POPL '88 Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
PLDI '91 Proceedings of the ACM SIGPLAN 1991 conference on Programming language design and implementation
POPL '93 Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Type inference with polymorphic recursion
ACM Transactions on Programming Languages and Systems (TOPLAS)
A syntactic approach to type soundness
Information and Computation
Precise interprocedural dataflow analysis via graph reachability
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Simple imperative polymorphism
Lisp and Symbolic Computation - Special issue on state in programming languages (part I)
Demand interprocedural dataflow analysis
SIGSOFT '95 Proceedings of the 3rd ACM SIGSOFT symposium on Foundations of software engineering
Catching bugs in the web of program invariants
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Static detection of dynamic memory errors
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Satisfiability of inequalities in a poset
Fundamenta Informaticae - Special issue: to the memory of Prof. Helena Rasiowa
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Partial online cycle elimination in inclusion constraint graphs
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Parametric shape analysis via 3-valued logic
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Pointer analysis for programs with structures and casting
Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation
Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation
Proceedings of the 1999 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Type systems for distributed data structures
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A static analyzer for finding dynamic programming errors
Software—Practice & Experience
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
A lattice model of secure information flow
Communications of the ACM
Type-base flow analysis: from polymorphic subtyping to CFL-reachability
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
The pointer assertion logic engine
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Ultra-fast aliasing analysis using CLA: a million lines of C code in a second
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces
SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Types and programming languages
Types and programming languages
Flow-sensitive type qualifiers
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Adoption and focus: practical linear types for imperative programming
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
ESP: path-sensitive program verification in polynomial time
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
A system and language for building system-specific, static analyses
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Region-based memory management in cyclone
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Programming Perl
From symptom to cause: localizing errors in counterexample traces
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient Type Inference for Higher-Order Binding-Time Analysis
Proceedings of the 5th ACM Conference on Functional Programming Languages and Computer Architecture
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
SAS '95 Proceedings of the Second International Symposium on Static Analysis
Tractable Constraints in Finite Semilattices
SAS '96 Proceedings of the Third International Symposium on Static Analysis
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
An Extended Static Checker for Modular-3
CC '98 Proceedings of the 7th International Conference on Compiler Construction
Checking and inferring local non-aliasing
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
ITS4: A static vulnerability scanner for C and C++ code
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Cyclone User''s Manual, Version 0.1.3
Cyclone User''s Manual, Version 0.1.3
Type qualifiers: lightweight specifications to improve software quality
Type qualifiers: lightweight specifications to improve software quality
An effective theory of type refinements
ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
MECA: an extensible, expressive system and language for statically checking security properties
Proceedings of the 10th ACM conference on Computer and communications security
Transparent proxies for java futures
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Visualizing type qualifier inference with Eclipse
eclipse '04 Proceedings of the 2004 OOPSLA workshop on eclipse technology eXchange
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Scrash: a system for generating secure crash information
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Finding user/kernel pointer bugs with type inference
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Practical memory leak detection using guarded value-flow analysis
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Finding user/kernel pointer bugs with type inference
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Jifclipse: development tools for security-typed languages
Proceedings of the 2007 workshop on Programming languages and analysis for security
Large-scale analysis of format string vulnerabilities in Debian Linux
Proceedings of the 2007 workshop on Programming languages and analysis for security
ABASH: finding bugs in bash scripts
Proceedings of the 2007 workshop on Programming languages and analysis for security
Type qualifier inference for java
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Contextual effects for version-consistent dynamic software updating and safe concurrent programming
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Rule-based static analysis of network protocol implementations
Information and Computation
A generic type-and-effect system
Proceedings of the 4th international workshop on Types in language design and implementation
Sound and Complete Type Inference for a Systems Programming Language
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Automatic generation of library bindings using static analysis
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Mixing type checking and symbolic execution
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
LOCKSMITH: Practical static race detection for C
ACM Transactions on Programming Languages and Systems (TOPLAS)
An empirical study of object protocols in the wild
Proceedings of the 25th European conference on Object-oriented programming
Implicit self-adjusting computation for purely functional programs
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Existential label flow inference via CFL reachability
SAS'06 Proceedings of the 13th international conference on Static Analysis
Lightweight polymorphic effects
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
Practical information flow for legacy web applications
Proceedings of the 8th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems
MrCrypt: static analysis for secure cloud computations
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Toward general diagnosis of static errors
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Hi-index | 0.00 |
We describe flow-insensitive type qualifiers, a lightweight, practical mechanism for specifying and checking properties not captured by traditional type systems. We present a framework for adding new, user-specified type qualifiers to programming languages with static type systems, such as C and Java. In our system, programmers add a few type qualifier annotations to their program, and automatic type qualifier inference determines the remaining qualifiers and checks the annotations for consistency. We describe a tool CQual for adding type qualifiers to the C programming language. Our tool CQual includes a visualization component for displaying browsable inference results to the programmer. Finally, we present several experiments using our tool, including inferring const qualifiers, finding security vulnerabilities in several popular C programs, and checking initialization data usage in the Linux kernel. Our results suggest that inference and visualization make type qualifiers lightweight, that type qualifier inference scales to large programs, and that type qualifiers are applicable to a wide variety of problems.