On-demand strong update analysis via value-flow refinement

Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2016-11-01 DOI:10.1145/2950290.2950296

Yulei Sui, Jingling Xue

{"title":"On-demand strong update analysis via value-flow refinement","authors":"Yulei Sui, Jingling Xue","doi":"10.1145/2950290.2950296","DOIUrl":null,"url":null,"abstract":"We present a new Strong UPdate Analysis for C programs, called Supa, that enables computing points-to information on-demand via value-flow refinement, in environments with small time and memory budgets such as IDEs. We formulate Supa by solving a graph-reachability problem on a value- flow graph representation of the program, so that strong updates are performed where needed, as long as the total analysis budget is not exhausted. Supa facilitates efficiency and precision tradeoffs by allowing different pointer analyses to be applied in a hybrid multi-stage analysis framework. We have implemented Supa in LLVM with its artifact available at [1]. We evaluate Supa by choosing uninitialized pointer detection as a major client on 12 open-source C programs. As the analysis budget increases, Supa achieves improved precision, with its single-stage flow-sensitive analysis reaching 97% of that achieved by whole-program flow- sensitive analysis by consuming about 0.19 seconds and 36KB of memory per query, on average (with a budget of at most 10000 value-flow edges per query).","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"73","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2950290.2950296","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 73

Abstract

We present a new Strong UPdate Analysis for C programs, called Supa, that enables computing points-to information on-demand via value-flow refinement, in environments with small time and memory budgets such as IDEs. We formulate Supa by solving a graph-reachability problem on a value- flow graph representation of the program, so that strong updates are performed where needed, as long as the total analysis budget is not exhausted. Supa facilitates efficiency and precision tradeoffs by allowing different pointer analyses to be applied in a hybrid multi-stage analysis framework. We have implemented Supa in LLVM with its artifact available at [1]. We evaluate Supa by choosing uninitialized pointer detection as a major client on 12 open-source C programs. As the analysis budget increases, Supa achieves improved precision, with its single-stage flow-sensitive analysis reaching 97% of that achieved by whole-program flow- sensitive analysis by consuming about 0.19 seconds and 36KB of memory per query, on average (with a budget of at most 10000 value-flow edges per query).

查看原文本刊更多论文

通过价值流精化的按需强更新分析

我们为C程序提供了一种新的强更新分析，称为Supa，它可以在时间和内存预算较小的环境(如ide)中，通过价值流细化按需计算点到信息。我们通过在程序的价值流图表示上解决图可达性问题来制定Supa，因此只要总分析预算没有用尽，就可以在需要的地方执行强更新。Supa通过允许在混合多阶段分析框架中应用不同的指针分析，促进了效率和精度的权衡。我们已经在LLVM中实现了Supa，其工件可在[1]中获得。我们通过选择未初始化指针检测作为12个开源C程序的主要客户端来评估Supa。随着分析预算的增加，Supa实现了更高的精度，其单级流敏感分析达到了整个程序流敏感分析的97%，平均每次查询消耗约0.19秒和36KB内存(每次查询最多预算10000个值流边)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering

自引率

0.00%

发文量