Abstract
We present a simple algorithmic extension of the approximate call-strings approach to mitigate substantial performance degradation caused by spurious interprocedural cycles. Spurious interprocedural cycles are, in a realistic setting, the key reasons for why approximate call-return semantics in both context-sensitive and-insensitive static analysis can make the analysis much slower than expected. In the approximate call-strings-based context-sensitive static analysis, because the number of distinguished contexts is finite, multiple call-contexts are inevitably joined at the entry of a procedure and the output at the exit is propagated to multiple return-sites. We found that these multiple returns frequently create a single large cycle (we call it 'butterfly cycle') covering almost all parts of the program and such a spurious cycle makes analyses very slow and inaccurate. Our simple algorithmic technique (within the fixpoint iteration algorithm) identifies and prunes these spurious interprocedural flows. The technique's effectiveness is proven by experiments with a realistic C analyzer to reduce the analysis time by 7-96%. As the technique is algorithmic, it can be easily applicable to existing analyses without changing the underlying abstract semantics, it is orthogonal to the underlying abstract semantics' context-sensitivity, and its correctness is obvious.
| Original language | English |
|---|---|
| Pages (from-to) | 585-603 |
| Number of pages | 19 |
| Journal | Software - Practice and Experience |
| Volume | 40 |
| Issue number | 8 |
| DOIs | |
| Publication status | Published - 2010 Jul |
| Externally published | Yes |
Keywords
- Abstract interpretation
- Fixpoint algorithm
- Interprocedural analysis
- Spurious cycles
- Static analysis
ASJC Scopus subject areas
- Software