Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

PhASAR: An Inter-procedural Static Analysis Framework for C/C++

 
: Schubert, P.D.; Hermann, B.; Bodden, E.

:
Volltext ()

Vojnar, T.:
Tools and Algorithms for the Construction and Analysis of Systems. 25th International Conference, TACAS 2019. Proceedings. Pt.II : Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019, Prague, Czech Republic, April 6-11, 2019
Cham: Springer Nature, 2019 (Lecture Notes in Computer Science 11428)
ISBN: 978-3-030-17464-4 (Print)
ISBN: 978-3-030-17465-1 (Online)
S.393-410
International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS) <25, 2019, Prague>
European Joint Conference on Theory and Practice of Software (ETAPS) <22, 2019, Prague>
TOOLympics <2019, Prague>
Englisch
Konferenzbeitrag, Elektronische Publikation
Fraunhofer IEM ()

Abstract
Static program analysis is used to automatically determine program properties, or to detect bugs or security vulnerabilities in programs. It can be used as a stand-alone tool or to aid compiler optimization as an intermediary step. Developing precise, inter-procedural static analyses, however, is a challenging task, due to the algorithmic complexity, implementation effort, and the threat of state explosion which leads to unsatisfactory performance. Software written in C and C++ is notoriously hard to analyze because of the deliberately unsafe type system, unrestricted use of pointers, and (for C++) virtual dispatch. In this work, we describe the design and implementation of the LLVM-based static analysis framework PhASAR for C/C++ code. PhASAR allows data-flow problems to be solved in a fully automated manner. It provides class hierarchy, call-graph, points-to, and data-flow information, hence requiring analysis developers only to specify a definition of the data-flow problem. PhASAR thus hides the complexity of static analysis behind a high-level API, making static program analysis more accessible and easy to use. PhASAR is available as an open-source project. We evaluate PhASAR’s scalability during whole-program analysis. Analyzing 12 real-world programs using a taint analysis written in PhASAR, we found PhASAR’s abstractions and their implementations to provide a whole-program analysis that scales well to real-world programs. Furthermore, we peek into the details of analysis runs, discuss our experience in developing static analyses for C/C++, and present possible future improvements. Data or code related to this paper is available at.

: http://publica.fraunhofer.de/dokumente/N-629087.html