Combining Type-Analysis with Points-To Analysis for Analyzing Java Library Source-Code
The predominant work in static program analysis is focused on whole program analysis assuming that the whole program is present at analysis time and the only unknowns are program inputs. However, for library designers it is of paramount importance to perform semantic checks via static program analysis tools without the presence of an application. The literature offers only little research on partial program analysis for object-oriented programming languages including Java. Analyzing libraries statically requires novel abstractions for all possible applications that are not known a-priori. In this work, we present a static program analysis technique that reasons about the state of the library by approximating the behaviour of all possible applications. The key contribution is (1) the combination of type-analysis with points-to analysis and (2) the development of a most-general application (MGA) as a type, which represents the interaction of the library with all possible applications.
Sun 14 JunDisplayed time zone: Tijuana, Baja California change
09:00 - 11:00 | |||
09:00 10mDay opening | Opening remarks SOAP | ||
09:10 50mTalk | Static Analysis for Android: GUIs, Callbacks, and Beyond SOAP | ||
10:00 20mTalk | Using Targeted Symbolic Execution for Reducing False-Positives in Dataflow Analysis SOAP | ||
10:20 20mTalk | Design Your Analysis: A Case Study on Implementation Reusability of Data-Flow Functions SOAP | ||
10:40 20mTalk | Combining Type-Analysis with Points-To Analysis for Analyzing Java Library Source-Code SOAP |