The computational complexity of simultaneous diophantine approximation problems
SIAM Journal on Computing
Theory of linear and integer programming
Theory of linear and integer programming
A practical algorithm for exact array dependence analysis
Communications of the ACM
Computing Two-Dimensional Integer Hulls
SIAM Journal on Computing
Ultra-fast aliasing analysis using CLA: a million lines of C code in a second
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces
SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
Automatic discovery of linear restraints among variables of a program
POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Not necessarily closed convex polyhedra and the double description method
Formal Aspects of Computing
Higher-Order and Symbolic Computation
Thorough static analysis of device drivers
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities
Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities
Two variables per linear inequality as an abstract domain
LOPSTR'02 Proceedings of the 12th international conference on Logic based program synthesis and transformation
Low-level library analysis and summarization
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Trace partitioning in abstract interpretation based static analyzers
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Exploiting sparsity in polyhedral analysis
SAS'05 Proceedings of the 12th international conference on Static Analysis
Taming the wrapping of integer arithmetic
SAS'07 Proceedings of the 14th international conference on Static Analysis
A Note on the Inversion Join for Polyhedral Analysis
Electronic Notes in Theoretical Computer Science (ENTCS)
Loop refinement using octagons and satisfiability
SSV'10 Proceedings of the 5th international conference on Systems software verification
Interprocedural control flow reconstruction
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Linear absolute value relation analysis
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
The two variable per inequality abstract domain
Higher-Order and Symbolic Computation
FESA: fold- and expand-based shape analysis
CC'13 Proceedings of the 22nd international conference on Compiler Construction
Abstract interpretation of microcontroller code: Intervals meet congruences
Science of Computer Programming
| Hi-index | 0.00 |
Tools for proving the absence of run-time errors often deploy a numeric domain that approximates the possible values of a variable using linear inequalities. These abstractions are adequate since the correct program state is often convex. For instance, if the upper and lower bound of an index lie within the bounds of an array, then so do all the indices inbetween. In certain cases, for example when analysing a division operation, the correct program state is not convex. In this case correctness can be shown by splitting the control flow path, that is, by partitioning the set of execution traces which is normally implemented by analysing a path several times. We show that adding a Boolean flag to the numeric domain has the same effect. The paper discusses prerequisites, limitations and presents an improved points-to analysis using Boolean flags.