Filters








33,674 Hits in 7.4 sec

A Case for Using Data-Flow Analysis to Optimize Incremental Scope-Bounded Checking [chapter]

Danhua Shao, Divya Gopinath, Sarfraz Khurshid, Dewayne E. Perry
2010 Lecture Notes in Computer Science  
Given a program and its correctness specification, scope-bounded checking encodes control-flow and data-flow of bounded code segments into declarative formulas and uses constraint solvers to search for  ...  We have developed a new approach that optimizes incremental checking using the program's data-flow, specifically variabledefinitions.  ...  for scope-bounded checking.  ... 
doi:10.1007/978-3-642-11811-1_30 fatcat:wkjdesvfsjhyzhcepnr6k4ygqa

Optimizing Incremental Scope-Bounded Checking with Data-Flow Analysis

Danhua Shao, Divya Gopinath, Sarfraz Khurshid, Dewayne E. Perry
2010 2010 IEEE 21st International Symposium on Software Reliability Engineering  
We present a novel approach to optimize incremental scope-bounded checking of programs using a relational constraint solver.  ...  Given a program and its correctness specification, scope-bounded checking encodes control-flow and data-flow of bounded code segments into declarative formulas and uses constraint solvers to search for  ...  Our previous work on incremental scope-bounded checking [33] used control-flow as the basis of a splitting strategy.  ... 
doi:10.1109/issre.2010.27 dblp:conf/issre/ShaoGKP10 fatcat:cg4u3uej4jhobowcfhwpz4xw5a

An Incremental Approach to Scope-Bounded Checking Using a Lightweight Formal Method [chapter]

Danhua Shao, Sarfraz Khurshid, Dewayne E. Perry
2009 Lecture Notes in Computer Science  
We present a novel approach to optimize scope-bounded checking programs using a relational constraint solver.  ...  The partitions can be checked independently, and thus the problem of scope-bounded checking for the given program reduces to several sub-problems, where each sub-problem requires the constraint solver  ...  Acknowledgments We thank Greg Dennis for his help on the Forge framework. This work was supported in part by NSF grants IIS-0438967, CCF-0702680, and CCF-0845628, and AFOSR grant FA9550-09-1-0351.  ... 
doi:10.1007/978-3-642-05089-3_48 fatcat:lzhaqx76o5aqfdg4ewyxexzrke

ABCD

Rastislav Bodík, Rajiv Gupta, Vivek Sarkar
2000 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation - PLDI '00  
Using existing powerful bounds-check optimizers at run time is not feasible, however, because they are too heavyweight for the dynamic compilation setting.  ...  First, ABCD works on a representation. As a result, it requires on average fewer than 10 simple analysis steps per bounds check. Second, ABCD is demand-driven.  ...  We also thank the anonymous referees for their suggestions. Thanks to Tom Reps for the discussions on the relationship of between the inequality graph, hypergraphs and grammar problems.  ... 
doi:10.1145/349299.349342 dblp:conf/pldi/BodikGS00 fatcat:zr52dvlcgze4xdwn7lplxpal5m

ABCD

Rastislav Bodík, Rajiv Gupta, Vivek Sarkar
2000 SIGPLAN notices  
Using existing powerful bounds-check optimizers at run time is not feasible, however, because they are too heavyweight for the dynamic compilation setting.  ...  First, ABCD works on a representation. As a result, it requires on average fewer than 10 simple analysis steps per bounds check. Second, ABCD is demand-driven.  ...  We also thank the anonymous referees for their suggestions. Thanks to Tom Reps for the discussions on the relationship of between the inequality graph, hypergraphs and grammar problems.  ... 
doi:10.1145/358438.349342 fatcat:2l7hliy7iffxdkqw5m42ia6ff4

Analysis and Transformations for Efficient Query-Based Debugging

Michael Gorbovitski, K. Tuncay Tekle, Tom Rothamel, Scott D. Stoller, Yanhong A. Liu
2008 2008 Eighth IEEE International Working Conference on Source Code Analysis and Manipulation  
The alias analysis extends the flow-sensitive intraprocedural analysis to an efficient flow-sensitive interprocedural analysis for an objectoriented language with also a form of context sensitivity.  ...  This paper describes a framework that supports powerful queries in debugging tools, and describes in particular the transformations, alias analysis, and type analysis used to make the queries efficient  ...  A similar encoding to f unc const is used for bound methods (method bound ).  ... 
doi:10.1109/scam.2008.27 dblp:conf/scam/GorbovitskiTRSL08 fatcat:24zj6w3atver3cj7ebt344bz2i

Improving Test Generation under Rich Contracts by Tight Bounds and Incremental SAT Solving

Pablo Abad, Nazareno Aguirre, Valeria Bengolea, Daniel Ciolek, Marcelo F. Frias, Juan Galeotti, Tom Maibaum, Mariano Moscato, Nicolas Rosner, Ignacio Vissani
2013 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation  
We present a novel and general technique for automated test generation that combines tight bounds with incremental SAT solving.  ...  The proposed technique uses incremental SAT to build test suites targeting a specific testing criterion, amongst various black-box and white-box criteria.  ...  Acknowledgements The authors would like to thank the anonymous referees for their helpful comments.  ... 
doi:10.1109/icst.2013.46 dblp:conf/icst/AbadABCFGMMRV13 fatcat:qo5zbj6htfeutdsmqcvcff6g5u

Alias analysis for optimization of dynamic languages

Michael Gorbovitski, Yanhong A. Liu, Scott D. Stoller, Tom Rothamel, Tuncay K. Tekle
2010 Proceedings of the 6th symposium on Dynamic languages - DLS '10  
The analysis is flow-sensitive; we show that this is necessary for effective optimization of dynamic languages.  ...  This paper describes the development and experimental evaluation of a may-alias analysis for a full dynamic objectoriented language, for program optimization by incrementalization and specialization.  ...  Data points are missing for cases where the analysis ran out of memory or time (limited to 4 hours).  ... 
doi:10.1145/1869631.1869635 dblp:conf/dls/GorbovitskiLSRT10 fatcat:wn2qlurqgbbrvmtpvfht4qmoyq

Alias analysis for optimization of dynamic languages

Michael Gorbovitski, Yanhong A. Liu, Scott D. Stoller, Tom Rothamel, Tuncay K. Tekle
2010 SIGPLAN notices  
The analysis is flow-sensitive; we show that this is necessary for effective optimization of dynamic languages.  ...  This paper describes the development and experimental evaluation of a may-alias analysis for a full dynamic objectoriented language, for program optimization by incrementalization and specialization.  ...  Data points are missing for cases where the analysis ran out of memory or time (limited to 4 hours).  ... 
doi:10.1145/1899661.1869635 fatcat:inx6qiujbfh65cx544xpl3oy44

Efficient runtime invariant checking

Michael Gorbovitski, Tom Rothamel, Yanhong A. Liu, Scott D. Stoller
2008 Proceedings of the 2008 international workshop on dynamic analysis held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2008) - WODA '08  
as well as recording history data for use in queries.  ...  This paper describes a general and powerful framework for efficient runtime invariant checking.  ...  InvTS uses control-flow, data-flow, type, and alias information to evaluate as many of these checks as possible at compile time, to reduce the runtime overhead of maintaining the query result.  ... 
doi:10.1145/1401827.1401837 dblp:conf/issta/GorbovitskiRLS08 fatcat:gy2phwybrfe5zgj5sfl4lnlrt4

BLITZ: Compositional bounded model checking for real-world programs

Chia Yuan Cho, Vijay D'Silva, Dawn Song
2013 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE)  
Bounded Model Checking (BMC) for software is a precise bug-finding technique that builds upon the efficiency of modern SAT and SMT solvers.  ...  A second novelty is to use the control-and data-flow of the program as well as information from proofs to prune the set of variables and procedures considered and hence, generate smaller instances.  ...  ACKNOWLEDGMENTS We thank the anonymous reviewers for their valuable feedback.  ... 
doi:10.1109/ase.2013.6693074 dblp:conf/kbse/ChoDS13 fatcat:3khhxlz3nffzbmuaaaycj6iige

Computing Exact Loop Bounds for Bounded Program Verification [chapter]

Tianhai Liu, Shmuel Tyszberowicz, Bernhard Beckert, Mana Taghdiri
2017 Lecture Notes in Computer Science  
We compute the loop bounds by encoding the program and its specification as a logical formula, and solve it using an SMT solver.  ...  We present a new approach for automatically calculating exact loop bounds, i.e., the greatest lower bound and the least upper bound, based on the number of objects.  ...  The incremental bounded model checker NBIS [11] can be used to compute loop upper bounds.  ... 
doi:10.1007/978-3-319-69483-2_9 fatcat:tka5i6odhrbujisxgsrmmq3bba

FlowSpec: A Declarative Specification Language for Intra-Procedural Flow-Sensitive Data-Flow Analysis

Jeff Smits, Guido Wachsmuth, Eelco Visser
2019 Journal of Computer Languages  
In previous work researchers have proposed higher-level formalisms suitable for wholeprogram analysis in a separate tool, incremental analysis within editors, or bound to a specific intermediate representation  ...  In the implementation of compiler back-ends, data-flow analyses inform optimizations. • Data-flow analysis has an established theoretical foundation.  ...  Acknowledgements We would like to thank Peter Mosses, the anonymous reviewers of SLE'17 and the anonymous reviewers of COMLAN'18 for their valuable feedback and suggestions.  ... 
doi:10.1016/j.cola.2019.100924 fatcat:kclleykm3vfd3hd7t7n7jf6uau

Checked C: Making C Safe by Extension

Archibald Samuel Elliott, Andrew Ruef, Michael Hicks, David Tarditi
2018 2018 IEEE Cybersecurity Development (SecDev)  
More interestingly, Checked C introduces the notions of a checked region and bounds-safe interfaces.  ...  Like past approaches to a safer C, Checked C employs a form of checked pointer whose accesses can be statically or dynamically verified.  ...  Checked blocks allow for incremental conversion at a finer level of granularity than functions.  ... 
doi:10.1109/secdev.2018.00015 dblp:conf/secdev/ElliottR0T18 fatcat:rqxs6ru6nzd5njvwktkzzgclru

Beyond Bug-Finding: Sound Program Analysis for Linux

Zachary R. Anderson, Eric A. Brewer, Jeremy Condit, Robert Ennals, David Gay, Matthew Harren, George C. Necula, Feng Zhou
2007 USENIX Workshop on Hot Topics in Operating Systems  
It is time for us to focus on sound analyses for our critical systems software-that is, we must focus on analyses that ensure the absence of defects of particular known types, rather than best-effort bug-finding  ...  Sound analyses of this sort can check a wide variety of properties and will ultimately yield more reliable code than bug-finding alone.  ...  A delayed free scope simply delays all frees (and the associated reference count check) that happen inside it until its end, greatly simplifying the checks for complex or cyclical data structures.  ... 
dblp:conf/hotos/AndersonBCEGHNZ07 fatcat:l6afjicsnrgdjcnzsotsfncwny
« Previous Showing results 1 — 15 out of 33,674 results