• Publications
  • Influence
Refinement-based context-sensitive points-to analysis for Java
TLDR
This work has developed a refinement-based analysis that succeeds by simultaneously refining handling of method calls and heap accesses, allowing the analysis to precisely analyze important code while entirely skipping irrelevant code.
A micromodularity mechanism
TLDR
A simple mechanism for structuring specifications that allows the same relational operators used in the formula language to be used for dereferencing by modelling structures as atoms and interpreting fields of structures as relations is described.
TAJ: effective taint analysis of web applications
TLDR
This paper designed and implemented a static Taint Analysis for Java (TAJ) that meets the requirements of industry-level applications, and evaluates TAJ against production-level benchmarks, and compares it with alternative solutions.
Efficient and precise datarace detection for multithreaded object-oriented programs
TLDR
This work presents a novel approach to dynamic datarace detection for multithreaded object-oriented programs that results in very few false positives and runtime overhead in the 13% to 42% range, making it both efficient and precise.
Demand-driven points-to analysis for Java
TLDR
A regularization and refinement approach achieves nearly the precision of field-sensitive Andersen's analysis in time budgets as small as 2ms per query, which can yield speedups of up to 16x over computing an exhaustive Andersen'sAnalysis for some clients, with little to no precision loss.
Effective race detection for event-driven programs
TLDR
This paper introduces race coverage, a systematic method for exposing ad hoc synchronization and other (potentially harmful) races to the user, significantly reducing false positives and presents an efficient connectivity algorithm for computing race coverage.
Thin slicing
TLDR
This work argues that unwieldy slices arise primarily from an overly broad definition of relevance, rather than from analysis imprecision, and proposes thin slicing, an improved method of finding relevant statements.
Race detection for web applications
TLDR
This work implemented WebRacer, the first dynamic race detector for web applications, implemented atop the production-quality WebKit engine, enabling testing of full-featured web sites and discovered many harmful races.
Snugglebug: a powerful approach to weakest preconditions
TLDR
The results show that the algorithmic techniques were critical for successfully analyzing large Java applications and how integrating an inexpensive, custom logic simplifier with weakest precondition computation dramatically improves performance.
Correlation Tracking for Points-To Analysis of JavaScript
TLDR
In an experimental evaluation, it is found that correlation tracking often dramatically improved analysis scalability and precision on popular JavaScript frameworks, though in some cases scalability challenges remain.
...
1
2
3
4
5
...