English
Related papers

Related papers: C Analyzer : A Static Program Analysis Tool for C …

200 papers

We propose a memory abstraction able to lift existing numerical static analyses to C programs containing union types, pointer casts, and arbitrary pointer arithmetics. Our framework is that of a combined points-to and data-value analysis.…

Programming Languages · Computer Science 2016-08-14 Antoine Miné

Early identification of security issues in software development is vital to minimize their unanticipated impacts. Code review is a widely used manual analysis method that aims to uncover security issues along with other coding issues in…

Software Engineering · Computer Science 2024-07-18 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Static program analysis is used to summarize properties over all dynamic executions. In a unifying approach based on 3-valued logic properties are either assigned a definite value or unknown. But in summarizing a set of executions, a…

Programming Languages · Computer Science 2017-07-14 Jacob Lidman , Josef Svenningsson

Static analysis approximates the results of a program by examining only its syntax. For example, control-flow analysis (CFA) determines which syntactic lambdas (for functional languages) or (for object-oriented) methods may be invoked at…

Programming Languages · Computer Science 2021-07-28 Davis Ross Silverman , Yihao Sun , Kristopher Micinski , Thomas Gilray

Instrumenting programs for performing run-time checking of properties, such as regular shapes, is a common and useful technique that helps programmers detect incorrect program behaviors. This is specially true in dynamic languages such as…

Programming Languages · Computer Science 2018-04-09 Maximiliano Klemen , Nataliia Stulova , Pedro Lopez-Garcia , José F. Morales , Manuel V. Hermenegildo

C-RASP is a simple programming language that was recently shown to capture concepts expressible by transformers. In this paper, we develop new algorithmic techniques for automatically verifying C-RASPs. To this end, we establish a…

Machine Learning · Computer Science 2026-05-19 Hongjian Jiang , Matthew Hague , Philipp Rümmer , Anthony Widjaja Lin

We present \synver{}, a novel synthesis and verification framework for C programs, that deploys a Large Language Model (LLM) to search for a candidate program that satisfies the given specification. Our key idea is to impose syntactic and…

Programming Languages · Computer Science 2025-10-21 Prasita Mukherjee , Benjamin Delaware

--- Portuguese version As falhas de software est\~ao com frequ\^encia associadas a acidentes com graves consequ\^encias econ\'omicas e/ou humanas, pelo que se torna imperioso investir na valida\c{c}\~ao do software, nomeadamente daquele que…

Software Engineering · Computer Science 2018-07-24 Patrícia Monteiro , João Lourenço , António Ravara

In this paper, we identify a fragment of second-order logic with restricted quantification that is expressive enough to capture numerous static analysis problems (e.g. safety proving, bug finding, termination and non-termination proving,…

Logic in Computer Science · Computer Science 2015-09-01 Cristina David , Daniel Kroening , Matt Lewis

Several software systems are polyglot; that is, they comprise programs implemented in a combination of programming languages. Verifiers that directly run on mainstream programming languages are currently customized for single languages.…

Programming Languages · Computer Science 2025-10-14 Pei-Wei Chen , Shaokai Lin , Adwait Godbole , Ramneet Singh , Elizabeth Polgreen , Edward A. Lee , Sanjit A. Seshia

Flaw-finding static analysis tools typically generate large volumes of code flaw alerts including many false positives. To save on human effort to triage these alerts, a significant body of work attempts to use machine learning to classify…

Software Engineering · Computer Science 2021-05-11 Lori Flynn , William Snavely , Zachary Kurtz

The C and C++ programming languages are notoriously insecure yet remain indispensable. Developers therefore resort to a multi-pronged approach to find security issues before adversaries. These include manual, static, and dynamic program…

Cryptography and Security · Computer Science 2018-06-13 Dokyung Song , Julian Lettner , Prabhu Rajasekaran , Yeoul Na , Stijn Volckaert , Per Larsen , Michael Franz

Convex polyhedral abstractions of logic programs have been found very useful in deriving numeric relationships between program arguments in order to prove program properties and in other areas such as termination and complexity analysis. We…

Programming Languages · Computer Science 2007-12-18 Kim Henriksen , Gourinath Banda , John Gallagher

Static analysis tools come in many forms andconfigurations, allowing them to handle various tasks in a (secure) development process: code style linting, bug/vulnerability detection, verification, etc., and adapt to the specific requirements…

In this paper, we present a novel marriage of static and dynamic analysis. Given a large code base with many functions and a mature test suite, we propose using static analysis to find functions 1) with assertions or other evident…

Software Engineering · Computer Science 2016-09-22 Mohammad Amin Alipour , Alex Groce , Chaoqiang Zhang , Anahita Sanadaji , Gokul Caushik

The points-to problem is the problem of determining the possible run-time targets of pointer variables and is usually considered part of the more general aliasing problem, which consists in establishing whether and when different…

Programming Languages · Computer Science 2008-10-07 Stefano Soffia

Compilers can specialize programs having invariants for performance improvement. Detecting program invariants that span large and complex code, however, is difficult for compilers. Traditional compilers do not perform very expensive…

Programming Languages · Computer Science 2019-07-01 Wei He

How to apply automated verification technology such as model checking and static program analysis to millions of lines of embedded C/C++ code? How to package this technology in a way that it can be used by software developers and engineers,…

Software Engineering · Computer Science 2013-01-03 Ralf Huuck

We launch Parf - a toolkit for adaptively tuning abstraction strategies of static program analyzers in a fully automated manner. Parf models various types of external parameters (encoding abstraction strategies) as random variables subject…

Software Engineering · Computer Science 2025-10-17 Zhongyi Wang , Mingshuai Chen , Tengjie Lin , Linyu Yang , Junhao Zhuo , Qiuye Wang , Shengchao Qin , Xiao Yi , Jianwei Yin

This paper investigates code LLMs' capability of static analysis during code intelligence tasks such as code summarization and generation. Code LLMs are now household names for their abilities to do some programming tasks that have…

Software Engineering · Computer Science 2026-03-27 Chia-Yi Su , Collin McMillan