1 / 13

Rethinking Soot for Summary-Based Whole-Program Analysis

Rethinking Soot for Summary-Based Whole-Program Analysis. Dacong Yan 1 , Guoqing Xu 2 , Atanas Rountev 1 1 Ohio State University 2 University of California, Irvine. PRESTO: Program Analyses and Software Tools Research Group, Ohio State University. Overview.

mala
Download Presentation

Rethinking Soot for Summary-Based Whole-Program Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Rethinking Soot for Summary-Based Whole-Program Analysis Dacong Yan1, Guoqing Xu2, Atanas Rountev1 1Ohio State University 2University of California, Irvine PRESTO: Program Analyses and Software Tools Research Group, Ohio State University

  2. Overview • Programs are built with reusable components • Standard libraries in Java, C++, C# • Domain-specific libraries and frameworks • Whole-program analysis • Analysis of both application and library code • Methods are analyzed under different contexts • Summary-based analysis • Pre-analysis of library code (summary generation) • Reuse result of pre-analysis (summary application) • Challenges • Carefully designed abstractions and algorithms • Infrastructure for summary generation and application

  3. Case Study: An Alias Analysis [ISSTA’11] m(a) { c = new …; //o1 a.f= c; return c.g; } d = new …; //o2 b = m(d); // call m

  4. Case Study: An Alias Analysis [ISSTA’11] f m(a) { c = new …; //o1 a.f= c; return c.g; } o1 sa c a g sf ret entrym exitm o2 d d = new …; //o2 b = m(d); // call m sm b

  5. Case Study: An Alias Analysis [ISSTA’11] f m(a) { c = new …; //o1 a.f= c; return c.g; } o1 sa c a g sf ret entrym exitm o2 d d = new …; //o2 b = m(d); // call m sm b balias?d

  6. Case Study: An Alias Analysis [ISSTA’11] f m(a) { c = new …; //o1 a.f= c; return c.g; } o1 sa c a g sf ret entrym exitm o2 d d = new …; //o2 b = m(d); // call m sm b balias?d

  7. Case Study: An Alias Analysis [ISSTA’11] f m(a) { c = new …; //o1 a.f= c; return c.g; } o1 sa c a g sf ret entrym exitm o2 d d = new …; //o2 b = m(d); // call m sm b

  8. Case Study: An Alias Analysis [ISSTA’11] f m(a) { c = new …; //o1 a.f= c; return c.g; } o1 sa c a g sf ret entrym exitm o2 d d = new …; //o2 b = m(d); // call m sm b f, g sa sg summary(m):

  9. Experimental Evaluation • 19 Java programs • For all programs, more than 50% of nodes in the call graph are methods in the Java standard library • For most programs, the percentage exceeds 80% • Two experiments • Summary-based construction of program representation • Summary-based computation of graph reachability • Results • Significant potential savings in analysis running time • Additional savings limited by infrastructure

  10. Discussion • Goal: support summary-based analysis in Soot • Problems with ad-hoc extensions • Difficulty in code maintenance • Difficulty in comparing analyses • Limited benefits in summarization • Issues to consider • Configuration mechanisms • Management of summary information • Verification of summary information

  11. Discussion • Configuration mechanisms • Customization to allow summary-based analysis • Dependence between analyses • Management of summary information • Unified summary APIs • Techniques of data structure persistence • Mapping back to program entities • Verification of summary information • Consistency between summary and Jimple • Code changes

  12. Conclusion • Case study on an alias analysis • Potential savings in analysis running time with summarization • Discussion on supporting summary-based analysis • Configuration mechanisms • Management of summary information • Verification of summary information

  13. Thank you

More Related