Skip header Section
Skip Bibliometrics Section
Principles of Program AnalysisDecember 2010
Skip Abstract Section
Abstract
Program analysis utilizes static techniques for computing reliable information about the dynamic behavior of programs. Applications include compilers (for code improvement), software validation (for detecting errors) and transformations between data representation (for solving problems such as Y2K). This book is unique in providing an overview of the four major approaches to program analysis: data flow analysis, constraint-based analysis, abstract interpretation, and type and effect systems. The presentation illustrates the extensive similarities between the approaches, helping readers to choose the best one to utilize.
Cited By
- Cui M, Xu H, Tian H and Zhou Y (2024).
rCanary : Detecting Memory Leaks Across Semi-Automated Memory Management Boundary in Rust, IEEE Transactions on Software Engineering, 50:9, (2472-2484), Online publication date: 1-Sep-2024. - Kristensen J, Kaarsgaard R and Thomsen M Jeopardy: An Invertible Functional Programming Language Reversible Computation, (124-141)
Campion M, Dalla Preda M, Giacobazzi R and Urban C (2024). Monotonicity and the Precision of Program Analysis, Proceedings of the ACM on Programming Languages, 8:POPL, (1629-1662), Online publication date: 5-Jan-2024.- Agrawal L, Kanade A, Goyal N, Lahiri S and Rajamani S Monitor-guided decoding of code LMs with static analysis of repository context Proceedings of the 37th International Conference on Neural Information Processing Systems, (32270-32298)
- Buccioli L, Cristalli S, Vignati E, Nava L, Badagliacca D, Bruschi D, Lu L and Lanzi A JChainz: Automatic Detection of Deserialization Vulnerabilities for the Java Language Security and Trust Management, (136-155)
- Chen B and Jiang Z (2021). A Survey of Software Log Instrumentation, ACM Computing Surveys, 54:4, (1-34), Online publication date: 31-May-2022.
- Alur R, Devietti J, Leija O and Singhania N (2022). Static detection of uncoalesced accesses in GPU programs, Formal Methods in System Design, 60:1, (1-32), Online publication date: 1-Feb-2022.
- Fang Z, Darais D, Near J and Zhang Y Zero Knowledge Static Program Analysis Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, (2951-2967)
- Li Z, Wang J, Sun M and Lui J MirChecker: Detecting Bugs in Rust Programs via Static Analysis Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, (2183-2196)
- Song D, Lee W and Oh H Context-aware and data-driven feedback generation for programming assignments Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, (328-340)
- Guo Z, Wu K, Yan C and Yu X Releasing Locks As Early As You Can: Reducing Contention of Hotspots by Violating Two-Phase Locking Proceedings of the 2021 International Conference on Management of Data, (658-670)
- Karakochev A and Zhang G Static Analysis of Large-Scale JavaScript Front End Web Engineering, (483-489)
- Yu L, Luo X, Chen J, Zhou H, Zhang T, Chang H and Leung H (2021). PPChecker: Towards Accessing the Trustworthiness of Android Apps’ Privacy Policies, IEEE Transactions on Software Engineering, 47:2, (221-242), Online publication date: 1-Feb-2021.
- Stiévenart Q and Madsen M (2020). Fuzzing channel-based concurrency runtimes using types and effects, Proceedings of the ACM on Programming Languages, 4:OOPSLA, (1-27), Online publication date: 13-Nov-2020.
- Poesia G and Pereira F (2020). Dynamic dispatch of context-sensitive optimizations, Proceedings of the ACM on Programming Languages, 4:OOPSLA, (1-28), Online publication date: 13-Nov-2020.
- Ketkar A, Tsantalis N and Dig D Understanding type changes in Java Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, (629-641)
- Melo L, Ribeiro R, Guimarães B and Pereira F (2020). Type Inference for C, ACM Transactions on Programming Languages and Systems, 42:3, (1-71), Online publication date: 30-Sep-2020.
- Contractor M and Fluet M Type- and Control-Flow Directed Defunctionalization IFL 2020: Proceedings of the 32nd Symposium on Implementation and Application of Functional Languages, (79-92)
- Frank J, Aschermann C and Holz T ETHBMC Proceedings of the 29th USENIX Conference on Security Symposium, (2757-2774)
- Celik Z, Fernandes E, Pauley E, Tan G and McDaniel P (2019). Program Analysis of Commodity IoT Applications for Security and Privacy, ACM Computing Surveys, 52:4, (1-30), Online publication date: 31-Jul-2020.
- Ramanathan M, Clapp L, Barik R and Sridharan M Piranha Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice, (221-230)
- Ramu R, Upadhyaya G, Nguyen H and Rajan H BCFA Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, (1037-1048)
- Brennan T, Saha S and Bultan T JVM fuzzing for JIT-induced side-channel detection Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, (1011-1023)
- Yu H, Chen Z, Fu X, Wang J, Su Z, Sun J, Huang C and Dong W Symbolic verification of message passing interface programs Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, (1248-1260)
- Yan J, Liu H, Pan L, Yan J, Zhang J and Liang B Multiple-entry testing of Android applications by constructing activity launching contexts Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, (457-468)
- Abbas M, Omar R, El-Mahdy A and Rohou E Approximate Data Dependence Profiling Based on Abstract Interval and Congruent Domains Architecture of Computing Systems – ARCS 2020, (3-16)
- Chatterjee K, Goharshady A, Goyal P, Ibsen-Jensen R and Pavlogiannis A (2019). Faster Algorithms for Dynamic Algebraic Queries in Basic RSMs with Constant Treewidth, ACM Transactions on Programming Languages and Systems, 41:4, (1-46), Online publication date: 5-Dec-2019.
- Facchinetti L, Palmer Z and Smith S (2019). Higher-order Demand-driven Program Analysis, ACM Transactions on Programming Languages and Systems, 41:3, (1-53), Online publication date: 30-Sep-2019.
- Beek M, Damiani F, Lienhardt M, Mazzanti F and Paolini L Static Analysis of Featured Transition Systems Proceedings of the 23rd International Systems and Software Product Line Conference - Volume A, (39-51)
- Lou Y, Chen J, Zhang L, Hao D and Zhang L History-driven build failure fixing: how far are we? Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, (43-54)
- Bento L, Boccardo D, Machado R, Pereira De Sá V and Szwarcfiter J (2019). Full Characterization of a Class of Graphs Tailored for Software Watermarking, Algorithmica, 81:7, (2899-2916), Online publication date: 1-Jul-2019.
- Ivanov D and Schupp S Static analysis for worst-case battery utilization Proceedings of the 7th International Workshop on Formal Methods in Software Engineering, (1-10)
- Rodrigues M, Guimarães B and Pereira F Generation of in-bounds inputs for arrays in memory-unsafe languages Proceedings of the 2019 IEEE/ACM International Symposium on Code Generation and Optimization, (136-148)
- Andreescu O, Jensen T, Lescuyer S and Montagu B (2019). Inferring frame conditions with static correlation analysis, Proceedings of the ACM on Programming Languages, 3:POPL, (1-29), Online publication date: 2-Jan-2019.
- Bodin M, Gardner P, Jensen T and Schmitt A (2019). Skeletal semantics and their interpretations, Proceedings of the ACM on Programming Languages, 3:POPL, (1-31), Online publication date: 2-Jan-2019.
- Ginsbach P, Remmelg T, Steuwer M, Bodin B, Dubach C and O'Boyle M (2018). Automatic Matching of Legacy Code to Heterogeneous APIs, ACM SIGPLAN Notices, 53:2, (139-153), Online publication date: 30-Nov-2018.
- Ghaleb T, Alturki M, Aljasser K and Gerardo C (2018). Program comprehension through reverse‐engineered sequence diagrams, Journal of Software: Evolution and Process, 30:11, Online publication date: 14-Nov-2018.
- Zhao G and Huang J DeepSim: deep learning code functional similarity Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, (141-151)
- Spinellis D (2018). Modern debugging, Communications of the ACM, 61:11, (124-134), Online publication date: 26-Oct-2018.
- Szabó T, Bergmann G, Erdweg S and Voelter M (2018). Incrementalizing lattice-based program analyses in Datalog, Proceedings of the ACM on Programming Languages, 2:OOPSLA, (1-29), Online publication date: 24-Oct-2018.
- Izumida T, Mori A and Hashimoto M Context-Sensitive Flow Graph and Projective Single Assignment Form for Resolving Context-Dependency of Binary Code Proceedings of the 13th Workshop on Programming Languages and Analysis for Security, (48-53)
- Mandal A, Mohan D, Jetley R, Nair S and D'Souza M A Generic Static Analysis Framework for Domain-specific Languages 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA), (27-34)
- Eichberg M, Kübler F, Helm D, Reif M, Salvaneschi G and Mezini M Lattice based modularization of static analyses Companion Proceedings for the ISSTA/ECOOP 2018 Workshops, (113-118)
- Grech N, Fourtounis G, Francalanza A and Smaragdakis Y Shooting from the heap: ultra-scalable static analysis with heap snapshots Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, (198-208)
- Wei F, Roy S, Ou X and Robby (2018). Amandroid, ACM Transactions on Privacy and Security, 21:3, (1-32), Online publication date: 2-Jun-2018.
- Upadhyaya G and Rajan H Collective program analysis Proceedings of the 40th International Conference on Software Engineering, (620-631)
- Yu H, Chen Z, Wang J, Su Z and Dong W Symbolic verification of regular properties Proceedings of the 40th International Conference on Software Engineering, (871-881)
- Dong Y, Milanova A and Dolby J SecureMR Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, (1-13)
- Ginsbach P, Remmelg T, Steuwer M, Bodin B, Dubach C and O'Boyle M Automatic Matching of Legacy Code to Heterogeneous APIs Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems, (139-153)
- Burow N, Carr S, Nash J, Larsen P, Franz M, Brunthaler S and Payer M (2017). Control-Flow Integrity, ACM Computing Surveys, 50:1, (1-33), Online publication date: 31-Jan-2018.
- Maalej M, Paisante V, Magno Quinto Pereira F and Gonnord L (2018). Combining range and inequality information for pointer disambiguation, Science of Computer Programming, 152:C, (161-184), Online publication date: 15-Jan-2018.
- Melo L, Ribeiro R, de Araújo M and Pereira F (2017). Inference of static semantics for incomplete C programs, Proceedings of the ACM on Programming Languages, 2:POPL, (1-28), Online publication date: 1-Jan-2018.
- Qi X and Jiang Z (2017). Precise slicing of interprocedural concurrent programs, Frontiers of Computer Science: Selected Publications from Chinese Universities, 11:6, (971-986), Online publication date: 1-Dec-2017.
- Smits J and Visser E FlowSpec: declarative dataflow analysis specification Proceedings of the 10th ACM SIGPLAN International Conference on Software Language Engineering, (221-231)
- Poesia G, Guimarães B, Ferracioli F and Pereira F (2017). Static placement of computation on heterogeneous devices, Proceedings of the ACM on Programming Languages, 1:OOPSLA, (1-28), Online publication date: 12-Oct-2017.
- da Silva J and Pereira F Demand-driven less-than analysis Proceedings of the 21st Brazilian Symposium on Programming Languages, (1-8)
- Yu H Practical symbolic verification of regular properties Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, (1053-1055)
- Totoni E, Anderson T and Shpeisman T HPAT Proceedings of the International Conference on Supercomputing, (1-10)
- Zhang H and Rountev A Analysis and testing of notifications in Android wear applications Proceedings of the 39th International Conference on Software Engineering, (347-357)
- He W Generalized Micro-Specialization for Modern DBMS Architectures Proceedings of the 2017 ACM International Conference on Management of Data, (49-51)
- Warszawski T and Bailis P ACIDRain Proceedings of the 2017 ACM International Conference on Management of Data, (5-20)
- Fritz L and Hage J Cost versus precision for approximate typing for Python Proceedings of the 2017 ACM SIGPLAN Workshop on Partial Evaluation and Program Manipulation, (89-98)
- Kanvar V and Khedker U (2016). Heap Abstractions for Static Analysis, ACM Computing Surveys, 49:2, (1-47), Online publication date: 11-Nov-2016.
- Shao Y, Ott J, Jia Y, Qian Z and Mao Z The Misuse of Android Unix Domain Sockets and Security Implications Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (80-91)
- Thüm T, Ribeiro M, Schröter R, Siegmund J and Dalton F Product-line maintenance with emergent contract interfaces Proceedings of the 20th International Systems and Software Product Line Conference, (134-143)
- Schrittwieser S, Katzenbeisser S, Kinder J, Merzdovnik G and Weippl E (2016). Protecting Software through Obfuscation, ACM Computing Surveys, 49:1, (1-37), Online publication date: 28-Jul-2016.
- Moser M and Pichler J Documentation generation from annotated source code of scientific software Proceedings of the International Workshop on Software Engineering for Science, (12-15)
- Bova S, Ganian R and Szeider S (2015). Model Checking Existential Logic on Partially Ordered Sets, ACM Transactions on Computational Logic, 17:2, (1-35), Online publication date: 28-Mar-2016.
- Brandvein J and Liu Y Removing runtime overhead for optimized object queries Proceedings of the 2016 ACM SIGPLAN Workshop on Partial Evaluation and Program Manipulation, (73-84)
- Avanzini M, Dal Lago U and Moser G (2015). Analysing the complexity of functional programs: higher-order meets first-order, ACM SIGPLAN Notices, 50:9, (152-164), Online publication date: 18-Dec-2015.
- Autili M, Malavolta I, Perucci A and Scoccia G Perspectives on static analysis of mobile apps (invited talk) Proceedings of the 3rd International Workshop on Software Development Lifecycle for Mobile, (29-30)
- Avanzini M, Dal Lago U and Moser G Analysing the complexity of functional programs: higher-order meets first-order Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming, (152-164)
- Jourdan J, Laporte V, Blazy S, Leroy X and Pichardie D (2015). A Formally-Verified C Static Analyzer, ACM SIGPLAN Notices, 50:1, (247-259), Online publication date: 11-May-2015.
- Albert E, Flores-Montoya A and Genaim S May-Happen-in-Parallel Analysis with Condition Synchronization 4th International Workshop on Foundational and Practical Aspects of Resource Analysis - Volume 9964, (1-19)
- Jourdan J, Laporte V, Blazy S, Leroy X and Pichardie D A Formally-Verified C Static Analyzer Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, (247-259)
- Nazaré H, Maffra I, Santos W, Barbosa L, Gonnord L and Quintão Pereira F (2014). Validation of memory accesses through symbolic analyses, ACM SIGPLAN Notices, 49:10, (791-809), Online publication date: 31-Dec-2015.
- Nazaré H, Maffra I, Santos W, Barbosa L, Gonnord L and Quintão Pereira F Validation of memory accesses through symbolic analyses Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications, (791-809)
- Thüm T, Meinicke J, Benduhn F, Hentschel M, von Rhein A and Saake G Potential synergies of theorem proving and model checking for software product lines Proceedings of the 18th International Software Product Line Conference - Volume 1, (177-186)
- Meinicke J, Thüm T, Schröter R, Benduhn F and Saake G An overview on analysis tools for software product lines Proceedings of the 18th International Software Product Line Conference: Companion Volume for Workshops, Demonstrations and Tools - Volume 2, (94-101)
- Veanes M, BjØrner N, Nachmanson L and Bereg S Monadic Decomposition Proceedings of the 16th International Conference on Computer Aided Verification - Volume 8559, (628-645)
- Bova S, Ganian R and Szeider S Model checking existential logic on partially ordered sets Proceedings of the Joint Meeting of the Twenty-Third EACSL Annual Conference on Computer Science Logic (CSL) and the Twenty-Ninth Annual ACM/IEEE Symposium on Logic in Computer Science (LICS), (1-10)
- Thüm T, Apel S, Kästner C, Schaefer I and Saake G (2014). A Classification and Survey of Analysis Strategies for Software Product Lines, ACM Computing Surveys, 47:1, (1-45), Online publication date: 1-Jul-2014.
- Stolee K, Elbaum S and Dobos D (2014). Solving the Search for Source Code, ACM Transactions on Software Engineering and Methodology, 23:3, (1-45), Online publication date: 1-May-2014.
- Sampaio D, Souza R, Collange C and Pereira F (2014). Divergence analysis, ACM Transactions on Programming Languages and Systems, 35:4, (1-36), Online publication date: 1-Dec-2013.
- Liang G, Wang Q, Xie T and Mei H Inferring project-specific bug patterns for detecting sibling bugs Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, (565-575)
- Chang S Laziness by need Proceedings of the 22nd European conference on Programming Languages and Systems, (81-100)
- Tang X and Järvi J (2012). Summary-based data-flow analysis that understands regular composite objects and iterators, ACM SIGAPP Applied Computing Review, 12:4, (36-47), Online publication date: 1-Dec-2012.
- Edwards N and Chen L An historical examination of open source releases and their vulnerabilities Proceedings of the 2012 ACM conference on Computer and communications security, (183-194)
- Athavale V, Hertz S, Jetly D, Ganesan V, Krysl J and Vasudevan S Using static analysis for coverage extraction fromemulation/prototyping platforms Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, (207-214)
- Marinescu P and Cadar C High-coverage symbolic patch testing Proceedings of the 19th international conference on Model Checking Software, (7-21)
- Zhang F, Nielson F and Nielson H Model checking as static analysis Proceedings of the 9th international conference on Integrated Formal Methods, (99-112)
- Terepeta M, Nielson H and Nielson F Recursive advice for coordination Proceedings of the 14th international conference on Coordination Models and Languages, (137-151)
- Tang X and Järvi J Exploiting regularity of user-defined types to improve precision of program analyses Proceedings of the 27th Annual ACM Symposium on Applied Computing, (1743-1750)
- Babić D, Martignoni L, McCamant S and Song D Statically-directed dynamic automated test generation Proceedings of the 2011 International Symposium on Software Testing and Analysis, (12-22)
- Edvinsson M, Lundberg J and Löwe W Parallel points-to analysis for multi-core machines Proceedings of the 6th International Conference on High Performance and Embedded Architectures and Compilers, (45-54)
- Herold S Checking architectural compliance in component-based systems Proceedings of the 2010 ACM Symposium on Applied Computing, (2244-2251)
- Gulwani S and Tiwari A Combining abstract interpreters Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation, (376-386)
- Gulwani S and Tiwari A (2006). Combining abstract interpreters, ACM SIGPLAN Notices, 41:6, (376-386), Online publication date: 11-Jun-2006.
Recommendations
Efficient points-to analysis for whole-program analysis
ESEC/FSE-7: Proceedings of the 7th European software engineering conference held jointly with the 7th ACM SIGSOFT international symposium on Foundations of software engineeringTo function on programs written in languages such as C that make extensive use of pointers, automated software engineering tools require safe alias information. Existing alias-analysis techniques that are sufficiently efficient for analysis on large ...
Efficient points-to analysis for whole-program analysis
To function on programs written in languages such as C that make extensive use of pointers, automated software engineering tools require safe alias information. Existing alias-analysis techniques that are sufficiently efficient for analysis on large ...
Data-flow analysis of program fragments
Traditional interprocedural data-flow analysis is performed on whole programs; however, such whole-program analysis is not feasible for large or incomplete programs. We propose fragment data-flow analysis as an alternative approach which computes data-...