| Title | Broadening Horizons of Multilingual Static Analysis: Semantic Summary Extraction from C Code for JNI Program Analysis |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Lee, Sungho, Lee, Hyogun, Ryu, Sukyoung |
| Conference Name | 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE) |
| Date Published | sep |
| Keywords | • Software and its engineering → Automated static analysis, composability, Computer bugs, feature extraction, Human Behavior, Java, Java native interface, Language Interoperability, Multilingual Program Analysis, Operational analysis, pubcrawl, reliability, Resiliency, Semantics, software engineering, static analysis, static code analysis |
| Abstract | Most programming languages support foreign language interoperation that allows developers to integrate multiple modules implemented in different languages into a single multilingual program. While utilizing various features from multiple languages expands expressivity, differences in language semantics require developers to understand the semantics of multiple languages and their inter-operation. Because current compilers do not support compile-time checking for interoperation, they do not help developers avoid in-teroperation bugs. Similarly, active research on static analysis and bug detection has been focusing on programs written in a single language. In this paper, we propose a novel approach to analyze multilingual programs statically. Unlike existing approaches that extend a static analyzer for a host language to support analysis of foreign function calls, our approach extracts semantic summaries from programs written in guest languages using a modular analysis technique, and performs a whole-program analysis with the extracted semantic summaries. To show practicality of our approach, we design and implement a static analyzer for multilingual programs, which analyzes JNI interoperation between Java and C. Our empirical evaluation shows that the analyzer is scalable in that it can construct call graphs for large programs that use JNI interoperation, and useful in that it found 74 genuine interoperation bugs in real-world Android JNI applications. |
| Citation Key | lee_broadening_2020 |
Broadening Horizons of Multilingual Static Analysis: Semantic Summary Extraction from C Code for JNI Program Analysis