Presentation is loading. Please wait.

Presentation is loading. Please wait.

Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification."— Presentation transcript:

1 Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification based interprocedural pointer analysis (Steensgaard)

2 Pointer and Alias Analysis Aliases: two expressions that denote the same memory location. Aliases are introduced by: –pointers –call-by-reference –array indexing –C unions

3 Useful for what? Improve the precision of analyses that require knowing what is modified or referenced (eg const prop, CSE …) Eliminate redundant loads/stores and dead stores. Parallelization of code –can recursive calls to quick_sort be run in parallel? Yes, provided that they reference distinct regions of the array. Identify objects to be tracked in error detection tools x := *p;... y := *p; // replace with y := x? *x :=...; // is *x dead? x.lock();... y.unlock(); // same object as x?

4 Kinds of alias information Points-to information (must or may versions) –at program point, compute a set of pairs of the form p ! x, where p points to x. –can represent this information in a points-to graph Alias pairs –at each program point, compute the set of of all pairs (e 1,e 2 ) where e 1 and e 2 must/may reference the same memory. Storage shape analysis –at each program point, compute an abstract description of the pointer structure. p x y zp

5 Intraprocedural Points-to Analysis Want to compute may-points-to information Lattice:

6 Flow functions x := a + b in out F x := a+b (in) = x := k in out F x := k (in) =

7 Flow functions x := &y in out F x := &y (in) = x := y in out F x := y (in) =

8 Flow functions *x := y in out F *x := y (in) = x := *y in out F x := *y (in) =

9 Intraprocedural Points-to Analysis Flow functions:

10 Example of using points-to information In constant propagation:

11 Example of using points-to information In constant propagation:

12 Pointers to dynamically-allocated memory Handle statements of the form: x := new T One idea: generate a new variable each time the new statement is analyzed to stand for the new location:

13 Example lst := new Cons p := lst t := new Cons *p := t p := t

14 Example solved l := new Cons p := l t := new Cons *p := t p := t l p V1 l p tV2 l p V1 t V2 l t V1 p V2 l t V1 p V2 l t V1 p V2V3 l t V1 p V2V3 l t V1 p V2V3

15 What went wrong? Lattice was infinitely tall! Instead, we need to summarize the infinitely many allocated objects in a finite way. –introduce summary nodes, which will stand for a whole class of allocated objects. For example: For each new statement with label L, introduce a summary node loc L, which stands for the memory allocated by statement L. Summary nodes can use other criterion for merging.

16 Example revisited S1: l := new Cons p := l S2: t := new Cons *p := t p := t

17 Example revisited & solved S1: l := new Cons p := l S2: t := new Cons *p := t p := t l p S1 l p tS2 l p S1 t S2 l t S1 p S2 l t S1 p S2 l t S1 p L2 l t S1 p S2 l t S1 p S2 l t S1 p S2 l t L1 p L2 l t S1 p S2 l t S1 p S2 Iter 1Iter 2Iter 3

18 Array aliasing, and pointers to arrays Array indexing can cause aliasing: –a[i] aliases b[j] if: a aliases b and i = j a and b overlap, and i = j + k, where k is the amount of overlap. Can have pointers to elements of an array –p := &a[i];...; p++; How can arrays be modeled? –Could treat the whole array as one location. –Could try to reason about the array index expressions: array dependence analysis.

19 Summary We just saw: –intraprocedural points-to analysis –handling dynamically allocated memory –handling pointers to arrays But, intraprocedural pointer analysis is not enough. –Sharing data structures across multiple procedures is one the big benefits of pointers: instead of passing the whole data structures around, just pass pointers to them (eg C pass by reference). –So pointers end up pointing to structures shared across procedures. –If you don’t do an interproc analysis, you’ll have to make conservative assumptions functions entries and function calls.

20 Conservative approximation on entry Say we don’t have interprocedural pointer analysis. What should the information be at the input of the following procedure: global g; void p(x,y) {... } xyg

21 Conservative approximation on entry Here are a few solutions: xyg locations from alloc sites prior to this invocation global g; void p(x,y) {... } They are all very conservative! We can try to do better. x,y,g & locations from alloc sites prior to this invocation

22 Interprocedural pointer analysis for C We’ll look at Wilson & Lam PLDI 95, and focus on two problems solved by this paper: –how to represent pointer information in the presence of casts, pointer arithmetic, unions, and all the rest of C. –how to perform context-sensitive pointer analysis interprocedurally in a way that provides good precision at reasonable costs.

23 Representing pointer information for C Problem: –C types can be subverted by type casts: an int can in fact be a pointer. –Pointer arithmetic can lead to subobject boundaries being crossed. So, ignore the type system and subobject boundaries. Instead use a representation that decides what’s a pointer based on how it is used. Treat memory as composed of blocks of bits: –each local, global variable is a block –each malloc returns a block. Assume that casts and pointer arithmetic do not cross object boundaries.

Download ppt "Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification."

Similar presentations

Data-Flow Analysis II CS 671 March 13, 2008. CS 671 – Spring 2008 1 Data-Flow Analysis Gather conservative, approximate information about what a program.

Data-Flow Analysis II CS 671 March 13, CS 671 – Spring Data-Flow Analysis Gather conservative, approximate information about what a program.
Synopsys University Courseware Copyright © 2012 Synopsys, Inc. All rights reserved. Compiler Optimization and Code Generation Lecture - 3 Developed By:

Synopsys University Courseware Copyright © 2012 Synopsys, Inc. All rights reserved. Compiler Optimization and Code Generation Lecture - 3 Developed By:
P3 / 2004 Register Allocation. Kostis Sagonas 2 Spring 2004 Outline What is register allocation Webs Interference Graphs Graph coloring Spilling Live-Range.

P3 / 2004 Register Allocation. Kostis Sagonas 2 Spring 2004 Outline What is register allocation Webs Interference Graphs Graph coloring Spilling Live-Range.
Advanced Compiler Techniques LIU Xianhua School of EECS, Peking University Pointer Analysis.

Advanced Compiler Techniques LIU Xianhua School of EECS, Peking University Pointer Analysis.
Data Flow Analysis. Goal: make assertions about the data usage in a program Use these assertions to determine if and when optimizations are legal Local:

Data Flow Analysis. Goal: make assertions about the data usage in a program Use these assertions to determine if and when optimizations are legal Local:
1 CS 201 Compiler Construction Lecture 3 Data Flow Analysis.

1 CS 201 Compiler Construction Lecture 3 Data Flow Analysis.
Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.

Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.
Pointer Analysis – Part I Mayur Naik Intel Research, Berkeley CS294 Lecture March 17, 2009.

Pointer Analysis – Part I Mayur Naik Intel Research, Berkeley CS294 Lecture March 17, 2009.
Control-Flow Graphs & Dataflow Analysis CS153: Compilers Greg Morrisett.

Control-Flow Graphs & Dataflow Analysis CS153: Compilers Greg Morrisett.
Flow insensitive pointer analysis: fixed S1: l := new Cons p := l S2: t := new Cons *p := t p := t l p S1 l p tS2 l p S1 t S2 l t S1 p S2 l t S1 p S2 l.

Flow insensitive pointer analysis: fixed S1: l := new Cons p := l S2: t := new Cons *p := t p := t l p S1 l p tS2 l p S1 t S2 l t S1 p S2 l t S1 p S2 l.
Register Allocation CS 671 March 27, 2008. CS 671 – Spring 2008 1 Register Allocation - Motivation Consider adding two numbers together: Advantages: Fewer.

Register Allocation CS 671 March 27, CS 671 – Spring Register Allocation - Motivation Consider adding two numbers together: Advantages: Fewer.
School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) Pointer Analysis.

School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) Pointer Analysis.
1 CS 201 Compiler Construction Lecture Interprocedural Data Flow Analysis.

1 CS 201 Compiler Construction Lecture Interprocedural Data Flow Analysis.
School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) Dataflow Analysis Introduction Guo, Yao Part of the slides are adapted from.

School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) Dataflow Analysis Introduction Guo, Yao Part of the slides are adapted from.
Kernighan/Ritchie: Kelley/Pohl:

Kernighan/Ritchie: Kelley/Pohl:
1 Program Slicing Purvi Patel. 2 Contents Introduction What is program slicing? Principle of dependences Variants of program slicing Slicing classifications.

1 Program Slicing Purvi Patel. 2 Contents Introduction What is program slicing? Principle of dependences Variants of program slicing Slicing classifications.
Optimizing Compilers for Modern Architectures More Interprocedural Analysis Chapter 11, Sections 11.2.5 to end.

Optimizing Compilers for Modern Architectures More Interprocedural Analysis Chapter 11, Sections to end.
Interprocedural analysis © Marcelo d’Amorim 2010.

Interprocedural analysis © Marcelo d’Amorim 2010.
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.
Program Representations Xiangyu Zhang. CS590F Software Reliability Why Program Representations  Initial representations Source code (across languages).

Program Representations Xiangyu Zhang. CS590F Software Reliability Why Program Representations  Initial representations Source code (across languages).

Similar presentations

Ads by Google