English
Related papers

Related papers: C to Checked C by 3C

200 papers

Memory safety vulnerabilities remain prevalent in today's software systems and one promising solution to mitigate them is to adopt memory-safe languages such as Rust. Due to legacy code written in memory unsafe C, there is strong motivation…

Software Engineering · Computer Science 2025-12-11 Momoko Shiraishi , Yinzhi Cao , Takahiro Shinagawa

The functions standardized as part of ISO C 1999 and their addendums improved very little the security options from the previously available library. The largest flaw remained that no function asked for the buffer size of destination…

Software Engineering · Computer Science 2009-07-27 Marc-André Laverdière , Serguei A. Mokhov , Djamel Benredjem

Verification of software systems is a very hard problem due to the large size of program state-space. The traditional techniques (like model checking) do not scale; since they include the whole state-space by inlining the library function…

Logic in Computer Science · Computer Science 2010-05-03 Pritam Roy

Integer overflow accounts for one of the major source of bugs in software. Verification systems typically assume a well defined underlying semantics for various integer operations and do not explicitly check for integer overflow in…

Programming Languages · Computer Science 2019-09-23 Asankhaya Sharma

Propositional bounded model checking has been applied successfully to verify embedded software but is limited by the increasing propositional formula size and the loss of structure during the translation. These limitations can be reduced by…

Software Engineering · Computer Science 2009-07-14 Lucas Cordeiro , Bernd Fischer , Joao Marques-Silva

Reduction to the satisfiability problem for constrained Horn clauses (CHCs) is a widely studied approach to automated program verification. The current CHC-based methods for pointer-manipulating programs, however, are not very scalable.…

Programming Languages · Computer Science 2020-06-12 Yusuke Matsushita , Takeshi Tsukada , Naoki Kobayashi

Compiler-based Control-Flow Integrity (CFI) offers strong forward-edge protection but remains challenging to deploy in large C/C++ software due to visibility mismatches, type inconsistencies, and unintended behavioral failures. We present…

Software Engineering · Computer Science 2025-12-30 Sabine Houy , Bruno Kreyssig , Alexandre Bartel

We propose a conceptual integration of deductive program verification into existing user interfaces for software debugging. This integration is well-represented in the "Debug Adapter Protocol", a widely-used and generic technology to…

Logic in Computer Science · Computer Science 2021-08-09 Gidon Ernst , Johannes Blau , Toby Murray

The points-to problem is the problem of determining the possible run-time targets of pointer variables and is usually considered part of the more general aliasing problem, which consists in establishing whether and when different…

Programming Languages · Computer Science 2008-10-07 Stefano Soffia

The Move language provides abstractions for programming with digital assets via a mix of value semantics and reference semantics. Ensuring memory safety in programs with references that access a shared, mutable global ledger is difficult,…

Programming Languages · Computer Science 2022-05-12 Sam Blackshear , John Mitchell , Todd Nowacki , Shaz Qadeer

Certification through auditing allows to ensure that critical embedded systems are secure. This entails reviewing their critical components and checking for dangerous execution paths. This latter task requires the use of specialized tools…

Software Engineering · Computer Science 2023-03-08 Guilhem Lacombe , David Feliot , Etienne Boespflug , Marie-Laure Potet

Instrumenting programs for performing run-time checking of properties, such as regular shapes, is a common and useful technique that helps programmers detect incorrect program behaviors. This is specially true in dynamic languages such as…

Programming Languages · Computer Science 2018-04-09 Maximiliano Klemen , Nataliia Stulova , Pedro Lopez-Garcia , José F. Morales , Manuel V. Hermenegildo

In the context of deductive software verification, programs with pointers present a major challenge due to pointer aliasing. In this paper, we introduce pointers to SPARK, a well-defined subset of the Ada language, intended for formal…

Programming Languages · Computer Science 2017-10-20 Georges-Axel Jaloyan

Bounded Model Checking is one the most successful techniques for finding bugs in program. However, for programs with loops iterating over large-sized arrays, bounded model checkers often exceed the limit of resources available to them. We…

Programming Languages · Computer Science 2016-08-22 Anushri Jana , Uday P. Khedker , Advaita Datar , R Venkatesh , C Niyas

Software developers share programming solutions in Q&A sites like Stack Overflow. The reuse of crowd-sourced code snippets can facilitate rapid prototyping. However, recent research shows that the shared code snippets may be of low quality…

Software Engineering · Computer Science 2021-01-21 Morteza Verdi , Ashkan Sami , Jafar Akhondali , Foutse Khomh , Gias Uddin , Alireza Karami Motlagh

The development of safety-critical aerospace systems is traditionally dominated by the C language. Its language characteristics make it trivial to accidentally introduce memory safety issues resulting in undefined behavior or security…

Cryptography and Security · Computer Science 2024-05-29 Lukas Seidel , Julian Beier

This paper presents Efficient SMT-Based Context-Bounded Model Checker (ESBMC) v7.6, an extended version based on previous work on ESBMC v7.3 by K. Song et al. The v7.3 introduced a new Clang-based C++ front-end to address the challenges…

Logic in Computer Science · Computer Science 2025-05-23 Xianzhiyu Li , Kunjian Song , Mikhail R. Gadelha , Franz Brauße , Rafael S. Menezes , Konstantin Korovin , Lucas C. Cordeiro

The C programming language and its cousins such as C++ stipulate the static storage of sets of structured data: Developers have to commit to one, invariant data model -- typically a structure-of-arrays (SoA) or an array-of-structs (AoS) --…

Programming Languages · Computer Science 2025-09-16 Pawel K. Radtke , Tobias Weinzierl

Pointer analysis is foundational for many static analysis tasks, yet its effectiveness is often hindered by imprecise modeling of heap allocations, particularly in C/C++ programs where custom allocation functions (CAFs) are pervasive.…

Software Engineering · Computer Science 2025-12-01 Baijun Cheng , Kailong Wang , Ling Shi , Haoyu Wang , Peng Di , Ding Li , Xiangqun Chen , Yao Guo

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta