Summary: Polymorphic versus Monomorphic
Flow-insensitive Points-to Analysis for C y
Jerey S. Foster 1 , Manuel Fahndrich 2 , and Alexander Aiken 1
1 University of California, Berkeley, 387 Soda Hall #1776, Berkeley, CA 94720
fjfoster,aikeng@cs.berkeley.edu
2 Microsoft Research, One Microsoft Way, Redmond, WA 98052
maf@microsoft.com
Abstract We carry out an experimental analysis for two of the de-
sign dimensions of ow-insensitive points-to analysis for C: polymorphic
versus monomorphic and equality-based versus inclusion-based. Holding
other analysis parameters xed, we measure the precision of the four de-
sign points on a suite of benchmarks of up to 90,000 abstract syntax tree
nodes. Our experiments show that the benet of polymorphism varies
signicantly with the underlying monomorphic analysis. For our equality-
based analysis, adding polymorphism greatly increases precision, while
for our inclusion-based analysis, adding polymorphism hardly makes any
dierence. We also gain some insight into the nature of polymorphism
in points-to analysis of C. In particular, we nd considerable polymor-
phism available in function parameters, but little or no polymorphism in
function results, and we show how this observation explains our results.

Source: Aiken, Alex - Department of Computer Science, Stanford University

Collections: Computer Technologies and Information Sciences