Efficient Pointer Analysis of Java in Logic

Points-to analysis for Java benefits greatly from context sensitivity. CFL-reachability and k-limited context strings are two approaches to obtaining context sensitivity with different advantages: CFL-reachability allows local reasoning about data value flow and thus is suitable for demand-driven analyses, whereas k-limited analyses allow object sensitivity which is a superior calling-context abstraction for object-oriented languages. We combine the advantages of both approaches to obtain a context-sensitive analysis that is as precise as k-limited context strings, but is more efficient to compute. Our key insight is based on a novel abstraction of contexts adapted from CFL-reachability, which represents a relation between two calling contexts as a composition of transformations over contexts. We formulate pointer analysis in an algebraic structure of context transformations, which is a set of functions over calling contexts closed under function composition. We show that the context representation of context-string-based analyses is an explicit enumeration of all input and output values of context transformations. CFL-reachability-based pointer analysis is formulated to use call strings as contexts, but the context transformations concept can be applied to any context abstraction used in k-limited analyses, including object- and type-sensitive analysis. The result is a more efficient algorithm for computing context-sensitive pointer information for a wide variety of context configurations

Set-Based Pre-Processing for Points-To Analysis

We present set-based pre-analysis: a virtually universal op- timization technique for flow-insensitive points-to analysis. Points-to analysis computes a static abstraction of how ob- ject values flow through a program’s variables. Set-based pre-analysis relies on the observation that much of this rea- soning can take place at the set level rather than the value level. Computing constraints at the set level results in sig- nificant optimization opportunities: we can rewrite the in- put program into a simplified form with the same essential points-to properties. This rewrite results in removing both local variables and instructions, thus simplifying the sub- sequent value-based points-to computation. E ectively, set- based pre-analysis puts the program in a normal form opti- mized for points-to analysis. Compared to other techniques for o -line optimization of points-to analyses in the literature, the new elements of our approach are the ability to eliminate statements, and not just variables, as well as its modularity: set-based pre-analysis can be performed on the input just once, e.g., allowing the pre-optimization of libraries that are subsequently reused many times and for di erent analyses. In experiments with Java programs, set-based pre-analysis eliminates 30% of the program’s local variables and 30% or more of computed context-sensitive points-to facts, over a wide set of bench- marks and analyses, resulting in a 20% average speedup (max: 110%, median: 18%)

Precise Null Pointer Analysis Through Global Value Numbering

Precise analysis of pointer information plays an important role in many static analysis techniques and tools today. The precision, however, must be balanced against the scalability of the analysis. This paper focusses on improving the precision of standard context and flow insensitive alias analysis algorithms at a low scalability cost. In particular, we present a semantics-preserving program transformation that drastically improves the precision of existing analyses when deciding if a pointer can alias NULL. Our program transformation is based on Global Value Numbering, a scheme inspired from compiler optimizations literature. It allows even a flow-insensitive analysis to make use of branch conditions such as checking if a pointer is NULL and gain precision. We perform experiments on real-world code to measure the overhead in performing the transformation and the improvement in the precision of the analysis. We show that the precision improves from 86.56% to 98.05%, while the overhead is insignificant.Comment: 17 pages, 1 section in Appendi

What is "system": some decoherence-theory arguments

We discuss the possibility of making the {\it initial} definitions of mutually different (possibly interacting, or even entangled) systems in the context of decoherence theory. We point out relativity of the concept of elementary physical system as well as point out complementarity of the different possible divisions of a composite system into "subsystems", thus eventually sharpening the issue of 'what is system'.Comment: 9 pages, no figure