[TOPLAS] Interactive Abstract Interpretation with Demanded Summarization
We consider the problem of making expressive, interactive static analyzers compositional. Such a technique could help bring the power of server-based static analyses to integrated development environments (IDEs), updating their results live as the code is modified. Compositionality is key for this scenario, as it enables reuse of already-computed analysis results for unmodified code. Previous techniques for interactive static analysis either lack compositionality, cannot express arbitrary abstract domains, or are not from-scratch consistent.
We present demanded summarization, the first algorithm for incremental compositional analysis in arbitrary abstract domains which guarantees from-scratch consistency. Our approach analyzes individual procedures using a recent technique for demanded analysis, computing summaries on demand for procedure calls. A dynamically-updated summary dependency graph enables precise result invalidation after program edits, and the algorithm is carefully designed to guarantee from-scratch-consistent results after edits, even in the presence of recursion and in arbitrary abstract domains. We formalize our technique and prove soundness, termination, and from-scratch consistency. An experimental evaluation of a prototype implementation on synthetic and real-world program edits provides evidence for the feasibility of this theoretical framework, showing potential for major performance benefits over non-demanded compositional analyses.
Fri 28 JunDisplayed time zone: Windhoek change
10:40 - 12:20 | Program Analysis 1PLDI Research Papers at Sweden Chair(s): Jens Palsberg University of California, Los Angeles (UCLA) | ||
10:40 20mTalk | [TOPLAS] Interactive Abstract Interpretation with Demanded Summarization PLDI Research Papers Benno Stein SkipLabs, Bor-Yuh Evan Chang University of Colorado Boulder & Amazon, Manu Sridharan University of California at Riverside DOI | ||
11:00 20mTalk | Efficient Static Vulnerability Analysis for JavaScript with Multiversion Dependency Graphs PLDI Research Papers Mafalda Ferreira INESC-ID / Instituto Superior Técnico, Universidade de Lisboa, Miguel Monteiro INESC-ID and Universidade de Lisboa, Tiago Brito INESC-ID and Universidade de Lisboa, Miguel E. Coimbra INESC-ID and Universidade de Lisboa, Nuno Santos INESC-ID / Instituto Superior Tecnico, University of Lisbon, Limin Jia , José Fragoso Santos INESC-ID/Instituto Superior Técnico, Portugal DOI Pre-print | ||
11:20 20mTalk | Floating-Point TVPI Abstract DomainRemote PLDI Research Papers DOI | ||
11:40 20mTalk | Reducing Static Analysis Unsoundness with Approximate Interpretation PLDI Research Papers Mathias Rud Laursen Aarhus University, Wenyuan Xu Aarhus University, Anders Møller Aarhus University DOI | ||
12:00 20mTalk | Falcon: A Scalable Analytical Cache Model PLDI Research Papers Arjun Pitchanathan University of Edinburgh, Kunwar Grover AMD, Tobias Grosser University of Cambridge, UK DOI |