Dataflow Analysis Flashcards
What is the classic dataflow analysis
Reaching Definitions - Find uninitialized variable uses
Available Expressions Analysis - Avoid Recomputing expressions
Very Busy Expressions - Reduce Code size
Life Variable - Allocate registers efficiently
Modern Dataflow Analysis
Interval Analysis - Check memory safety (integer overflow, buffer overruns..)
Taint Analysis - Check information flow (Sensitive data leak, code injection..)
Type State Analysis - Temporal safety properties (API protocols, libraries..)
Concurrency Analysis - Concurrency safety procedures (dataraces, deadlocks..)
Reaching Definitions Analysis
The goal of reaching definitions analysis is to determine
which assignments might reach each program point. More accurately, this analysis determines, for each program point, which assignments potentially have been made and not overwritten, when the program’s execution reaches that point along some
path.
Live Variable Analysis
Determine for each program point which variables could be live at that point
live variable
a variable is life if there is a path to a use of the variable that does not redefine the variable
In and out of live variable analysis
In set is every live variable before the node. Out set is every variable which is live after the node.
