Alias Calculus for a Simple Imperative Language with Decidable Pointer Arithmetic

Transcript

1. Alias Calculus for Simple Imperative Language with Decidable Pointer Arithmetic

   Aleksandr Vorontsov1, Aizhan Satekbayeva2, Nikolay Shilov3,4 М1Novosibirsk State University, Novosibirsk, Russia, 2 L.N. Gumilyov Eurasian National University, Astana, Kazakhstan, 3Nazarbayev University, Astana, Kazakhstan, 4A.P. Ershov Institute of Informatics Systems, Novosibirsk, Russia

2. What is “Alias Calculus”? • Alias calculus was proposed by

   Bertrand Meyer in 2011 for a toy programming language with single data type for abstract pointers. • it is a set of syntax-driven rules to compute an upper approximation aft(S, P) for aliasing after execution of a program P for a given initial aliasing S. 14.11.2014 2 TMPA-2014: Alias Calculus

3. What about this Research • Our current purpose is to

   present a variant of alias calculus for more realistic programming language with automatic and dynamic memory, with types for regular data as well as for decidable pointer arithmetic. 14.11.2014 3 TMPA-2014: Alias Calculus

4. Why a new Research? • Aliasing problem is to predict,

   detect and/or trace pointers to the same addresses in dynamic memory. • Importance of the problem is due to mistakes and errors that may happen in program run- time due to improper alias handling. 14.11.2014 4 TMPA-2014: Alias Calculus

5. Errors? • Below are two simple examples of errors (?)

   inC-like pseudo-code: • x = malloc(sizeof(int)); x = malloc(sizeof(int)); //memory leak; • y = x; free(x); free(y); // invalid access. 14.11.2014 5 TMPA-2014: Alias Calculus

6. Alias Calculus for a Trivial Language • Bertrand Meyer: Steps

   Towards a Theory and Calculus of Aliasing. Int. J. of Software and Informatics (Festschrift in honor of Manfred Broy), 2011., p.77-115. 14.11.2014 6 TMPA-2014: Alias Calculus

7. Sample Rules: memory dynamics • Memory deallocation and allocation operators

   have the same effect on alias relation because after these operations variable isn’t alias to any other variable: 14.11.2014 7 TMPA-2014: Alias Calculus

8. Sample Rules: assignment • After assignment address variable forgets all

   its former aliases and becomes an alias to all aliases of the variable: 14.11.2014 8 TMPA-2014: Alias Calculus

9. Sample Rules: assignment 14.11.2014 9 TMPA-2014: Alias Calculus x, y

   y, u x, z x, y x, y, u x:=y

10. Sample Rules: compound programs • Sequential composition means sequential application:

    • Nondeterministic choice of any branch: 14.11.2014 TMPA-2014: Alias Calculus 10

11. Towards More Realistic Language • Acronym MoRe stays for More

    Realistic programming language. • It has two data types that are called addresses and integers with implicit type casting in2ad from integers to addresses. 14.11.2014 TMPA-2014: Alias Calculus 11

12. Addresses in MoRe • Address data type is any (finite

    or infinite) set of values ADR with constants denoted “0” and “1”, operations denoted “+” and “–” such that (ADR, 0, 1, +, –) is a commutative additive semi-group with decidable first-order theory TADR. 14.11.2014 TMPA-2014: Alias Calculus 12

13. Examples of Legal Address Types • Zm , the ring

    of residuals modulo any particular fixed positive m, • Presburger arithmetic, etc. 14.11.2014 TMPA-2014: Alias Calculus 13

14. Integers in MoRe • Integer data type in MoRe is

    any (finite or infinite) set of (mathematical) integers INT with standard constants 0 and 1, standard operations “+”, “–”, “*”, “/” and implicit computable surjective homomorphical type- casting function in2ad : (INT, 0, 1, +, –)  (ADR, 0, 1, +, –) . 14.11.2014 TMPA-2014: Alias Calculus 14

15. MoRe Syntax 14.11.2014 TMPA-2014: Alias Calculus 15

16. Structural Operational Semantics • MoRe SOS uses (memory) model consisting

    of two disjoint parts: a static memory (conventionally) called stack and dynamic memory (conventionally) called heap. 14.11.2014 TMPA-2014: Alias Calculus 16

17. Structural Operational Semantics • State is a pair of mappings

    s=(st, hp) where • state of the stack st: V  INT is a partial mapping (with finite domain) from variables V to integers INT (understood as their values), • state of the heap hp: ADR  INT i.e. a partial mapping with finite domain from addresses ADR to integers INT (understood as referenced values). 14.11.2014 TMPA-2014: Alias Calculus 17

18. Structural Operational Semantics • MoRe SOS is axiomatic system for

    triples s s where s is a state, s is a state or an exception abort, and  is a program. • Intuition behind this triple follows: program converts input state into output state (that may be exception). 14.11.2014 TMPA-2014: Alias Calculus 18

19. Structural Operational Semantics • SOS inference rules are syntax-driven and

    have the following form: 14.11.2014 TMPA-2014: Alias Calculus 19

20. Sample SOS Rule: static array in dynamic memory • If

    –xdom(st), –addresses in2ad(l), … in2ad(l+k) are disjoint, –in2ad(l), … in2ad(l+k)dom(hp) then 14.11.2014 TMPA-2014: Alias Calculus 20

21. Alias Calculus for MoRe • A configuration is a quadruple

    Cnf=(I, A, S) consisting of –a sets of address variables, –a set of address expressions , –a finite set S of pairs of synonyms and antonyms (with variables in I) that has a solution as a system of equalities and inequalities in (ADR, 0, 1, +, –), i.e. that is consistent with theory TADR . 14.11.2014 TMPA-2014: Alias Calculus 21

22. Alias Calculus for MoRe • Informally speaking in Cnf=(I, A,

    S) –the set I is for initialized address variables, –the set A is for address expressions that points onto allocated memory, –the set S is a system of equations and inequalities to specify what expressions may be aliases and what can’t be. 14.11.2014 TMPA-2014: Alias Calculus 22

23. Sample Rule of Alias Calculus: assignment • Let Cnfx:=t be

    (Ix:=t , Ax:=t , Sx:=t ) where 14.11.2014 TMPA-2014: Alias Calculus 23

24. Main Result • The alias calculus for programming language MoRe

    is safe in the following sense: • Theorem: Let D be any alias distribution,  be any MoRe-program and s=(st, hp) be any state such that st╞D; if s=(st,hp) is a state such that s<>s then st╞aft(D,). 14.11.2014 TMPA-2014: Alias Calculus 24

25. Conclusion • Equation based alias calculus for a model programming

    language with dynamic memory and decidable address arithmetic was developed. • The calculus can be used for control-flow insensitive safe alias analysis of MoRe programs but for practical applications the language must be much more realistic. 14.11.2014 TMPA-2014: Alias Calculus 25

26. 14.11.2014 TMPA-2014: Alias Calculus 26 Thank You For Your Attention!

    Questions?