Papers are classified into the following topical areas. Pick 3 papers
to read and write a one or two page review for each paper. Your review
should both reflect a high-level understanding and contain a critical
analysis of the paper, in your own words; you should not copy the
original writing. In particular, it should contain the elements
outlined in this essay on how to read a
research paper.
Later on you will present one of the 3 papers that
you have read to the class. It should be the one that you feel most
comfortable with. Therefore, you should study at least one paper in
depth. Although you are not required to select all 3 papers from the
same area, doing so would probably help focus your attention in a
particular area and, consequently, lead you naturally to a project.
annotation- or spec-based analysis
1.
Checking System Rules Using System-Specific, Programmer-Written
Compiler Extensions (Best Paper) (PDF) , Dawson Engler, Benjamin Chelf,
Andy Chou, and Seth Hallem. Appeared in: Proceedings of the 4th
Symposium on Operating System Design and Implementation. Paper can be accessed in the
middle of this page.
It discusses a set of small extensions that found roughly 500 bugs in
Linux, OpenBSD, and the Xok exokernel. The extensions were usually less
than 100 lines.
1.1
Modular Checking for Buffer
Overflows in the Large. Brian Hackett, Manuvir Das, Daniel Wang,
Zhe Yang. ICSE 2006.
2.
Static Detection of Dynamic Memory Errors.
David Evans. SIGPLAN Conference on Programming Language Design and
Implementation (PLDI '96). Philadelphia, PA, May 1996. More information
about the tool LCLint described in the paper and its descendant,
SPLINT, can be found here.
intent inference
3.
Bugs as Deviant Behavior: A General Approach to Inferring Errors in
Systems Code (PDF) Dawson Engler, David Yu Chen, Seth Hallem, Andy
Chou, and Benjamin Chelf. Appeared in: Proceedings of the Eighteenth
ACM Symposium on Operating Systems Principles, 2001. Paper can be accessed here.
4.
Jungloid Mining: Helping to
Navigate the API Jungle. David Mandelin, Lin Xu, Rastislav
Bod´ık, Doug Kimelman. PLDI'05.
4.1
Using Structural Context to
Recommend Source Code Examples. Reid Holmes and Gail C. Murphy.
ICSE'05.
5.
PR-Miner: Automatically Extracting
Implicit Programming Rules and Detecting Violations in Large Software
Code. Zhenmin Li and Yuanyuan Zhou. FSE'05.
code clones (detection, removal, error detection)
6.
CP-Miner: A Tool for Finding
Copy-paste and Related Bugs in Operating System Code. Zhenmin Li,
Shan Lu, Suvda Myagmar and Yuanyuan Zhou. OSDI'04.
7.
Using Slicing to Identify
Duplication in Source Code. Raghavan Komondoor and Susan Horwitz.
2001.
8.
Clone Detection Using Abstract
Syntax Trees. Ira D. Baxter et al. ICSM 1998.
9.
An Empirical
Study of Code Clone Genealogies. Miryung Kim, Vibha Sazawal, David
Notkin, Gail Murphy. FSE'05.
buffer overrun
10.
ARCHER: Using Symbolic, Path-sensitive
Analysis to Detect Memory Access Errors. Yichen Xie, Andy Chou, and
Dawson Engler. FSE'03.
11.
Backwards-compatible array bounds
checking for C with very low overhead. Dinakar Dhurjati and Vikram
Adve. Proceeding of the 28th international conference on Software
engineering, 2006, Shanghai, China. Pages 162 - 171.
12.
Symbolic bounds analysis of
pointers, array indices, and accessed memory regions. Radu Regina
and Martin C. Rinard. ACM Transactions on Programming Languages and
Systems, Vol. 27, No.2, March 2005, pages 185-235.
program dependences and applications
13.
Aspect: detecting bugs with
abstract dependences. Daniel Jackson. ACM Transactions on Software
Engineering and Methodology (TOSEM), Volume 4, Issue 2, April 1995,
pages 109-145.
14.
A new model of program dependences
for reverse engineering. Daniel Jackson and Eugene J. Rollins.
Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software
engineering, New Orleans, Louisiana, United States. Pages 2 - 10, 1994.
15.
A Formal Model of Program
Dependences and Its Implications for Software Testing, Debugging, and
Maintenance. ANDY PODGURSKI AND LORI A. CLARKE. IEEE TRANSACTIONS
ON SOFTWARE ENGINEERING. VOL. 16. NO. 9, SEPTEMBER 1990.
pointer analysis
Bjarne Steensgaard. Points-to analysis in almost linear time. POPL'96.
L. Anderson. Program analysis and specialization for the C programming
language. PhD dissertation. Univeristy of Copenhagen. May 1994.
Donglin Liang et al. Evaluating the impact of context-sensitivity on
Anderson's algorithm for Java programs. PASTE'05.
applications of automated theorem proving
analysis of exceptions