Efficiently computing static single assignment form and the control dependence graph
ACM Transactions on Programming Languages and Systems (TOPLAS)
Global tagging optimization by type inference
LFP '92 Proceedings of the 1992 ACM conference on LISP and functional programming
Efficient detection of all pointer and array access errors
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Precise interprocedural dataflow analysis via graph reachability
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Olden: parallelizing programs with dynamic data structures on distributed-memory machines
Olden: parallelizing programs with dynamic data structures on distributed-memory machines
Model checking for programming languages using VeriSoft
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
ABCD: eliminating array bounds checks on demand
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Implementation of an array bound checker
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Temporal-Safety Proofs for Systems Code
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Efficient Representation and Validation of Proofs
LICS '98 Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modular Verification of Software Components in C
IEEE Transactions on Software Engineering
CMC: a pragmatic approach to model checking real code
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Spin model checker, the: primer and reference manual
Spin model checker, the: primer and reference manual
Software verification with BLAST
SPIN'03 Proceedings of the 10th international conference on Model checking software
Types, bytes, and separation logic
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Static error detection using semantic inconsistency inference
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Transactional Reduction of Component Compositions
FORTE '07 Proceedings of the 27th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
Enhanced Property Specification and Verification in BLAST
FASE '09 Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Interprocedural and Flow-Sensitive Type Analysis for Memory and Type Safety of C Code
Journal of Automated Reasoning
FMICS'06/PDMC'06 Proceedings of the 11th international workshop, FMICS 2006 and 5th international workshop, PDMC conference on Formal methods: Applications and technology
Predicate abstraction in a program logic calculus
Science of Computer Programming
Abstraction and refinement in model checking
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
cascade: C assertion checker and deductive engine
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
The BLAST software verification system
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
Establishing linux driver verification process
PSI'09 Proceedings of the 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics
Hi-index | 0.01 |
Blast is an automatic verification tool for checking temporal safety properties of C programs. Given a C program and a temporal safety property, Blast statically proves that either the program satisfies the safety property or the program has an execution trace that exhibits a violation of the property. Blast constructs, explores, and refines abstractions of the program state space based on lazy predicate abstraction and interpolation-based predicate discovery. We show how Blast can be used to statically prove memory safety for C programs. We take a two-step approach. First, we use Ccured, a type-based memory safety analyzer, to annotate with run-time checks all program points that cannot be proved memory safe by the type system. Second, we use Blast to remove as many of the run-time checks as possible (by proving that these checks never fail), and to generate for the remaining run-time checks execution traces that witness them fail. Our experience shows that Blast can remove many of the run-time checks added by Ccured and provide useful information to the programmer about many of the remaining checks.