Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What exactly does "context" mean in context-(in)sensitive analysis?

This question was asked earlier but the answers are very generic. I am interested to know what context means in the context of static code analysis, specifically with Java and when used in conjunction with the term context (in)sensitive analysis.

For example this paper makes extensive use of "context" in this context. In fact I have not found a decent definition of context yet.

like image 615
Jus12 Avatar asked Nov 15 '12 12:11

Jus12


1 Answers

The word “context” in the question you linked to does not appear to be used to describe a static analysis, so yours is indeed another question. I do not think that that question's answer are “generic”. But they are definitely not the specific answer you are looking for.

A context-sensitive analysis is an interprocedural analysis that considers the calling context when analyzing the target of a function call.

Here is an example of how a context-sensitive analysis might work:

int a,b;

int *x;

void f(void)
{
  ++*x;
}

int main(){
  x = &a;
  f();

  x = &b;
  f();
}

This is not Java, but your question is mostly about context-sensitivity in dataflow analyses, so I hope it won't be too disturbing.

A context-sensitive analyzer analyses f() (at least) twice in this program, because it is called from from call sites. This makes it precise, as the effects of f() are quite different each time. A context-sensitive analysis can infer that a==1 and b is unchanged after the first call, and that both a and b are 1 after the second call. Context-sensitivity also makes the analysis expensive.

A context-insensitive analysis would only analyze f() once, and would typically only produce information of the sort “f() modifies a or b, thus after any call to f(), the contents of both these variables are unknown”.

like image 119
Pascal Cuoq Avatar answered Nov 01 '22 21:11

Pascal Cuoq