Call graphs play an important role in different contexts, such as profiling and vulnerability
propagation analysis. Generating call graphs in an efficient manner can be a challenging …

Call graphs are widely used; in particular for advanced control-and data-flow analyses. Even
though many call graph algorithms with different precision and scalability properties have …

Current approaches combining multiple static analyses deriving different, independent
properties focus either on modularity or performance. Whereas declarative approaches …

Traditional call-graph construction algorithms conflate the computation of possible runtime
types with the actual resolution of (virtual) calls. This tangled design impedes supporting …

Call Graphs are a rich data source and form the foundation for advanced static analyses that
can, for example, detect security vulnerabilities or dead code. This information is invaluable …

Parallelization of static analyses is necessary to scale to real-world programs, but it is a
complex and difficult task and, therefore, often only done manually for selected high-profile …

Reasoning about immutability is important for pre-venting bugs, eg, in multi-threaded
software. So far, static analysis to infer immutability properties has mostly focused on …

Analyzing methods in object-oriented programs whether they are side-effect free and also
deterministic, ie, mathematically pure, has been the target of extensive research. Identifying …

Call graph construction is the foundation of inter-procedural static analysis. PYCG is the
state-of-the-art approach for constructing call graphs for Python programs. Unfortunately …

Software supply chains include the development, management, and delivery of software
products. Software ecosystems are essential components of these supply chains and …