1 / 18

Generating Precise and Concise Procedure Summaries

Generating Precise and Concise Procedure Summaries. Greta Yorsh Eran Yahav Satish Chandra. abstract domain & transformers. foo(…) { … }. summary of foo. Our Framework. Summary Generator. function from input to output abstract values. abstract domain & transformers. bar(…) {

etenia
Download Presentation

Generating Precise and Concise Procedure Summaries

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Generating Precise and Concise Procedure Summaries Greta Yorsh Eran Yahav Satish Chandra

  2. abstract domain & transformers foo(…) { … } summary of foo Our Framework Summary Generator function from input to output abstract values

  3. abstract domain & transformers bar(…) { … foo(); … } summary of bar Our Framework Summary Generator summary of foo

  4. abstract domain & transformers library   Analyzer Our Framework (restricted) … Summary Generator client client client Summaries • precise • efficient • concise

  5. (A1) tr12 (A2) tr23 tr13 (A3) Example • Composition of transformers tr13  tr12  tr23 class DataReader { FileComp f; ... void setComponent(FileComp p) { this.f = p; } FileComp getComponent() { return this.f; } ... void nop() { FileComp t; t = getComponent(); setComponent(t); } } A1: A2: A3:

  6. Main Challenge • Composition of transformers • Finite representation of iterated composition of transformers calling contexts loop iterations …

  7. tr12 tr23 tr13 Our Approach • Express constraints on intermediate states in terms of initial and final states • Restrict the representation of transformers • covers all basic statements • closed under composition • finite language

  8. Our Contributions • Framework for generating precise, efficient and concise summaries • language of transformers • composition algorithm • Instances of the framework include • known classes: IFDS, IDE • modular constant propagation with aliasing • modular typestate verification with aliasing • Prototype and evaluation for typestate

  9. tr12 tr23 tr13 Key Ideas • Transformers are defined using conditional micro-transformers • partition values into finite number of classes with uniform behavior • compose using case-splitting • restrict the way partitions defined • e.g., no quantifiers • Lift to aggregate domains • powerset, product, union • transformers follow domain structure • dependencies between components

  10. Simple Example: Tracking “Nullness” • Abstract value is a set of access paths • e.g., { x.f, y } must have null value • Abstract transformer tr operates pointwiseon individual access paths using trAP:tr(X) = X trAP() • Conditional micro-transformertrAP maps an access path  to a set of access paths

  11. { this.f, t } if  = this.f { } if  = t {  } if   t    this.f trAP() ≡  =this.f t  this.f =this.f this.f  t preconditions (under certain restrictions) Example: Conditional Micro-Transformer t = this.f

  12. (A1) tr12 (A2) 12 tr12(X) = X trAP() tr23 tr13 23 tr23(X) = X trAP() (A3) 12 23 tr13(X) = X (trAP  trAP )() Example: Composition Algorithm class DataReader { FileComp f; ... void setComponent(FileComp p) { this.f = p; } FileComp getComponent() { return this.f; } ... void nop() { FileComp t; t = getComponent(); setComponent(t); } } A1: A2: A3:

  13. trAP 12    this.f  t this.f  t this.f  t =t =t =t =t =t =t    t t t this.f this.f this.f trAP 23 Example: Composition Algorithm t = getComponent(); setComponent(t)  =this.f t  this.f t = getComponent() =this.f this.f  t substitution  :=  :=this.f  := t setComponent(t)

  14. Example: Composition Algorithm t = getComponent(); setComponent(t)  t  this.f =this.f =this.f := :=t :=this.f this.f t tthis.f  tt this.fthis.f  this.f t =t this.f=t t=t =t t=t this.f=t  t this.f t t this.f this.f t this.f          tthis.f

  15. t  this.f =this.f =this.f this.f  t t = getComponent(); setComponent(t) Example: Composition Algorithm t = getComponent(); setComponent(t)  t  this.f =this.f this.f t t=t t=t  t this.f   

  16. =this.f t  this.f t = getComponent() =this.f  this.f  t setComponent(t)  this.f  t =t =t  t  this.f  t this.f =this.f t = getComponent(); setComponent(t) =this.f this.f  t Basic Ingredients of Composition • Case splitting • Substitution • Consistency checking • Simplification • Invert operation (details in the paper)

  17. Related Work • Static determination of dynamic properties of recursive procedures [Cousot-Cousot ’79] • Functional approach [Sharir-Pnueli ‘81] • IFDS problems [Reps-Horwitz-Sagiv POPL’95] • IDE problems [Sagiv-Reps-Horwitz TCS ‘96] • Relevant Context Inference [Chatterjee-Ryder-Landi POPL’99]

  18. Summary • Language of transformers • Composition algorithm • The language is closed under composition • The language is expressive • Precise and concise procedure summaries

More Related