Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Volume 24 (2018)
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Issue 13
Issue 14
Issue 15
Issue 16
Issue 17
Issue 18
Issue 19
Issue 20
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 18 / Issue 20

available in:   PDF (302 kB) PS (3 MB)
 
get:  
Similar Docs BibTeX   Write a comment
  
get:  
Links into Future
 
DOI:   10.3217/jucs-018-20-2851

 

Points-to Analysis: A Fine-Grained Evaluation

Jonas Lundberg (Linnaeus University, Sweden)

Welf Lowe (Linnaeus University, Sweden)

Abstract: Points-to analysis is a static program analysis that extracts reference information from programs, e.g., possible targets of a call and possible objects referenced by a field. Previous works evaluating different approaches to context-sensitive Pointsto analyses use coarse-grained precision metrics focusing on references between source code entities like methods and classes. Two typical examples of such metrics are the number of nodes and edges in a call-graph. These works indicate that context-sensitive analysis with a call-depth k = 1 only provides slightly better precision than contextinsensitive analysis. Moreover, these works could not find a substantial precision improvement when using the more expensive analyses with call-depth k < 1.

The hypothesis in the present paper is that substantial differences between the contextsensitive approaches show if (and only if) the precision is measured by more fine-grained metrics focusing on individual objects (rather than methods and classes) and references between them. These metrics are justified by the many applications requiring such detailed object reference information.

In order to experimentally validate our hypothesis we make a systematic comparison of ten different variants of context-sensitive Points-to analysis using different call-depths k <= 1 for separating the contexts. For the comparison we use a metric suite containing four different metrics that all focus on individual objects and references between them.

The main results show that the differences between different context-sensitive analysis techniques are substantial, also the differences between the context-insensitive and the context-sensitive analyses with call-depth k = 1 are substantial. The major surprise was that increasing the call-depth k < 1 did not lead to any substantial precision improvements. This is a negative result since it indicates that, in practice, we cannot get a more precise Points-to analysis by increasing the call-depth. Further investigations show that substantial precision improvements can be detected for k < 1, but they occur at such a low detail level that they are unlikely to be of any practical use.

Keywords: context sensitivity, points-to analysis, static program analysis

Categories: D.2.3, D.3.4, F.3.2