Incorrectness Logic (IL) has recently been advanced as a logical theory for compositionally proving the presence of bugs—dual to Hoare Logic, which is used to compositionally prove their absence. Though IL was motivated in large part by the aim of providing a logical foundation for bug-catching program analyses, it has remained an open question: is IL useful only retrospectively (to explain existing analyses), or can it actually be useful in developing new analyses which can catch real bugs in big programs? In this work, we develop Pulse-X, a new, automatic program analysis for catching memory errors, based on ISL, a recent synthesis of IL and separation logic. Using Pulse-X, we have found 15 new real bugs in OpenSSL, which we have reported...
This is the artifact for the OOPSLA'22 paper “Finding Real Bugs in Big Programs with Incorrectness L...
Over-approximating (OX) program logics, such as separation logic (SL), are used for verifying proper...
We present the design of Parfait, a static layered program analysis framework for bug checking, desi...
Incorrectness Logic (IL) has recently been advanced as a logical theory for compositionally proving ...
There has been a large body of work on local reasoning for proving the absence of bugs, but none for...
Incorrectness separation logic (ISL) was recently introduced as a theory of under-Approximate reason...
Variants of Kleene algebra have been used to provide foundations of reasoning about programs, for in...
Separation logic's compositionality and local reasoning properties have led to significant advances ...
Software inevitably contains mistakes and operates incorrectly in at least some situations. As a res...
Analyzing the executions of a buggy program is essentially a data mining process: Tracing the data g...
Abstract—Bounded Model Checking (BMC) for software is a precise bug-finding technique that builds up...
Although software is pervasive, almost all programs suffer from bugs and errors. To detect software ...
Several static analysis tools, such as Splint or FindBugs, have been proposed to the software develo...
Static program analysis is a technique to analyse code without executing it, and can be used to find...
Over-approximating (OX) program logics, such as separation logic (SL), are used for verifying proper...
This is the artifact for the OOPSLA'22 paper “Finding Real Bugs in Big Programs with Incorrectness L...
Over-approximating (OX) program logics, such as separation logic (SL), are used for verifying proper...
We present the design of Parfait, a static layered program analysis framework for bug checking, desi...
Incorrectness Logic (IL) has recently been advanced as a logical theory for compositionally proving ...
There has been a large body of work on local reasoning for proving the absence of bugs, but none for...
Incorrectness separation logic (ISL) was recently introduced as a theory of under-Approximate reason...
Variants of Kleene algebra have been used to provide foundations of reasoning about programs, for in...
Separation logic's compositionality and local reasoning properties have led to significant advances ...
Software inevitably contains mistakes and operates incorrectly in at least some situations. As a res...
Analyzing the executions of a buggy program is essentially a data mining process: Tracing the data g...
Abstract—Bounded Model Checking (BMC) for software is a precise bug-finding technique that builds up...
Although software is pervasive, almost all programs suffer from bugs and errors. To detect software ...
Several static analysis tools, such as Splint or FindBugs, have been proposed to the software develo...
Static program analysis is a technique to analyse code without executing it, and can be used to find...
Over-approximating (OX) program logics, such as separation logic (SL), are used for verifying proper...
This is the artifact for the OOPSLA'22 paper “Finding Real Bugs in Big Programs with Incorrectness L...
Over-approximating (OX) program logics, such as separation logic (SL), are used for verifying proper...
We present the design of Parfait, a static layered program analysis framework for bug checking, desi...