Title: Issues in applying points-to analysis for large-scale java library codebases

Raghavendra K. R.
Oracle Labs, Brisbane

Abstract:

Points-to analysis has become a fundamental analysis on which many static
analyses like taint, escape, call-graph construction and security analyses
rely on. Scaling points-to analysis for large codebases and to libraries has
always been a challenge. Here I present three main issues (and solutions) we
had to deal with in order to implement a security analysis on top of points-to
analysis for java libraries.