We propose a memory abstraction able to lift existing numerical static analyses to C programs containing union types, pointer casts, and arbitrary pointer arithmetics. Our framework is that of a combined points-to and data-value analysis. We abstract the contents of compound variables in a field-sensitive way, whether these fields contain numeric or pointer values, and use stock numerical abstract domains to find an overapproximation of all possible memory states— with the ability to discover relationships between variables. A main novelty of our approach is the dynamic mapping scheme we use to associate a flat collection of abstract cells of scalar type to the set of accessed memory locations, while taking care of byte-level aliases—i.e., ...
This work was also published as a Rice University thesis/dissertation: http://hdl.handle.net/1911/19...
We present a few lightweight numeric abstract domains to analyze C programs that ex-ploit the binary...
Abstract. Array-Range Analysis computes at compile time the range of possible index values for each ...
International audienceWe propose a memory abstraction able to lift existing numerical static analyse...
Static analysis of programs in weakly typed languages such as C and C++ is generally not sound becau...
We present a field-sensitive pointer analysis algorithm for C in the presence of type conversion bet...
International audienceAbstract interpretation provides advanced techniques to infer numerical invari...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
International audienceTo understand and detect possible errors in programs manipulating memory, stat...
ABSTRACT The subject of this paper is flow-and context-insensitive pointer analysis. We present a no...
Static analysis of programs in weakly typed languages such as C and C++ generally is not guaranteed ...
AbstractThe C language does not have a specific Boolean type: Boolean values are encoded with intege...
Abstract. Shared and mutable data-structures pose major problems in static analysis and most analyze...
International audienceThe C language does not have a specific Boolean type: Boolean values are encod...
Many powerful code optimization techniques rely on accurate information connecting the definitions a...
This work was also published as a Rice University thesis/dissertation: http://hdl.handle.net/1911/19...
We present a few lightweight numeric abstract domains to analyze C programs that ex-ploit the binary...
Abstract. Array-Range Analysis computes at compile time the range of possible index values for each ...
International audienceWe propose a memory abstraction able to lift existing numerical static analyse...
Static analysis of programs in weakly typed languages such as C and C++ is generally not sound becau...
We present a field-sensitive pointer analysis algorithm for C in the presence of type conversion bet...
International audienceAbstract interpretation provides advanced techniques to infer numerical invari...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
International audienceTo understand and detect possible errors in programs manipulating memory, stat...
ABSTRACT The subject of this paper is flow-and context-insensitive pointer analysis. We present a no...
Static analysis of programs in weakly typed languages such as C and C++ generally is not guaranteed ...
AbstractThe C language does not have a specific Boolean type: Boolean values are encoded with intege...
Abstract. Shared and mutable data-structures pose major problems in static analysis and most analyze...
International audienceThe C language does not have a specific Boolean type: Boolean values are encod...
Many powerful code optimization techniques rely on accurate information connecting the definitions a...
This work was also published as a Rice University thesis/dissertation: http://hdl.handle.net/1911/19...
We present a few lightweight numeric abstract domains to analyze C programs that ex-ploit the binary...
Abstract. Array-Range Analysis computes at compile time the range of possible index values for each ...