H-CFA: a Simplified Approach for Pushdown Control Flow Analysis
نویسنده
چکیده
H -CFA: A SIMPLIFIED APPROACH FOR PUSHDOWN CONTROL FLOW ANALYSIS by Fei Peng The University of Wisconsin-Milwaukee, 2016 Under the Supervision of Professor Tian Zhao In control flow analysis (CFA), call/return mismatch is a problem that reduces analysis precision. So-called k -CFA uses bounded call-strings to obtain limited call/return matching, but it has a serious performance problem due to its coupling of call/return matching with context-sensitivity of values. CFA2 and PDCFA are the first two algorithms that bring pushdown (context-free reachability) approach to the CFA area, which provide perfect call/return mathcing. However, CFA2 and PDCFA both need significant engineering effort to implement. The abstracting abstract machine (AAM), a configurable framework for constructing abstract interpreters, introduces store-allocated continuations that make the soundness of abstract interpreters easily obtainable. Recently, two related approaches (AAC and
منابع مشابه
Automated Techniques for Higher-Order Program Verification (NII Shonan Meeting 2011-5)
interpretation techniques are used to derive a control-flow analysis for a simple higher-order functional language. The analysis approximates the interprocedural control-flow of both function calls and returns in the presence of first-class functions and tail-call optimization. The analysis is systematically derived by abstract interpretation of the stack-based CaEK abstract machine of Flanagan...
متن کاملPushdown Abstractions of JavaScript
We design a family of program analyses for JavaScript that make no approximation in matching calls with returns, exceptions with handlers, and breaks with labels. We do so by starting from an established reduction semantics for JavaScript and systematically deriving its intensional abstract interpretation. Our first step is to transform the semantics into an equivalent low-level abstract machin...
متن کاملAn Analytic Framework for JavaScript
As the programming language of the web, JavaScript deserves a principled yet robust framework for static analysis. To achieve both aims simultaneously, we start from an established reduction semantics for JavaScript and systematically derive its intensional abstract interpretation. Our first step is to transform the semantics into an equivalent low-level abstract machine: the JavaScript Abstrac...
متن کاملA Linear Encoding of Pushdown Control-Flow Analysis
We describe a linear-algebraic encoding for pushdown controlflow analysis of higher-order programs. Pushdown controlflow analyses obtain a greater precision in matching calls with returns by encoding stack-actions on the edges of a Dyck state graph. This kind of analysis requires a number of distinct transitions and was not amenable to parallelization using the approach of EigenCFA. Recent work...
متن کاملAutomated techniques for higher-order program verification
interpretation techniques are used to derive a control-flow analysis for a simple higher-order functional language. The analysis approximates the interprocedural control-flow of both function calls and returns in the presence of first-class functions and tail-call optimization. The analysis is systematically derived by abstract interpretation of the stack-based CaEK abstract machine of Flanagan...
متن کامل