Abstract
Memory safety issues in C are the origin of various vulnerabilities that can compromise a program’s correctness or safety from attacks. We propose an approach to tackle memory safety by replicating Rust’s Mid-level Intermediate Representation (MIR) Borrow Checker. Our solution uses static analysis and successive source-to-source code transformations to be composed upstream of the compiler, ensuring maximal compatibility with existing build systems. This allows us to apply the memory safety guarantees of the rustc compiler to C code with fewer changes than a rewrite in Rust. In this work, we present a comprehensive study of Rust’s efforts towards ensuring memory safety, and describe the theoretical basis for a C borrow checker, alongside a proof-of-concept that was developed to demonstrate its potential. We have evaluated the prototype on the CHStone and bzip2 benchmarks. This prototype correctly identified violations of the ownership and aliasing rules, and exposed incompatibilities between such rules and common C patterns, which can be addressed in future work.

Abstract
Code comprehension is often supported by source code analysis tools that provide more abstract views over software systems, such as those detecting design patterns. These tools encompass analysis of source code and ensuing extraction of relevant information. However, the analysis of the source code is often specific to the target programming language. We propose DP-LARA, a multilanguage pattern detection tool that uses the multilanguage capability of the LARA framework to support finding pattern instances in a code base. LARA provides a virtual AST, which is common to multiple OOP programming languages, and DP-LARA then performs code analysis of detecting pattern instances on this abstract representation. We evaluate the detection performance and consistency of DP-LARA with a few software projects. Results show that a multilanguage approach does not compromise detection performance, and DP-LARA is consistent across the languages we tested it for (i.e., Java and C/C++). Moreover, by providing a virtual AST as the abstract representation, we believe to have decreased the effort of extending the tool to new programming languages and maintaining existing ones.

Abstract
Mutation testing maybe used to guide test case generation and as a technique to assess the quality of test suites. Despite being used frequently, mutation testing is not so commonly applied in the mobile world. One critical challenge in mutation testing is dealing with its computational cost. Generating mutants, running test cases over each mutant, and analyzing the results may require significant time and resources. This research aims to contribute to reducing Android mutation testing costs. It implements mutation testing operators (traditional and Android-specific) according to mutant schemata (implementing multiple mutants into a single code file). It also describes an Android mutation testing framework developed to execute test cases and determine mutation scores. Additional mutation operators can be implemented in JavaScript and easily integrated into the framework. The overall approach is validated through case studies showing that mutant schemata have advantages over the traditional mutation strategy (one file per mutant). The results show mutant schemata overcome traditional mutation in all evaluated aspects with no additional cost: it takes 8.50% less time for mutant generation, requires 99.78% less disk space, and runs, on average, 6.45% faster than traditional mutation. Moreover, considering sustainability metrics, mutant schemata have 8,18% less carbon footprint than traditional strategy.