Framework for Java Pointer Analysis

Introduction

Versatile. Doop is a framework for pointer, or points-to, analysis of Java programs. Doop implements a range of algorithms, including context insensitive, call-site sensitive, and object-sensitive analyses, all specified modularly as variations on a common code base.

Fast. Compared to alternative context-sensitive pointer analysis implementations (such as Paddle) Doop is much faster, and scales better. Also, with comparable context-sensitivity features, Doop is more precise in handling some Java features (for example exceptions) than alternatives.

Declarative. Doop builds on the idea of specifying pointer analysis algorithms declaratively, using Datalog: a logic-based language for defining (recursive) relations. Doop carries the declarative approach further than past work (such as bddbddb) by describing the full end-to-end analysis in Datalog and optimizing aggressively through exposition of the representation of relations (for example indexing) to the Datalog language level. Doop uses the Datalog dialect and engine of LogicBlox.

News

Tutorial Survey

"Pointer Analysis" (Foundations and Trends in PL).

APLAS 2015

"More Sound Static Handling of Java Reflection" Asian Symposium on Programming Languages and Systems (APLAS'15), November 2015.

PLDI 2014

"Introspective Analysis: Context Sensitivity, Across the Board" Programming Language Design and Implementation (PLDI'14), June 2014.

OOPSLA 2013

"Set-Based Pre-Processing for Points-To Analysis" Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'13), October 2013.

PLDI 2013

"Hybrid Context Sensitivity for Points-To Analysis" Programming Language Design and Implementation (PLDI'13), June 2013.

Features

Major features of Doop are:

Together, these features make Doop by far the most sophisticated and reliable points-to analysis implementation for Java.

last update: 2016-9-21