Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders
Static program analyses and transformations for Java face many problems when analyzing
programs that use reflection or custom class loaders: How can a static analysis know which …
programs that use reflection or custom class loaders: How can a static analysis know which …
A static approach to prioritizing junit test cases
Test case prioritization is used in regression testing to schedule the execution order of test
cases so as to expose faults earlier in testing. Over the past few years, many test case …
cases so as to expose faults earlier in testing. Over the past few years, many test case …
Application-only call graph construction
Since call graphs are an essential starting point for all inter-procedural analyses, many tools
and frameworks have been developed to generate the call graph of a given program. The …
and frameworks have been developed to generate the call graph of a given program. The …
Understanding the impact of APIs behavioral breaking changes on client applications
Libraries play a significant role in software development as they provide reusable
functionality, which helps expedite the development process. As libraries evolve, they …
functionality, which helps expedite the development process. As libraries evolve, they …
On the recall of static call graph construction in practice
Static analyses have problems modelling dynamic language features soundly while
retaining acceptable precision. The problem is well-understood in theory, but there is little …
retaining acceptable precision. The problem is well-understood in theory, but there is little …
Striking a balance: pruning false-positives from static call graphs
Researchers have reported that static analysis tools rarely achieve a false-positive rate that
would make them attractive to developers. We overcome this problem by a technique that …
would make them attractive to developers. We overcome this problem by a technique that …
Judge: Identifying, understanding, and evaluating sources of unsoundness in call graphs
Call graphs are widely used; in particular for advanced control-and data-flow analyses. Even
though many call graph algorithms with different precision and scalability properties have …
though many call graph algorithms with different precision and scalability properties have …
Typestate-like analysis of multiple interacting objects
NA Naeem, O Lhoták - ACM Sigplan Notices, 2008 - dl.acm.org
This paper presents a static analysis of typestate-like temporal specifications of groups of
interacting objects, which are expressed using tracematches. Whereas typestate expresses …
interacting objects, which are expressed using tracematches. Whereas typestate expresses …
Practical extensions to the IFDS algorithm
NA Naeem, O Lhoták, J Rodriguez - … Conference, CC 2010, Held as Part …, 2010 - Springer
This paper presents four extensions to the Interprocedural Finite Distributive Subset (IFDS)
algorithm that make it applicable to a wider class of analysis problems. IFDS is a dynamic …
algorithm that make it applicable to a wider class of analysis problems. IFDS is a dynamic …
Static javascript call graphs: A comparative study
The popularity and wide adoption of JavaScript both at the client and server side makes its
code analysis more important than ever before. Most of the algorithms for vulnerability …
code analysis more important than ever before. Most of the algorithms for vulnerability …