Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SkipFlow: Improving the Precision of Points-to Analysis using Primitive Values and Predicate Edges

David Kozak, Codrut Stancu, Tomáš Vojnar, Christian Wimmer

TL;DR

SkipFlow addresses precision loss in traditional points-to analyses by interprocedurally tracking both primitive and object values and by explicitly preserving relevant branching structure through predicate edges. It introduces predicated value propagation graphs (PVPG) to model value flow, using a primitive lattice $\mathbb{P}$ and an object-type lattice to maintain scalable, yet more precise analysis that remains practically fast. Implemented atop GraalVM Native Image, SkipFlow achieves substantial reductions in reachable methods across DaCapo, Renaissance, and microservice benchmarks (averaging around $9\%$) with only modest or even reduced analysis time, enabling more aggressive dead code elimination and compiler optimizations. The approach offers a practical sweet spot between precision and scalability, with potential benefits for downstream static analyses like taint or data-flow checks.

Abstract

A typical points-to analysis such as Andersen's or Steensgaard's may lose precision because it ignores the branching structure of the analyzed program. Moreover, points-to analysis typically focuses on objects only, not considering instructions manipulating primitive values. We argue that such an approach leads to an unnecessary precision loss, for example, when primitive constants true and false flow out of method calls. We propose a novel lightweight points-to analysis called SkipFlow that interprocedurally tracks the flow of both primitives and objects, and explicitly captures the branching structure of the code using predicate edges. At the same time, however, SkipFlow is as lightweight and scalable as possible, unlike a traditional flow-sensitive analysis. We apply SkipFlow to GraalVM Native Image, a closed-world solution to building standalone binaries for Java applications. We evaluate the implementation using a set of microservice applications as well as well-known benchmark suites. We show that SkipFlow reduces the size of the application in terms of reachable methods by 9% on average without significantly increasing the analysis time.

SkipFlow: Improving the Precision of Points-to Analysis using Primitive Values and Predicate Edges

TL;DR

SkipFlow addresses precision loss in traditional points-to analyses by interprocedurally tracking both primitive and object values and by explicitly preserving relevant branching structure through predicate edges. It introduces predicated value propagation graphs (PVPG) to model value flow, using a primitive lattice and an object-type lattice to maintain scalable, yet more precise analysis that remains practically fast. Implemented atop GraalVM Native Image, SkipFlow achieves substantial reductions in reachable methods across DaCapo, Renaissance, and microservice benchmarks (averaging around ) with only modest or even reduced analysis time, enabling more aggressive dead code elimination and compiler optimizations. The approach offers a practical sweet spot between precision and scalability, with potential benefits for downstream static analyses like taint or data-flow checks.

Abstract

A typical points-to analysis such as Andersen's or Steensgaard's may lose precision because it ignores the branching structure of the analyzed program. Moreover, points-to analysis typically focuses on objects only, not considering instructions manipulating primitive values. We argue that such an approach leads to an unnecessary precision loss, for example, when primitive constants true and false flow out of method calls. We propose a novel lightweight points-to analysis called SkipFlow that interprocedurally tracks the flow of both primitives and objects, and explicitly captures the branching structure of the code using predicate edges. At the same time, however, SkipFlow is as lightweight and scalable as possible, unlike a traditional flow-sensitive analysis. We apply SkipFlow to GraalVM Native Image, a closed-world solution to building standalone binaries for Java applications. We evaluate the implementation using a set of microservice applications as well as well-known benchmark suites. We show that SkipFlow reduces the size of the application in terms of reachable methods by 9% on average without significantly increasing the analysis time.

Paper Structure

This paper contains 15 sections, 9 equations, 15 figures, 1 table.

Table of Contents

  1. Introduction
  2. Real-World Motivating Examples
  3. System Overview
  4. Predicated Value Propagation Graphs
  5. Implementation Details
  6. Evaluation
  7. Related Work
  8. Conclusions
  9. Artifact Appendix
  10. Predicated Value Propagation Graph
  11. Base Language
  12. The Lattice Domain of SkipFlow
  13. Structure of a PVPG
  14. Creating a PVPG
  15. Value Propagation through PVPGs

Figures (15)

  • Figure 1: A DaCapo Sunflow motivating example.
  • Figure 2: A JDK motivating example.
  • Figure 3: A type check example for filtering flows.
  • Figure 4: A predicate example. Enabled flows are coloured in red, and disabled flows in grey.
  • Figure 5: An example PVPG with $\phi$ flows.
  • ...and 10 more figures