research-article

Efficient and precise points-to analysis: modeling the heap by merging equivalent automata

Authors:

Tian Tan,

Yue Li,

Jingling XueAuthors Info & Claims

PLDI 2017: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation

Pages 278 - 291

https://doi.org/10.1145/3062341.3062360

Published: 14 June 2017 Publication History

Get Access

Abstract

Mainstream points-to analysis techniques for object-oriented languages rely predominantly on the allocation-site abstraction to model heap objects. We present MAHJONG, a novel heap abstraction that is specifically developed to address the needs of an important class of type-dependent clients, such as call graph construction, devirtualization and may-fail casting. By merging equivalent automata representing type-consistent objects that are created by the allocation-site abstraction, MAHJONG enables an allocation-site-based points-to analysis to run significantly faster while achieving nearly the same precision for type-dependent clients.

MAHJONG is simple conceptually, efficient, and drops easily on any allocation-site-based points-to analysis. We demonstrate its effectiveness by discussing some insights on why it is a better alternative of the allocation-site abstraction for type-dependent clients and evaluating it extensively on 12 large real-world Java programs with five context-sensitive points-to analyses and three widely used type-dependent clients. MAHJONG is expected to provide significant benefits for many program analyses where call graphs are required.

Supplementary Material

Auxiliary Archive (pldi17-main142-s.zip)

This artifact is provided to enable the results of all two research questions (RQ1 and RQ2) in our companion paper, i.e., the results in Figure 8, Figure 9, Table 1 and Table 2, to be reproduced. In RQ1, we show that MAHJONG is lightweight for large programs and how MAHJONG can alleviate the heap over-partitioning problem suffered by the allocation-site abstraction effectively for type-dependent clients. In RQ2, we show that MAHJONG can significantly accelerate different types of mainstream context-sensitive points-to analyses while achieving nearly the same precision as the allocation-site abstraction for type-dependent clients. The artifact contains MAHJONG and Doop (a state-of-the-art whole-program points-to analysis framework for Java) to reproduce the results. Size of the artifact: 115MB MD5 sum of the artifact: 619a2d64be9fa61b158f2b04ad55e4a0

Download
115.18 MB

References

[1]

J. Adamek and V. Trnkova. Automata and Algebras in Categories. Kluwer Academic Publishers, 1990.

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

Efficient and precise points-to analysis: modeling the heap by merging equivalent automata

Merging equivalent contexts for scalable heap-cloning-based context-sensitive points-to analysis

Fast and precise points-to analysis

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations