A. M. Khan, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanović, T. VanDrunen, D. von Dincklage, and B. Wiedermann. 2006. The DaCapo Benchmarks: Java Benchmarking Development and Analysis. In OOPSLA. 169–190.

Digital Library

[7]

Michael D. Bond, Graham Z. Baker, and Samuel Z. Guyer. 2010. Breadcrumbs: Efficient Context Sensitivity for Dynamic Bug Detection Analyses. In PLDI. 13–24.

Digital Library

[8]

Michael D. Bond and Kathryn S. McKinley. 2006. Bell: Bit-encoding online memory leak detection. In ASPLOS. 61–72.

Digital Library

[9]

Michael D. Bond and Kathryn S. McKinley. 2007. Probabilistic Calling Context. In OOPSLA. 97–112.

Digital Library

[10]

Swarat Chaudhuri. 2008. Subcubic Algorithms for Recursive State Machines. In POPL. 159–169.

Digital Library

[11]

Cormac Flanagan and Stephen N. Freund. 2009. FastTrack: Efficient and Precise Dynamic Race Detection. In PLDI. 121–133.

Digital Library

[12]

Nevin Heintze and David McAllester. 1997. On the Cubic Bottleneck in Subtyping and Flow Analysis. In LICS. 342–351.

Digital Library

[13]

Susan Horwitz, Thomas Reps, and Mooly Sagiv. 1995. Demand interprocedural dataflow analysis. In FSE. 104–115.

Digital Library

[14]

Jipeng Huang and Michael D. Bond. 2013. Efficient context sensitivity for dynamic analyses via calling context uptrees and customized memory management. In OOPSLA. 53–72.

Digital Library

[15]

IBM. 2017. Whole System Analysis of Idle Time (WAIT). https://wait. ibm.com/ . (2017).

[16]

John Kodumal and Alex Aiken. 2004. The Set Constraint/CFL Reachability Connection in Practice. In PLDI. 207–218.

Digital Library

[17]

John Kodumal and Alex Aiken. 2007. Regularly annotated set constraints. In PLDI. 331–341.

Digital Library

[18]

Jens Krinke. 2004. Context-Sensitivity Matters, But Context Does Not. In SCAM. 29–35.

Digital Library

[19]

Jianjun Li, Zhenjiang Wang, Chenggang Wu, Wei-Chung Hsu, and Di Xu. 2014. Dynamic and Adaptive Calling Context Encoding. In CGO. 120–131.

Digital Library

[20]

Ying Liu and Ana Milanova. 2008. Static analysis for inference of explicit information flow. In PASTE. 50–56.

Digital Library

[21]

Evan K. Maxwell, Godmar Back, and Naren Ramakrishnan. 2010. Diagnosing Memory Leaks Using Graph Mining on Heap Dumps. In KDD. 115–124.

Digital Library

[22]

David Melski and Thomas Reps. 2000. Interconvertibility of a Class of Set Constraints and Context-Free-Language Reachability. Theoretical Computer Science 248 (2000), 29–98.

Digital Library

[23]

Nick Mitchell, Edith Schonberg, and Gary Sevitsky. 2009. Making Sense of Large Heaps. In ECOOP. 77–97.

Digital Library

[24]

J. Rehof and M. Fähndrich. 2001. Type-Based Flow Analysis: From Polymorphic Subtyping to CFL-Reachability. In POPL. 54–66.

Digital Library

[25]

Christoph Reichenbach, Neil Immerman, Yannis Smaragdakis, Edward Aftandilian, and Samuel Z. Guyer. 2010. What Can the GC Compute Efficiently? A Language for Heap Assertions at GC Time. In OOPSLA. 256–269.

Digital Library

[26]

Thomas Reps. 1994. Solving demand versions of interprocedural analysis problems. In CC. 389–403.

Digital Library

[27]

Thomas Reps. 1995. Shape analysis as a generalized path problem. In PEPM. 1–11.

Digital Library

[28]

Thomas Reps. 1998. Program Analysis via Graph Reachability. Information and Software Technology 40, 11-12 (1998), 701–726.

[29]

Thomas Reps. 2000. Undecidability of context-sensitive dataindependence analysis. ACM TOPLAS 22, 1 (2000), 162–186.

Digital Library

[30]

Thomas Reps, Susan Horwitz, Mooly Sagiv, and Genevieve Rosay. 1994. Speeding up slicing. In FSE. 11–20.

Digital Library

[31]

Thomas Reps, Susan Horwitz, and Shmuel Sagiv. 1995. Precise Interprocedural Dataflow Analysis via Graph Reachability. In popl. 49–61.

Digital Library

[32]

Nathan P. Ricci, Samuel Z. Guyer, and J. Eliot B. Moss. 2013. Elephant Tracks: Portable Production of Complete and Precise GC Traces. In ISMM. 109–118.

Digital Library

[33]

Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. 1999. Parametric Shape Analysis via 3-Valued Logic. ACM TOPLAS 24, 3 (1999), 217–298.

Digital Library

[34]

Julian Seward and Nicholas Nethercote. 2005. Using Valgrind to Detect Undefined Value Errors with Bit-precision. In USENIX. 17–30.

Digital Library

[35]

Soot 2017. Soot. http://sable.github.io/soot/ . (2017).

[36]

Johannes Späth, Lisa Nguyen Quang Do, Karim Ali, and Eric Bodden. 2016. Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java. In ECOOP. 12:1–12:2.

[37]

Manu Sridharan and Rastislav Bodik. 2006. Refinement-Based ContextSensitive Points-To Analysis for Java. In PLDI. 387–400.

Digital Library

[38]

Manu Sridharan, Denis Gopan, Lexin Shan, and Rastislav Bodik. 2005. Demand-driven points-to analysis for Java. In OOPSLA. 59–76.

Digital Library

[39]

William N. Sumner, Yunhui Zheng, Dasarath Weeratunge, and Xiangyu Zhang. 2010. Precise Calling Context Encoding. In ICSE. 525–534.

Digital Library

[40]

Hao Tang, Xiaoyin Wang, Lingming Zhang, Bing Xie, Lu Zhang, and Hong Mei. 2015. Summary-Based Context-Sensitive Data-Dependence Analysis in Presence of Callbacks. In POPL. 83–95.

Digital Library

[41]

Rei Thiessen and Ondrej Lhoták. 2017. Context transformations for pointer analysis. In PLDI. 263–277.

Digital Library

[42]

Rongxin Wu, Xiao Xiao, Shing-Chi Cheung, Hongyu Zhang, and Charles Zhang. 2016. Casper: an efficient approach to call trace collection. In POPL. 678–690.

Digital Library

[43]

Guoqing Xu, Michael D. Bond, Feng Qin, and Atanas Rountev. 2011. LeakChaser: Helping programmers narrow down causes of memory leaks. In PLDI. 270–282.

Digital Library

[44]

Guoqing Xu and Atanas Rountev. 2008. Precise Memory Leak Detection for Java Software Using Container Profiling. In ICSE. 151–160.

Digital Library

[45]

Guoqing Xu, Atanas Rountev, and Manu Sridharan. 2009. Scaling CFL-reachability-based points-to analysis using context-sensitive must-notalias analysis. In ECOOP. 98–122.

Digital Library

[46]

Dacong Yan, Guoqing Xu, and Atanas Rountev. 2011. Demand-Driven Context-Sensitive Alias Analysis for Java. In ISSTA. 155–165.

Digital Library

[47]

Mihalis Yannakakis. 1990. Graph-theoretic Methods in Database Theory. In PODS. 230–242.

Digital Library

[48]

YourKit. 2017. YourKit Profiler. https://www.yourkit.com . (2017).

[49]

Hao Yuan and Patrick Eugster. 2009. An Efficient Algorithm for Solving the Dyck-CFL-Reachability Problem on Trees. In ESOP. 175–189.

Digital Library

[50]

Qirun Zhang, Michael R. Lyu, Hao Yuan, and Zhendong Su. 2013. Fast Algorithms for Dyck-CFL-reachability with Applications to Alias Analysis. In PLDI. 435–446.

Digital Library

[51]

Qirun Zhang and Zhendong Su. 2017. Context-sensitive datadependence analysis via linear conjunctive language reachability. In POPL. 344–358.

Digital Library

[52]

Qirun Zhang, Xiao Xiao, Charles Zhang, Hao Yuan, and Zhendong Su. 2014. Efficient Subcubic Alias Analysis for C. In OOPSLA. 829–845.

Digital Library

[53]

Xin Zheng and Radu Rugina. 2008. Demand-Driven Alias Analysis for C. In POPL. 197–208.

Digital Library

[54]

Xiaotong Zhuang, Mauricio J. Serrano, Harold W. Cain, and Jong-Deok Choi. 2006. Accurate, Efficient, and Adaptive Calling Context Profiling. In PLDI. 263–271.

Digital Library

Cited By

Lu JHe DXue J(2021)EagleACM Transactions on Software Engineering and Methodology10.1145/345049230:4(1-46)Online publication date: 31-Oct-2021
https://doi.org/10.1145/3450492
Shi QWang YYao PZhang C(2022)Indexing the extended Dyck-CFL reachability for context-sensitive program analysisProceedings of the ACM on Programming Languages10.1145/35633396:OOPSLA2(1438-1468)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563339
Zuo ZJi KWang YTao WWang LLi XXu GFreund SYahav E(2021)JPortal: precise and efficient control-flow tracing for JVM programs with Intel processor traceProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454096(1080-1094)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454096
Show More Cited By

Index Terms

Calling-to-reference context translation via constraint-guided CFL-reachability
1. Software and its engineering
  1. Software organization and properties
    1. Software functional properties
      1. Formal methods
        Automated static analysis
        Dynamic analysis

Recommendations

Calling-to-reference context translation via constraint-guided CFL-reachability
PLDI 2018: Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation

A calling context is an important piece of information used widely to help developers understand program executions (e.g., for debugging). While calling contexts offer useful control information, information regarding data involved in a bug (e.g., what ...
Selective context-sensitivity guided by impact pre-analysis
PLDI '14: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation

We present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to improve the precision that matters for resolving given queries. ...
Selective context-sensitivity guided by impact pre-analysis
PLDI '14

We present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to improve the precision that matters for resolving given queries. ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 53, Issue 4

PLDI '18

April 2018

834 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/3296979

Editor:
Matthew Fluet
Rodchester Institude of Technology

Issue’s Table of Contents

PLDI 2018: Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation
June 2018
825 pages
ISBN:9781450356985
DOI:10.1145/3192366
General Chair:
Jeffrey S. Foster
University of Maryland at College Park, USA
,
Program Chair:
Dan Grossman
University of Washington, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2018

Published in SIGPLAN Volume 53, Issue 4

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
582
Total Downloads

Downloads (Last 12 months)104
Downloads (Last 6 weeks)23

Reflects downloads up to 18 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lu JHe DXue J(2021)EagleACM Transactions on Software Engineering and Methodology10.1145/345049230:4(1-46)Online publication date: 31-Oct-2021
https://doi.org/10.1145/3450492
Shi QWang YYao PZhang C(2022)Indexing the extended Dyck-CFL reachability for context-sensitive program analysisProceedings of the ACM on Programming Languages10.1145/35633396:OOPSLA2(1438-1468)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563339
Zuo ZJi KWang YTao WWang LLi XXu GFreund SYahav E(2021)JPortal: precise and efficient control-flow tracing for JVM programs with Intel processor traceProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454096(1080-1094)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454096
Zuo ZZhang YPan QLu SLi YWang LLi XXu GFreund SYahav E(2021)Chianina: an evolving graph system for flow- and context-sensitive analyses of million lines of C codeProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454085(914-929)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454085
Lu JHe DXue J(2021)EagleACM Transactions on Software Engineering and Methodology10.1145/345049230:4(1-46)Online publication date: 23-Jul-2021
https://dl.acm.org/doi/10.1145/3450492
Gu RZuo ZJiang XYin HWang ZWang LLi XHuang Y(2020)Towards Efficient Large-Scale Interprocedural Program Static Analysis on Distributed Data-Parallel ComputationIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2020.303619032:4(867-883)Online publication date: 20-Nov-2020
https://dl.acm.org/doi/10.1109/TPDS.2020.3036190
Lu JXue J(2019)Precision-preserving yet fast object-sensitive pointer analysis with partial context sensitivityProceedings of the ACM on Programming Languages10.1145/33605743:OOPSLA(1-29)Online publication date: 10-Oct-2019
https://dl.acm.org/doi/10.1145/3360574
Zuo ZGu RJiang XWang ZHuang YWang LLi X(2019)BigSpa: An Efficient Interprocedural Static Analysis Engine in the Cloud2019 IEEE International Parallel and Distributed Processing Symposium (IPDPS)10.1109/IPDPS.2019.00086(771-780)Online publication date: May-2019
https://doi.org/10.1109/IPDPS.2019.00086

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents