Skip to main content
SpringerLink
Log in

Selective Context-Sensitivity for k-CFA with CFL-Reachability

  • Conference paper
  • First Online:
Static Analysis (SAS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12913))

Included in the following conference series:

Abstract

k-CFA provides the most well-known context abstraction for program analysis, especially pointer analysis, for a wide range of programming languages. However, its inherent context explosion problem has hindered its applicability. To mitigate this problem, selective context-sensitivity is promising as context-sensitivity is applied only selectively to some parts of the program. This paper introduces a new approach to selective context-sensitivity for supporting k-CFA-based pointer analysis, based on CFL-reachability. Our approach can make k-CFA-based pointer analysis run significantly faster while losing little precision, based on an evaluation using a set of 11 popular Java benchmarks and applications.

Thanks to all the reviewers for their constructive comments. This work is supported by Australian Research Council Grants (DP170103956 and DP180104069).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ali, K., Lhoták, O.: Application-only call graph construction. In: Noble, J. (ed.) ECOOP 2012. LNCS, vol. 7313, pp. 688–712. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31057-7_30

    Chapter  Google Scholar 

  2. Ali, K., Lhoták, O.: Averroes: whole-program analysis without the whole program. In: Castagna, G. (ed.) ECOOP 2013. LNCS, vol. 7920, pp. 378–400. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39038-8_16

    Chapter  Google Scholar 

  3. Andersen, L.O.: Program analysis and specialization for the C programming language. Ph.D. thesis, University of Copenhagen, Copenhagen (1994)

    Google Scholar 

  4. Blackburn, S.M., et al.: The DaCapo benchmarks: Java benchmarking development and analysis. In: Proceedings of the 21st annual ACM SIGPLAN Conference on Object-Oriented Programing, Systems, Languages, and Applications(OOPSLA 2006), pp. 169–190. ACM Press, New York, October 2006. http://doi.acm.org/10.1145/1167473.1167488

  5. Bodden, E., Sewe, A., Sinschek, J., Oueslati, H., Mezini, M.: Taming reflection: aiding static analysis in the presence of reflection and custom class loaders. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 241–250. ACM (2011)

    Google Scholar 

  6. Bodík, R., Anik, S.: Path-sensitive value-flow analysis. In: Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (PoPL1998), pp. 237–251., Association for Computing Machinery, New York (1998). https://doi.org/10.1145/268946.268966

  7. Hardekopf, B., Lin, C.: Flow-sensitive pointer analysis for millions of lines of code. In: Proceedings of the 9th Annual IEEE/ACM International Symposium on Code Generation and Optimization, pp. 289–298 (CGO2011), IEEE Computer Society (2011)

    Google Scholar 

  8. He, D., Lu, J., Gao, Y., Xue, J.: Accelerating object-sensitive pointer analysis by exploiting object containment and reachability. In: 35th European Conference on Object-Oriented Programming (ECOOP 2021). Schloss Dagstuhl-Leibniz-Zentrum für Informatik (2021)

    Google Scholar 

  9. Jeon, M., Jeong, S., Oh, H.: Precise and scalable points-to analysis via data-driven context tunneling. In: Proceedings of the ACM on Programming Languages 2 (OOPSLA), p. 140 (2018)

    Google Scholar 

  10. Jeong, S., Jeon, M., Cha, S., Oh, H.: Data-driven context-sensitivity for points-to analysis. In: Proceedings of the ACM on Programming Languages (OOPSLA), vol. 1 , p. 100 (2017)

    Google Scholar 

  11. Lhoták, O., Hendren, L.: Scaling java points-to analysis using Spark. In: Hedin, G. (ed.) CC 2003. LNCS, vol. 2622, pp. 153–169. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36579-6_12

    Chapter  Google Scholar 

  12. Li, Y., Tan, T., Møller, A., Smaragdakis, Y.: A principled approach to selective context sensitivity for pointer analysis. ACM Trans. Program. Lang. Syst. 42(2) (2020). https://doi.org/10.1145/3381915

  13. Lu, J., He, D., Xue, J.: Eagle: CFL-reachability-based precision-preserving acceleration of object-sensitive pointer analysis with partial context sensitivity. ACM Transactions on Software Engineering and Methodology 30(4) (2021), to appear

    Google Scholar 

  14. Lu, J., Xue, J.: Precision-preserving yet fast object-sensitive pointer analysis with partial context sensitivity. In: Proceedings of the ACM on Programming Languages, vol. 3, Ocober 2019. https://doi.org/10.1145/3360574

  15. Milanova, A., Rountev, A., Ryder, B.G.: Parameterized object sensitivity for points-to analysis for Java. ACM Trans. Softw. Eng. Methodol. (TOSEM) 14(1), 1–41 (2005)

    Article  Google Scholar 

  16. Oh, H., Lee, W., Heo, K., Yang, H., Yi, K.: Selective context-sensitivity guided by impact pre-analysis. SIGPLAN Not. 49(6), 475–484 (2014). https://doi.org/10.1145/2666356.2594318

    Article  Google Scholar 

  17. Raghothaman, M., Kulkarni, S., Heo, K., Naik, M.: User-guided program reasoning using Bayesian inference. In: Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 722–735. ACM (2018)

    Google Scholar 

  18. Rasthofer, S., Arzt, S., Miltenberger, M., Bodden, E.: Harvesting runtime values in Android applications that feature anti-analysis techniques. In: NDSS (2016)

    Google Scholar 

  19. Reps, T.: Program analysis via graph reachability. Inf. Softw. Technol. 40(11–12), 701–726 (1998)

    Article  Google Scholar 

  20. Reps, T.: Undecidability of context-sensitive data-dependence analysis. ACM Trans. Prog. Lang. Syst. (TOPLAS) 22(1), 162–186 (2000)

    Article  Google Scholar 

  21. Reps, T., Horwitz, S., Sagiv, M.: Precise interprocedural dataflow analysis via graph reachability. In: Proceedings of the 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1995), pp. 49–61. Association for Computing Machinery, New York (1995). https://doi.org/10.1145/199448.199462

  22. Shang, L., Xie, X., Xue, J.: On-demand dynamic summary-based points-to analysis. In: Proceedings of the Tenth International Symposium on Code Generation and Optimization, pp. 264–274. ACM (2012)

    Google Scholar 

  23. Shivers, O.: Control-flow analysis of higher-order languages. Ph.D. thesis, Citeseer (1991)

    Google Scholar 

  24. Smaragdakis, Y., Bravenboer, M., Lhoták, O.: Pick your contexts well: understanding object-sensitivity. In: Proceedings of the 38th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2011), pp. 17–30. Association for Computing Machinery, New York (2011). https://doi.org/10.1145/1926385.1926390

  25. Smaragdakis, Y., Kastrinis, G., Balatsouras, G.: Introspective analysis: context-sensitivity, across the board. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2014), pp. 485–495. Association for Computing Machinery, New York (2014). https://doi.org/10.1145/2594291.2594320

  26. Sridharan, M., Bodík, R.: Refinement-based context-sensitive points-to analysis for Java. In: Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2006), pp. 387–400. Association for Computing Machinery, New York (2006). https://doi.org/10.1145/1133981.1134027

  27. Sridharan, M., Gopan, D., Shan, L., Bodík, R.: Demand-driven points-to analysis for Java. In: Proceedings of the 20th Annual ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications (OOPSLA 2005), pp. 59–76. ACM, New York (2005). https://doi.org/10.1145/1094811.1094817

  28. Sui, Y., Di, P., Xue, J.: Sparse flow-sensitive pointer analysis for multithreaded programs. In: Proceedings of the 2016 International Symposium on Code Generation and Optimization (CGO2016), pp. 160–170. Association for Computing Machinery, New York (2016). https://doi.org/10.1145/2854038.2854043

  29. Sui, Y., Ye, S., Xue, J., Yew, P.: SPAS: scalable path-sensitive pointer analysis on full-sparse SSA. In: Yang, H. (ed.) Programming Languages and Systems - 9th Asian Symposium, APLAS 2011, Kenting, Taiwan, December 5–7, 2011. LNCS, vol. 7078, pp. 155–171. Springer (2011). https://doi.org/10.1007/978-3-642-25318-8_14

  30. Tan, T., Li, Y., Xue, J.: Making k-object-sensitive pointer analysis more precise with still k-limiting. In: Rival, X. (ed.) SAS 2016. LNCS, vol. 9837, pp. 489–510. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53413-7_24

    Chapter  Google Scholar 

  31. Tan, T., Li, Y., Xue, J.: Efficient and precise points-to analysis: Modeling the heap by merging equivalent automata. In: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation. p. 278–291. PLDI 2017, Association for Computing Machinery, New York, NY, USA (2017). DOI: 10.1145/3062341.3062360

    Google Scholar 

  32. Thiessen, R., Lhoták, O.: Context transformations for pointer analysis. In: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2017), pp. 263–277. Association for Computing Machinery, New York (2017). https://doi.org/10.1145/3062341.3062359

  33. Vallée-Rai, R. Co, P., Gagnon, E., Hendren, L., Lam, P., Sundaresan, V.: Soot: a Java bytecode optimization framework. In: CASCON First Decade High Impact Papers, pp. 214–224. IBM Corp. (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Programming Languages and Compilers Group, School of Computer Science and Engineering UNSW, Sydney, Australia

    Jingbo Lu, Dongjie He & Jingling Xue

Authors
  1. Jingbo Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dongjie He
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jingling Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jingbo Lu .

Editor information

Editors and Affiliations

  1. Informal Systems, Inria, ENS, DI - Ecole Normale Supérieure, Paris, France

    Cezara Drăgoi

  2. Microsoft Corporation, Redmond, WA, USA

    Suvam Mukherjee

  3. Nokia Bell Labs, Murray Hill, NJ, USA

    Kedar Namjoshi

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lu, J., He, D., Xue, J. (2021). Selective Context-Sensitivity for k-CFA with CFL-Reachability. In: Drăgoi, C., Mukherjee, S., Namjoshi, K. (eds) Static Analysis. SAS 2021. Lecture Notes in Computer Science(), vol 12913. Springer, Cham. https://doi.org/10.1007/978-3-030-88806-0_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-88806-0_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-88805-3

  • Online ISBN: 978-3-030-88806-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation