Pointer Analysis in 10 Rules

Transcript

1. POINTER ANALYSIS EVERYTHING YOU NEED TO KNOW ABOUT 10 RULES

   George Kastrinis ~ University of Athens ~ PLAST lab

2. BASED ON WORK FROM • “Efficient and Effective Handling of

   Exceptions in Java Points-To Analysis” Kastrinis G., Smaragdakis Y. (CC'13) • “Pick Your Contexts Well: Understanding Object-Sensitivity” Smaragdakis Y., Bravenboer M., Lhoták O. (POPL'11) • “Strictly Declarative Specification of Sophisticated Points-to Analyses” Bravenboer M., Smaragdakis Y. (OOPSLA'09) University of Athens ~ PL lab (PLAST) Yannis Smaragdakis George Kastrinis George Balatsouras Aggelos Biboudis Kostas Ferles George Kollias Prodromos Gerakios George Kastrinis ~ University of Athens ~ PLAST lab

3. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? George

   Kastrinis ~ University of Athens ~ PLAST lab

4. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

   foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } George Kastrinis ~ University of Athens ~ PLAST lab

5. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

   foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → George Kastrinis ~ University of Athens ~ PLAST lab

6. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

   foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → Represent objects as allocation sites George Kastrinis ~ University of Athens ~ PLAST lab

7. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

   foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a new A1(), new A2() → George Kastrinis ~ University of Athens ~ PLAST lab

8. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

   foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a new A1(), new A2() → foo::b new A1(), new A2() → bar::b new A1(), new A2() → George Kastrinis ~ University of Athens ~ PLAST lab

9. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

   foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a new A1(), new A2() → foo::b new A1(), new A2() → bar::b new A1(), new A2() → Not the most precise, right? George Kastrinis ~ University of Athens ~ PLAST lab

10. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

    foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a new A1(), new A2() → George Kastrinis ~ University of Athens ~ PLAST lab

11. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

    foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a new A1(), new A2() → Add “context” to variables George Kastrinis ~ University of Athens ~ PLAST lab

12. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

    foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a (foo) new A1() → id::a (bar) new A2() → Add “context” to variables George Kastrinis ~ University of Athens ~ PLAST lab

13. IN SHORT: WHAT OBJECTS CAN A VARIABLE POINT TO? void

    foo() { a = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a (foo) new A1() → id::a (bar) new A2() → foo::b new A1() → bar::b new A2() → Add “context” to variables George Kastrinis ~ University of Athens ~ PLAST lab

14. 10 RULES? NO ALGORITHMS? George Kastrinis ~ University of Athens

    ~ PLAST lab

15. 10 RULES? NO ALGORITHMS? Using Datalog George Kastrinis ~ University

    of Athens ~ PLAST lab

16. 10 RULES? NO ALGORITHMS? Using Datalog Purely declarative George Kastrinis

    ~ University of Athens ~ PLAST lab

17. de·clar·a·tive /di kle( )r tiv/ ˈ ə ə Computing denoting

    high-level programming languages which can be used to solve problems without requiring the programmer to specify an exact procedure to be followed. Adjective ~ Oxford dictionaries George Kastrinis ~ University of Athens ~ PLAST lab

18. de·clar·a·tive /di kle( )r tiv/ ˈ ə ə Computing denoting

    high-level programming languages which can be used to solve problems without requiring the programmer to specify an exact procedure to be followed. Adjective ~ Oxford dictionaries From algorithms to specifications George Kastrinis ~ University of Athens ~ PLAST lab

19. Datalog Rules INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). George Kastrinis ~ University of Athens ~ PLAST lab

20. Datalog Rules INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). head George Kastrinis ~ University of Athens ~ PLAST lab

21. Datalog Rules INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). body George Kastrinis ~ University of Athens ~ PLAST lab

22. Datalog Rules INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). Output relations in red George Kastrinis ~ University of Athens ~ PLAST lab

23. Datalog Rules INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). Input relations in blue George Kastrinis ~ University of Athens ~ PLAST lab

24. Datalog Rules INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). #1 meth(..,from,..) George Kastrinis ~ University of Athens ~ PLAST lab

25. Datalog Rules #1 invo: meth(..,from,..) meth(..,to,..) { ... } callerCtx

    calleeCtx INTERPROCASSIGN(to, calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth, calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). meth(..,from,..) George Kastrinis ~ University of Athens ~ PLAST lab

26. Datalog Rules #1 invo: meth(..,from,..) meth(..,to,..) { ... } INTERPROCASSIGN(to,

    calleeCtx, from, callerCtx) ← CALLGRAPH(invo, callerCtx, meth, calleeCtx), ACTUALARG(invo, i, from), FORMALARG(meth, i, to). meth(..,from,..) callerCtx calleeCtx George Kastrinis ~ University of Athens ~ PLAST lab

27. Datalog Rules INTERPROCASSIGN(to, callerCtx, from, calleeCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALRETURN(invo, to), FORMALRETURN(meth, from). #2 to = meth(..) George Kastrinis ~ University of Athens ~ PLAST lab

28. Datalog Rules INTERPROCASSIGN(to, callerCtx, from, calleeCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALRETURN(invo, to), FORMALRETURN(meth, from). #2 to = meth(..) invo: to = meth(..) meth(..) { .. return from; } callerCtx calleeCtx George Kastrinis ~ University of Athens ~ PLAST lab

29. Datalog Rules INTERPROCASSIGN(to, callerCtx, from, calleeCtx) ← CALLGRAPH(invo, callerCtx, meth,

    calleeCtx), ACTUALRETURN(invo, to), FORMALRETURN(meth, from). #2 to = meth(..) invo: to = meth(..) meth(..) { .. return from; } calleeCtx callerCtx George Kastrinis ~ University of Athens ~ PLAST lab

30. Datalog Rules RECORD(heap, ctx) = hctx, VARPOINTSTO(var, ctx, heap, hctx)

    ← REACHABLE(meth, ctx), ALLOC(var, heap, meth). #3 var = new A() George Kastrinis ~ University of Athens ~ PLAST lab

31. Datalog Rules RECORD(heap, ctx) = hctx, VARPOINTSTO(var, ctx, heap, hctx)

    ← REACHABLE(meth, ctx), ALLOC(var, heap, meth). #3 var = new A() meth var = new A(); ctx heap George Kastrinis ~ University of Athens ~ PLAST lab

32. Datalog Rules RECORD(heap, ctx) = hctx, VARPOINTSTO(var, ctx, heap, hctx)

    ← REACHABLE(meth, ctx), ALLOC(var, heap, meth). #3 var = new A() meth var = new A(); heap hctx new context! ctx George Kastrinis ~ University of Athens ~ PLAST lab

33. Datalog Rules RECORD(heap, ctx) = hctx, VARPOINTSTO(var, ctx, heap, hctx)

    ← REACHABLE(meth, ctx), ALLOC(var, heap, meth). #3 var = new A() meth var = new A(); heap hctx ctx George Kastrinis ~ University of Athens ~ PLAST lab

34. Datalog Rules VARPOINTSTO(to, ctx, heap, hctx) ← VARPOINTSTO(from, ctx, heap,

    hctx), MOVE(to, from). #4 to = from George Kastrinis ~ University of Athens ~ PLAST lab

35. Datalog Rules VARPOINTSTO(to, ctx, heap, hctx) ← VARPOINTSTO(from, ctx, heap,

    hctx), MOVE(to, from). #4 to = from heap hctx from ctx George Kastrinis ~ University of Athens ~ PLAST lab

36. Datalog Rules VARPOINTSTO(to, ctx, heap, hctx) ← VARPOINTSTO(from, ctx, heap,

    hctx), MOVE(to, from). #4 to = from heap hctx from ctx to George Kastrinis ~ University of Athens ~ PLAST lab

37. Datalog Rules VARPOINTSTO(to, ctx, heap, hctx) ← VARPOINTSTO(from, ctx, heap,

    hctx), MOVE(to, from). #4 to = from heap hctx from ctx to ctx George Kastrinis ~ University of Athens ~ PLAST lab

38. Datalog Rules VARPOINTSTO(to, ctx, heap, hctx) ← VARPOINTSTO(from, ctx, heap,

    hctx), MOVE(to, from). #4 to = from Recursion! George Kastrinis ~ University of Athens ~ PLAST lab

39. Datalog Rules #5 to ≈ from VARPOINTSTO(to, toCtx, heap, hctx)

    ← INTERPROCASSIGN(to, toCtx, from, fromCtx), VARPOINTSTO(from, fromCtx, heap, hctx). George Kastrinis ~ University of Athens ~ PLAST lab

40. Datalog Rules #5 to ≈ from VARPOINTSTO(to, toCtx, heap, hctx)

    ← INTERPROCASSIGN(to, toCtx, from, fromCtx), VARPOINTSTO(from, fromCtx, heap, hctx). from fromCtx to toCtx George Kastrinis ~ University of Athens ~ PLAST lab

41. Datalog Rules #5 to ≈ from VARPOINTSTO(to, toCtx, heap, hctx)

    ← INTERPROCASSIGN(to, toCtx, from, fromCtx), VARPOINTSTO(from, fromCtx, heap, hctx). from fromCtx to toCtx heap hctx George Kastrinis ~ University of Athens ~ PLAST lab

42. Datalog Rules #5 to ≈ from VARPOINTSTO(to, toCtx, heap, hctx)

    ← INTERPROCASSIGN(to, toCtx, from, fromCtx), VARPOINTSTO(from, fromCtx, heap, hctx). from fromCtx to toCtx heap hctx George Kastrinis ~ University of Athens ~ PLAST lab

43. Datalog Rules #6 base.fld = from FLDPOINTSTO(baseH, baseHCtx, fld, heap,

    hctx) ← VARPOINTSTO(from, ctx, heap, hctx), STORE(base, fld, from), VARPOINTSTO(base, ctx, baseH, baseHCtx). George Kastrinis ~ University of Athens ~ PLAST lab

44. Datalog Rules #6 base.fld = from heap hctx from ctx

    FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx) ← VARPOINTSTO(from, ctx, heap, hctx), STORE(base, fld, from), VARPOINTSTO(base, ctx, baseH, baseHCtx). George Kastrinis ~ University of Athens ~ PLAST lab

45. Datalog Rules #6 base.fld = from heap hctx from ctx

    base ctx FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx) ← VARPOINTSTO(from, ctx, heap, hctx), STORE(base, fld, from), VARPOINTSTO(base, ctx, baseH, baseHCtx). fld George Kastrinis ~ University of Athens ~ PLAST lab

46. Datalog Rules #6 base.fld = from heap hctx from ctx

    base ctx FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx) ← VARPOINTSTO(from, ctx, heap, hctx), STORE(base, fld, from), VARPOINTSTO(base, ctx, baseH, baseHCtx). fld baseH baseHCtx George Kastrinis ~ University of Athens ~ PLAST lab

47. Datalog Rules #6 base.fld = from heap hctx from ctx

    base ctx FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx) ← VARPOINTSTO(from, ctx, heap, hctx), STORE(base, fld, from), VARPOINTSTO(base, ctx, baseH, baseHCtx). fld baseH baseHCtx fld George Kastrinis ~ University of Athens ~ PLAST lab

48. Datalog Rules #7 to = base.fld VARPOINTSTO(to, ctx, heap, hctx)

    ← VARPOINTSTO(base, ctx, baseH, baseHCtx), FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx), LOAD(to, base, fld). George Kastrinis ~ University of Athens ~ PLAST lab

49. Datalog Rules #7 to = base.fld VARPOINTSTO(to, ctx, heap, hctx)

    ← VARPOINTSTO(base, ctx, baseH, baseHCtx), FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx), LOAD(to, base, fld). base ctx baseH baseHCtx George Kastrinis ~ University of Athens ~ PLAST lab

50. Datalog Rules #7 to = base.fld VARPOINTSTO(to, ctx, heap, hctx)

    ← VARPOINTSTO(base, ctx, baseH, baseHCtx), FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx), LOAD(to, base, fld). base ctx baseH baseHCtx fld heap hctx George Kastrinis ~ University of Athens ~ PLAST lab

51. Datalog Rules #7 to = base.fld VARPOINTSTO(to, ctx, heap, hctx)

    ← VARPOINTSTO(base, ctx, baseH, baseHCtx), FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx), LOAD(to, base, fld). base ctx baseH baseHCtx fld heap hctx to fld George Kastrinis ~ University of Athens ~ PLAST lab

52. Datalog Rules #7 to = base.fld VARPOINTSTO(to, ctx, heap, hctx)

    ← VARPOINTSTO(base, ctx, baseH, baseHCtx), FLDPOINTSTO(baseH, baseHCtx, fld, heap, hctx), LOAD(to, base, fld). base ctx baseH baseHCtx fld to fld ctx heap hctx George Kastrinis ~ University of Athens ~ PLAST lab

53. Datalog Rules #8 A::toMeth() MERGESTATIC(invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx),

    CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← SCALL(toMeth, invo, inMeth), REACHABLE(inMeth, callerCtx). George Kastrinis ~ University of Athens ~ PLAST lab

54. Datalog Rules #8 A::toMeth() MERGESTATIC(invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx),

    CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← SCALL(toMeth, invo, inMeth), REACHABLE(inMeth, callerCtx). invo: A::toMeth(..) inMeth callerCtx toMeth George Kastrinis ~ University of Athens ~ PLAST lab

55. Datalog Rules #8 A::toMeth() MERGESTATIC(invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx),

    CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← SCALL(toMeth, invo, inMeth), REACHABLE(inMeth, callerCtx). invo: A::toMeth(..) inMeth callerCtx toMeth callerCtx new context! George Kastrinis ~ University of Athens ~ PLAST lab

56. Datalog Rules #8 A::toMeth() MERGESTATIC(invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx),

    CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← SCALL(toMeth, invo, inMeth), REACHABLE(inMeth, callerCtx). invo: A::toMeth(..) inMeth callerCtx toMeth calleeCtx George Kastrinis ~ University of Athens ~ PLAST lab

57. Datalog Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth,

    calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! George Kastrinis ~ University of Athens ~ PLAST lab

58. Datalog Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth,

    calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! invo: base.sig(..) inMeth callerCtx George Kastrinis ~ University of Athens ~ PLAST lab

59. George Kastrinis ~ University of Athens ~ PLAST lab Datalog

    Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! invo: base.sig(..) inMeth callerCtx heap hctx

60. George Kastrinis ~ University of Athens ~ PLAST lab Datalog

    Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! invo: base.sig(..) inMeth callerCtx heap hctx this toMeth

61. George Kastrinis ~ University of Athens ~ PLAST lab Datalog

    Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! invo: base.sig(..) inMeth callerCtx heap hctx this toMeth calleeCtx new context!

62. George Kastrinis ~ University of Athens ~ PLAST lab Datalog

    Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! invo: base.sig(..) inMeth callerCtx heap hctx this toMeth calleeCtx

63. George Kastrinis ~ University of Athens ~ PLAST lab Datalog

    Rules #9 MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). base.sig(..) ! ! invo: base.sig(..) inMeth callerCtx heap hctx this toMeth calleeCtx

64. Datalog Rules #10 George Kastrinis ~ University of Athens ~

    PLAST lab

65. Datalog Rules #10 9 RULES ARE ENOUGH! George Kastrinis ~

    University of Athens ~ PLAST lab

66. Variety of Analyses George Kastrinis ~ University of Athens ~

    PLAST lab

67. Variety of Analyses Just alter the definition of “context” George

    Kastrinis ~ University of Athens ~ PLAST lab

68. LET'S RECALL WHERE CONTEXTS ARE CREATED George Kastrinis ~ University

    of Athens ~ PLAST lab

69. RECORD(heap, ctx) = hctx, VARPOINTSTO(var, ctx, heap, hctx) ← REACHABLE(meth,

    ctx), ALLOC(var, heap, meth). MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). MERGESTATIC(invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← SCALL(toMeth, invo, inMeth), REACHABLE(inMeth, callerCtx). #3 #8 #9 LET'S RECALL WHERE CONTEXTS ARE CREATED George Kastrinis ~ University of Athens ~ PLAST lab

70. RECORD(heap, ctx) = hctx, VARPOINTSTO(var, ctx, heap, hctx) ← REACHABLE(meth,

    ctx), ALLOC(var, heap, meth). MERGE(heap, hctx, invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), VARPOINTSTO(this, calleeCtx, heap, hctx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← REACHABLE(inMeth, callerCtx), VCALL(base, sig, invo, inMeth), VARPOINTSTO(base, callerCtx, heap, hctx), HEAPTYPE(heap, heapT), LOOKUP(heapT, sig, toMeth), THISVAR(toMeth, this). MERGESTATIC(invo, callerCtx) = calleeCtx, REACHABLE(toMeth, calleeCtx), CALLGRAPH(invo, callerCtx, toMeth, calleeCtx) ← SCALL(toMeth, invo, inMeth), REACHABLE(inMeth, callerCtx). #3 #8 #9 LET'S RECALL WHERE CONTEXTS ARE CREATED George Kastrinis ~ University of Athens ~ PLAST lab Method invocation Object allocation

71. CONTEXT INSENSITIVE IGNORE CONTEXT ALTOGETHER George Kastrinis ~ University of

    Athens ~ PLAST lab

72. CONTEXT INSENSITIVE IGNORE CONTEXT ALTOGETHER void foo() { a =

    new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a new A1(), new A2() → foo::b new A1(), new A2() → bar::b new A1(), new A2() → George Kastrinis ~ University of Athens ~ PLAST lab

73. CONTEXT INSENSITIVE IGNORE CONTEXT ALTOGETHER RECORD(heap, ctx) = * MERGE(heap,

    hctx, invo, callerCtx) = * MERGESTATIC(invo, callerCtx) = * Use a single context everywhere! George Kastrinis ~ University of Athens ~ PLAST lab

74. CALL-SITE SENSITIVITY USE CALL-SITES AS CONTEXTS George Kastrinis ~ University

    of Athens ~ PLAST lab

75. CALL-SITE SENSITIVITY USE CALL-SITES AS CONTEXTS void foo() { a

    = new A1(); b = id(a); } void bar() { a = new A2(); b = id(a); } A id(A a) { return a; } foo::a new A1() → bar::a new A2() → id::a (inv1) new A1() → id::a (inv2) new A2() → foo::b new A1() → bar::b new A2() → inv1 inv2 George Kastrinis ~ University of Athens ~ PLAST lab

76. 1-CALL-SITE SENSITIVE Context's depth George Kastrinis ~ University of Athens

    ~ PLAST lab

77. 1-CALL-SITE SENSITIVE RECORD(heap, ctx) = * No context for heap

    abstractions George Kastrinis ~ University of Athens ~ PLAST lab

78. 1-CALL-SITE SENSITIVE RECORD(heap, ctx) = * MERGE(heap, hctx, invo, callerCtx)

    = invo MERGESTATIC(invo, callerCtx) = invo George Kastrinis ~ University of Athens ~ PLAST lab

79. 1-CALL-SITE SENSITIVE+1-HEAP Context sensitive heap abstractions George Kastrinis ~ University

    of Athens ~ PLAST lab

80. 1-CALL-SITE SENSITIVE+1-HEAP RECORD(heap, ctx) = ctx George Kastrinis ~ University

    of Athens ~ PLAST lab

81. 1-CALL-SITE SENSITIVE+1-HEAP RECORD(heap, ctx) = ctx MERGE(heap, hctx, invo, callerCtx)

    = invo MERGESTATIC(invo, callerCtx) = invo George Kastrinis ~ University of Athens ~ PLAST lab

82. OBJECT SENSITIVITY USE ALLOCATION-SITES AS CONTEXTS George Kastrinis ~ University

    of Athens ~ PLAST lab

83. OBJECT SENSITIVITY USE ALLOCATION-SITES AS CONTEXTS Based on the receiver

    object in a method call George Kastrinis ~ University of Athens ~ PLAST lab

84. OBJECT SENSITIVITY USE ALLOCATION-SITES AS CONTEXTS Really good for Object-Oriented

    languages George Kastrinis ~ University of Athens ~ PLAST lab

85. OBJECT SENSITIVITY USE ALLOCATION-SITES AS CONTEXTS class C { void

    meth(Object o) { ... } } class Client { void bar(C c1, C c2) { ... c1.meth(obj1); ... c2.meth(obj2); } } George Kastrinis ~ University of Athens ~ PLAST lab

86. OBJECT SENSITIVITY USE ALLOCATION-SITES AS CONTEXTS class C { void

    meth(Object o) { ... } } class Client { void bar(C c1, C c2) { ... c1.meth(obj1); ... c2.meth(obj2); } } #contexts for meth::o? George Kastrinis ~ University of Athens ~ PLAST lab

87. OBJECT SENSITIVITY USE ALLOCATION-SITES AS CONTEXTS class C { void

    meth(Object o) { ... } } class Client { void bar(C c1, C c2) { ... c1.meth(obj1); ... c2.meth(obj2); } } #contexts for meth::o? #objects (and which) c1 and c2 point to? George Kastrinis ~ University of Athens ~ PLAST lab

88. 1-OBJECT SENSITIVE RECORD(heap, ctx) = * No context for heap

    abstractions George Kastrinis ~ University of Athens ~ PLAST lab

89. 1-OBJECT SENSITIVE RECORD(heap, ctx) = * MERGE(heap, hctx, invo, callerCtx)

    = heap Use the allocation-site of the receiver object George Kastrinis ~ University of Athens ~ PLAST lab

90. 1-OBJECT SENSITIVE RECORD(heap, ctx) = * MERGE(heap, hctx, invo, callerCtx)

    = heap MERGESTATIC(invo, callerCtx) = ctx No receiver object to use! George Kastrinis ~ University of Athens ~ PLAST lab

91. 1-OBJECT SENSITIVE RECORD(heap, ctx) = * MERGE(heap, hctx, invo, callerCtx)

    = heap MERGESTATIC(invo, callerCtx) = ctx No receiver object to use! Copy context from caller George Kastrinis ~ University of Athens ~ PLAST lab

92. AND NOW? George Kastrinis ~ University of Athens ~ PLAST

    lab

93. AND NOW? • DIFFERENT CONTEXT DEPTHS George Kastrinis ~ University

    of Athens ~ PLAST lab

94. AND NOW? • DIFFERENT CONTEXT DEPTHS • ALTER DEFINITIONS OF

    RECORD AND MERGE George Kastrinis ~ University of Athens ~ PLAST lab

95. AND NOW? • DIFFERENT CONTEXT DEPTHS • ALTER DEFINITIONS OF

    RECORD AND MERGE • OTHER TYPES OF CONTEXT George Kastrinis ~ University of Athens ~ PLAST lab

96. AND NOW? • DIFFERENT CONTEXT DEPTHS • ALTER DEFINITIONS OF

    RECORD AND MERGE • OTHER TYPES OF CONTEXT • COMBINE DIFFERENT CONTEXTS George Kastrinis ~ University of Athens ~ PLAST lab

97. AND NOW? • DIFFERENT CONTEXT DEPTHS • ALTER DEFINITIONS OF

    RECORD AND MERGE • OTHER TYPES OF CONTEXT • COMBINE DIFFERENT CONTEXTS What to combine? Where? How? George Kastrinis ~ University of Athens ~ PLAST lab

98. 9 Rules 3 Context Functions x = ∞ Analyses RECAP

    George Kastrinis ~ University of Athens ~ PLAST lab

99. Hope you enjoyed! http://gkastrinis.info George Kastrinis •