Pointer analysis, conditional soundness, and proving the absence of errors
CL Conway, D Dams, KS Namjoshi… - International Static Analysis …, 2008 - Springer
International Static Analysis Symposium, 2008•Springer
It is well known that the use of points-to information can substantially improve the accuracy
of a static program analysis. Commonly used algorithms for computing points-to information
are known to be sound only for memory-safe programs. Thus, it appears problematic to
utilize points-to information to verify the memory safety property without giving up
soundness. We show that a sound combination is possible, even if the points-to information
is computed separately and only conditionally sound. This result is based on a refined …
of a static program analysis. Commonly used algorithms for computing points-to information
are known to be sound only for memory-safe programs. Thus, it appears problematic to
utilize points-to information to verify the memory safety property without giving up
soundness. We show that a sound combination is possible, even if the points-to information
is computed separately and only conditionally sound. This result is based on a refined …
Abstract
It is well known that the use of points-to information can substantially improve the accuracy of a static program analysis. Commonly used algorithms for computing points-to information are known to be sound only for memory-safe programs. Thus, it appears problematic to utilize points-to information to verify the memory safety property without giving up soundness. We show that a sound combination is possible, even if the points-to information is computed separately and only conditionally sound. This result is based on a refined statement of the soundness conditions of points-to analyses and a general mechanism for composing conditionally sound analyses.
Springer