This paper concerns the static analysis of programs that perform destructive updating on heap-allocated storage. We give an algorithm that conservatively solves this problem by using a finite shape-graph to approximate the possible “shapes” that heap-allocated structures in a program can take on. In contrast with previous work, our method M even accurate for certain programs that update cyclic data structures. For example, our method can determine that when the input to a program that searches a list and splices in a new element is a possibly circular list, the output is a possibly circular list.

One aspect of security in mobile code is privacy: private (or secret) data should not be leaked to unauthorised agents. Most of the work on secure information flow has until recently only been concerned with detecting direct and indirect flows. Secret information can however be leaked to the attacker also through covert channels. It is very reasonable to assume that the attacker, even as an external observer, can monitor the timing (including termination) behaviour of the program. Thus to claim a program secure, the security analysis must take also these into account. In this work we present a surprisingly simple solution to the problem of detecting timing leakages to external observers. Our system consists of a type system in which well-typed programs do not leak secret information directly, indirectly or through timing, and a transformation for removing timing leakages. For any program that is well typed according to Volpano and Smith [VS97a], our transformation generates a program that is also free of timing leaks.

. This paper identifies and solves a class of problems that arise in binding time analysis and more generally in partial evaluation of programs: the approximation and loss of static information due to dynamic expressions with static subexpressions. Solving this class of problems yields substantial binding time improvements and thus dramatically better results not only in the case of partial evaluation but also for static analyses of programs --- this last point actually is related to a theoretical result obtained by Nielson. Our work can also be interpreted as providing a solution to the problem of conditionally static data, the dual of partially static data. We point out which changes in the control flow of a source program may improve its static data flow. Unfortunately they require one to iterate earlier phases of partial evaluation. We show how these changes are subsumed by transforming the source program into continuation-passing style (CPS). The transformed programs get specializ...

Run-time code generation is an alternative and complement to compile-time program analysis and optimization. Static analyses are inherently imprecise because most interesting aspects of run-time behavior are uncomputable. By deferring aspects of compilation to run time, more precise information about program behavior can be exploited, leading to greater opportunities for code improvement. The cost of performing optimization at run time is of paramount importance, since it must be repaid by improved performance in order to obtain an overall speedup. This paper describes a lightweight approach to run-time code generation, called deferred compilation, in which compile-time specialization is employed to reduce the cost of optimizing and generating code at run time. Implementation strategies developed for a prototype compiler are discussed, and the results of preliminary experiments demonstrating significant overall speedup are presented. 1 Introduction Many compiler optimizations depend ...

This paper concerns the use of program slicing to perform a certain kind of program-specialization operation. The specialization operation that slicing performs is different from the specialization operations performed by algorithms for partial evaluation, supercompilation, bifurcation, and deforestation. In particular, we present an example in which the specialized program that we create via slicing could not be created as the result of applying partial evaluation, supercompilation, bifurcation, or deforestation to the original unspecialized program. Specialization via slicing also possesses an interesting property that partial evaluation, supercompilation, and bifurcation do not possess: The latter operations are somewhat limited in the sense that they support tailoring of existing software only according to the ways in which parameters of functions and procedures are used in a program. Because parameters to functions and procedures represent the range of usage patterns that the designer of a piece of software has anticipated, partial evaluation, supercompilation, and bifurcation support specialization only in ways that have already been “foreseen ” by the software’s author. In contrast, the specialization operation that slicing supports permits programs to be specialized in ways

A systematic approach is given for deriving incremental programs that exploit caching. The cache-and-prune method presented in the article consists of three stages: (I) the original program is extended to cache the results of all its intermediate subcomputations as well as the final result, (II) the extended program is incrementalized so that computation on a new input can use all intermediate results on an old input, %using existing techniques, and (III) unused results cached by the extended program and maintained by the incremental program are pruned away, leaving a pruned extended program that caches only useful intermediate results and a pruned incremental program that uses and maintains only the useful results. All three stages utilize static analyses and semantics-preserving transformations. Stages I and III are simple, clean, and fully automatable. The overall method has a kind of optimality with respect to the techniques used in Stage II. The method can be applied straightforwardly to provide a systematic approach to program improvement via caching.

This paper contains two main parts. The first examines the set constraint calculus, discusses its history, and overviews the current state of known algorithms and related issues. Here we will also survey the uses of set constraints, starting from early work in (imperative) program analysis, to more recent work in logic and functional programming systems. The second part describes set-based analysis. The aim here is a declarative interpretation of what it means to approximate the meaning of a program in just one way: ignore dependencies between variables, and instead, reason about each variable as the set of its possible runtime values. The basic approach starts with some description of the operational semantics, and then systematically replaces descriptions of environments (mappings from program variables to values) by set environments (mappings from program variables to sets

. A partial evaluator, given a program and a known "static" part of its input data, outputs a specialised or residual program in which computations depending only on the static data have been performed in advance. Ideally the partial evaluator would be a "black box" able to extract nontrivial static computations whenever possible; which never fails to terminate; and which always produces residual programs of reasonable size and maximal efficiency, so all possible static computations have been done. Practically speaking, partial evaluators often fall short of this goal; they sometimes loop, sometimes pessimise, and can explode code size. A partial evaluator is analogous to a spirited horse: while impressive results can be obtained when used well, the user must know what he/she is doing. Our thesis is that this knowledge can be communicated to new users of these tools. This paper presents a series of examples, concentrating on a quite broad and on the whole quite successful application ...

Starting from a continuation-based interpreter for a simple logic programming language, propositional Prolog with cut, we derive the corresponding logic engine in the form of an abstract machine. The derivation originates in previous work (our article at PPDP 2003) where it was applied to the lambda-calculus. The key transformation here is Reynolds's defunctionalization that transforms a tail-recursive, continuation-passing interpreter into a transition system, i.e., an abstract machine. Similar denotational and operational semantics were studied by de Bruin and de Vink (their article at TAPSOFT 1989), and we compare their study with our derivation. Additionally, we present a direct-style interpreter of propositional Prolog expressed with control operators for delimited continuations.

Automatic program specialization has numerous application areas ranging from specialization of scientific computation to automatic compiler generation. During the last decade, several automatic partial evaluators have been developed and demonstrated their usefulness. However, none of these have both been for a typed imperative language and self-applicable. The main content of this thesis is the development of an automatic self-applicable program specializer for a substantial subset of the C programming language. The use of an imperative language introduce many problems not present in partial evaluation of functional languages. New problems addressed and solved in this thesis includes handling of static side-effects under dynamic control, treatment of the imperative data structures arrays and structures, partially static data structures and specialization time splitting of these, and representation of values and programs for efficient self-application. In the thesis we recall the founda...