NoCFG: A Lightweight Approach for Sound Call Graph Approximation

by   Aharon Abadi, et al.

Interprocedural analysis refers to gathering information about the entire program rather than for a single procedure only, as in intraprocedural analysis. Interprocedural analysis enables a more precise analysis; however, it is complicated due to the difficulty of constructing an accurate program call graph. Current algorithms for constructing sound and precise call graphs analyze complex program dependencies, therefore they might be difficult to scale. Their complexity stems from the kind of type-inference analysis they use, in particular the use of some variations of points-to analysis. To address this problem, we propose NoCFG, a new sound and scalable method for approximating a call graph that supports a wide variety of programming languages. A key property of NoCFG is that it works on a coarse abstraction of the program, discarding many of the programming language constructs. Due to the coarse program abstraction, extending it to support also other languages is easy. We provide a formal proof for the soundness of NoCFG and evaluations for real-world projects written in both Python and C#. The experimental results demonstrate a high precision rate of 90 a security use-case over projects with up to 2 million lines of code.



There are no comments yet.


page 9


Reasoning about Iteration and Recursion Uniformly based on Big-step Semantics

A reliable technique for deductive program verification should be proven...

A Denotational Engineering of Programming Languages

The book is devoted to two research areas: (1) Designing programming lan...

Effect Handling for Composable Program Transformations in Edward2

Algebraic effects and handlers have emerged in the programming languages...

An Executable Structural Operational Formal Semantics for Python

Python is a popular high-level general-purpose programming language also...

GGDs: Graph Generating Dependencies

We propose Graph Generating Dependencies (GGDs), a new class of dependen...

A Relational Static Semantics for Call Graph Construction

The problem of resolving virtual method and interface calls in object-or...

Typed-based Relaxed Noninterference for Free

Despite the clear need for specifying and enforcing information flow pol...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.