Fast static analysis of C++ virtual function calls
Proceedings of the 11th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The Jalapeño dynamic optimizing compiler for Java
JAVA '99 Proceedings of the ACM 1999 conference on Java Grande
Efficient and precise modeling of exceptions for the analysis of Java programs
Proceedings of the 1999 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Analysis and Testing of Programs with Exception Handling Constructs
IEEE Transactions on Software Engineering
Practical virtual method call resolution for Java
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Model checking security properties of control flow graphs
Journal of Computer Security
Soot - a Java bytecode optimization framework
CASCON '99 Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research
Criteria for Testing Exception-Handling Constructs in Java Programs
ICSM '99 Proceedings of the IEEE International Conference on Software Maintenance
An analysis approach for testing exception handling programs
ACM SIGPLAN Notices
Compositional verification of sequential programs with procedures
Information and Computation
Program Models for Compositional Verification
ICFEM '08 Proceedings of the 10th International Conference on Formal Methods and Software Engineering
Sawja: static analysis workshop for java
FoVeOOS'10 Proceedings of the 2010 international conference on Formal verification of object-oriented software
CVPP: a tool set for compositional verification of control-flow safety properties
FoVeOOS'10 Proceedings of the 2010 international conference on Formal verification of object-oriented software
ProMoVer: modular verification of temporal safety properties
SEFM'11 Proceedings of the 9th international conference on Software engineering and formal methods
Hi-index | 0.00 |
We present an algorithm to extract control-flow graphs from Java bytecode, considering exceptional flows. We then establish its correctness: the behavior of the extracted graphs is shown to be a sound over-approximation of the behavior of the original programs. Thus, any temporal safety property that holds for the extracted control-flow graph also holds for the original program. This makes the extracted graphs suitable for performing various static analyses, in particular model checking. The extraction proceeds in two phases. First, we translate Java bytecode into BIR, a stack-less intermediate representation. The BIR transformation is developed as a module of Sawja, a novel static analysis framework for Java bytecode. Besides Sawja's efficiency, the resulting intermediate representation is more compact than the original bytecode and provides an explicit representation of exceptions. These features make BIR a natural starting point for sound control-flow graph extraction. Next, we formally define the transformation from BIR to control-flow graphs, which (among other features) considers the propagation of uncaught exceptions within method calls. We prove the correctness of the two-phase extraction by suitably combining the properties of the two transformations with those of an idealized control-flow graph extraction algorithm, whose correctness has been proved directly. The control-flow graph extraction algorithm is implemented in the ConFlEx tool. A number of test-cases show the efficiency and the utility of the implementation.