Eventually Sound Points-To Analysis with Specifications (ECOOP 2019)

Who

Osbert Bastani, Rahul Sharma, Lazaro Clapp, Saswat Anand, Alex Aiken

Track

ECOOP 2019 Research Papers

Time Zone

The program is currently displayed in (GMT+01:00) Belfast.

Use conference time zone: (GMT+01:00) BelfastSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Wed 17 Jul 2019 16:40 - 17:00 at Mancy - Program Analysis 1 Chair(s): Yannis Smaragdakis

Abstract

Static analyses make the increasingly tenuous assumption that all source code is available for analysis; for example, large libraries often call into native code that cannot be analyzed. We propose a points-to analysis that initially makes optimistic assumptions about missing code, and then inserts runtime checks that report counterexamples to these assumptions that occur during execution. Our approach guarantees eventual soundness, which combines two guarantees: (i) the runtime checks are guaranteed to catch the first counterexample that occurs during any execution, in which case execution can be terminated to prevent harm, and (ii) only finitely many counterexamples ever occur, implying that the static analysis eventually becomes statically sound with respect to all remaining executions. We implement Optix, an eventually sound points-to analysis for Android apps, where the Android framework is missing. We show that the runtime checks added by Optix incur low overhead on real programs, and demonstrate how Optix improves a client information flow analysis for detecting Android malware.

DOI

https://doi.org/10.4230/LIPIcs.ECOOP.2019.11

Osbert Bastani

University of Pennsylvania

United States

Rahul Sharma

Microsoft Research

India

Lazaro Clapp

Stanford University

Saswat Anand

Stanford University

Alex Aiken

Stanford University

Recording

Time Zone

The program is currently displayed in (GMT+01:00) Belfast.

Use conference time zone: (GMT+01:00) BelfastSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Wed 17 Jul
Displayed time zone: Belfast change

15:40 - 17:00	Program Analysis 1Research Papers at Mancy Chair(s): Yannis Smaragdakis University of Athens

15:40 20m Research paper		Static Analysis for Asynchronous JavaScript Programs Research Papers Thodoris Sotiropoulos Athens University of Economics and Business, Ben Livshits Imperial College London, UK DOI
16:00 20m Research paper		A Program Logic for First-Order Encapsulated WebAssembly Research Papers Conrad Watt University of Cambridge, Petar Maksimović Imperial College London, UK and Mathematical Institute of the Serbian Academy of Sciences and Arts, Serbia, Neel Krishnaswami Computer Laboratory, University of Cambridge, Philippa Gardner Imperial College London DOI Media Attached
16:20 20m Research paper		Garbage-free Abstract Interpretation through Abstract Reference Counting Research Papers Noah Van Es Sofware Languages Lab, Vrije Universiteit Brussel, Quentin Stiévenart Vrije Universiteit Brussel, Belgium, Coen De Roover Vrije Universiteit Brussel DOI
16:40 20m Research paper		Eventually Sound Points-To Analysis with Specifications Research Papers Osbert Bastani University of Pennsylvania, Rahul Sharma Microsoft Research, Lazaro Clapp Stanford University, Saswat Anand Stanford University, Alex Aiken Stanford University DOI Media Attached