Demand-driven pointer analysis

Heintze, Nevin; Tardieu, Olivier

doi:10.1145/378795.378802

Cited by 107 publications

(55 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The rules in Figure 3 are similar to the inference rules for demand driven analysis in [19]. The mode based specialization presented here is straightforward.…”

Section: Demand-driven Pointer Analysismentioning

confidence: 99%

“…To simplify our presentation, we assume that the program is decomposed to a set of primitive assignment statements of the following form: Figure 1 shows the points-to analysis rules for each assignment statements (from [19]). In the figure x −→ y denotes that x may point to y.…”

Section: A Deductive Formulation Of Pointer Analysismentioning

confidence: 99%

“…Among the many works on points-to analysis, Heintze and Tardieu [20,19] encode flow-insensitive and context-insensitive subset-based pointer analysis due to Anderson [3] using deductive rules. Our encoding in Section 2 follows [19].…”

Section: Related Workmentioning

confidence: 99%

“…Our encoding in Section 2 follows [19]. We derive demanddriven as well as incremental analyses directly based on these rules.…”

Section: Related Workmentioning

confidence: 99%

See 3 more Smart Citations

Incremental and demand-driven points-to analysis using logic programming

Saha

Ramakrishnan

2005

Proceedings of the 7th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming

View full text Add to dashboard Cite

Several program analysis problems can be cast elegantly as a logic program. In this paper we show how recently-developed techniques for incremental evaluation of logic programs can be refined and used for deriving practical implementations of incremental program analyzers. Incremental program analyzers compute the changes to the analysis information due to small changes in the input program rather than re-analyzing the program. Demand-driven analyzers compute only the information requested by the client analysis/optimization. We describe a framework based on logic programming for implementing program analyses that combines incremental and demand driven techniques. We show the effectiveness of this approach by building a practical incremental and demanddriven context insensitive points-to analysis and evaluating this implementation for analyzing C programs with 10-70K lines of code. Experiments show that our technique can compute the changes to analysis information due to small changes in the input program in, on the average, 6% of the time it takes to reanalyze the program from scratch, and with little space overhead.

show abstract

“…The rules in Figure 3 are similar to the inference rules for demand driven analysis in [19]. The mode based specialization presented here is straightforward.…”

Section: Demand-driven Pointer Analysismentioning

confidence: 99%

Section: A Deductive Formulation Of Pointer Analysismentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

“…Our encoding in Section 2 follows [19]. We derive demanddriven as well as incremental analyses directly based on these rules.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Incremental and demand-driven points-to analysis using logic programming

Saha

Ramakrishnan

2005

Proceedings of the 7th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming

View full text Add to dashboard Cite

show abstract

“…Since this relationship can describe the flow of information inside the program, so many analysts use it to analyze the security problem. The points-to relationship is widely used in the dataflow analysis [12,13]. SPARK [14] does a lot of work in points-to analysis, but it aims to optimize the performance of the program, so its definition of the start of points-to relationship dose not meets the security analysis.…”

Section: Related Workmentioning

confidence: 99%

The Vulnerability Analysis Framework for Java Bytecode

Hong¹,

Chen²,

Zhao³

et al. 2009

2009 15th International Conference on Parallel and Distributed Systems

View full text Add to dashboard Cite

Since Java web applications are used widely in Internet today, the security of it becomes an outstanding problem. The attacks, including SQL injection attack, XSS attack, and etc, are great challenges for the Java application. This paper presents the vulnerability analysis framework to detect the security hole in the Java web applications. The framework combines the techniques of the static points-to dataflow analysis, the dynamical instrument and the fuzzing test. With the cooperation of these static and dynamical analysis techniques, it can improve the efficiency and accuracy of the analysis and lower the false positive rate.

show abstract