Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

PhASAR: An Inter-procedural Static Analysis Framework for C/C++

: Schubert, P.D.; Hermann, B.; Bodden, E.

Volltext ()

Vojnar, T.:
Tools and Algorithms for the Construction and Analysis of Systems. 25th International Conference, TACAS 2019. Proceedings. Pt.II : Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019, Prague, Czech Republic, April 6-11, 2019
Cham: Springer Nature, 2019 (Lecture Notes in Computer Science 11428)
ISBN: 978-3-030-17464-4 (Print)
ISBN: 978-3-030-17465-1 (Online)
International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS) <25, 2019, Prague>
European Joint Conference on Theory and Practice of Software (ETAPS) <22, 2019, Prague>
TOOLympics <2019, Prague>
Konferenzbeitrag, Elektronische Publikation
Fraunhofer IEM ()

Static program analysis is used to automatically determine program properties, or to detect bugs or security vulnerabilities in programs. It can be used as a stand-alone tool or to aid compiler optimization as an intermediary step. Developing precise, inter-procedural static analyses, however, is a challenging task, due to the algorithmic complexity, implementation effort, and the threat of state explosion which leads to unsatisfactory performance. Software written in C and C++ is notoriously hard to analyze because of the deliberately unsafe type system, unrestricted use of pointers, and (for C++) virtual dispatch. In this work, we describe the design and implementation of the LLVM-based static analysis framework PhASAR for C/C++ code. PhASAR allows data-flow problems to be solved in a fully automated manner. It provides class hierarchy, call-graph, points-to, and data-flow information, hence requiring analysis developers only to specify a definition of the data-flow problem. PhASAR thus hides the complexity of static analysis behind a high-level API, making static program analysis more accessible and easy to use. PhASAR is available as an open-source project. We evaluate PhASAR’s scalability during whole-program analysis. Analyzing 12 real-world programs using a taint analysis written in PhASAR, we found PhASAR’s abstractions and their implementations to provide a whole-program analysis that scales well to real-world programs. Furthermore, we peek into the details of analysis runs, discuss our experience in developing static analyses for C/C++, and present possible future improvements. Data or code related to this paper is available at.