Auflistung nach Autor:in "Keidel, Sven"
1 - 3 von 3
Treffer pro Seite
Sortieroptionen
- TextdokumentAXA: Cross-Language Analysis through Integration of Single-Language Analyses(Software Engineering 2025, 2025) Roth, Tobias; Näumann, Julius; Helm, Dominik; Keidel, Sven; Mezini, MiraModern software is often implemented in multiple interacting programming languages. When performing static analysis of such software, it is desirable to reuse existing single-language analyses to allow access to the results of decades of implementation effort. However, there are major challenges for this approach. In this paper, we analyze them and present AXA, an architecture that addresses them and enables cross-language analysis by integrating single-language analyses. To evaluate AXA, we implemented a cross-language points-to analysis for Java applications that interact with native code via Java Native Interface (JNI) and with JavaScript code via Java’s ScriptEngine. The evaluation shows that AXA enables significant reuse of existing static analyses. It also shows that AXA supports complex interactions and significantly increases recall of reused analyses without compromising precision.
- TextdokumentTotal Recall? How Good Are Static Call Graphs Really?(Software Engineering 2025, 2025) Helm, Dominik; Keidel, Sven; Kampkötter, Anemone; Düsing, Johannes; Roth, Tobias; Hermann, Ben; Mezini, MiraStatic call graphs are a fundamental building block of program analysis. However, differences in callgraph construction and the use of specific language features can yield unsoundness and imprecision. Call-graph analyses are evaluated using measures of precision and recall, but this is hard when a ground truth for real-world programs is generally unobtainable. We propose to use dynamic baselines based on fixed entry points and input corpora. The creation of this dynamic baseline is posed as an approximation of the ground truth—an optimization problem. We use manual extension and coverage-guided fuzzing for creating suitable input corpora. With these dynamic baselines, we study call-graph quality of multiple algorithms and implementations using four real-world Java programs. We find that our methodology provides insights into call-graph quality and how to measure it. We provide a novel methodology to advance the field of static program analysis as we assess the computation of one of its core data structures—the call graph.
- TextdokumentUnimocg: Modular Call-Graph Algorithms for Consistent Handling of Language Features(Software Engineering 2025, 2025) Helm, Dominik; Roth, Tobias; Keidel, Sven; Reif, Michael; Mezini, MiraTraditional call-graph construction algorithms conflate the computation of possible runtime types with the actual resolution of (virtual) calls. This tangled design impedes supporting complex language features and APIs and making systematic trade-offs between precision, soundness, and scalability. It also impedes implementation of precise downstream analyses that rely on type information. We propose Unimocg, a modular architecture for call-graph construction that decouples computation of type information from resolving calls. Due to its modular design, Unimocg can combine different call-graph algorithms with algorithm-agnostic modules to support individual language features. These modules operate at the same precision as the chosen call-graph. Unimocg also allows other analyses to easily reuse precise type information from the call-graph construction. We demonstrate how Unimocg enables call-graph algorithms with different precision, soundness, and scalability trade-offs from reusable modules. It currently supports ten algorithms from different families, such as CHA, RTA, XTA, and k-l-CFA. They show consistent soundness without sacrificing precision or performance. We also show how an immutability analysis is improved using Unimocg.