This article presents a causality analysis for a synchronous stream language with higher-order fu... more This article presents a causality analysis for a synchronous stream language with higher-order functions. This analysis takes the shape of a type system with rows. Rows were originally designed to add extensible records to the ML type system (Didier Rémy, Mitchell Wand). We also restate briefly the coiterative semantics for synchronous streams (Paul Caspi, Marc Pouzet), and prove the correctness of our analysis with respect to this semantics.
Proceedings of the 2008 ACM SIGPLAN workshop on ML - ML '08, 2008
This article describes the implementations of weak pointers, weak hashtables and hashconsing in v... more This article describes the implementations of weak pointers, weak hashtables and hashconsing in version 3.10.2 of the Objective Caml system, with focus on several performance pitfalls and their solutions.
2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation, 2009
We demonstrate the value analysis of Frama-C. Frama-C is an Open Source static analysis framework... more We demonstrate the value analysis of Frama-C. Frama-C is an Open Source static analysis framework for the C language. In Frama-C, each static analysis technique, approach or idea can be implemented as a new plug-in, with the opportunity to obtain information from other plug-ins, and to leave the verification of difficult properties to yet other plug-ins. The new analysis may in turn provide access to the data it has computed.
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation - PLDI '12, 2012
To report a compiler bug, one must often find a small test case that triggers the bug. The existi... more To report a compiler bug, one must often find a small test case that triggers the bug. The existing approach to automated test-case reduction, delta debugging, works by removing substrings of the original input; the result is a concatenation of substrings that delta cannot remove. We have found this approach less than ideal for reducing C programs because it typically yields test cases that are too large or even invalid (relying on undefined behavior). To obtain small and valid test cases consistently, we designed and implemented three new, domain-specific test-case reducers. The best of these is based on a novel framework in which a generic fixpoint computation invokes modular transformations that perform reduction operations. This reducer produces outputs that are, on average, more than 25 times smaller than those produced by our other reducers or by the existing reducer that is most commonly used by compiler developers. We conclude that effective program reduction requires more than straightforward delta debugging.
International Journal on Software Tools for Technology Transfer, 2011
We present functional dependencies, a convenient, formal, but high-level, specification format fo... more We present functional dependencies, a convenient, formal, but high-level, specification format for a piece of procedural software (function). Functional dependencies specify the set of memory locations, which may be modified by the function, and for each modified location, the set of memory locations that influence its final value. Verifying that a function respects pre-defined functional dependencies can be tricky: the
This experience report describes the choice of OCaml as the implementation language for Frama-C, ... more This experience report describes the choice of OCaml as the implementation language for Frama-C, a framework for the static analysis of C programs. OCaml became the implementation language for Frama-C because it is expressive. Most of the reasons listed in the remaining of this article are secondary reasons, features which are not specific to OCaml (modularity, availability of a C
This article presents a causality analysis for a synchronous stream language with higher-order fu... more This article presents a causality analysis for a synchronous stream language with higher-order functions. This analysis takes the shape of a type system with rows. Rows were originally designed to add extensible records to the ML type system (Didier Rémy, Mitchell Wand). We also restate briefly the coiterative semantics for synchronous streams (Paul Caspi, Marc Pouzet), and prove the correctness of our analysis with respect to this semantics.
Proceedings of the 2008 ACM SIGPLAN workshop on ML - ML '08, 2008
This article describes the implementations of weak pointers, weak hashtables and hashconsing in v... more This article describes the implementations of weak pointers, weak hashtables and hashconsing in version 3.10.2 of the Objective Caml system, with focus on several performance pitfalls and their solutions.
2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation, 2009
We demonstrate the value analysis of Frama-C. Frama-C is an Open Source static analysis framework... more We demonstrate the value analysis of Frama-C. Frama-C is an Open Source static analysis framework for the C language. In Frama-C, each static analysis technique, approach or idea can be implemented as a new plug-in, with the opportunity to obtain information from other plug-ins, and to leave the verification of difficult properties to yet other plug-ins. The new analysis may in turn provide access to the data it has computed.
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation - PLDI '12, 2012
To report a compiler bug, one must often find a small test case that triggers the bug. The existi... more To report a compiler bug, one must often find a small test case that triggers the bug. The existing approach to automated test-case reduction, delta debugging, works by removing substrings of the original input; the result is a concatenation of substrings that delta cannot remove. We have found this approach less than ideal for reducing C programs because it typically yields test cases that are too large or even invalid (relying on undefined behavior). To obtain small and valid test cases consistently, we designed and implemented three new, domain-specific test-case reducers. The best of these is based on a novel framework in which a generic fixpoint computation invokes modular transformations that perform reduction operations. This reducer produces outputs that are, on average, more than 25 times smaller than those produced by our other reducers or by the existing reducer that is most commonly used by compiler developers. We conclude that effective program reduction requires more than straightforward delta debugging.
International Journal on Software Tools for Technology Transfer, 2011
We present functional dependencies, a convenient, formal, but high-level, specification format fo... more We present functional dependencies, a convenient, formal, but high-level, specification format for a piece of procedural software (function). Functional dependencies specify the set of memory locations, which may be modified by the function, and for each modified location, the set of memory locations that influence its final value. Verifying that a function respects pre-defined functional dependencies can be tricky: the
This experience report describes the choice of OCaml as the implementation language for Frama-C, ... more This experience report describes the choice of OCaml as the implementation language for Frama-C, a framework for the static analysis of C programs. OCaml became the implementation language for Frama-C because it is expressive. Most of the reasons listed in the remaining of this article are secondary reasons, features which are not specific to OCaml (modularity, availability of a C
Uploads
Papers by Pascal Cuoq