English
Related papers

Related papers: C Analyzer : A Static Program Analysis Tool for C …

200 papers

Nowadays, as machine-learned software quickly permeates our society, we are becoming increasingly vulnerable to programming errors in the data pre-processing or training software, as well as errors in the data itself. In this paper, we…

Programming Languages · Computer Science 2020-07-22 Caterina Urban

This paper describes how to adapt a static code analyzer to help novice programmers. Current analyzers have been built to give feedback to experienced programmers who build new applications or systems. The type of feedback and the type of…

Software Engineering · Computer Science 2017-10-03 Tim Blok , Ansgar Fehnker

We present a general model allowing static analysis based on abstract interpretation for systems of communicating processes. Our technique, inspired by Regular Model Checking, represents set of program states as lattice automata and…

Software Engineering · Computer Science 2016-11-29 Vincent Botbol , Emmanuel Chailloux , Tristan Le Gall

Static analysis is a growing application of software engineering, leading to a range of essential security tools, bug-finding tools, as well as software verification. Recent years show an increase of universal static analysis tools that…

Programming Languages · Computer Science 2024-04-22 Avi Hayoun , Veselin Raychev , Jack Hair

Static analysis tools typically address the problem of excessive false positives by requiring programmers to explicitly annotate their code. However, when faced with incomplete annotations, many analysis tools are either too conservative,…

Programming Languages · Computer Science 2021-07-16 Sam Estep , Jenna Wise , Jonathan Aldrich , Éric Tanter , Johannes Bader , Joshua Sunshine

We propose a method for automatically generating abstract transformers for static analysis by abstract interpretation. The method focuses on linear constraints on programs operating on rational, real or floating-point variables and…

Logic in Computer Science · Computer Science 2019-03-14 David Monniaux

Formally verified compilers and formally verified static analyzers are a solution to the problem that certain industries face when they have to demonstrate to authorities that the object code they run truly corresponds to its source code…

Logic in Computer Science · Computer Science 2024-07-12 David Monniaux

While program comprehension tools often use static program analysis techniques to obtain useful information, they usually work only with sufficiently scalable techniques with limited precision. A possible improvement of this approach is to…

Software Engineering · Computer Science 2025-03-21 Robert Husák , Jan Kofroň , Filip Zavoral

Static code analysis is a powerful approach to detect quality deficiencies such as performance bottlenecks, safety violations or security vulnerabilities already during a software system's implementation. Yet, as current software systems…

Software Engineering · Computer Science 2017-10-23 Eric Bodden

We propose a method for automatically generating abstract transformers for static analysis by abstract interpretation. The method focuses on linear constraints on programs operating on rational, real or floating-point variables and…

Programming Languages · Computer Science 2010-07-28 David Monniaux

Human written source code in imperative programming languages exhibits typical patterns for variable use such as flags, loop iterators, counters, indices, bitvectors etc. Although it is widely understood by practitioners that these variable…

Programming Languages · Computer Science 2013-06-17 Yulia Demyanova , Helmut Veith , Florian Zuleger

This tutorial provides an introduction to CPAchecker for users. CPAchecker is a flexible and configurable framework for software verification and testing. The framework provides many abstract domains, such as BDDs, explicit values,…

The traditional abstract domain framework for imperative programs suffers from several shortcomings; in particular it does not allow precise symbolic abstractions. To solve these problems, we propose a new abstract interpretation framework,…

Software Engineering · Computer Science 2018-01-01 Matthieu Lemerre , Sébastien Bardin

In this paper, we present the CPG analysis platform, which enables the translation of source code into a programming language-independent representation, based on a code property graph. This allows security experts and developers to capture…

Cryptography and Security · Computer Science 2022-03-17 Konrad Weiss , Christian Banse

Migration to OCaml 5 requires updating a lot of C bindings due to the removal of naked pointer support. Writing OCaml user-defined primitives in C is a necessity, but is unsafe and error-prone. It does not benefit from either OCaml's or C's…

Programming Languages · Computer Science 2023-07-31 Edwin Török

Static security analysis is a widely used technique for detecting software vulnerabilities across a wide range of weaknesses, application domains, and programming languages. While prior work surveyed static analyzes for specific weaknesses…

Cryptography and Security · Computer Science 2026-02-23 Kevin Hermann , Sven Peldszus , Thorsten Berger

Verification of software systems is a very hard problem due to the large size of program state-space. The traditional techniques (like model checking) do not scale; since they include the whole state-space by inlining the library function…

Logic in Computer Science · Computer Science 2010-05-03 Pritam Roy

We develop the first theory of control-flow graphs from first principles, and use it to create an algorithm for automatically synthesizing many variants of control-flow graph generators from a language's operational semantics. Our approach…

Programming Languages · Computer Science 2022-07-25 James Koppel , Jackson Kearl , Armando Solar-Lezama

Complexity analysis offers assurance of program's runtime behavior, but large classes of programs remain unanalyzable by existing automated techniques.The mwp-flow analysis sidesteps many difficulties shared by existing approaches, and…

Programming Languages · Computer Science 2023-03-21 Clément Aubert , Thomas Rubiano , Neea Rusch , Thomas Seiller

Static analysis is widely used for software assurance. However, static analysis tools can report an overwhelming number of warnings, many of which are false positives. Applying static analysis to a new version, a large number of warnings…

Software Engineering · Computer Science 2023-05-05 Xiuyuan Guo , Ashwin Kallingal Joshy , Benjamin Steenhoek , Wei Le , Lori Flynn