Multise: Multi-path symbolic execution using value summaries
Dynamic symbolic execution (DSE) has been proposed to effectively generate test inputs for
real-world programs. Unfortunately, DSE techniques do not scale well for large realistic …
real-world programs. Unfortunately, DSE techniques do not scale well for large realistic …
Shape analysis via second-order bi-abduction
We present a new modular shape analysis that can synthesize heap memory specification
on a per method basis. We rely on a second-order biabduction mechanism that can give …
on a per method basis. We rely on a second-order biabduction mechanism that can give …
Implicit dynamic frames
J Smans, B Jacobs, F Piessens - ACM Transactions on Programming …, 2012 - dl.acm.org
An important, challenging problem in the verification of imperative programs with shared,
mutable state is the frame problem in the presence of data abstraction. That is, one must be …
mutable state is the frame problem in the presence of data abstraction. That is, one must be …
Modular reasoning about heap paths via effectively propositional formulas
First order logic with transitive closure, and separation logic enable elegant interactive
verification of heap-manipulating programs. However, undecidabilty results and high …
verification of heap-manipulating programs. However, undecidabilty results and high …
Modular static analysis with zonotopes
E Goubault, S Putot, F Védrine - … , September 11-13, 2012. Proceedings 19, 2012 - Springer
Being able to analyze programs function by function, or module by module is a key
ingredient to scalable static analyses. The main difficulty for modular static analysis is to be …
ingredient to scalable static analyses. The main difficulty for modular static analysis is to be …
Abstract domains for automated reasoning about list-manipulating programs with infinite data
A Bouajjani, C Drăgoi, C Enea… - International Workshop on …, 2012 - Springer
We describe a framework for reasoning about programs with lists carrying integer numerical
data. We use abstract domains to describe and manipulate complex constraints on …
data. We use abstract domains to describe and manipulate complex constraints on …
Interprocedural shape analysis using separation logic-based transformer summaries
Shape analyses aim at inferring semantic invariants related to the data-structures that
programs manipulate. To achieve that, they typically abstract the set of reachable states. By …
programs manipulate. To achieve that, they typically abstract the set of reachable states. By …
Modular construction of shape-numeric analyzers
The aim of static analysis is to infer invariants about programs that are precise enough to
establish semantic properties, such as the absence of run-time errors. Broadly speaking …
establish semantic properties, such as the absence of run-time errors. Broadly speaking …
On inter-procedural analysis of programs with lists and data
A Bouajjani, C Drăgoi, C Enea, M Sighireanu - ACM SIGPLAN Notices, 2011 - dl.acm.org
We address the problem of automatic synthesis of assertions on sequential programs with
singly-linked lists containing data over infinite domains such as integers or reals. Our …
singly-linked lists containing data over infinite domains such as integers or reals. Our …
[图书][B] Shape analysis
YJ Zhang, YJ Zhang - 2021 - Springer
Shape Analysis | SpringerLink Skip to main content Advertisement SpringerLink Account Menu
Find a journal Publish with us Track your research Search Cart Book cover Handbook of Image …
Find a journal Publish with us Track your research Search Cart Book cover Handbook of Image …