Results 1  10
of
97
A stateoftheart survey on software merging
 IEEE Transactions on Software Engineering
, 2002
"... AbstractÐSoftware merging is an essential aspect of the maintenance and evolution of largescale software systems. This paper provides a comprehensive survey and analysis of available merge approaches. Over the years, a wide variety of different merge techniques has been proposed. While initial tech ..."
Abstract

Cited by 185 (9 self)
 Add to MetaCart
(Show Context)
AbstractÐSoftware merging is an essential aspect of the maintenance and evolution of largescale software systems. This paper provides a comprehensive survey and analysis of available merge approaches. Over the years, a wide variety of different merge techniques has been proposed. While initial techniques were purely based on textual merging, more powerful approaches also take the syntax and semantics of the software into account. There is a tendency towards operationbased merging because of its increased expressiveness. Another tendency is to try to define merge techniques that are as general, accurate, scalable, and customizable as possible, so that they can be used in any phase in the software lifecycle and detect as many conflicts as possible. After comparing the possible merge techniques, we suggest a number of important open problems and future research directions. Index TermsÐSoftware merging, largescale software development, merge conflicts, conflict detection, conflict resolution. æ 1
Program Integration for Languages with Procedure Calls
 ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
, 1995
"... ..."
The pitfalls of verifying floatingpoint computations
 ACM Transactions on programming languages and systems
"... Current critical systems often use a lot of floatingpoint computations, and thus the testing or static analysis of programs containing floatingpoint operators has become a priority. However, correctly defining the semantics of common implementations of floatingpoint is tricky, because semantics ma ..."
Abstract

Cited by 56 (3 self)
 Add to MetaCart
Current critical systems often use a lot of floatingpoint computations, and thus the testing or static analysis of programs containing floatingpoint operators has become a priority. However, correctly defining the semantics of common implementations of floatingpoint is tricky, because semantics may change according to many factors beyond sourcecode level, such as choices made by compilers. We here give concrete examples of problems that can appear and solutions for implementing in analysis software. 1
Automatic modular abstractions for template numerical constraints
 Logical Methods in Computer Science
, 2010
"... We propose a method for automatically generating abstract transformers for static analysis by abstract interpretation. The method focuses on linear constraints on programs operating on rational, real or floatingpoint variables and containing linear assignments and tests. Given the specification of a ..."
Abstract

Cited by 16 (6 self)
 Add to MetaCart
We propose a method for automatically generating abstract transformers for static analysis by abstract interpretation. The method focuses on linear constraints on programs operating on rational, real or floatingpoint variables and containing linear assignments and tests. Given the specification of an abstract domain, and a program block, our method transformer. It is thus a form of program transformation. In addition to loopfree code, the same method also applies for obtaining least fixed points as functions of the precondition, which permits the analysis of loops and recursive functions. The motivation of our work is dataflow synchronous programming languages, used for building controlcommand embedded systems, but it also applies to imperative and functional programming. Our algorithms are based on quantifier elimination and symbolic manipulation techniques over linear arithmetic formulas. We also give less general results for nonlinear constraints and nonlinear program constructs. 1
Existential heap abstraction entailment is undecidable
 In 10th Annual International Static Analysis Symposium (SAS 2003
, 2003
"... Abstract. In this paper we study constraints for specifying properties of data structures consisting of linked objects allocated in the heap. Motivated by heap summary graphs in role analysis and shape analysis we introduce the notion of regular graph constraints. A regular graph constraint is a gra ..."
Abstract

Cited by 15 (7 self)
 Add to MetaCart
(Show Context)
Abstract. In this paper we study constraints for specifying properties of data structures consisting of linked objects allocated in the heap. Motivated by heap summary graphs in role analysis and shape analysis we introduce the notion of regular graph constraints. A regular graph constraint is a graph representing the heap summary; a heap satisfies a constraint if and only if the heap can be homomorphically mapped to the summary. Regular graph constraints form a very simple and natural fragment of the existential monadic secondorder logic over graphs. One of the key problems in a compositional static analysis is proving that procedure preconditions are satisfied at every call site. For role analysis, precondition checking requires determining the validity of implication, i.e., entailment of regular graph constraints. The central result of this paper is the undecidability of regular graph constraint entailment. The undecidability of the entailment problem is surprising because of the simplicity of regular graph constraints: in particular, the satisfiability of regular graph constraints is decidable. Our undecidability result implies that there is no complete algorithm for statically checking procedure preconditions or postconditions, simplifying static analysis results, or checking that given analysis results are correct. While incomplete conservative algorithms for regular graph constraint entailment checking are possible, we argue that heap specification languages should avoid secondorder existential quantification in favor of explicitly specifying a criterion for summarizing objects.
SMask: Preventing Injection Attacks in Web Applications by Approximating Automatic Data/Code Separation
 In Proceedings of the ACM Symposium on Applied Computing (SAC
, 2007
"... Web applications employ a heterogeneous set of programming languages: the language that was used to write the application’s logic and several supporting languages. Supporting languages are e.g., serverside languages for data management like SQL and clientside interface languages such as HTML and ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
(Show Context)
Web applications employ a heterogeneous set of programming languages: the language that was used to write the application’s logic and several supporting languages. Supporting languages are e.g., serverside languages for data management like SQL and clientside interface languages such as HTML and JavaScript. These languages are handled as string values by the application’s logic. Therefore, no syntactic means exists to differentiate between executable code and generic data. This circumstance is the root of most code injection vulnerabilities: Attackers succeed in providing malicious data that is executed by the application as code. In this paper we introduce SMask, a novel approach towards approximating data/code separation. By using string masking to persistently mark legitimate code in string values, SMask is able to identify code that was injected during the processing of an
Termination Analysis for Offline Partial Evaluation of a Higher Order Functional Language
, 1996
"... . One of the remaining problems on the path towards fully automatic partial evaluation is ensuring termination of the specialization phase. In [10] we gave a termination analysis which could be applied to partial evaluation of firstorder strict languages, using a new result about inductive argument ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
. One of the remaining problems on the path towards fully automatic partial evaluation is ensuring termination of the specialization phase. In [10] we gave a termination analysis which could be applied to partial evaluation of firstorder strict languages, using a new result about inductive arguments (loosely: if whenever something grows, something gets smaller then the program will only enter finitely many different states). In this paper we extend this work to cover higherorder functional languages. We take an operational approach to the problem and consider the closure representation of higherorder functions to perform a combined data and controldependency analysis. The result of this analysis is then used, as in the firstorder case, to decide which arguments need to be dynamic to guarantee termination of partial evaluation of the analysed program. The new methods have been tested on a variety of programs, and will be incorporated in a future release of the Similix partial eval...
GAHardness Revisited
 Genetic and Evolutionary Computation  GECCO 2003, Genetic and Evolutionary Computation Conference
, 2003
"... Informally GAhardness asks what makes a problem hard or easy for Genetic Algorithms (GAs) to optimize. Characterizing GAhardness has received significant attention since the invention of GAs, yet it remains quite open. In this paper, we first present an abstract, general framework of problem (insta ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
(Show Context)
Informally GAhardness asks what makes a problem hard or easy for Genetic Algorithms (GAs) to optimize. Characterizing GAhardness has received significant attention since the invention of GAs, yet it remains quite open. In this paper, we first present an abstract, general framework of problem (instance) hardness and algorithm performance for search based on Kolmogorov complexity. We also show, by Rice's theorem, the nonexistence of a predictive GAhardness measure based only on the description of the problem instance and the configurations of the GA. We then examine several major misconceptions in previous GAhardness research in the context of this theory. Finally, we propose some promising directions for future research.