improving flow analyses via cfa
play

Improving Flow Analyses via CFA Abstract Garbage Collection and - PowerPoint PPT Presentation

Sep 03, 2022 •250 likes •1.09k views

Improving Flow Analyses via CFA Abstract Garbage Collection and Counting Matthew Might Olin Shivers Georgia Institute of Technology Northeastern University ICFP 2006 1 The Big Idea The Process 1. Add garbage collection to a

  1. Improving Flow Analyses via Γ CFA Abstract Garbage Collection and Counting Matthew Might ∗ Olin Shivers † ∗ Georgia Institute of Technology † Northeastern University ICFP 2006 1

  2. The Big Idea The Process 1. Add garbage collection to a concrete semantics. 2

  3. The Big Idea The Process 1. Add garbage collection to a concrete semantics. 2. Create an abstract interpretation of these semantics. 3

  4. The Big Idea The Process 1. Add garbage collection to a concrete semantics. 2. Create an abstract interpretation of these semantics. The Payoff The abstract GC improves both speed and precision. 4

  5. The Problem: Imprecision in Abstract Interpretation x y {x,y,z} z {w} w Concrete Space Abstract Space Abstract Interpretation Larger space mapped to smaller space: Overlap leads to imprecision. 5

  6. An Example: Analyzing Integer Arithmetic Goal Given an arithmetic expression, safely approximate its sign. 6

  7. An Example: Analyzing Integer Arithmetic Goal Given an arithmetic expression, safely approximate its sign. Example ◮ 4 + 3 could be positive. ◮ 4 - 10 could be negative. ◮ 4 + (3 - 10) could be positive or negative. (Imprecision allowed.) 7

  8. An Example: Analyzing Integer Arithmetic Abstracting the Integers Integers abstract to a singleton set of their sign. Example ◮ | 4 | = { positive } ◮ | 0 | = { zero } ◮ |− 3 | = { negative } 8

  9. An Example: Analyzing Integer Arithmetic Abstracting Addition Addition abstracts “naturally” to sets of signs. Example ◮ { positive } ⊕ { positive } = { positive } ◮ { positive , negative } ⊕ { zero } = { positive , negative } ◮ { positive } ⊕ { negative } = { negative , zero , positive } 9

  10. An Example: Analyzing Integer Arithmetic Example − 4 + 4 Analyze: 10

  11. An Example: Analyzing Integer Arithmetic Example − 4 + 4 Analyze: ⇒ |− 4 | ⊕ | 4 | 11

  12. An Example: Analyzing Integer Arithmetic Example − 4 + 4 Analyze: ⇒ |− 4 | ⊕ | 4 | ⇒ { negative } ⊕ { positive } 12

  13. An Example: Analyzing Integer Arithmetic Example − 4 + 4 Analyze: ⇒ |− 4 | ⊕ | 4 | ⇒ { negative } ⊕ { positive } ⇒ { negative , zero , positive } Imprecision! { zero } is the tightest, safest answer. 13

  14. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... id �→ x �→ (id 3) �→ y �→ (id 4) �→ 14

  15. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... 1. ( λ (x) x) flows to id . id �→ ( λ (x) x) x �→ (id 3) �→ y �→ (id 4) �→ 15

  16. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... 1. ( λ (x) x) flows to id . id �→ ( λ (x) x) 2. Then, 3 flows to x . x �→ 3 (id 3) �→ y �→ (id 4) �→ 16

  17. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... 1. ( λ (x) x) flows to id . id �→ ( λ (x) x) 2. Then, 3 flows to x . x �→ 3 3. Then, 3 flows to y , (id 3) . (id 3) �→ 3 y �→ 3 (id 4) �→ 17

  18. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... 1. ( λ (x) x) flows to id . id �→ ( λ (x) x) 2. Then, 3 flows to x . x �→ 3 , 4 3. Then, 3 flows to y , (id 3) . (id 3) �→ 3 y �→ 3 4. Then, 4 flows to x . (id 4) �→ 18

  19. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... 1. ( λ (x) x) flows to id . id �→ ( λ (x) x) 2. Then, 3 flows to x . x �→ 3 , 4 3. Then, 3 flows to y , (id 3) . (id 3) �→ 3 y �→ 3 4. Then, 4 flows to x . (id 4) �→ 3 , 4 5. Then, 3 or 4 could flow to (id 4) !? Problem Flow analyses overlap different bindings to the same variable. 19

  20. 0CFA & Precision Flow analysis question: What “values” could flow to each expression? (let* ((id ( λ (x) x)) (y (id 3))) (id 4)) 0CFA thinks... 1. ( λ (x) x) flows to id . id �→ ( λ (x) x) 2. Then, 3 flows to x . x �→ 3 , 4 3. Then, 3 flows to y , (id 3) . (id 3) �→ 3 y �→ 3 4. Then, 4 flows to x . (id 4) �→ 3 , 4 5. Then, 3 or 4 could flow to (id 4) !? Solution Garbage collect dead bindings mid-analysis. 20

  21. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 21

  22. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 Address 22

  23. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 Object Address 23

  24. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 Object Address GC Root 24

  25. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 Object Address GC Root Address 25

  26. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 Object Address GC Root Address Object 26

  27. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 Object Address GC Root GC Root Address Object 27

  28. � � � Example: Abstract Garbage Collection 3-address concrete heap. 2-address abstract counterpart. concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 28

  29. � � � Example: Abstract Garbage Collection Next: Allocate object o 2 to address a 3 . Shift root to a 3 . concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 � ˆ a 3 a 3 29

  30. � � � � � Example: Abstract Garbage Collection Next: Allocate object o 3 to address a 2 . Point o 2 to a 2 . concrete abstract ���� ���� ���� ���� o 1 a 1 | o 1 | � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ˆ a 2 a 1 , 2 ���� ���� � ���� ���� o 2 a 3 | o 2 | ˆ a 3 30

Recommend

Type-Based Information Flow Analyses Franc ois Pottier January 2728, 2005 Franc ois

Type-Based Information Flow Analyses Franc ois Pottier January 2728, 2005 Franc ois

Type-Based Information Flow Analyses Franc ois Pottier January 2728, 2005 Franc ois Pottier Type-Based Information Flow Analyses Why control information flow? identity income tax form secretary Bob fiscal counselor Here is a

1.24k views • 113 slides
More Data Flow Analyses Reading: NNH 2.1 17-654/17-765 Analysis of Software Artifacts Jonathan

More Data Flow Analyses Reading: NNH 2.1 17-654/17-765 Analysis of Software Artifacts Jonathan

More Data Flow Analyses Reading: NNH 2.1 17-654/17-765 Analysis of Software Artifacts Jonathan Aldrich General Monotonicity Proofs We proved RD was monotone for data flow equations for a specific program Heres a more general

580 views • 23 slides
Adjoint Data-Flow analyses applied to checkpointing - Tradeoff between snapshots and TBR Benjamin

Adjoint Data-Flow analyses applied to checkpointing - Tradeoff between snapshots and TBR Benjamin

Adjoint Data-Flow analyses applied to checkpointing - Tradeoff between snapshots and TBR Benjamin Dauvergne Tropics Project, INRIA Sophia-Antipolis Adjoint Data-Flow analyses applied to checkpointing -Tradeoff between snapshots and TBR p.1/9

251 views • 12 slides
Flow++: Improving Flow-Based Generative Models with Variational Dequantization and Architecture

Flow++: Improving Flow-Based Generative Models with Variational Dequantization and Architecture

Flow++: Improving Flow-Based Generative Models with Variational Dequantization and Architecture Design Jonathan Ho*, Xi Chen*, Aravind Srinivas, Yan Duan, Pieter Abbeel Overview - Goal: likelihood-based model with Fast sampling and training -

363 views • 11 slides
Unication of static analyses and runtime measurements for improving vectorization Ashay Rane,

Unication of static analyses and runtime measurements for improving vectorization Ashay Rane,

Unication of static analyses and runtime measurements for improving vectorization Ashay Rane, Rakesh Krishnaiyer, Chris Newburn, James Browne, Leo Fialho and Zakhar Matveev th 4 August, 2014 Petascale Tools Workshop 1 Overview of this

430 views • 26 slides
Motivation We have so far seen many analyses which deal with control- and data-flow properties of

Motivation We have so far seen many analyses which deal with control- and data-flow properties of

Motivation We have so far seen many analyses which deal with control- and data-flow properties of pure languages. However, many languages contain operations with side- effects , so we must also be able to analyse and safely transform these impure

610 views • 37 slides
PROJECT SPARROW Improving traffic flow with machine learning TYPES OF MACHINE LEARNING Google

PROJECT SPARROW Improving traffic flow with machine learning TYPES OF MACHINE LEARNING Google

PROJECT SPARROW Improving traffic flow with machine learning TYPES OF MACHINE LEARNING Google Deep Mind MORE VARIABLES Improving the simulation, so it more accurately simulates the real world. USE 3D MAPPING SOFTWARE TO SIMULATE Allows

396 views • 11 slides
10.8BN +1.7% MORE SATISFIED/LOYAL CUSTOMERS IN ALL MARKETS (TARGET: > SEK 9.7 BILLION)

10.8BN +1.7% MORE SATISFIED/LOYAL CUSTOMERS IN ALL MARKETS (TARGET: > SEK 9.7 BILLION)

YEAR-END REPORT JANUARY DECEMBER 2018 JOHAN DENNELIND PRESIDENT & CEO 1 DELIVERED ON OUR FULL YEAR AMBITIONS ADJUSTED EBITDA* ADJUSTED EBITDA* OPERATIONAL FREE CASH FLOW OPERATIONAL FREE CASH FLOW IMPROVING ON NPS IMPROVING ON NPS

503 views • 14 slides
Improving the Robustness of Variational Optical Flow through Tensor Voting by: Hatem A.

Improving the Robustness of Variational Optical Flow through Tensor Voting by: Hatem A.

Improving the Robustness of Variational Optical Flow through Tensor Voting by: Hatem A. Rashwan, Domenec Puig, Miguel Angel Garcia presented by: Merlin Lang langmerlin@stud.uni-sb.de Milestones And Advatages in Image Analysis M athematical

297 views • 26 slides
Dis iscussion of the New CO Assessment Level of Care (LOC) & Reli liability Analyses

Dis iscussion of the New CO Assessment Level of Care (LOC) & Reli liability Analyses

Dis iscussion of the New CO Assessment Level of Care (LOC) & Reli liability Analyses Presentation to Stakeholders October 2019 1 Our Mission Improving health care access and outcomes for the people we serve while demonstrating sound

1.16k views • 85 slides
Flow Networks Flow Network: - digraph - weights, called capacities on edges - two

Flow Networks Flow Network: - digraph - weights, called capacities on edges - two

M AXIMUM F LOW How to do it... Why you want it... Where you find it... The Tao of Flow: Let your body go with the flow. -Madonna, Vogue Maximum flow...because youre worth it. -Loreal Go with the flow, Joe.

619 views • 20 slides
Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans

Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans

Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans Kaashoek MIT CSAIL Many security vulnerabilities caused by programming errors Attack vector Percentage SQL injection 20.4% Cross-site scripting

912 views • 57 slides
Improving Gap Flow Simulations Near Coastal Areas of Continental Portugal 11th Deep Sea Offshore

Improving Gap Flow Simulations Near Coastal Areas of Continental Portugal 11th Deep Sea Offshore

Improving Gap Flow Simulations Near Coastal Areas of Continental Portugal 11th Deep Sea Offshore Wind R&D Conference Trondheim, 22-24 January 2014 Section Met Ocean Conditions paulo.costa@lneg.pt antonio.couto@lneg.pt

272 views • 15 slides
Class 2 Review; questions Basic Analyses (2) Assign (see Schedule for links)

Class 2 Review; questions Basic Analyses (2) Assign (see Schedule for links)

Class 2 Review; questions Basic Analyses (2) Assign (see Schedule for links) Representation and Analysis of Software (Sections 1-5) Additional reading: depth-first presentation, data-flow analysis, etc. Problem Set 1:

607 views • 26 slides
Class 3 Review; questions Basic Analyses (3) Assign (see Schedule for links)

Class 3 Review; questions Basic Analyses (3) Assign (see Schedule for links)

Class 3 Review; questions Basic Analyses (3) Assign (see Schedule for links) Representation and Analysis of Software (Sections 1-5) Additional readings: Data-flow analysis Control/program-dependence analysis

741 views • 26 slides
Improving Emergency Department Flow for People with Behavioral Health Problems December 11, 2019

Improving Emergency Department Flow for People with Behavioral Health Problems December 11, 2019

Improving Emergency Department Flow for People with Behavioral Health Problems December 11, 2019 Scottsdale, AZ Stuart Buttlaire, PhD, MBA Reg. Behavioral Health Director, Kaiser Northern California, Pres of IBHI Peter Brown, Executive Director

760 views • 47 slides
May 2020 Assessment & Support Plan Stakeholder Meeting-Time Study Analyses & Childrens

May 2020 Assessment & Support Plan Stakeholder Meeting-Time Study Analyses & Childrens

May 2020 Assessment & Support Plan Stakeholder Meeting-Time Study Analyses & Childrens Hospital-LOC Update May 28, 2020 1 Our Mission Improving health care access and outcomes for the people we serve while demonstrating sound

912 views • 43 slides
Improving the Verification Flow

Improving the Verification Flow

Improving the Verification Flow

182 views • 14 slides
Baseline Analyses Using Baseline Analyses Using DBP (2006) & AMP (2008) DBP (2006) & AMP

Baseline Analyses Using Baseline Analyses Using DBP (2006) & AMP (2008) DBP (2006) & AMP

Baseline Analyses Using Baseline Analyses Using DBP (2006) & AMP (2008) DBP (2006) & AMP (2008) Program Data Program Data Steven Braithwait Christensen Associates Energy Consulting Conference Call May 26, 2009 Project Objectives

513 views • 16 slides
Toll Schedule Analyses Board Meeting 11-17-16 Overview n Conducted Toll Schedule Analyses per

Toll Schedule Analyses Board Meeting 11-17-16 Overview n Conducted Toll Schedule Analyses per

Toll Schedule Analyses Board Meeting 11-17-16 Overview n Conducted Toll Schedule Analyses per Authority Direction n 2 Public Meetings Dates: w 10/25/16: Destin w 10/27/16: Niceville Presented the various toll discount options Received

431 views • 21 slides
Analyses of Variance Block 2b Types of analyses 1 way ANOVA For more than 2 levels of a

Analyses of Variance Block 2b Types of analyses 1 way ANOVA For more than 2 levels of a

Analyses of Variance Block 2b Types of analyses 1 way ANOVA For more than 2 levels of a factor between subjects ANCOVA For continuous co-varying factor, between subjects ANOVA for factorial design Multiple factors

700 views • 35 slides
Improving Usability of Information Flow Security in Java Mark Thober Joint work with Scott F.

Improving Usability of Information Flow Security in Java Mark Thober Joint work with Scott F.

Mark Thober June 14, 2007 Improving Usability of Information Flow Security in Java Mark Thober Joint work with Scott F. Smith Department of Computer Science Johns Hopkins University PLAS 07 1 Mark Thober June 14, 2007 Motivation

580 views • 37 slides
Potential Flow & Flow Nets Potential Flow Irrotational flow for which implies:

Potential Flow & Flow Nets Potential Flow Irrotational flow for which implies:

Potential Flow & Flow Nets Potential Flow Irrotational flow for which implies: This allows you to decompose velocity into a scalar potential such that: Combined with conservation of mass (continuity) and incompressibility you

110 views • 7 slides
Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation vs. measurement vs. modelling 2D vs. surfaces vs. 3D Steady vs time-dependent flow Direct vs. indirect flow visualization Experimental flow

1.18k views • 92 slides

More recommend