Skip to main content
SpringerLink
Log in

SSA-Based Simulated Execution

  • Chapter
Patterns, Programming and Everything

  • 1138 Accesses

Abstract

Most scalable approaches to inter-procedural dataflow analysis do not take into account the order in which fields are accessed, and methods are executed, at run-time. That is, they have no inter-procedural flow-sensitivity. In this chapter we present an approach to dataflow analysis named Simulated Execution. It is flow-sensitive in the sense that a memory accessing operation (call or field access) will never be affected by another memory access that is executed thereafter in all runs of a program. This makes Simulated Execution strictly more precise than the most frequently used flow-insensitive approaches. We also outline a proof of correctness using abstract interpretation. Finally, although we present Simulated Execution as a dataflow algorithm applied to context-insensitive Points-to Analysis, it can be applied on any inter-procedural dataflow problem and in a context-sensitive manner.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aho, A., Sethi, R., Ullman, J.: Compilers: Principles, Techniques, and Tools. Addison-Wesley Reading (1986)

    Google Scholar 

  2. Chatterjee, R., Ryder, B., Landi, W.: Relevant context inference. In: Symposium on Principles of Programming Languages (POPL’99), pp. 133–146 (1999)

    Google Scholar 

  3. Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction of approximations of fixed points. In: Conference Record of the Fourth Annual ACM SIGACT/SIGPLAN Symposium on Principles of Programming Languages, January, pp. 238–252 (1977)

    Google Scholar 

  4. Cytron, R., Ferrante, J., Rosen, B., Wegman, M., Zadeck, K.: Efficiently computing static single assignment form and the control dependence graph. ACM Trans. Program. Lang. Syst. 13(4), 451–490 (1991)

    Article  Google Scholar 

  5. Diwan, A., Moss, J.E.B., McKinley, K.S.: Simple and effective analysis of statically typed object-oriented programs. In: Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA’96), October (1996)

    Google Scholar 

  6. Grove, D., DeFouw, G., Dean, J., Chambers, C.: Call graph construction in object-oriented languages. In: Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA’97), pp. 108–124 (1997)

    Google Scholar 

  7. Hasti, R., Horwitz, S.: Using static single assignment form to improve flow-insensitive pointer analysis. In: Proceedings of the Conference on Programming Language Design and Implementation (PLDI’98), June, pp. 97–105 (1998)

    Google Scholar 

  8. Hind, M.: Pointer analysis: Haven’t we solved this problem yet? In: Workshop on Program Analysis for Software Tools and Engineering (PASTE’01), pp. 54–61 (2001)

    Google Scholar 

  9. Lhoták, O., Hendren, L.: Scaling Java points-to analysis using spark. In: Proceedings of the International Conference on Compiler Construction (CC’03), April, pp. 153–169 (2003)

    Chapter  Google Scholar 

  10. Lhoták, O., Hendren, L.: Context-sensitive points-to analysis: Is it worth it? In: Mycroft, A., Zeller, A. (eds.) International Conference on Compiler Construction (CC’06). LNCS, vol. 3923, pp. 47–64. Springer, Berlin (2006)

    Chapter  Google Scholar 

  11. Lhoták, O., Hendren, L.: Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation. ACM Trans. Softw. Eng. Methodol. 18(1), 1–53 (2008)

    Article  Google Scholar 

  12. Liang, D., Pennings, M., Harrold, M.: Extending and evaluating flow-insensitive and context-insensitive points-to analysis for Java. In: Proceedings of the Workshop on Program Analysis for Software Tools and Engineering (PASTE’01), June, pp. 73–79 (2001)

    Google Scholar 

  13. Liekweg, F.: Compiler-directed automatic memory management. In: 3rd Workshop on Semantics, Program Analysis, and Computing Environments for Memory Management (SPACE). ACM/SIGPLAN, New York (2006)

    Google Scholar 

  14. Lundberg, J., Gutzmann, T., Edvinsson, M., Löwe, W.: Fast and precise points-to analysis. J. Inf. Softw. Technol. 51(10), 1428–1439 (2009)

    Article  Google Scholar 

  15. Marlowe, T., Ryder, B.: Properties of data flow frameworks: A unified model. Acta Inform. 28, 121–163 (1990)

    Article  MathSciNet  MATH  Google Scholar 

  16. Marlowe, T.J., Ryder, B.G., Burke, M.G.: Defining flow sensitivity for data flow problems. Laboratory of Computer Science Research Technical Report, Number LCSR-TR-249 (1995)

    Google Scholar 

  17. Milanova, A., Rountev, A., Ryder, B.G.: Parameterized object sensitivity for points-to and side-effect analyses for Java. In: Proceedings of the International Symposium on Software Testing and Analysis (ISSTA’02), July, pp. 1–11 (2002)

    Chapter  Google Scholar 

  18. Milanova, A., Rountev, A., Ryder, B.G.: Parameterized object sensitivity for points-to analysis for Java. ACM Trans. Softw. Eng. Methodol. 14(1), 1–41 (2005)

    Article  Google Scholar 

  19. Muchnick, S.S.: Advanced Compiler Design Implementation. Morgan Kaufmann, San Francisco (1997)

    Google Scholar 

  20. Nielsen, F., Nielsen, H.R., Hankin, C.: Principles of Program Analysis, 2nd edn. Springer, Berlin (2005)

    Google Scholar 

  21. Palsberg, J.: Object-oriented type inference. In: Proceedings of the Workshop on Program Analysis for Software Tools and Engineering (PASTE’01), July, pp. 20–27 (2001)

    Google Scholar 

  22. Ruf, E.: Effective synchronization removal for Java. In: Proceedings of the Conference on Programming Language Design and Implementation (PLDI’00), pp. 208–218 (2000)

    Chapter  Google Scholar 

  23. Ryder, B.G.: Dimensions of precision in reference analysis of object-oriented programming languages. In: International Conference on Compiler Construction (CC’03). LNCS, vol. 2622, pp. 126–137. Springer, Berlin (2003)

    Chapter  Google Scholar 

  24. Streckenbach, M., Snelting, G.: Points-to for Java: A general framework and an empirical comparison. Technical report, Lehrstuhl für Softwaresysteme, Universität Passau, Germany, November (2000)

    Google Scholar 

  25. Trapp, M.: Optimierung objektorientierter programme. PhD thesis, Universität Karlsruhe, December (1999)

    Google Scholar 

  26. Trapp, M., Lindenmaier, G., Boesler, B.: Documentation of the intermediate representation Firm. Technical report 1999-14, Fakultät für Informatik, Universität Karlsruhe, Germany (1999)

    Google Scholar 

  27. Whaley, J., Lam, M.S.: An efficient inclusion-based points-to analysis for strictly-typed languages. In: Proceedings of the Static Analysis Symposium (SAS’02) (2002)

    Google Scholar 

  28. Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: Proceedings of the Conference on Programming Language Design and Implementation (PLDI’04), June, pp. 131–144 (2004)

    Chapter  Google Scholar 

  29. Zhu, J., Calman, S.: Symbolic pointer analysis revisited. In: Proceedings of the Conference on Programming Language Design and Implementation (PLDI’04), June, pp. 145–157 (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Mathematics, and Physics, Linnaeus University, 351 95, Växjö, Sweden

    Jonas Lundberg, Mathias Hedenborg & Welf Löwe

Authors
  1. Jonas Lundberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mathias Hedenborg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Welf Löwe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jonas Lundberg .

Editor information

Editors and Affiliations

  1. Departamento de Informatica, PUC-Rio, R. Marquês de São Vicente 225, Rio de Janeiro, 22453900, Rio de Janeiro, Brazil

    Karin K. Breitman

  2. Department of Computer Science, University of Victoria, Finnerty Road 3800, Victoria, V8W 5C2, British Columbia, Canada

    R. Nigel Horspool

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag London

About this chapter

Cite this chapter

Lundberg, J., Hedenborg, M., Löwe, W. (2012). SSA-Based Simulated Execution. In: Breitman, K., Horspool, R. (eds) Patterns, Programming and Everything. Springer, London. https://doi.org/10.1007/978-1-4471-2350-7_7

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-2350-7_7

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-2349-1

  • Online ISBN: 978-1-4471-2350-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation