The article is based on a master’s thesis by Bar Makovitzki, advised by Prof. Tyszberowicz, with the assistance of Dr. Aharon Abadi and participation of Ron Shemer.
ABSRACT: Code analysis is a key part of numerous development tools. Compilers perform code analysis to improve the performance of the code they produce, while other tools analyze code to find security faults, remove inaccessible code snippets, and more.
To apply code analysis, we need to create a call graph (representing call relationships among software procedures). Yet creating an accurate call graph is too costly and impractical for large programs. This difficulty is compounded for programs coded in dynamic languages (e.g., Python). The currently existing approximations are either too costly and complex, or insufficiently accurate.
We have developed an algorithm for approximating a sound call graph that is sufficiently accurate and effective for calculating in large programs as well. Another important aspect of our algorithm is its coarse abstraction, which enables its use with multiple programming languages (including dynamic languages).
Empirical results from tests we have run on industry projects written in Python and C# indicate that the algorithm is practical and fits a wide variety of uses.
To read the article:
A Lightweight Approach for Sound Call Graph Approximation