research-article

A practical and precise inference and specializer for array bound checks elimination

Authors:

Corneliu Popeea,

Wei-Ngan ChinAuthors Info & Claims

PEPM '08: Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation

Pages 177 - 187

https://doi.org/10.1145/1328408.1328434

Published: 07 January 2008 Publication History

Abstract

Arrays are intensively used in many software programs, including those in the popular graphics and game programming domains. Although the problem of eliminating redundant array bound checks has been studied for a long time, there are few works that attempt to be both aggressively precise and practical. We propose an inference mechanism that achieves both aims by combining a forward relational analysis with a backward precondition derivation. Our inference algorithm works for a core imperative language with assignments, and analyses each method once through a summary-based approach. Our inference is precise as it is both path and context sensitive. Through a novel technique that can strengthen preconditions, we can selectively reduce the sizes of formulae to support a practical inference algorithm. Moreover, we subject each inferred program to a flexivariant specialization that can achieve good tradeoff between elimination of array checks and code explosion concerns. We have proven the soundness of our approach and have also implemented a prototype inference and specialization system. Initial experiments suggest that such a desired system is viable.

References

[1]

R. Bagnara, P. M. Hill, and E. Zaffanella. Widening operators for powerset domains. In Verification, Model Checking and Abstract Interpretation, pages 135--148, 2004.

[2]

B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. A static analyzer for large safety-critical software. In ACM Conference on Programming Language Design and Implementation, pages 196--207, 2003.

Digital Library

[3]

R. Bodik, R. Gupta, and V. Sarkar. ABCD: Eliminating array bounds checks on demand. In ACM Conference on Programming Language Design and Implementation, pages 321--333, 2000.

Digital Library

[4]

R. Bodik, R. Gupta, and M. L. Soffa. Complete removal of redundant expressions. In ACM Conference on Programming Language Design and Implementation, pages 1--14, June 1998.

Digital Library

[5]

R. Chatterjee, B. Ryder, and W. Landi. Relevant context inference. In ACM Symposium on Principles of Programming Languages, 1999.

Digital Library

[6]

W. N. Chin, S. C. Khoo, and D. N. Xu. Extending sized type with collection analysis. In Proceedings of the ACM SIGPLAN Workshop on Partial evaluation and semantics-based program manipulation, pages 75--84. ACM Press, 2003.

Digital Library

[7]

W. N. Chin and S. C. Khoo. Calculating sized types. In ACM SIGPLAN Symposium on Partial Evaluation and Program Manipulation, pages 62--72, Boston, Massachusetts, January 2000.

Digital Library

[8]

W. N. Chin, S. C. Khoo, and Dana N. Xu. Deriving pre-conditions for array bound check elimination. In 2nd Symp. on Programs as Data Objects, pages 2- 24, Aarhus, Denmark, May 2001. Springer Verlag.

Digital Library

[9]

P. Cousot and R. Cousot. Modular static program analysis. In International Conference on Compiler Construction, 2002.

Digital Library

[10]

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. The ASTREÉ analyzer. In European Symposium on Programming, pages 21--30, 2005.

Digital Library

[11]

P. Cousot and N. Halbwachs. Automatic discovery of linear restraints among variables of a program. In ACM Symposium on Principles of Programming Languages, pages 84--96, 1978.

Digital Library

[12]

J. Dean, C. Chambers, and D. Grove. Selective specialization for object-oriented languages. In ACM Conference on Programming Language Design and Implementation, pages 93--102, 1995.

Digital Library

[13]

J. J. Dongarra, P. Luszczek, and A. Petitet. The LINPACK benchmark: Past, present, and future. Concurrency and Computation: Practice and Experience, 15:1--18, 2003

[14]

N. Dor, M. Rodeh, and M. Sagiv. CSSV: towards a realistic tool for statically detecting all buffer overflows in C. In ACM Conference on Programming Language Design and Implementation, pages 155--167, 2003.

Digital Library

[15]

C. Flanagan. Hybrid type checking. In ACM Symposium on Principles of Programming Languages, pages 245--256, 2006.

Digital Library

[16]

C. Flanagan and S. Qadeer. Predicate abstraction for software verification. In ACM Symposium on Principles of Programming Languages, 2002.

Digital Library

[17]

C. Flanagan and J. B. Saxe. Avoiding exponential explosion: Generating compact verification conditions. In ACM Symposium on Principles of Programming Languages, 2001.

Digital Library

[18]

B. S. Gulavani and S. K. Rajamani. Counterexample driven refinement for abstract interpretation. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 2006.

Digital Library

[19]

R. Gupta. A fresh look at optimizing array bound checking. In ACM Conference on Programming Language Design and Implementation, pages 272--282, New York, June 1990.

Digital Library

[20]

J. Gustavsson and J. Svenningsson. Constraint abstractions. In Programs as Data Objects II, pages 63--83, Aarhus, Denmark, May 2001.

Digital Library

[21]

N. Heintze and O. Tardieu. Ultra-fast aliasing analysis using CLA: A million lines of C code in a second. In ACM Conference on Programming Language Design and Implementation, 2001.

Digital Library

[22]

C. A. R. Hoare and J. He. Unifying Theories of Programming. Prentice-Hall, 1998.

[23]

J. Hughes, L. Pareto, and A. Sabry. Proving the correctness of reactive systems using sized types. In ACM Symposium on Principles of Programming Languages, pages 410--423. ACM Press, January 1996.

Digital Library

[24]

P. Kolte and M. Wolfe. Elimination of redundant array subscript range checks. In ACM Conference on Programming Language Design and Implementation, pages 270--278. ACM Press, June 1995.

Digital Library

[25]

P. Lam, V. Kuncak, and M. Rinard. Cross-cutting techniques in program specification and analysis. In International Conference on Aspect-Oriented Software Development, March 2005.

Digital Library

[26]

F. Logozzo and M. Fahndrich. Pentagons: A weakly relational abstract domain for the efficient validation of array accesses. In ACM Symposium on Applied Computing, 2008.

Digital Library

[27]

Mikel Luján, John R. Gurd, T. L. Freeman, and José Miguel. Elimination of Java array bounds checks in the presence of indirection. In ACM Joint Java Grande-IScope Conf., pages 76--85, 2002.

Digital Library

[28]

A. Mine. The octagon abstract domain. In the Eighth Working Conference on Reverse Engineering, 2001.

Digital Library

[29]

G. Necula and P. Lee. The design and implementation of a certifying compiler. In ACM Conference on Programming Language Design and Implementation, pages 333--344, 1998.

Digital Library

[30]

T. V. N. Nguyen and F. Irigoin. Efficient and effective array bound checking. ACM Trans. Program. Lang. Syst., 27(3):527--570, 2005.

Digital Library

[31]

National Institute of Standards and Technology. Java SciMark benchmark for scientific computing. http://math.nist.gov/scimark2.

[32]

Simon Peyton-Jones and et.al. Glasgow Haskell Compiler. http://www.haskell.org/ghc.

[33]

C. Popeea and W. N. Chin. Inferring disjunctive postconditions. In ASIAN CS Conference, 2006.

Digital Library

[34]

C. Popeea, D. N. Xu, and W. N. Chin. A practical and precise inference and specializer for array bound checks elimination. Technical report. http://www.comp.nus.edu.sg/~+corneliu/research/array.tr.pdf.

[35]

W. Pugh. The Omega Test: A fast practical integer programming algorithm for dependence analysis. Communications of the ACM, 8:102--114, 1992.

Digital Library

[36]

W. Pugh. Counting solutions to Presburger formulas: how and why. In ACM Conference on Programming Language Design and Implementation, 1994.

Digital Library

[37]

R. Rugina and M. Rinard. Symbolic bounds analysis of pointers, array indices, and accessed memory regions. In ACM Conference on Programming Language Design and Implementation, pages 182--195. ACM Press, June 2000.

Digital Library

[38]

S. Sankaranarayanan, F. Ivancic, and A. Gupta. Program analysis using symbolic ranges. In International Static Analysis Symposium, pages 366--383, 2007.

Digital Library

[39]

S. Sankaranarayanan, F. Ivancic, I Shlyakhter, and A. Gupta. Static analysis in disjunctive numerical domains. In International Static Analysis Symposium, Springer LNCS, Seoul, Korea, August 2006.

Digital Library

[40]

N. Suzuki and K. Ishihata. Implementation of an array bound checker. In ACM Symposium on Principles of Programming Languages, pages 132--143, 1977.

Digital Library

[41]

A. Venet and G. Brat. Precise and efficient static array bound checking for large embedded C programs. In ACM Conference on Programming Language Design and Implementation, pages 231--242, 2004.

Digital Library

[42]

Y. Wu and J. R. Larus. Static branch frequency and program profile analysis. In Proceedings of the 27th annual international symposium on Microarchitecture, pages 1--11. ACM Press, 1994.

Digital Library

[43]

H. Xi and F. Pfenning. Eliminating array bound checking through dependent types. In ACM Conference on Programming Language Design and Implementation. ACM Press, June 1998.

Digital Library

[44]

Y. Xie and A. Aiken. Scalable error detection using boolean satisfiability. In ACM Symposium on Principles of Programming Languages, pages 351--363, 2005.

Digital Library

[45]

Z. Xu, B. P. Miller, and T. Reps. Safety checking of machine code. In ACM Conference on Programming Language Design and Implementation, pages 70--82. ACM Press, June 2000.

Digital Library

Cited By

Aaldering JScholz SGastel B(2023)Type Patterns: Pattern Matching on Shape-Carrying Array TypesProceedings of the 35th Symposium on Implementation and Application of Functional Languages10.1145/3652561.3652572(1-14)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3652561.3652572
Blaudeau CLiu F(2022)A conceptual framework for safe object initialization: a principled and mechanized soundness proof of the Celsius modelProceedings of the ACM on Programming Languages10.1145/35633146:OOPSLA2(729-757)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563314
Popeea CChin W(2013)Dual analysis for proving safety and finding bugsScience of Computer Programming10.1016/j.scico.2012.07.00478:4(390-411)Online publication date: 1-Apr-2013
https://dl.acm.org/doi/10.1016/j.scico.2012.07.004
Show More Cited By

Index Terms

A practical and precise inference and specializer for array bound checks elimination

Recommendations

Verifying safety policies with size properties and alias controls
ICSE '05: Proceedings of the 27th international conference on Software engineering

Many software properties can be analysed through a relational size analysis on each function's inputs and outputs. Such relational analysis (through a form of dependent typing) has been successfully applied to declarative programs, and to restricted ...
Precise and efficient static array bound checking for large embedded C programs
PLDI '04

In this paper we describe the design and implementation of a static array-bound checker for a family of embedded programs: the flight control software of recent Mars missions. These codes are large (up to 280 KLOC), pointer intensive, heavily ...
Practical pointer aliasing analysis

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PEPM '08: Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation

January 2008

214 pages

ISBN:9781595939777

DOI:10.1145/1328408

General Chair:
John Hatcliff
Kansas State University, USA
,
Program Chairs:
Robert Glück
University of Copenhagen, Denmark
,
Oege de Moor
Oxford University, UK

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 January 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

PEPM08

Sponsor:

PEPM08: Partial Evaluation and Program Manipulation

January 7 - 8, 2008

California, San Francisco, USA

Acceptance Rates

Overall Acceptance Rate 66 of 120 submissions, 55%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
244
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Aaldering JScholz SGastel B(2023)Type Patterns: Pattern Matching on Shape-Carrying Array TypesProceedings of the 35th Symposium on Implementation and Application of Functional Languages10.1145/3652561.3652572(1-14)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3652561.3652572
Blaudeau CLiu F(2022)A conceptual framework for safe object initialization: a principled and mechanized soundness proof of the Celsius modelProceedings of the ACM on Programming Languages10.1145/35633146:OOPSLA2(729-757)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563314
Popeea CChin W(2013)Dual analysis for proving safety and finding bugsScience of Computer Programming10.1016/j.scico.2012.07.00478:4(390-411)Online publication date: 1-Apr-2013
https://dl.acm.org/doi/10.1016/j.scico.2012.07.004
Trinh MLe QDavid CChin W(2013)Bi-Abduction with Pure Properties for Specification InferenceProceedings of the 11th Asian Symposium on Programming Languages and Systems - Volume 830110.1007/978-3-319-03542-0_8(107-123)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1007/978-3-319-03542-0_8
Popeea CChin WShin SOssowski SSchumacher MPalakal MHung C(2010)Dual analysis for proving safety and finding bugsProceedings of the 2010 ACM Symposium on Applied Computing10.1145/1774088.1774538(2137-2143)Online publication date: 22-Mar-2010
https://dl.acm.org/doi/10.1145/1774088.1774538
Logozzo FFähndrich M(2010)PentagonsScience of Computer Programming10.1016/j.scico.2009.04.00475:9(796-807)Online publication date: 1-Sep-2010
https://dl.acm.org/doi/10.1016/j.scico.2009.04.004
Wang SQiu Z(2009)A Tool for Estimating Memory UsageProceedings of the 2009 Third IEEE International Symposium on Theoretical Aspects of Software Engineering10.1109/TASE.2009.39(287-288)Online publication date: 29-Jul-2009
https://dl.acm.org/doi/10.1109/TASE.2009.39
Tlili SDebbabi M(2009)Interprocedural and Flow-Sensitive Type Analysis for Memory and Type Safety of C CodeJournal of Automated Reasoning10.1007/s10817-009-9121-142:2-4(265-300)Online publication date: 1-Apr-2009
https://dl.acm.org/doi/10.1007/s10817-009-9121-1

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten