Survey of approaches for postprocessing of static analysis alarms
T Muske, A Serebrenik - ACM Computing Surveys (CSUR), 2022 - dl.acm.org
Static analysis tools have showcased their importance and usefulness in automated
detection of defects. However, the tools are known to generate a large number of alarms …
detection of defects. However, the tools are known to generate a large number of alarms …
Typestate-guided fuzzer for discovering use-after-free vulnerabilities
Existing coverage-based fuzzers usually use the individual control flow graph (CFG) edge
coverage to guide the fuzzing process, which has shown great potential in finding …
coverage to guide the fuzzing process, which has shown great potential in finding …
Continuous reasoning: Scaling the impact of formal methods
PW O'Hearn - Proceedings of the 33rd annual ACM/IEEE symposium …, 2018 - dl.acm.org
This paper describes work in continuous reasoning, where formal reasoning about a
(changing) codebase is done in a fashion which mirrors the iterative, continuous model of …
(changing) codebase is done in a fashion which mirrors the iterative, continuous model of …
Finding real bugs in big programs with incorrectness logic
Incorrectness Logic (IL) has recently been advanced as a logical theory for compositionally
proving the presence of bugs—dual to Hoare Logic, which is used to compositionally prove …
proving the presence of bugs—dual to Hoare Logic, which is used to compositionally prove …
Survey of approaches for handling static analysis alarms
T Muske, A Serebrenik - 2016 IEEE 16th International Working …, 2016 - ieeexplore.ieee.org
Static analysis tools have showcased their importance and usefulness in automated
detection of code anomalies and defects. However, the large number of alarms reported and …
detection of code anomalies and defects. However, the large number of alarms reported and …
Maximal specification synthesis
Many problems in program analysis, verification, and synthesis require inferring
specifications of unknown procedures. Motivated by a broad range of applications, we …
specifications of unknown procedures. Motivated by a broad range of applications, we …
Specification synthesis with constrained Horn clauses
The problem of synthesizing specifications of undefined procedures has a broad range of
applications, but the usefulness of the generated specifications depends on their quality. In …
applications, but the usefulness of the generated specifications depends on their quality. In …
Weakest precondition inference for non-deterministic linear array programs
S Sumanth Prabhu, D D'Souza, S Chakraborty… - … Conference on Tools …, 2024 - Springer
Precondition inference is an important problem with many applications. Existing
precondition inference techniques for programs with arrays have limited ability to find and …
precondition inference techniques for programs with arrays have limited ability to find and …
Synthesizing environment invariants for modular hardware verification
H Zhang, W Yang, G Fedyukovich, A Gupta… - … , Model Checking, and …, 2020 - Springer
We automate synthesis of environment invariants for modular hardware verification in
processors and application-specific accelerators, where functional equivalence is proved …
processors and application-specific accelerators, where functional equivalence is proved …
Taming the static analysis beast
J Toman, D Grossman - 2nd Summit on Advances in …, 2017 - drops.dagstuhl.de
While industrial-strength static analysis over large, real-world codebases has become
commonplace, so too have difficult-to-analyze language constructs, large libraries, and …
commonplace, so too have difficult-to-analyze language constructs, large libraries, and …