8,044 research outputs found
Generalized Points-to Graphs: A New Abstraction of Memory in the Presence of Pointers
Flow- and context-sensitive points-to analysis is difficult to scale; for
top-down approaches, the problem centers on repeated analysis of the same
procedure; for bottom-up approaches, the abstractions used to represent
procedure summaries have not scaled while preserving precision.
We propose a novel abstraction called the Generalized Points-to Graph (GPG)
which views points-to relations as memory updates and generalizes them using
the counts of indirection levels leaving the unknown pointees implicit. This
allows us to construct GPGs as compact representations of bottom-up procedure
summaries in terms of memory updates and control flow between them. Their
compactness is ensured by the following optimizations: strength reduction
reduces the indirection levels, redundancy elimination removes redundant memory
updates and minimizes control flow (without over-approximating data dependence
between memory updates), and call inlining enhances the opportunities of these
optimizations. We devise novel operations and data flow analyses for these
optimizations.
Our quest for scalability of points-to analysis leads to the following
insight: The real killer of scalability in program analysis is not the amount
of data but the amount of control flow that it may be subjected to in search of
precision. The effectiveness of GPGs lies in the fact that they discard as much
control flow as possible without losing precision (i.e., by preserving data
dependence without over-approximation). This is the reason why the GPGs are
very small even for main procedures that contain the effect of the entire
program. This allows our implementation to scale to 158kLoC for C programs
On the Complexity and Performance of Parsing with Derivatives
Current algorithms for context-free parsing inflict a trade-off between ease
of understanding, ease of implementation, theoretical complexity, and practical
performance. No algorithm achieves all of these properties simultaneously.
Might et al. (2011) introduced parsing with derivatives, which handles
arbitrary context-free grammars while being both easy to understand and simple
to implement. Despite much initial enthusiasm and a multitude of independent
implementations, its worst-case complexity has never been proven to be better
than exponential. In fact, high-level arguments claiming it is fundamentally
exponential have been advanced and even accepted as part of the folklore.
Performance ended up being sluggish in practice, and this sluggishness was
taken as informal evidence of exponentiality.
In this paper, we reexamine the performance of parsing with derivatives. We
have discovered that it is not exponential but, in fact, cubic. Moreover,
simple (though perhaps not obvious) modifications to the implementation by
Might et al. (2011) lead to an implementation that is not only easy to
understand but also highly performant in practice.Comment: 13 pages; 12 figures; implementation at
http://bitbucket.org/ucombinator/parsing-with-derivatives/ ; published in
PLDI '16, Proceedings of the 37th ACM SIGPLAN Conference on Programming
Language Design and Implementation, June 13 - 17, 2016, Santa Barbara, CA,
US
Expression-based aliasing for OO-languages
Alias analysis has been an interesting research topic in verification and
optimization of programs. The undecidability of determining whether two
expressions in a program may reference to the same object is the main source of
the challenges raised in alias analysis. In this paper we propose an extension
of a previously introduced alias calculus based on program expressions, to the
setting of unbounded program executions s.a. infinite loops and recursive
calls. Moreover, we devise a corresponding executable specification in the
K-framework. An important property of our extension is that, in a
non-concurrent setting, the corresponding alias expressions can be
over-approximated in terms of a notion of regular expressions. This further
enables us to show that the associated K-machinery implements an algorithm that
always stops and provides a sound over-approximation of the "may aliasing"
information, where soundness stands for the lack of false negatives. As a case
study, we analyze the integration and further applications of the alias
calculus in SCOOP. The latter is an object-oriented programming model for
concurrency, recently formalized in Maude; K-definitions can be compiled into
Maude for execution
Improving Prolog Programs: Refactoring for Prolog
Refactoring is an established technique from the OO-community to restructure
code: it aims at improving software readability, maintainability and
extensibility. Although refactoring is not tied to the OO-paradigm in
particular, its ideas have not been applied to Logic Programming until now.
This paper applies the ideas of refactoring to Prolog programs. A catalogue
is presented listing refactorings classified according to scope. Some of the
refactorings have been adapted from the OO-paradigm, while others have been
specifically designed for Prolog. Also the discrepancy between intended and
operational semantics in Prolog is addressed by some of the refactorings.
In addition, ViPReSS, a semi-automatic refactoring browser, is discussed and
the experience with applying \vipress to a large Prolog legacy system is
reported. Our main conclusion is that refactoring is not only a viable
technique in Prolog but also a rather desirable one.Comment: To appear in ICLP 200
Mace4 Reference Manual and Guide
Mace4 is a program that searches for finite models of first-order formulas.
For a given domain size, all instances of the formulas over the domain are
constructed. The result is a set of ground clauses with equality. Then, a
decision procedure based on ground equational rewriting is applied. If
satisfiability is detected, one or more models are printed. Mace4 is a useful
complement to first-order theorem provers, with the prover searching for proofs
and Mace4 looking for countermodels, and it is useful for work on finite
algebras. Mace4 performs better on equational problems than did our previous
model-searching program Mace2.Comment: 17 page
Simple and Effective Type Check Removal through Lazy Basic Block Versioning
Dynamically typed programming languages such as JavaScript and Python defer
type checking to run time. In order to maximize performance, dynamic language
VM implementations must attempt to eliminate redundant dynamic type checks.
However, type inference analyses are often costly and involve tradeoffs between
compilation time and resulting precision. This has lead to the creation of
increasingly complex multi-tiered VM architectures.
This paper introduces lazy basic block versioning, a simple JIT compilation
technique which effectively removes redundant type checks from critical code
paths. This novel approach lazily generates type-specialized versions of basic
blocks on-the-fly while propagating context-dependent type information. This
does not require the use of costly program analyses, is not restricted by the
precision limitations of traditional type analyses and avoids the
implementation complexity of speculative optimization techniques.
We have implemented intraprocedural lazy basic block versioning in a
JavaScript JIT compiler. This approach is compared with a classical flow-based
type analysis. Lazy basic block versioning performs as well or better on all
benchmarks. On average, 71% of type tests are eliminated, yielding speedups of
up to 50%. We also show that our implementation generates more efficient
machine code than TraceMonkey, a tracing JIT compiler for JavaScript, on
several benchmarks. The combination of implementation simplicity, low
algorithmic complexity and good run time performance makes basic block
versioning attractive for baseline JIT compilers
- …