Path-sensitive value-flow analysis incurs high time and memory overhead due to blind computation of function summaries. To address this, this paper proposes a redundancy-aware function summary identification and dynamic pruning mechanism. Our method determines summary redundancy via data-dependence graphs and context-sensitive reachability analysis, enabling, for the first time, precise elimination of irrelevant summaries while preserving soundness. By integrating incremental summary generation and reuse, we depart from conventional full-summary recomputation paradigms. Experimental evaluation on large-scale programs shows an average 45% reduction in analysis time and 27% reduction in memory consumption. On mysqld, a single analysis saves 8,107 seconds, achieving a speedup of 632.1×. This work advances the efficiency of path-sensitive value-flow analysis without compromising precision or soundness.

Value flow analysis that tracks the flow of values via data dependence is a widely used technique for detecting a broad spectrum of software bugs. However, the scalability issue often deteriorates when high precision (i.e., path-sensitivity) is required, as the instantiation of function summaries becomes excessively time- and memory-intensive. The primary culprit, as we observe, is the existence of redundant computations resulting from blindly computing summaries for a function, irrespective of whether they are related to bugs being checked. To address this problem, we present the first approach that can effectively identify and eliminate redundant summaries, thereby reducing the size of collected summaries from callee functions without compromising soundness or efficiency. Our evaluation on large programs demonstrates that our identification algorithm can significantly reduce the time and memory overhead of the state-of-the-art value flow analysis by 45% and 27%, respectively. Furthermore, the identification algorithm demonstrates remarkable efficiency by identifying nearly 80% of redundant summaries while incurring a minimal additional overhead. In the largest extit{mysqld} project, the identification algorithm reduces the time by 8107 seconds (2.25 hours) with a mere 17.31 seconds of additional overhead, leading to a ratio of time savings to paid overhead (i.e., performance gain) of 468.48 $ imes$. In total, our method attains an average performance gain of 632.1 $ imes$.