Abstract
Abstract Data-flow analysis is the static analysis of programs to estimate their approximate run-time behavior or approximate intermediate run-time values. It is an integral part of modern language specifications and compilers. In the specification of static semantics of programming languages, the concept of data-flow allows the description of well-formedness such as definite assignment of a local variable before its first use. In the implementation of compiler back-ends, data-flow analyses inform optimizations. Data-flow analysis has an established theoretical foundation. What lags behind is implementations of data-flow analysis in compilers, which are usually ad-hoc. This makes such implementations difficult to extend and maintain. In previous work researchers have proposed higher-level formalisms suitable for whole-program analysis in a separate tool, incremental analysis within editors, or bound to a specific intermediate representation. In this paper, we present FlowSpec , an executable formalism for specification of data-flow analysis. FlowSpec is a domain-specific language that enables direct and concise specification of data-flow analysis for programming languages, designed to express flow-sensitive, intra-procedural analyses. We define the formal semantics of FlowSpec in terms of monotone frameworks. We describe the design of FlowSpec using examples of standard analyses. We also include a description of our implementation of FlowSpec . In a case study we evaluate FlowSpec with the static analyses for Green-Marl , a domain-specific programming language for graph analytics.
Highlights
Nielson et al define program analysis as follows: Program analysis offers static compile-time techniques for predicting safe and computable approximations to the set of values or behaviors arising dynamically at run-time when executing a program on a computer [1, p. 1]
We have presented FLOWSPEC, a declarative specification language for the domain of data-flow analysis
We have shown its static semantics, and its dynamic semantics as a mapping onto monotone frameworks
Summary
Nielson et al define program analysis as follows: Program analysis offers static compile-time techniques for predicting safe and computable approximations to the set of values or behaviors arising dynamically at run-time when executing a program on a computer [1, p. 1]. Data-flow analyses are used to provide static guarantees in the form of compiler warnings and errors, to inform optimizations, to identify security problems, or problematic code style. Data-flow analyses may be part of the static semantics of a language. In Java a final field in a class must be initialized for an object of that class by the end of its construction [2, ch. Since constructor code can have conditional control-flow, a data-flow analysis is necessary to check that all possible execution paths through constructors assign a value to the final field. For another example, the compiler for Rust gives warnings on code paths that are unreachable [3]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
