Few static analyses make their way to the real-world due to the unrealistic assumptions that they make. My primary research interest is to develop and evaluate various program analysis techniques that can be used in practice. In particular, I am interested in researching the following areas:
- library code summaries
- scalable and precise points-to/call graph analyses
- usability of static analysis tools
- crypto APIs misuse
- JIT compiler optimizations
Averroes is a tool that generates a placeholder library overapproximating the possible behaviour of the original library. The placeholder library can be constructed quickly without analyzing the whole program (using the separate compilation assumption), and is typically in the order of 80 kB of classes (comparatively, the Java standard library is 25 MB). Any existing whole-program call graph construction framework can use the placeholder library as a replacement for the actual libraries to efficiently construct a sound and precise application call graph.Read more...
More info at CROSSING
As Scala gains popularity, there is growing interest in programming tools for it. Such tools often require call graphs. Applying existing call graph construction algorithms to the JVM bytecodes generated by the Scala compiler produces imprecise results due to type information being lost during compilation. Therefore, we propose adapting existing call graph construction algorithms, Name-Based Resolution (RA) and Rapid Type Analysis (RTA), for Scala.Read more...
cgcis a prototype tool that generates a sound call graph for the application part of a program without analyzing the code of the library. It uses a context-insensitive pointer analysis to create the call graph on-the-fly. Although the prototype is implemented in
Datalogfor ease of modification and experimentation, it could be transcribed into Java to be embedded into an analysis framework such as Soot or Wala.