Typestate: A programming language concept for enhancing software reliability
IEEE Transactions on Software Engineering
LCLint: a tool for using specifications to check code
SIGSOFT '94 Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering
Eraser: a dynamic data race detector for multithreaded programs
ACM Transactions on Computer Systems (TOCS)
AnnoDomini: from type theory to Year 2000 conversion tool
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
A static analyzer for finding dynamic programming errors
Software—Practice & Experience
Dynamically Discovering Likely Program Invariants to Support Program Evolution
IEEE Transactions on Software Engineering - Special issue on 1999 international conference on software engineering
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
A simple method for extracting models for protocol code
ISCA '01 Proceedings of the 28th annual international symposium on Computer architecture
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
FORTE XII / PSTV XIX '99 Proceedings of the IFIP TC6 WG6.1 Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols (FORTE XII) and Protocol Specification, Testing and Verification (PSTV XIX)
Detecting Races in Relay Ladder Logic Programs
TACAS '98 Proceedings of the 4th International Conference on Tools and Algorithms for Construction and Analysis of Systems
Automatic verification of the SCI cache coherence protocol
CHARME '95 Proceedings of the IFIP WG 10.5 Advanced Research Working Conference on Correct Hardware Design and Verification Methods
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Flow-sensitive type qualifiers
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
ESP: path-sensitive program verification in polynomial time
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
A system and language for building system-specific, static analyses
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Tracking down software bugs using automatic anomaly detection
Proceedings of the 24th International Conference on Software Engineering
Proceedings of the 24th International Conference on Software Engineering
Enabling automatic adaptation in systems with under-specified elements
WOSS '02 Proceedings of the first workshop on Self-healing systems
Ownership types for safe programming: preventing data races and deadlocks
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
How to write system-specific, static checkers in metal
Proceedings of the 2002 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Checking and inferring local non-aliasing
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
A practical flow-sensitive and context-sensitive C and C++ memory leak detector
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Defensive programming: using an annotation toolkit to build DoS-resistant software
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
An integrated experimental environment for distributed systems and networks
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
ARCHER: using symbolic, path-sensitive analysis to detect memory access errors
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
RacerX: effective, static detection of race conditions and deadlocks
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
MECA: an extensible, expressive system and language for statically checking security properties
Proceedings of the 10th ACM conference on Computer and communications security
Finding and preventing run-time error handling mistakes
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-Based Invariants
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
STRIDER: A Black-box, State-based Approach to Change and Configuration Management and Support
LISA '03 Proceedings of the 17th USENIX conference on System administration
Defensive programming: using an annotation toolkit to build DoS-resistant software
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
An integrated experimental environment for distributed systems and networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Combining statistical monitoring and predictable recovery for self-management
WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
SOBER: statistical model-based bug localization
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
DynaMine: finding common error patterns by mining software revision histories
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Recovering system specific rules from software repositories
MSR '05 Proceedings of the 2005 international workshop on Mining software repositories
Modular verification of multithreaded programs
Theoretical Computer Science
Proceedings of the twentieth ACM symposium on Operating systems principles
An undergraduate course on software bug detection tools and techniques
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Autonomous recovery in componentized Internet applications
Cluster Computing
CP-Miner: Finding Copy-Paste and Related Bugs in Large-Scale Software Code
IEEE Transactions on Software Engineering
Capturing OS expertise in an event type system: the Bossa experience
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
An online evolutionary approach to developing internet services
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Applying source-code verification to a microkernel: the VFiasco project
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
High-confidence operating systems
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Static detection of leaks in polymorphic containers
Proceedings of the 28th international conference on Software engineering
Perracotta: mining temporal API rules from imperfect traces
Proceedings of the 28th international conference on Software engineering
LtRules: an automated software library usage rule extraction tool
Proceedings of the 28th international conference on Software engineering
Proceedings of the 28th international conference on Software engineering
Precise alias analysis for static detection of web application vulnerabilities
Proceedings of the 2006 workshop on Programming languages and analysis for security
Principles-driven forensic analysis
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Automatic generation and inference of interface properties from program source code
Companion to the 21st ACM SIGPLAN symposium on Object-oriented programming systems, languages, and applications
SSVChecker: unifying static security vulnerability detection tools in an Eclipse plug-in
eclipse '06 Proceedings of the 2006 OOPSLA workshop on eclipse technology eXchange
Understanding collateral evolution in Linux device drivers
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Verification through the principle of least astonishment
Proceedings of the 2006 IEEE/ACM international conference on Computer-aided design
A framework for the static verification of api calls
Journal of Systems and Software
Flashback: a lightweight extension for rollback and deterministic replay for software debugging
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Statistical Debugging: A Hypothesis Testing-Based Approach
IEEE Transactions on Software Engineering
Path-Sensitive Inference of Function Precedence Protocols
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Static specification inference using predicate mining
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Static error detection using semantic inconsistency inference
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
I/O system performance debugging using model-driven anomaly characterization
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Magpie: online modelling and performance-aware systems
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Making events less slippery with eel
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Automatic misconfiguration troubleshooting with peerpressure
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
CP-Miner: a tool for finding copy-paste and related bugs in operating system code
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Evaluating static analysis defect warnings on production software
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Finding more null pointer bugs, but not too many
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Finding what's not there: a new approach to revealing neglected conditions in software
Proceedings of the 2007 international symposium on Software testing and analysis
Static specification mining using automata-based abstractions
Proceedings of the 2007 international symposium on Software testing and analysis
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Mining API patterns as partial orders from source code: from usage scenarios to specifications
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Detecting object usage anomalies
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Context-based detection of clone-related bugs
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
/*icomment: bugs or bad comments?*/
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Improving file system reliability with I/O shepherding
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Secure virtual architecture: a safe execution environment for commodity operating systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
From uncertainty to belief: inferring the specification within
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Automatic inference of stationary fields: a generalization of java's final fields
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Rule-based static analysis of network protocol implementations
Information and Computation
Hang analysis: fighting responsiveness bugs
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Hotcomments: how to make program comments more useful?
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
DMTracker: finding bugs in large-scale parallel programs by detecting anomaly in data movements
Proceedings of the 2007 ACM/IEEE conference on Supercomputing
Portably solving file TOCTTOU races with hardness amplification
FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
EIO: error handling is occasionally correct
FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
Symbolic mining of temporal specifications
Proceedings of the 30th international conference on Software engineering
Predicting accurate and actionable static analysis warnings: an experimental approach
Proceedings of the 30th international conference on Software engineering
Open source software peer review practices: a case study of the apache server
Proceedings of the 30th international conference on Software engineering
Checking the hardware-software interface in spec#
Proceedings of the 4th workshop on Programming languages and operating systems
On similarity-awareness in testing-based fault localization
Automated Software Engineering
Automatic documentation inference for exceptions
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Dynamic inference of likely data preconditions over predicates by tree learning
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Parfait: designing a scalable bug checker
Proceedings of the 2008 workshop on Static analysis
Virtualizing the data plane through source code merging
Proceedings of the ACM workshop on Programmable routers for extensible services of tomorrow
Mining temporal rules for software maintenance
Journal of Software Maintenance and Evolution: Research and Practice - Special Issue on Program Comprehension through Dynamic Analysis (PCODA)
Mining past-time temporal rules from execution traces
WODA '08 Proceedings of the 2008 international workshop on dynamic analysis: held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2008)
Extending dynamic constraint detection with disjunctive constraints
WODA '08 Proceedings of the 2008 international workshop on dynamic analysis: held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2008)
Portably solving file races with hardness amplification
ACM Transactions on Storage (TOS)
Javert: fully automatic mining of general temporal properties from dynamic traces
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Software Fault Localization Using N-gram Analysis
WASA '08 Proceedings of the Third International Conference on Wireless Algorithms, Systems, and Applications
AutoISES: automatically inferring security specifications and detecting violations
SS'08 Proceedings of the 17th conference on Security symposium
Diagnosing distributed systems with self-propelled instrumentation
Proceedings of the 9th ACM/IFIP/USENIX International Conference on Middleware
Enforcing the use of API functions in linux code
Proceedings of the 8th workshop on Aspects, components, and patterns for infrastructure software
Specification mining of symbolic scenario-based models
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Detecting network-wide and router-specific misconfigurations through data mining
IEEE/ACM Transactions on Networking (TON)
Framework for exercising I/O exception handling code
International Journal of Information and Communication Technology
Configuration-space performance anomaly depiction
LADIS '08 Proceedings of the 2nd Workshop on Large-Scale Distributed Systems and Middleware
Specification Mining with Few False Positives
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
Mining API Error-Handling Specifications from Source Code
FASE '09 Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Merlin: specification inference for explicit information flow problems
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Accurate Interprocedural Null-Dereference Analysis for Java
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
The road not taken: Estimating path execution frequency statically
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Automatic dimension inference and checking for object-oriented programs
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Listening to programmers Taxonomies and characteristics of comments in operating system code
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Automatically finding patches using genetic programming
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Mining exception-handling rules as sequence association rules
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Automatic mining of functionally equivalent code fragments via random testing
Proceedings of the eighteenth international symposium on Software testing and analysis
MSeqGen: object-oriented unit-test generation via mining source code
Proceedings of the the 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Graph-based mining of multiple object usage patterns
Proceedings of the the 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Demand-driven memory leak detection based on flow- and context-sensitive pointer analysis
Journal of Computer Science and Technology
Troubleshooting thousands of jobs on production grids using data mining techniques
GRID '08 Proceedings of the 2008 9th IEEE/ACM International Conference on Grid Computing
MAPO: Mining and Recommending API Usage Patterns
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Debugging in the (very) large: ten years of implementation and experience
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Inferno: streamlining verification with inferred semantics
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Finding concurrency bugs with context-aware communication graphs
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
Capability wrangling made easy: debugging on a microkernel with valgrind
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Why panic()?: improving reliability with restartable file systems
ACM SIGOPS Operating Systems Review
Efficient mining of recurrent rules from a sequence database
DASFAA'08 Proceedings of the 13th international conference on Database systems for advanced applications
Online inference and enforcement of temporal properties
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Effective interprocedural resource leak detection
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Scalable specification mining for verification and diagnosis
Proceedings of the 47th Design Automation Conference
Membrane: Operating system support for restartable file systems
ACM Transactions on Storage (TOS)
Static analysis for detecting taint-style vulnerabilities in web applications
Journal of Computer Security
End-to-end data integrity for file systems: a ZFS case study
FAST'10 Proceedings of the 8th USENIX conference on File and storage technologies
Membrane: operating system support for restartable file systems
FAST'10 Proceedings of the 8th USENIX conference on File and storage technologies
Tolerating file-system mistakes with EnvyFS
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Decaf: moving device drivers to a modern language
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Automatically generating predicates and solutions for configuration troubleshooting
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Automatically documenting program changes
Proceedings of the IEEE/ACM international conference on Automated software engineering
Automatic construction of an effective training set for prioritizing static analysis warnings
Proceedings of the IEEE/ACM international conference on Automated software engineering
An automated approach for finding variable-constant pairing bugs
Proceedings of the IEEE/ACM international conference on Automated software engineering
Scalable and systematic detection of buggy inconsistencies in source code
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
A graph-based approach to API usage adaptation
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Finding latent performance bugs in systems implementations
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Detecting missing method calls in object-oriented software
ECOOP'10 Proceedings of the 24th European conference on Object-oriented programming
FlowChecker: Detecting Bugs in MPI Libraries via Message Flow Checking
Proceedings of the 2010 ACM/IEEE International Conference for High Performance Computing, Networking, Storage and Analysis
DyGen: automatic generation of high-coverage tests via mining gigabytes of dynamic traces
TAP'10 Proceedings of the 4th international conference on Tests and proofs
Toward automated detection of logic vulnerabilities in web applications
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Making the common case the only case with anticipatory memory allocation
FAST'11 Proceedings of the 9th USENIX conference on File and stroage technologies
Proceedings of the sixth conference on Computer systems
Proceedings of the 8th Working Conference on Mining Software Repositories
Do time of day and developer experience affect commit bugginess?
Proceedings of the 8th Working Conference on Mining Software Repositories
aComment: mining annotations from comments and code to detect interrupt related concurrency bugs
Proceedings of the 33rd International Conference on Software Engineering
Experiences with text mining large collections of unstructured systems development artifacts at jpl
Proceedings of the 33rd International Conference on Software Engineering
A security policy oracle: detecting security holes using multiple API implementations
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Defective error/pointer interactions in the Linux kernel
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Detecting anomalies in the order of equally-typed method arguments
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering
Vulnerability extrapolation: assisted discovery of vulnerabilities using machine learning
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Static detection of access control vulnerabilities in web applications
SEC'11 Proceedings of the 20th USENIX conference on Security
Practical, low-effort equivalence verification of real code
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Mining temporal specifications from object usage
Automated Software Engineering
Inferring specifications for resources from natural language API documentation
Automated Software Engineering
Alattin: mining alternative patterns for defect detection
Automated Software Engineering
Finding resource-release omission faults in Linux
PLOS '11 Proceedings of the 6th Workshop on Programming Languages and Operating Systems
Configuration coverage in the analysis of large-scale system software
PLOS '11 Proceedings of the 6th Workshop on Programming Languages and Operating Systems
WAPTEC: whitebox analysis of web applications for parameter tampering exploit construction
Proceedings of the 18th ACM conference on Computer and communications security
Towards reliable storage systems
Towards reliable storage systems
Making the common case the only case with anticipatory memory allocation
ACM Transactions on Storage (TOS)
Finding resource-release omission faults in Linux
ACM SIGOPS Operating Systems Review
Configuration coverage in the analysis of large-scale system software
ACM SIGOPS Operating Systems Review
A review of race detection mechanisms
CSR'06 Proceedings of the First international computer science conference on Theory and Applications
Using static program analysis to aid intrusion detection
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Underspecified harnesses and interleaved bugs
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Linux kernel vulnerabilities: state-of-the-art defenses and open problems
Proceedings of the Second Asia-Pacific Workshop on Systems
Assuring application-level correctness against soft errors
Proceedings of the International Conference on Computer-Aided Design
Mining temporal specifications for error detection
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Understanding linux feature distribution
Proceedings of the 2012 workshop on Modularity in Systems Software
Fast black-box testing of system recovery code
Proceedings of the 7th ACM european conference on Computer Systems
STANSE: bug-finding framework for c programs
MEMICS'11 Proceedings of the 7th international conference on Mathematical and Engineering Methods in Computer Science
Iterative mining of resource-releasing specifications
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Understanding and detecting real-world performance bugs
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Mining effective temporal specifications from heterogeneous API data
Journal of Computer Science and Technology - Special issue on Natural Language Processing
Static detection of brittle parameter typing
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Detecting inconsistencies via universal reachability analysis
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Graph-based pattern-oriented, context-sensitive source code completion
Proceedings of the 34th International Conference on Software Engineering
Characterizing logging practices in open-source software
Proceedings of the 34th International Conference on Software Engineering
Statically checking API protocol conformance with mined multi-object specifications
Proceedings of the 34th International Conference on Software Engineering
Extending static analysis by mining project-specific rules
Proceedings of the 34th International Conference on Software Engineering
What is my program doing? program dynamics in programmer's terms
RV'11 Proceedings of the Second international conference on Runtime verification
Diagnosys: automatic generation of a debugging interface to the Linux kernel
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Dynamic property mining for embedded software
Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
Reusing debugging knowledge via trace-based bug search
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Collaborative energy debugging for mobile devices
HotDep'12 Proceedings of the Eighth USENIX conference on Hot Topics in System Dependability
Be conservative: enhancing failure diagnosis with proactive logging
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
Generalized vulnerability extrapolation using abstract syntax trees
Proceedings of the 28th Annual Computer Security Applications Conference
MemSafe: ensuring the spatial and temporal memory safety of C at runtime
Software—Practice & Experience
Software—Practice & Experience
Detecting missing method calls as violations of the majority rule
ACM Transactions on Software Engineering and Methodology (TOSEM)
Production-run software failure diagnosis via hardware performance counters
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Verifying systems rules using rule-directed symbolic execution
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Almost-correct specifications: a modular semantic framework for assigning confidence to warnings
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Inferring likely mappings between APIs
Proceedings of the 2013 International Conference on Software Engineering
LASE: locating and applying systematic edits by learning from examples
Proceedings of the 2013 International Conference on Software Engineering
Joogie: from Java through Jimple to Boogie
Proceedings of the 2nd ACM SIGPLAN International Workshop on State Of the Art in Java Program analysis
Inferring dependency constraints on parameters for web services
Proceedings of the 22nd international conference on World Wide Web
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Scalable and incremental software bug detection
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
PLDI 2002: Extended static checking for Java
ACM SIGPLAN Notices - Supplemental issue
Current challenges in automatic software repair
Software Quality Control
Chucky: exposing missing checks in source code for vulnerability discovery
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Scheduling black-box mutational fuzzing
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
Carat: collaborative energy diagnosis for mobile devices
Proceedings of the 11th ACM Conference on Embedded Networked Sensor Systems
VirtuOS: an operating system with kernel virtualization
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Do not blame users for misconfigurations
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Towards optimization-safe systems: analyzing the impact of undefined behavior
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Understanding the genetic makeup of Linux device drivers
Proceedings of the Seventh Workshop on Programming Languages and Operating Systems
On death, taxes, and sleep disorder bugs in smartphones
Proceedings of the Workshop on Power-Aware Computing and Systems
EnCore: exploiting system environment and correlation information for misconfiguration detection
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Ffsck: The Fast File-System Checker
ACM Transactions on Storage (TOS)
A Study of Linux File System Evolution
ACM Transactions on Storage (TOS)
The impact of the antivirus on the digital evidence
International Journal of Electronic Security and Digital Forensics
Ffsck: the fast file system checker
FAST'13 Proceedings of the 11th USENIX conference on File and Storage Technologies
A study of Linux file system evolution
FAST'13 Proceedings of the 11th USENIX conference on File and Storage Technologies
ViewBox: integrating local file systems with cloud storage services
FAST'14 Proceedings of the 12th USENIX conference on File and Storage Technologies
Comparison and evaluation of source code mining tools and techniques: A qualitative approach
Intelligent Data Analysis
Automated detection of parameter tampering opportunities and vulnerabilities in web applications
Journal of Computer Security
| Hi-index | 0.00 |
A major obstacle to finding program errors in a real system is knowing what correctness rules the system must obey. These rules are often undocumented or specified in an ad hoc manner. This paper demonstrates techniques that automatically extract such checking information from the source code itself, rather than the programmer, thereby avoiding the need for a priori knowledge of system rules.The cornerstone of our approach is inferring programmer "beliefs" that we then cross-check for contradictions. Beliefs are facts implied by code: a dereference of a pointer, p, implies a belief that p is non-null, a call to "unlock(1)" implies that 1 was locked, etc. For beliefs we know the programmer must hold, such as the pointer dereference above, we immediately flag contradictions as errors. For beliefs that the programmer may hold, we can assume these beliefs hold and use a statistical analysis to rank the resulting errors from most to least likely. For example, a call to "spin_lock" followed once by a call to "spin_unlock" implies that the programmer may have paired these calls by coincidence. If the pairing happens 999 out of 1000 times, though, then it is probably a valid belief and the sole deviation a probable error. The key feature of this approach is that it requires no a priori knowledge of truth: if two beliefs contradict, we know that one is an error without knowing what the correct belief is.Conceptually, our checkers extract beliefs by tailoring rule "templates" to a system --- for example, finding all functions that fit the rule template "a must be paired with b." We have developed six checkers that follow this conceptual framework. They find hundreds of bugs in real systems such as Linux and OpenBSD. From our experience, they give a dramatic reduction in the manual effort needed to check a large system. Compared to our previous work [9], these template checkers find ten to one hundred times more rule instances and derive properties we found impractical to specify manually.