A Sliding-Window Algorithm for On-The-Fly Interprocedural Program Analysis

  • Xin LiEmail author
  • Mizuhito Ogawa
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10610)


Program analysis plays an important role in finding software flaws. Due to dynamic language features like late binding, there are many program analysis problems for which one could not assume a prior program control flow, e.g., Java points-to analysis, the disassembly of binary codes with indirect jumps, etc. In this work, we give a general formalization of such kind of on-the-fly interprocedural program analysis problems, and present a sliding-window algorithm for it in the framework of weighted pushdown systems. Our sliding window algorithm only consists of a series of local static analyses conducted on an arbitrary number of program methods, which does not sacrifice the precision of the whole program analysis at the manageable cost of caching intermediate analysis results during each iteration. We have implemented and evaluated the sliding-window algorithm by instantiating the framework with Java points-to analysis as an application. Our empirical study showed that the analysis based on the sliding-window algorithm always outperforms the whole program analysis on runtime efficiency and scalability.



We would like to thank anonymous referees for useful comments. The work has been partially supported by Shanghai Pujiang Program (No. 17PJ1402200), the JSPS KAKENHI Grant-in-Aid for Scientific Research(B) (15H02684) and the JSPS Core-to-Core Program (A. Advanced Research Networks).


  1. 1.
    Blackburn, S.M., et al.: The DaCapo benchmarks: Java benchmarking development and analysis. In: Proceedings of the 21st Annual ACM SIGPLAN Conference on Object-Oriented Programing, Systems, Languages, and Applications, OOPSLA 2006, pp. 169–190. ACM, New York (2006)Google Scholar
  2. 2.
    Conway, C.L., Namjoshi, K.S., Dams, D., Edwards, S.A.: Incremental algorithms for inter-procedural analysis of safety properties. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 449–461. Springer, Heidelberg (2005). doi: 10.1007/11513988_45 CrossRefGoogle Scholar
  3. 3.
    Cousot, P., Cousot, R.: Modular static program analysis. In: Horspool, R.N. (ed.) CC 2002. LNCS, vol. 2304, pp. 159–179. Springer, Heidelberg (2002). doi: 10.1007/3-540-45937-5_13 CrossRefGoogle Scholar
  4. 4.
    Esparza, J., Hansel, D., Rossmanith, P., Schwoon, S.: Efficient algorithms for model checking pushdown systems. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 232–247. Springer, Heidelberg (2000). doi: 10.1007/10722167_20. CrossRefGoogle Scholar
  5. 5.
    Lal, A., Reps, T.: Improving pushdown system model checking. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 343–357. Springer, Heidelberg (2006). doi: 10.1007/11817963_32 CrossRefGoogle Scholar
  6. 6.
    Li, X., Ogawa, M.: Stacking-based context-sensitive points-to analysis for Java. In: Namjoshi, K., Zeller, A., Ziv, A. (eds.) HVC 2009. LNCS, vol. 6405, pp. 133–149. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-19237-1_14 CrossRefGoogle Scholar
  7. 7.
    Reps, T., Lal, A., Kidd, N.: Program analysis using weighted pushdown systems. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, pp. 23–51. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-77050-3_4 CrossRefGoogle Scholar
  8. 8.
    Reps, T., Schwoon, S., Jha, S., Melski, D.: Weighted pushdown systems and their application to interprocedural dataflow analysis. Sci. Comput. Program. 58(1–2), 206–263 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Sagiv, M., Reps, T., Horwitz, S.: Precise interprocedural dataflow analysis with applications to constant propagation. Theor. Comput. Sci. 167(1–2), 131–170 (1996). MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Schwoon, S.: Model-checking pushdown systems. Ph.D. thesis (2002)Google Scholar
  11. 11.
    Vallée-Rai, R., Gagnon, E., Hendren, L., Lam, P., Pominville, P., Sundaresan, V.: Optimizing Java bytecode using the soot framework: is it feasible? In: Watt, D.A. (ed.) CC 2000. LNCS, vol. 1781, pp. 18–34. Springer, Heidelberg (2000). doi: 10.1007/3-540-46423-9_2 CrossRefGoogle Scholar
  12. 12.
    Yorsh, G., Yahav, E., Chandra, S.: Generating precise and concise procedure summaries. In: Proceedings of the 35th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2008, pp. 221–234. ACM, New York (2008).

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.East China Normal UniversityShanghaiChina
  2. 2.Japan Advanced Institute of Science and TechnologyNomiJapan

Personalised recommendations