Static Call Graph Combination to Simulate Dynamic Call Graph Behavior

Zoltan Sagodi; Edit Pengo; Judit Jasz; Istvan Siket; Rudolf Ferenc

doi:10.1109/ACCESS.2022.3229182

IEEE Access (Jan 2022)

Static Call Graph Combination to Simulate Dynamic Call Graph Behavior

Zoltan Sagodi,
Edit Pengo,
Judit Jasz,
Istvan Siket,
Rudolf Ferenc

Affiliations

Zoltan Sagodi: Department of Software Engineering, University of Szeged, Szeged, Hungary
Edit Pengo: Department of Software Engineering, University of Szeged, Szeged, Hungary
Judit Jasz: ORCiD; Department of Software Engineering, University of Szeged, Szeged, Hungary
Istvan Siket: Department of Software Engineering, University of Szeged, Szeged, Hungary
Rudolf Ferenc: ORCiD; Department of Software Engineering, University of Szeged, Szeged, Hungary

DOI: https://doi.org/10.1109/ACCESS.2022.3229182
Journal volume & issue: Vol. 10
pp. 131829 – 131840

Abstract

Read online

Call graphs are fundamental for many higher-level code analyses. The selection of the most appropriate call graph construction tool for an analysis is not always straightforward and depends on the purpose of the results’ further usage. The choice of call graph construction tool has a great effect on the following tasks’ execution time, memory usage, and result quality. This research compares the resulting static and dynamic Java call graphs to assist in the selection of the most appropriate tools. Static call graphs, as their name suggests, are constructed by static analysis, based on the source code or the bytecode, without executing tests or any code parts. This means that the project can be analyzed in its early stages and with fewer resources, but there is concern that this will result in less accurate, noisier graphs since the dynamic behavior of the programs will be estimated by static algorithms. Inaccuracies can greatly affect analyses based on call graphs. On the other hand, dynamic call graphs are created during the actual execution of the program. The calls that are included as edges in the graph are exactly those that were executed during the run, so you can expect the result to be more accurate. However, dynamic analysis requires more resources and the execution of code via test cases which provide high test coverage. In this work, we investigated the relationship between dynamic and static call graphs. Is the graph generated by dynamic analysis really better? Can static graphs approximate or even complement dynamic call graphs with sound results? In order to find the answers to these questions, we compared the results of five static and one dynamic analyzer. They were evaluated on three projects of different sizes and test coverage. We included in the comparison a merged graph created by ourselves by combining different static analyzer outputs. Not only did we compare static graphs to the dynamic results, we also validated the calls in a dynamic graph and found that these graphs could mislead the user. The results show that dynamic graphs should be considered good, although not a golden standard since they contain phantom calls, calls that are not present in the source code. Such calls are not limited to synthetic calls. Static analyzers could not be applied without consideration either, but a combination of static call graphs does tend to contain similar calls to the dynamic graphs with no phantom calls.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords