ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Region-based shape analysis with tracked locations
Full text PdfPdf (206 KB)
Source Annual Symposium on Principles of Programming Languages archive
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages table of contents
Long Beach, California, USA
Pages: 310 - 323  
Year of Publication: 2005
ISBN:1-58113-830-X
Also published in ...
Authors
Brian Hackett  Cornell University, Ithaca, NY
Radu Rugina  Cornell University, Ithaca, NY
Sponsors
SIGPLAN: ACM Special Interest Group on Programming Languages
SIGACT: ACM Special Interest Group on Algorithms and Computation Theory
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 9,   Downloads (12 Months): 73,   Citation Count: 28
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1040305.1040331
What is a DOI?

ABSTRACT

This paper proposes a novel approach to shape analysis: using local reasoning about individual heap locations instead of global reasoning about entire heap abstractions. We present an inter-procedural shape analysis algorithm for languages with destructive updates. The key feature is a novel memory abstraction that differs from traditional abstractions in two ways. First, we build the shape abstraction and analysis on top of a pointer analysis. Second, we decompose the shape abstraction into a set of independent configurations, each of which characterizes one single heap location. Our approach: 1) leads to simpler algorithm specifications, because of local reasoning about the single location; 2) leads to efficient algorithms, because of the smaller granularity of the abstraction; and 3) makes it easier to develop context-sensitive, demand-driven, and incremental shape analyses.We also show that the analysis can be used to enable the static detection of memory errors in programs with explicit deallocation. We have built a prototype tool that detects memory leaks and accesses through dangling pointers in C programs. The experiments indicate that the analysis is sufficiently precise to detect errors with low false positive rates; and is sufficiently lightweight to scale to larger programs. For a set of three popular C programs, the tool has analyzed about 70K lines of code in less than 2 minutes and has produced 97 warnings, 38 of which were actual errors.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
S. Amarasinghe, J. Anderson, M. Lam, and C. Tseng. The SUIF compiler for scalable parallel machines. In Proceedings of the Eighth SIAM Conference on Parallel Processing for Scientific Computing, San Francisco, CA, February 1995.
2
Thomas Ball , Rupak Majumdar , Todd Millstein , Sriram K. Rajamani, Automatic predicate abstraction of C programs, Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation, p.203-213, June 2001, Snowbird, Utah, United States
3
Thomas Ball , Sriram K. Rajamani, The SLAM project: debugging system software via static analysis, Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.1-3, January 16-18, 2002, Portland, Oregon
 
4
William R. Bush , Jonathan D. Pincus , David J. Sielaff, A static analyzer for finding dynamic programming errors, Software—Practice & Experience, v.30 n.7, p.775-802, June 2000  [doi>10.1002/(SICI)1097-024X(200006)30:7<775::AID-SPE309>3.0.CO;2-H]
 
5
S. Chong and R. Rugina. Static analysis of accessed regions in recursive data structures. In Proceedings of the 10th International Static Analysis Symposium, San Diego, CA, June 2003.
6
Manuvir Das , Sorin Lerner , Mark Seigle, ESP: path-sensitive program verification in polynomial time, Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation, June 17-19, 2002, Berlin, Germany
7
Robert DeLine , Manuel Fähndrich, Enforcing high-level protocols in low-level software, Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation, p.59-69, June 2001, Snowbird, Utah, United States
 
8
Nurit Dor , Michael Rodeh , Shmuel Sagiv, Checking Cleanness in Linked Lists, Proceedings of the 7th International Symposium on Static Analysis, p.115-134, June 29-July 01, 2000
 
9
D. Engler, B. Chelf, A. Chou, and S. Hallem. Checking system rules using system-specific, programmer-written compiler extensions. In Proceedings of the SIGPLAN '02 Conference on Program Language Design and Implementation, Berlin, Germany, June 2002.
10
Manuel Fähndrich , Jakob Rehof , Manuvir Das, Scalable context-sensitive flow analysis using instantiation constraints, Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation, p.253-263, June 18-21, 2000, Vancouver, British Columbia, Canada
11
Rakesh Ghiya , Laurie J. Hendren, Is it a tree, a DAG, or a cyclic graph? A shape analysis for heap-directed pointers in C, Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.1-15, January 21-24, 1996, St. Petersburg Beach, Florida, United States  [doi>10.1145/237721.237724]
 
12
B. Hackett and R. Rugina. Region-based shape analysis with tracked locations. Technical Report TR2004-1968, Cornell University, October 2004.
 
13
R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the 1992 Winter Usenix Conference, January 1992.
14
Matthias Hauswirth , Trishul M. Chilimbi, Low-overhead memory leak detection using adaptive statistical profiling, Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, October 07-13, 2004, Boston, MA, USA
15
David L. Heine , Monica S. Lam, A practical flow-sensitive and context-sensitive C and C++ memory leak detector, Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation, June 09-11, 2003, San Diego, California, USA
16
Nevin Heintze , Olivier Tardieu, Demand-driven pointer analysis, Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation, p.24-34, June 2001, Snowbird, Utah, United States
17
Joseph Hummel , Laurie J. Hendren , Alexandru Nicolau, A general data dependence test for dynamic, pointer-based data structures, Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation, p.218-229, June 20-24, 1994, Orlando, Florida, United States
 
18
L. J. Hendren , A. Nicolau, Parallelizing Programs with Recursive Data Structures, IEEE Transactions on Parallel and Distributed Systems, v.1 n.1, p.35-47, January 1990  [doi>10.1109/71.80123]
19
Samin S. Ishtiaq , Peter W. O'Hearn, BI as an assertion language for mutable data structures, Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.14-26, January 2001, London, United Kingdom
 
20
B. Jeannet, A. Loginov, T. Reps, and M. Sagiv. A relational approach to interprocedural shape analysis. In Proceedings of the 11th International Static Analysis Symposium, Verona, Italy, August 2004.
21
Viktor Kuncak , Patrick Lam , Martin Rinard, Role analysis, Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.17-32, January 16-18, 2002, Portland, Oregon
22
Tal Lev-Ami , Thomas Reps , Mooly Sagiv , Reinhard Wilhelm, Putting static analysis to work for verification: A case study, Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis, p.26-38, August 21-24, 2000, Portland, Oregon, United States
 
23
Tal Lev-Ami , Shmuel Sagiv, TVLA: A System for Implementing Static Analyses, Proceedings of the 7th International Symposium on Static Analysis, p.280-301, June 29-July 01, 2000
24
Donglin Liang , Mary Jean Harrold, Efficient points-to analysis for whole-program analysis, Proceedings of the 7th European software engineering conference held jointly with the 7th ACM SIGSOFT international symposium on Foundations of software engineering, p.199-215, September 06-10, 1999, Toulouse, France
25
George C. Necula , Scott McPeak , Westley Weimer, CCured: type-safe retrofitting of legacy code, Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.128-139, January 16-18, 2002, Portland, Oregon
26
Peter W. O'Hearn , Hongseok Yang , John C. Reynolds, Separation and information hiding, Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.268-280, January 14-16, 2004, Venice, Italy
 
27
John C. Reynolds, Separation Logic: A Logic for Shared Mutable Data Structures, Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science, p.55-74, July 22-25, 2002
 
28
Noam Rinetzky , Shmuel Sagiv, Interprocedural Shape Analysis for Recursive Programs, Proceedings of the 10th International Conference on Compiler Construction, p.133-149, April 02-06, 2001
29
Mooly Sagiv , Thomas Reps , Reinhard Wilhelm, Solving shape-analysis problems in languages with destructive updating, ACM Transactions on Programming Languages and Systems (TOPLAS), v.20 n.1, p.1-50, Jan. 1998  [doi>10.1145/271510.271517]
30
Mooly Sagiv , Thomas Reps , Reinhard Wilhelm, Parametric shape analysis via 3-valued logic, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.105-118, January 20-22, 1999, San Antonio, Texas, United States  [doi>10.1145/292540.292552]
31
Mooly Sagiv , Thomas Reps , Reinhard Wilhelm, Parametric shape analysis via 3-valued logic, ACM Transactions on Programming Languages and Systems (TOPLAS), v.24 n.3, p.217-298, May 2002  [doi>10.1145/514188.514190]
32
Bjarne Steensgaard, Points-to analysis in almost linear time, Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.32-41, January 21-24, 1996, St. Petersburg Beach, Florida, United States  [doi>10.1145/237721.237727]
33
Frédéric Vivien , Martin Rinard, Incrementalized pointer and escape analysis, Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation, p.35-46, June 2001, Snowbird, Utah, United States
 
34
Reinhard Wilhelm , Shmuel Sagiv , Thomas W. Reps, Shape Analysis, Proceedings of the 9th International Conference on Compiler Construction, p.1-17, March 25-April 02, 2000
35
Eran Yahav, Verifying safety properties of concurrent Java programs using 3-valued logic, Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.27-40, January 2001, London, United Kingdom
36
Eran Yahav , G. Ramalingam, Verifying safety properties using separation and heterogeneous abstractions, Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation, June 09-11, 2004, Washington DC, USA

CITED BY  28
Easwaran Raman , David I. August, Recursive data structure profiling, Proceedings of the 2005 workshop on Memory system performance, June 12-12, 2005, Chicago, Illinois
Yichen Xie , Alex Aiken, Context- and path-sensitive memory leak detection, ACM SIGSOFT Software Engineering Notes, v.30 n.5, September 2005
Shuvendu K. Lahiri , Shaz Qadeer, Verifying properties of well-founded linked lists, ACM SIGPLAN Notices, v.41 n.1, p.115-126, January 2006
Gregory Kulczycki , Murali Sitaraman , Bruce W. Weide , Atanas Rountev, A specification-based approach to reasoning about pointers, ACM SIGSOFT Software Engineering Notes, v.31 n.2, March 2006
Dinakar Dhurjati , Sumant Kowshik , Vikram Adve, SAFECode: enforcing alias analysis for weakly typed languages, ACM SIGPLAN Notices, v.41 n.6, June 2006
Stephen J. Fink , Eran Yahav , Nurit Dor , G. Ramalingam , Emmanuel Geay, Effective typestate verification in the presence of aliasing, ACM Transactions on Software Engineering and Methodology (TOSEM), v.17 n.2, p.1-34, April 2008
Sigmund Cherem , Radu Rugina, Compile-time deallocation of individual objects, Proceedings of the 2006 international symposium on Memory management, June 10-11, 2006, Ottawa, Ontario, Canada
Trishul M. Chilimbi , Vinod Ganapathy, HeapMD: identifying heap-based bugs using anomaly detection, ACM SIGARCH Computer Architecture News, v.34 n.5, December 2006
David L. Heine , Monica S. Lam, Static detection of leaks in polymorphic containers, Proceeding of the 28th international conference on Software engineering, May 20-28, 2006, Shanghai, China
Sigmund Cherem , Lonnie Princehouse , Radu Rugina, Practical memory leak detection using guarded value-flow analysis, ACM SIGPLAN Notices, v.42 n.6, June 2007
Huu Hai Nguyen , Martin Rinard, Detecting and eliminating memory leaks using cyclic memory allocation, Proceedings of the 6th international symposium on Memory management, October 21-22, 2007, Montreal, Quebec, Canada
Yichen Xie , Alex Aiken, Saturn: A scalable framework for error detection using Boolean satisfiability, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.3, p.16-es, May 2007
Mark Marron , Darko Stefanovic , Manuel Hermenegildo , Deepak Kapur, Heap analysis in the presence of collection libraries, Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, p.31-36, June 13-14, 2007, San Diego, California, USA
Chris Lattner , Andrew Lenharth , Vikram Adve, Making context-sensitive points-to analysis with heap cloning practical for the real world, ACM SIGPLAN Notices, v.42 n.6, June 2007
Martin T. Vechev , Eran Yahav , David F. Bacon , Noam Rinetzky, CGCExplorer: a semi-automated search procedure for provably correct concurrent collectors, ACM SIGPLAN Notices, v.42 n.6, June 2007
Xi Wang , Zhilei Xu , Xuezheng Liu , Zhenyu Guo , Xiaoge Wang , Zheng Zhang, Conditional correlation analysis for safe region-based memory management, ACM SIGPLAN Notices, v.43 n.6, June 2008
Ben Hardekopf , Calvin Lin, Semi-sparse flow-sensitive pointer analysis, Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, January 21-23, 2009, Savannah, GA, USA
Sigmund Cherem , Radu Rugina, Uniqueness inference for compile-time object deallocation, Proceedings of the 6th international symposium on Memory management, October 21-22, 2007, Montreal, Quebec, Canada
Uday P. Khedker , Amitabha Sanyal , Amey Karkare, Heap reference analysis using access graphs, ACM Transactions on Programming Languages and Systems (TOPLAS), v.30 n.1, p.1-es, November 2007
Guoqing Xu , Atanas Rountev, Precise memory leak detection for java software using container profiling, Proceedings of the 30th international conference on Software engineering, May 10-18, 2008, Leipzig, Germany
Xiaodong Ma , Ji Wang , Wei Dong, Shape Analysis by Refining on Abstract Evaluation Path, Electronic Notes in Theoretical Computer Science (ENTCS), 207, p.137-151, April, 2008
Nomair A. Naeem , Ondrej Lhotak, Typestate-like analysis of multiple interacting objects, ACM SIGPLAN Notices, v.43 n.10, September 2008
Eric Bodden , Patrick Lam , Laurie Hendren, Finding programming errors earlier by evaluating runtime monitors ahead-of-time, Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering, November 09-14, 2008, Atlanta, Georgia
Cristiano Calcagno , Dino Distefano , Peter O'Hearn , Hongseok Yang, Compositional shape analysis by means of bi-abduction, Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, January 21-23, 2009, Savannah, GA, USA
Edward E. Aftandilian , Samuel Z. Guyer, GC assertions: using the garbage collector to check heap properties, ACM SIGPLAN Notices, v.44 n.6, June 2009
Mark Marron , Deepak Kapur , Manuel Hermenegildo, Identification of logically related heap regions, Proceedings of the 2009 international symposium on Memory management, June 19-20, 2009, Dublin, Ireland
Nomair A. Naeem , Ondrej Lhoták, Efficient alias set analysis using SSA form, Proceedings of the 2009 international symposium on Memory management, June 19-20, 2009, Dublin, Ireland
Ji Wang , Xiao-Dong Ma , Wei Dong , Hou-Feng Xu , Wan-Wei Liu, Demand-driven memory leak detection based on flow- and context-sensitive pointer analysis, Journal of Computer Science and Technology, v.24 n.2, p.347-356, March 2009

INDEX TERMS

Primary Classification:
  F. Theory of Computation
  F.3 LOGICS AND MEANINGS OF PROGRAMS
      F.3.2 Semantics of Programming Languages
          Subjects: Program analysis

Additional Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.4 Software/Program Verification
  D.3 PROGRAMMING LANGUAGES
      D.3.4 Processors
          Subjects: Memory management (garbage collection)


General Terms:
Algorithms, Languages, Verification


Keywords:
memory leaks, memory management, shape analysis, static error detection

Collaborative Colleagues:
Brian Hackett: colleagues
Radu Rugina: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player