SlideShare a Scribd company logo
1 of 12
Download to read offline
Systematic Evaluation of the
Unsoundness of Call Graph
Construction Algorithms for Java
Michael Reif, Florian Kübler, Michael Eichberg, and Mira Mezini

Software Technology Group

Technische Universität Darmstadt

Germany

1
Why We Shouldn’t Take 

Call Graphs for Granted
• Call graphs are a central data-structure for numerous
static analyses

• Call graphs directly impact a client analysis’ result

• The chosen algorithm predetermines an analysis’
precision and recall

• Programming languages evolve (APIs and features are
added) and frameworks might not
!2
How We Assess Call-graph
Implementations
• Build a test suite that contains a wide range of minimal,
focused test cases

• Similar tests are kept within the same category (e.g.,
polymorphic calls or the Reflection API)

• Each test case tests a single relevant aspect

• Proof of concept: compare Soot and WALA’s built-in call
graphs
!3
Overall Approach
!4
TC1.jar
TC2.jar
Test Cases
Extractor
TC3.jar
Framework
Adapter
currently:
Soot, WALA
Computed
& Serialized
Call Graph
CG3.json
Computed
& Serialized
Call Graph
CG3.json
Computed
& Serialized
Call Graph
TC3.json
<Test Fixtures
Category>.md
Test Case 1(TC1)
…
Test Case 3 (TCN)
Call Graph
Matcher
Report_T
C3.txtReport_T
C3.txtReport
TC3.csv
expected call targets
generate
parse
compile
runanalysis
write
process
Exemplary Test Case
• Each category has:

• a description

• multiple test cases

• Each test case has:

• a scenario description

• the test code

• excepted calls

• Available annotations:

• CallSite

• IndirectCall
!5
Covered 

Test Suite Categories
• Static Initializer

• Polymorphic Calls

• Java 8 Polymorphic Calls

• Lambdas

• Method References

• Trivial Reflection

• Locally Resolve Reflection

• Context-senstive
Reflection

• Unsafe API

• Type casts

• Serialization

• …
!6
Reflection
Unsafe
JNI
APIs
…
JVM
Threads
GC
Serialization
…
Features
Lambdas
default methods
…
virtual calls
Static Initializer
Research Questions
vs
RQ1
How do the call graphs of Soot 

and WALA compare with each other?
RQ2
What are the main sources of unsoundness

in built-in call-graph implementations?
!7
!8
vs vs
Both support
basic features
Java 8 support
only in WALA
Reflection is
barely supported
Serialization is
unsupported
Reflection
Unsafe
JNI
APIs
…
JVM
Threads
GC
Serialization
…
Features
Lambdas
default methods
…
virtual calls
Static Initializer
Sources of Unsoundness
• APIs that are not or only partially modeled (e.g. Reflection
or Unsafe)

• new language features, such as Lambdas

• corner cases that must be covered

• the test suite is not complete
!9
Call for Contribution
• The test suite is by far not complete w.r.t to all Java
features and Core APIs

• add an adapter for your framework

• contribute under: https://bitbucket.org/delors/jcg
!10
What’s next?
• We’ll add further test scenarios for yet missing Language
Features (e.g. Java 9 modules), Core APIs (e.g.
Classloading), and JVM specifics

• Add support for other frameworks (e.g. DOOP and OPAL) 

• Quantify the effect of missing features on real-world
projects
!11
Summary
!12
Questions?

More Related Content

What's hot

Ivv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systemsIvv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systemsDharmalingam Ganesan
 
Finding Defects in C#: Coverity vs. FxCop
Finding Defects in C#: Coverity vs. FxCopFinding Defects in C#: Coverity vs. FxCop
Finding Defects in C#: Coverity vs. FxCopCoverity
 
Model-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight ExecutiveModel-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight ExecutiveDharmalingam Ganesan
 
Software Testing - Tool support for testing (CAST) - Mazenet Solution
Software Testing - Tool support for testing (CAST) - Mazenet SolutionSoftware Testing - Tool support for testing (CAST) - Mazenet Solution
Software Testing - Tool support for testing (CAST) - Mazenet SolutionMazenetsolution
 
Cucumber spec - a tool takes your bdd to the next level
Cucumber spec - a tool takes your bdd to the next levelCucumber spec - a tool takes your bdd to the next level
Cucumber spec - a tool takes your bdd to the next levelnextbuild
 
White Box Testing
White Box TestingWhite Box Testing
White Box TestingAlisha Roy
 
Code review process with JetBrains UpSource
Code review process with JetBrains UpSourceCode review process with JetBrains UpSource
Code review process with JetBrains UpSourceOleksii Prohonnyi
 
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case StudyModel-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case StudyDharmalingam Ganesan
 
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Raffi Khatchadourian
 
HowOthersDoAutomatedTesting
HowOthersDoAutomatedTestingHowOthersDoAutomatedTesting
HowOthersDoAutomatedTestingGeorge Jeffcock
 
Diffy : Automatic Testing of Microservices @ Twitter
Diffy : Automatic Testing of Microservices @ TwitterDiffy : Automatic Testing of Microservices @ Twitter
Diffy : Automatic Testing of Microservices @ TwitterPuneet Khanduri
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisRune Sundling
 

What's hot (19)

Ivv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systemsIvv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systems
 
Refactoring
RefactoringRefactoring
Refactoring
 
Finding Defects in C#: Coverity vs. FxCop
Finding Defects in C#: Coverity vs. FxCopFinding Defects in C#: Coverity vs. FxCop
Finding Defects in C#: Coverity vs. FxCop
 
Test api
Test apiTest api
Test api
 
Model-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight ExecutiveModel-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight Executive
 
Software Testing - Tool support for testing (CAST) - Mazenet Solution
Software Testing - Tool support for testing (CAST) - Mazenet SolutionSoftware Testing - Tool support for testing (CAST) - Mazenet Solution
Software Testing - Tool support for testing (CAST) - Mazenet Solution
 
Cucumber spec - a tool takes your bdd to the next level
Cucumber spec - a tool takes your bdd to the next levelCucumber spec - a tool takes your bdd to the next level
Cucumber spec - a tool takes your bdd to the next level
 
White Box Testing
White Box TestingWhite Box Testing
White Box Testing
 
Code review process with JetBrains UpSource
Code review process with JetBrains UpSourceCode review process with JetBrains UpSource
Code review process with JetBrains UpSource
 
Unit Testing Your Application
Unit Testing Your ApplicationUnit Testing Your Application
Unit Testing Your Application
 
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case StudyModel-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
 
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
 
DISE - Programming Concepts
DISE - Programming ConceptsDISE - Programming Concepts
DISE - Programming Concepts
 
HowOthersDoAutomatedTesting
HowOthersDoAutomatedTestingHowOthersDoAutomatedTesting
HowOthersDoAutomatedTesting
 
UNIT testing
UNIT testingUNIT testing
UNIT testing
 
Diffy : Automatic Testing of Microservices @ Twitter
Diffy : Automatic Testing of Microservices @ TwitterDiffy : Automatic Testing of Microservices @ Twitter
Diffy : Automatic Testing of Microservices @ Twitter
 
Parasoft fda software compliance part2
Parasoft fda software compliance   part2Parasoft fda software compliance   part2
Parasoft fda software compliance part2
 
White box testing
White box testingWhite box testing
White box testing
 
Static code analysis
Static code analysisStatic code analysis
Static code analysis
 

Similar to Systematic Evaluation of the Unsoundness of Call Graph Algorithms for Java

Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...
Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...
Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...Michael Reif
 
A-Brief-Introduction-To-JAVA8_By_Srimanta_Sahu
A-Brief-Introduction-To-JAVA8_By_Srimanta_SahuA-Brief-Introduction-To-JAVA8_By_Srimanta_Sahu
A-Brief-Introduction-To-JAVA8_By_Srimanta_SahuSrimanta Sahu
 
Java 8 selected updates
Java 8 selected updatesJava 8 selected updates
Java 8 selected updatesVinay H G
 
Testing strategies -2
Testing strategies -2Testing strategies -2
Testing strategies -2Divya Tiwari
 
Apache Spark MLlib 2.0 Preview: Data Science and Production
Apache Spark MLlib 2.0 Preview: Data Science and ProductionApache Spark MLlib 2.0 Preview: Data Science and Production
Apache Spark MLlib 2.0 Preview: Data Science and ProductionDatabricks
 
TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...
TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...
TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...Iosif Itkin
 

Similar to Systematic Evaluation of the Unsoundness of Call Graph Algorithms for Java (20)

Vaidyanathan Ramalingam Trade Off Economics In Testing Conference Speech
Vaidyanathan Ramalingam Trade Off Economics In Testing Conference SpeechVaidyanathan Ramalingam Trade Off Economics In Testing Conference Speech
Vaidyanathan Ramalingam Trade Off Economics In Testing Conference Speech
 
Vaidyanathan Ramalingam_Iterative Testing_SOFTEC_2_July2011_Silicon India Con...
Vaidyanathan Ramalingam_Iterative Testing_SOFTEC_2_July2011_Silicon India Con...Vaidyanathan Ramalingam_Iterative Testing_SOFTEC_2_July2011_Silicon India Con...
Vaidyanathan Ramalingam_Iterative Testing_SOFTEC_2_July2011_Silicon India Con...
 
Vaidyanathan Ramalingam_Testing in Agile_SOFTEC_2_July2011_Silicon India Conf...
Vaidyanathan Ramalingam_Testing in Agile_SOFTEC_2_July2011_Silicon India Conf...Vaidyanathan Ramalingam_Testing in Agile_SOFTEC_2_July2011_Silicon India Conf...
Vaidyanathan Ramalingam_Testing in Agile_SOFTEC_2_July2011_Silicon India Conf...
 
Vaidyanathan Ramalingam Rca In Testing Conference Speech
Vaidyanathan Ramalingam Rca In Testing Conference SpeechVaidyanathan Ramalingam Rca In Testing Conference Speech
Vaidyanathan Ramalingam Rca In Testing Conference Speech
 
Vaidyanathan Ramalingam Testing Checklist Conference Speech
Vaidyanathan Ramalingam Testing Checklist Conference SpeechVaidyanathan Ramalingam Testing Checklist Conference Speech
Vaidyanathan Ramalingam Testing Checklist Conference Speech
 
Vaidyanathan Ramalingam_Sprint Testing_SOFTEC_2_July2011_Silicon India Conf_B...
Vaidyanathan Ramalingam_Sprint Testing_SOFTEC_2_July2011_Silicon India Conf_B...Vaidyanathan Ramalingam_Sprint Testing_SOFTEC_2_July2011_Silicon India Conf_B...
Vaidyanathan Ramalingam_Sprint Testing_SOFTEC_2_July2011_Silicon India Conf_B...
 
Vaidyanathan Ramalingam Agile Conference Speech
Vaidyanathan Ramalingam Agile Conference SpeechVaidyanathan Ramalingam Agile Conference Speech
Vaidyanathan Ramalingam Agile Conference Speech
 
Vaidyanathan Ramalingam Agile Testing Conference Speech
Vaidyanathan Ramalingam Agile Testing Conference SpeechVaidyanathan Ramalingam Agile Testing Conference Speech
Vaidyanathan Ramalingam Agile Testing Conference Speech
 
Vaidyanathan Ramalingam Rca In Agile Conference Speech
Vaidyanathan Ramalingam Rca In Agile Conference SpeechVaidyanathan Ramalingam Rca In Agile Conference Speech
Vaidyanathan Ramalingam Rca In Agile Conference Speech
 
Vaidyanathan Ramalingam_Agile QA_SOFTEC_2_July2011_Silicon India Conf_Bangalore
Vaidyanathan Ramalingam_Agile QA_SOFTEC_2_July2011_Silicon India Conf_BangaloreVaidyanathan Ramalingam_Agile QA_SOFTEC_2_July2011_Silicon India Conf_Bangalore
Vaidyanathan Ramalingam_Agile QA_SOFTEC_2_July2011_Silicon India Conf_Bangalore
 
Vaidyanathan Ramalingam Agile Testing Leadership Lessons Softec 2 July2011
Vaidyanathan Ramalingam Agile Testing Leadership Lessons Softec 2 July2011Vaidyanathan Ramalingam Agile Testing Leadership Lessons Softec 2 July2011
Vaidyanathan Ramalingam Agile Testing Leadership Lessons Softec 2 July2011
 
Vaidyanathan Ramalingam Software Testing Eco System Conference Speech
Vaidyanathan Ramalingam Software Testing Eco System Conference SpeechVaidyanathan Ramalingam Software Testing Eco System Conference Speech
Vaidyanathan Ramalingam Software Testing Eco System Conference Speech
 
Vaidyanathan Ramalingam Silicon India Testing Conference 2 July2011 Speech
Vaidyanathan Ramalingam Silicon India Testing Conference 2 July2011 SpeechVaidyanathan Ramalingam Silicon India Testing Conference 2 July2011 Speech
Vaidyanathan Ramalingam Silicon India Testing Conference 2 July2011 Speech
 
Vaidyanathan Ramalingam Waterfall Vs Agile Testing Conference Speech
Vaidyanathan Ramalingam Waterfall Vs Agile Testing Conference SpeechVaidyanathan Ramalingam Waterfall Vs Agile Testing Conference Speech
Vaidyanathan Ramalingam Waterfall Vs Agile Testing Conference Speech
 
Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...
Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...
Judge: Identifying, Understanding, and Evaluating Sources of Unsoundness in C...
 
A-Brief-Introduction-To-JAVA8_By_Srimanta_Sahu
A-Brief-Introduction-To-JAVA8_By_Srimanta_SahuA-Brief-Introduction-To-JAVA8_By_Srimanta_Sahu
A-Brief-Introduction-To-JAVA8_By_Srimanta_Sahu
 
Java 8 selected updates
Java 8 selected updatesJava 8 selected updates
Java 8 selected updates
 
Testing strategies -2
Testing strategies -2Testing strategies -2
Testing strategies -2
 
Apache Spark MLlib 2.0 Preview: Data Science and Production
Apache Spark MLlib 2.0 Preview: Data Science and ProductionApache Spark MLlib 2.0 Preview: Data Science and Production
Apache Spark MLlib 2.0 Preview: Data Science and Production
 
TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...
TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...
TMPA-2015: The Application of Parameterized Hierarchy Templates for Automated...
 

Recently uploaded

Loudspeaker- direct radiating type and horn type.pptx
Loudspeaker- direct radiating type and horn type.pptxLoudspeaker- direct radiating type and horn type.pptx
Loudspeaker- direct radiating type and horn type.pptxpriyankatabhane
 
Oxo-Acids of Halogens and their Salts.pptx
Oxo-Acids of Halogens and their Salts.pptxOxo-Acids of Halogens and their Salts.pptx
Oxo-Acids of Halogens and their Salts.pptxfarhanvvdk
 
AICTE activity on Water Conservation spreading awareness
AICTE activity on Water Conservation spreading awarenessAICTE activity on Water Conservation spreading awareness
AICTE activity on Water Conservation spreading awareness1hk20is002
 
Advances in AI-driven Image Recognition for Early Detection of Cancer
Advances in AI-driven Image Recognition for Early Detection of CancerAdvances in AI-driven Image Recognition for Early Detection of Cancer
Advances in AI-driven Image Recognition for Early Detection of CancerLuis Miguel Chong Chong
 
3.-Acknowledgment-Dedication-Abstract.docx
3.-Acknowledgment-Dedication-Abstract.docx3.-Acknowledgment-Dedication-Abstract.docx
3.-Acknowledgment-Dedication-Abstract.docxUlahVanessaBasa
 
Total Legal: A “Joint” Journey into the Chemistry of Cannabinoids
Total Legal: A “Joint” Journey into the Chemistry of CannabinoidsTotal Legal: A “Joint” Journey into the Chemistry of Cannabinoids
Total Legal: A “Joint” Journey into the Chemistry of CannabinoidsMarkus Roggen
 
ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...
ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...
ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...Chayanika Das
 
DNA isolation molecular biology practical.pptx
DNA isolation molecular biology practical.pptxDNA isolation molecular biology practical.pptx
DNA isolation molecular biology practical.pptxGiDMOh
 
DETECTION OF MUTATION BY CLB METHOD.pptx
DETECTION OF MUTATION BY CLB METHOD.pptxDETECTION OF MUTATION BY CLB METHOD.pptx
DETECTION OF MUTATION BY CLB METHOD.pptx201bo007
 
HEMATOPOIESIS - formation of blood cells
HEMATOPOIESIS - formation of blood cellsHEMATOPOIESIS - formation of blood cells
HEMATOPOIESIS - formation of blood cellsSachinSuresh44
 
6.2 Pests of Sesame_Identification_Binomics_Dr.UPR
6.2 Pests of Sesame_Identification_Binomics_Dr.UPR6.2 Pests of Sesame_Identification_Binomics_Dr.UPR
6.2 Pests of Sesame_Identification_Binomics_Dr.UPRPirithiRaju
 
Interpreting SDSS extragalactic data in the era of JWST
Interpreting SDSS extragalactic data in the era of JWSTInterpreting SDSS extragalactic data in the era of JWST
Interpreting SDSS extragalactic data in the era of JWSTAlexander F. Mayer
 
KDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdf
KDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdfKDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdf
KDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdfGABYFIORELAMALPARTID1
 
Understanding Nutrition, 16th Edition pdf
Understanding Nutrition, 16th Edition pdfUnderstanding Nutrition, 16th Edition pdf
Understanding Nutrition, 16th Edition pdfHabibouKarbo
 
Speed Breeding in Vegetable Crops- innovative approach for present era of cro...
Speed Breeding in Vegetable Crops- innovative approach for present era of cro...Speed Breeding in Vegetable Crops- innovative approach for present era of cro...
Speed Breeding in Vegetable Crops- innovative approach for present era of cro...jana861314
 
Science (Communication) and Wikipedia - Potentials and Pitfalls
Science (Communication) and Wikipedia - Potentials and PitfallsScience (Communication) and Wikipedia - Potentials and Pitfalls
Science (Communication) and Wikipedia - Potentials and PitfallsDobusch Leonhard
 
Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...
Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...
Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...Chiheb Ben Hammouda
 
Production technology of Brinjal -Solanum melongena
Production technology of Brinjal -Solanum melongenaProduction technology of Brinjal -Solanum melongena
Production technology of Brinjal -Solanum melongenajana861314
 

Recently uploaded (20)

Loudspeaker- direct radiating type and horn type.pptx
Loudspeaker- direct radiating type and horn type.pptxLoudspeaker- direct radiating type and horn type.pptx
Loudspeaker- direct radiating type and horn type.pptx
 
Oxo-Acids of Halogens and their Salts.pptx
Oxo-Acids of Halogens and their Salts.pptxOxo-Acids of Halogens and their Salts.pptx
Oxo-Acids of Halogens and their Salts.pptx
 
AICTE activity on Water Conservation spreading awareness
AICTE activity on Water Conservation spreading awarenessAICTE activity on Water Conservation spreading awareness
AICTE activity on Water Conservation spreading awareness
 
Advances in AI-driven Image Recognition for Early Detection of Cancer
Advances in AI-driven Image Recognition for Early Detection of CancerAdvances in AI-driven Image Recognition for Early Detection of Cancer
Advances in AI-driven Image Recognition for Early Detection of Cancer
 
3.-Acknowledgment-Dedication-Abstract.docx
3.-Acknowledgment-Dedication-Abstract.docx3.-Acknowledgment-Dedication-Abstract.docx
3.-Acknowledgment-Dedication-Abstract.docx
 
Total Legal: A “Joint” Journey into the Chemistry of Cannabinoids
Total Legal: A “Joint” Journey into the Chemistry of CannabinoidsTotal Legal: A “Joint” Journey into the Chemistry of Cannabinoids
Total Legal: A “Joint” Journey into the Chemistry of Cannabinoids
 
ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...
ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...
ESSENTIAL FEATURES REQUIRED FOR ESTABLISHING FOUR TYPES OF BIOSAFETY LABORATO...
 
DNA isolation molecular biology practical.pptx
DNA isolation molecular biology practical.pptxDNA isolation molecular biology practical.pptx
DNA isolation molecular biology practical.pptx
 
DETECTION OF MUTATION BY CLB METHOD.pptx
DETECTION OF MUTATION BY CLB METHOD.pptxDETECTION OF MUTATION BY CLB METHOD.pptx
DETECTION OF MUTATION BY CLB METHOD.pptx
 
HEMATOPOIESIS - formation of blood cells
HEMATOPOIESIS - formation of blood cellsHEMATOPOIESIS - formation of blood cells
HEMATOPOIESIS - formation of blood cells
 
Interferons.pptx.
Interferons.pptx.Interferons.pptx.
Interferons.pptx.
 
PLASMODIUM. PPTX
PLASMODIUM. PPTXPLASMODIUM. PPTX
PLASMODIUM. PPTX
 
6.2 Pests of Sesame_Identification_Binomics_Dr.UPR
6.2 Pests of Sesame_Identification_Binomics_Dr.UPR6.2 Pests of Sesame_Identification_Binomics_Dr.UPR
6.2 Pests of Sesame_Identification_Binomics_Dr.UPR
 
Interpreting SDSS extragalactic data in the era of JWST
Interpreting SDSS extragalactic data in the era of JWSTInterpreting SDSS extragalactic data in the era of JWST
Interpreting SDSS extragalactic data in the era of JWST
 
KDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdf
KDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdfKDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdf
KDIGO-2023-CKD-Guideline-Public-Review-Draft_5-July-2023.pdf
 
Understanding Nutrition, 16th Edition pdf
Understanding Nutrition, 16th Edition pdfUnderstanding Nutrition, 16th Edition pdf
Understanding Nutrition, 16th Edition pdf
 
Speed Breeding in Vegetable Crops- innovative approach for present era of cro...
Speed Breeding in Vegetable Crops- innovative approach for present era of cro...Speed Breeding in Vegetable Crops- innovative approach for present era of cro...
Speed Breeding in Vegetable Crops- innovative approach for present era of cro...
 
Science (Communication) and Wikipedia - Potentials and Pitfalls
Science (Communication) and Wikipedia - Potentials and PitfallsScience (Communication) and Wikipedia - Potentials and Pitfalls
Science (Communication) and Wikipedia - Potentials and Pitfalls
 
Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...
Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...
Efficient Fourier Pricing of Multi-Asset Options: Quasi-Monte Carlo & Domain ...
 
Production technology of Brinjal -Solanum melongena
Production technology of Brinjal -Solanum melongenaProduction technology of Brinjal -Solanum melongena
Production technology of Brinjal -Solanum melongena
 

Systematic Evaluation of the Unsoundness of Call Graph Algorithms for Java

  • 1. Systematic Evaluation of the Unsoundness of Call Graph Construction Algorithms for Java Michael Reif, Florian Kübler, Michael Eichberg, and Mira Mezini Software Technology Group Technische Universität Darmstadt Germany 1
  • 2. Why We Shouldn’t Take 
 Call Graphs for Granted • Call graphs are a central data-structure for numerous static analyses • Call graphs directly impact a client analysis’ result • The chosen algorithm predetermines an analysis’ precision and recall • Programming languages evolve (APIs and features are added) and frameworks might not !2
  • 3. How We Assess Call-graph Implementations • Build a test suite that contains a wide range of minimal, focused test cases • Similar tests are kept within the same category (e.g., polymorphic calls or the Reflection API) • Each test case tests a single relevant aspect • Proof of concept: compare Soot and WALA’s built-in call graphs !3
  • 4. Overall Approach !4 TC1.jar TC2.jar Test Cases Extractor TC3.jar Framework Adapter currently: Soot, WALA Computed & Serialized Call Graph CG3.json Computed & Serialized Call Graph CG3.json Computed & Serialized Call Graph TC3.json <Test Fixtures Category>.md Test Case 1(TC1) … Test Case 3 (TCN) Call Graph Matcher Report_T C3.txtReport_T C3.txtReport TC3.csv expected call targets generate parse compile runanalysis write process
  • 5. Exemplary Test Case • Each category has: • a description • multiple test cases • Each test case has: • a scenario description • the test code • excepted calls • Available annotations: • CallSite • IndirectCall !5
  • 6. Covered 
 Test Suite Categories • Static Initializer • Polymorphic Calls • Java 8 Polymorphic Calls • Lambdas • Method References • Trivial Reflection • Locally Resolve Reflection • Context-senstive Reflection • Unsafe API • Type casts • Serialization • … !6
  • 7. Reflection Unsafe JNI APIs … JVM Threads GC Serialization … Features Lambdas default methods … virtual calls Static Initializer Research Questions vs RQ1 How do the call graphs of Soot and WALA compare with each other? RQ2 What are the main sources of unsoundness in built-in call-graph implementations? !7
  • 8. !8 vs vs Both support basic features Java 8 support only in WALA Reflection is barely supported Serialization is unsupported
  • 9. Reflection Unsafe JNI APIs … JVM Threads GC Serialization … Features Lambdas default methods … virtual calls Static Initializer Sources of Unsoundness • APIs that are not or only partially modeled (e.g. Reflection or Unsafe) • new language features, such as Lambdas • corner cases that must be covered • the test suite is not complete !9
  • 10. Call for Contribution • The test suite is by far not complete w.r.t to all Java features and Core APIs • add an adapter for your framework • contribute under: https://bitbucket.org/delors/jcg !10
  • 11. What’s next? • We’ll add further test scenarios for yet missing Language Features (e.g. Java 9 modules), Core APIs (e.g. Classloading), and JVM specifics • Add support for other frameworks (e.g. DOOP and OPAL) • Quantify the effect of missing features on real-world projects !11