Fri 19 Jul 2019 13:30 - 14:00 at Reims - DS Session 3 Chair(s): Julia Belyakova

Static analysis is used to automatically detect bugs and security breaches, and aids compiler optimization. Developing precise, inter-procedural static analyses, however, is a challenging task, due to the algorithmic complexity, implementation effort, and the threat of state explosion which leads to unsatisfactory performance. Software written in C and C++ is notoriously hard to analyze because of the deliberately unsafe type system, unrestricted use of pointers, and (for C++) virtual dispatch. However, languages from the C family are still the primarily choice for implementing performance, safety, and security critical systems making them a desirable target to analyze statically. Inter-procedural analysis, i.e. whole-program analysis (WPA), can yield high precision, but often does not scale well and does not match modern software-development workflows, making it impractical to use for large, real-world applications. This paper thus presents some novel design ideas and approaches that aim at speeding up whole-program analysis and allowing for more flexible usages of static analysis in real-world software development. We describe the design and implementation of the LLVM-based static analysis framework PhASAR for C/C++ code that serves as the basis for our work and shall be used to evaluate our approaches. PhASAR allows data-flow problems to be solved in a fully automated manner. It provides class hierarchy, call-graph, points-to, and data-flow information, hence requiring analysis developers only to specify a definition of the data-flow problem. PhASAR’s scalability has been evaluated for traditional whole-program analysis. We found PhASAR’s abstractions and their implementations to provide a whole-program analysis that scales well to many real-world programs. Yet, it suffers from insufficient flexibility and has not reached the scalability that is required for some applications with hard time constraints such as continuous integration or IDE integration. In this work, we present a research plan that allows to increase the number of application scenarios to which static analysis can be applied.

Fri 19 Jul

ecoop-2019-docsymp
13:30 - 15:10: Doctoral Symposium - DS Session 3 at Reims
Chair(s): Julia BelyakovaNortheastern University, USA
ecoop-2019-docsymp13:30 - 14:00
Doctoral symposium paper
Philipp Dominik SchubertHeinz Nixdorf Institut, Paderborn University
ecoop-2019-docsymp14:00 - 14:30
Doctoral symposium paper
Robbert Gurdeep SinghUniversiteit Gent, Belgium
ecoop-2019-docsymp14:30 - 15:00
Doctoral symposium paper
Alen ArslanagićUniversity of Groningen