Go to DBLP homepageIncremental Call Graph Construction in Industrial Practice
Abstract: Interprocedural program analysis is critical in finding hidden program defects and vulnerabilities in CI/CD pipelines. A pre-constructed call graph is a prerequisite for interprocedural analysis. However, the exhaustive call graph construction, i.e., analyzing the target program as a whole and constructing from scratch, often takes too much time. We made a scalable empirical study on both industrial and open-source projects and observed that most program updates only involve a very limited part of the code. The observation inspires an efficient approach that not wholely re-constructs a call graph but incrementally patches the old one with the partial graph affected by the update. We propose a sound incremental call graph construction algorithm that works in a reset-recompute way: first, prune invalid nodes and edges from the old call graph, then analyze the new code to patch it to construct the new one. We implemented the algorithm and built a benchmark suite consisting of 20 industrial and 10 open-source projects. The experimental evaluation shows that the efficiency improvement is encouraging. Compared with the exhaustive construction algorithm, the incremental way can speed up the construction by 20.0 times and reduce the memory and storage consumption to 58.1% and 10.4%, respectively.
Loading