Pushdown Exception-Flow Analysis of Object-Oriented Programs
Shuying Liang, Matthew Might, Thomas Gilray, David Van Horn
TL;DR
This paper extends pushdown control-flow analysis to object-oriented programs with exceptions, significantly improving precision and efficiency in static analysis of such programs.
Contribution
It generalizes pushdown analysis to handle exceptions in object-oriented languages and combines it with abstract garbage collection for efficiency.
Findings
Pushdown analysis greatly improves exception handling precision.
Abstract garbage collection halves analysis time.
Effective analysis on Dalvik bytecode and Android apps.
Abstract
Statically reasoning in the presence of and about exceptions is challenging: exceptions worsen the well-known mutual recursion between data-flow and control-flow analysis. The recent development of pushdown control-flow analysis for the {\lambda}-calculus hints at a way to improve analysis of exceptions: a pushdown stack can precisely match catches to throws in the same way it matches returns to calls. This work generalizes pushdown control-flow analysis to object-oriented programs and to exceptions. Pushdown analysis of exceptions improves precision over the next best analysis, Bravenboer and Smaragdakis's Doop, by orders of magnitude. By then generalizing abstract garbage collection to object-oriented programs, we reduce analysis time by half over pure pushdown analysis. We evaluate our implementation for Dalvik bytecode on standard benchmarks as well as several Android applications.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Parallel Computing and Optimization Techniques · Software System Performance and Reliability