A practical algorithm for exact array dependence analysis
Communications of the ACM
Bottom-up dataflow analysis of normal logic programs
Journal of Logic Programming
Abstract debugging of higher-order imperative languages
PLDI '93 Proceedings of the ACM SIGPLAN 1993 conference on Programming language design and implementation
Model checking for programming languages using VeriSoft
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Constraint-based array dependence analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Guarded commands, nondeterminacy and formal derivation of programs
Communications of the ACM
An axiomatic basis for computer programming
Communications of the ACM
Automatically validating temporal safety properties of interfaces
SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Automatic discovery of linear restraints among variables of a program
POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Implementation of an array bound checker
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Principles of Program Analysis
Principles of Program Analysis
PADO '01 Proceedings of the Second Symposium on Programs as Data Objects
Modular Static Program Analysis
CC '02 Proceedings of the 11th International Conference on Compiler Construction
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
The Glasgow Haskell Compiler: A Retrospective
Proceedings of the 1992 Glasgow Workshop on Functional Programming
Counterexample-Guided Abstraction Refinement
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Precise and efficient static array bound checking for large embedded C programs
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Scalable error detection using boolean satisfiability
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM SIGPLAN Notices
Check 'n' crash: combining static checking and testing
Proceedings of the 27th international conference on Software engineering
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
When and how to develop domain-specific languages
ACM Computing Surveys (CSUR)
EXE: automatically generating inputs of death
Proceedings of the 13th ACM conference on Computer and communications security
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
SIGSOFT 2006 -14th International Symposium on the Foundations of Software Engineering (FSE - 14)
How is aliasing used in systems software?
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
SYNERGY: a new algorithm for property checking
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Compositional dynamic test generation
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The software model checker Blast: Applications to software engineering
International Journal on Software Tools for Technology Transfer (STTT)
A buffer overflow benchmark for software model checkers
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
A practical and precise inference and specializer for array bound checks elimination
PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Sound, complete and scalable path-sensitive analysis
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Program analysis as constraint solving
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
RASCAL: A Domain Specific Language for Source Code Analysis and Manipulation
SCAM '09 Proceedings of the 2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation
Compositional may-must program analysis: unleashing the power of alternation
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dual analysis for proving safety and finding bugs
Proceedings of the 2010 ACM Symposium on Applied Computing
Inferring disjunctive postconditions
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Static analysis in disjunctive numerical domains
SAS'06 Proceedings of the 13th international conference on Static Analysis
Abstract dependences for alarm diagnosis
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Understanding the origin of alarms in ASTRÉE
SAS'05 Proceedings of the 12th international conference on Static Analysis
| Hi-index | 0.00 |
Program bugs remain a major challenge for software developers and various tools have been proposed to help with their localisation and elimination. Most present-day tools are based either on over-approximating techniques that can prove safety but may report false positives, or on under-approximating techniques that can find real bugs but with possible false negatives. In this paper, we propose a dual static analysis that is based only on over-approximation. Its main novelty is to concurrently derive conditions that lead to either success or failure outcomes and thus we provide a comprehensive solution for both proving safety and finding real program bugs. We have proven the soundness of our approach and have implemented a prototype system that is validated by a set of experiments.