Mix your contexts well: opportunities unleashed by recent advances in scaling context-sensitivity

Existing precise context-sensitive heap analyses do not scale well for large OO programs. Further, identifying the right context abstraction becomes quite intriguing as two of the most popular categories of context abstractions (call-site- and object-sensitive) lead to theoretically incomparable precision. In this paper, we address this problem by first doing a detailed comparative study (in terms of precision and efficiency) of the existing approaches, both with and without heap cloning. In addition, we propose novel context abstractions that lead to a new sweet-spot in the arena. We first enhance the precision of level-summarized relevant value (LSRV) contexts (a highly scalable abstraction with precision matching that of call-site-sensitivity) using heap cloning. Then, motivated by the resultant scalability, we propose the idea of mixing various context abstractions, and add the advantages of k-object-sensitive analyses to LSRV contexts, in an efficient manner. The resultant context abstraction, which we call lsrvkobjH, also leads to a novel connection between the two broad variants of otherwise incomparable context-sensitive analyses. Our evaluation shows that the newer proposals not only enhance the precision of both LSRV contexts and object-sensitive analyses (to perform control-flow analysis of Java programs), but also scale well to large programs.

[1]  M. Hermenegildo,et al.  Deriving a fixpoint computation algorithm for top-down abstract interpretation of logic programs , 1990 .

[2]  Yannis Smaragdakis,et al.  Scalability-first pointer analysis with self-tuning context-sensitivity , 2018, ESEC/SIGSOFT FSE.

[3]  V. Krishna Nandivada,et al.  PYE: A Framework for Precise-Yet-Efficient Just-In-Time Analyses for Java Programs , 2019, TOPL.

[4]  Yannis Smaragdakis,et al.  Introspective analysis: context-sensitivity, across the board , 2014, PLDI.

[5]  Amey Karkare,et al.  TwAS: two-stage shape analysis for speed and precision , 2018, SAC.

[6]  Maurice Bruynooghe,et al.  Improving abstract interpretations by combining domains , 1993, PEPM '93.

[7]  Yannis Smaragdakis,et al.  Hybrid context-sensitivity for points-to analysis , 2013, PLDI.

[8]  Hong-Seok Kim,et al.  Importance of heap specialization in pointer analysis , 2004, PASTE '04.

[9]  Li Yue Precision-Guided Context Sensitivity for Pointer Analysis , 2018 .

[10]  Jean-Marie Larchevêque Optimal incremental parsing , 1995, TOPL.

[11]  Ondrej Lhoták,et al.  Scaling Java Points-to Analysis Using SPARK , 2003, CC.

[12]  Barbara G. Ryder,et al.  Parameterized object sensitivity for points-to analysis for Java , 2005, TSEM.

[13]  Jingling Xue,et al.  Precision-preserving yet fast object-sensitive pointer analysis with partial context sensitivity , 2019, Proc. ACM Program. Lang..

[14]  Amer Diwan,et al.  The DaCapo benchmarks: java benchmarking development and analysis , 2006, OOPSLA '06.

[15]  Uday P. Khedker,et al.  Efficiency, Precision, Simplicity, and Generality in Interprocedural Data Flow Analysis: Resurrecting the Classical Call Strings Method , 2008, CC.

[16]  James F. Power,et al.  Platform independent dynamic Java virtual machine analysis: the Java Grande Forum benchmark suite , 2001, JGI '01.

[17]  Hongseok Yang,et al.  Selective context-sensitivity guided by impact pre-analysis , 2014, PLDI.

[18]  Jingling Xue,et al.  Making k-Object-Sensitive Pointer Analysis More Precise with Still k-Limiting , 2016, SAS.

[19]  A Pnueli,et al.  Two Approaches to Interprocedural Data Flow Analysis , 2018 .

[20]  Jingling Xue,et al.  Efficient and precise points-to analysis: modeling the heap by merging equivalent automata , 2017, PLDI.

[21]  Ondrej Lhoták,et al.  Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation , 2008, TSEM.

[22]  Manuel V. Hermenegildo,et al.  Towards Incremental and Modular Context-Sensitive Analysis , 2018, ICLP.

[23]  Rohan Padhye,et al.  Interprocedural data flow analysis in Soot using value contexts , 2013, SOAP '13.

[24]  V. Krishna Nandivada,et al.  Compare less, defer more: scaling value-contexts based whole-program heap analyses , 2019, CC.

[25]  Mira Mezini,et al.  Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[26]  Ondrej Lhoták,et al.  Pick your contexts well: understanding object-sensitivity , 2011, POPL '11.

[27]  Uday P. Khedker,et al.  Heap Abstractions for Static Analysis , 2014, ACM Comput. Surv..

[28]  Himanshu Sharma,et al.  Refinement in object-sensitivity points-to analysis via slicing , 2018, Proc. ACM Program. Lang..

[29]  Yannis Smaragdakis,et al.  Set-based pre-processing for points-to analysis , 2013, OOPSLA.

[30]  Ole Agesen The Cartesian Product Algorithm: Simple and Precise Type Inference Of Parametric Polymorphism , 1995, ECOOP.

[31]  Jens Palsberg,et al.  Object-oriented type inference , 1991, OOPSLA '91.

[32]  Olin Shivers,et al.  Control-flow analysis of higher-order languages of taming lambda , 1991 .

[33]  Laurie Hendren,et al.  Soot: a Java bytecode optimization framework , 2010, CASCON.