Steps towards a theory and calculus of aliasing

A theory, graphical notation, mathematical calculus and implementation for finding whether two given expressions can, at execution time, denote references attached to the same object. Intended as the basis for a comprehensive solution to the “frame problem” and as a complement to, or even a replacement for, separation logic, shape analysis, ownership types and dynamic frames.

💡 Research Summary

The paper “Steps towards a Theory and Calculus of Aliasing” tackles one of the most persistent challenges in program analysis: determining whether two arbitrary expressions can denote references to the same heap object at run time. The authors argue that existing techniques—Separation Logic, Shape Analysis, Ownership Types, and Dynamic Frames—while powerful, either lack the precision needed for complex shared structures or are too heavyweight to be used as a general‑purpose solution to the frame problem. To fill this gap, the authors introduce a unified framework consisting of a graphical model (the Alias Graph), a formal set of transformation rules, a logical language for alias queries, and a calculus that can be mechanised and executed by a prototype tool.

Alias Graph
The Alias Graph is a directed multigraph whose vertices represent program variables, heap objects, and sub‑components of objects (fields, array elements). Edges encode “points‑to” relationships. Unlike traditional points‑to analyses, the graph is mutable: each program statement is associated with a graph‑transformation rule that updates the graph in a flow‑sensitive manner. Assignment creates a new object vertex and an edge from the target variable; pointer copy duplicates edges; field write rewires the edge from the field vertex to a new target; conditional branches generate graph joins; loops are handled by computing a fixed point over the transformation sequence. This explicit, visual representation makes it possible to trace aliasing paths through arbitrarily nested data structures.

Logical Alias Language
On top of the graph, the authors define an alias operator “↔” and a set of combinators (∧, ∨, ¬, →) that allow the construction of complex alias predicates. For example, the predicate “a