PtrTracker: Pragmatic pointer analysis

Sebastian Biallas; Mads Chr Olesen; Franck Cassez; Ralf Huuck

doi:10.1109/SCAM.2013.6648186

PtrTracker: Pragmatic pointer analysis

Sebastian Biallas, Mads Chr Olesen, Franck Cassez, Ralf Huuck

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

6 Citations (Scopus)

Abstract

Static program analysis for bug detection in industrial C/C++ code has many challenges. One of them is to analyze pointer and pointer structures efficiently. While there has been much research into various aspects of pointer analysis either for compiler optimization or for verification tasks, both classical categories are not optimized for bug detection, where speed and precision are important, but soundness (no missed bugs) and completeness (no false positives) do not necessarily need to be guaranteed. In this work we present a new pointer analysis tool for C/C++ code. The tool introduces the notion of heap graphs that are inspired by shape analysis without the computational overhead, but also without the verification soundness guarantees. We explain the underlying ideas and that it lends itself to a fast, modular and incremental analysis, features that are essential for large code bases. To demonstrate the practicality of the solution we integrate the pointer analyzer into the C/C++ bug checking tool Goanna. We show that run-times of the new analyzer are close to compile times on large code bases and, most importantly, that the new solution is able to reduce false positives as well as to detect previously unknown pointer bugs in the Git source code.

Original language	English
Title of host publication	IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM 2013)
Place of Publication	Piscataway, NJ
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	69-73
Number of pages	5
ISBN (Electronic)	9781467357395
DOIs	https://doi.org/10.1109/SCAM.2013.6648186
Publication status	Published - 2013
Externally published	Yes
Event	2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation, SCAM 2013 - Eindhoven, Netherlands Duration: 22 Sept 2013 → 23 Sept 2013

Other

Other	2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation, SCAM 2013
Country/Territory	Netherlands
City	Eindhoven
Period	22/09/13 → 23/09/13

Access to Document

10.1109/SCAM.2013.6648186

Cite this

@inproceedings{7844225d95f04ae2a7f02a4dc09bc40c,

title = "PtrTracker: Pragmatic pointer analysis",

abstract = "Static program analysis for bug detection in industrial C/C++ code has many challenges. One of them is to analyze pointer and pointer structures efficiently. While there has been much research into various aspects of pointer analysis either for compiler optimization or for verification tasks, both classical categories are not optimized for bug detection, where speed and precision are important, but soundness (no missed bugs) and completeness (no false positives) do not necessarily need to be guaranteed. In this work we present a new pointer analysis tool for C/C++ code. The tool introduces the notion of heap graphs that are inspired by shape analysis without the computational overhead, but also without the verification soundness guarantees. We explain the underlying ideas and that it lends itself to a fast, modular and incremental analysis, features that are essential for large code bases. To demonstrate the practicality of the solution we integrate the pointer analyzer into the C/C++ bug checking tool Goanna. We show that run-times of the new analyzer are close to compile times on large code bases and, most importantly, that the new solution is able to reduce false positives as well as to detect previously unknown pointer bugs in the Git source code.",

author = "Sebastian Biallas and Olesen, {Mads Chr} and Franck Cassez and Ralf Huuck",

year = "2013",

doi = "10.1109/SCAM.2013.6648186",

language = "English",

pages = "69--73",

booktitle = "IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM 2013)",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

note = "2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation, SCAM 2013 ; Conference date: 22-09-2013 Through 23-09-2013",

}

Biallas, S, Olesen, MC, Cassez, F & Huuck, R 2013, PtrTracker: Pragmatic pointer analysis. in IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM 2013)., 6648186, Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ, pp. 69-73, 2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation, SCAM 2013, Eindhoven, Netherlands, 22/09/13. https://doi.org/10.1109/SCAM.2013.6648186

PtrTracker: Pragmatic pointer analysis. / Biallas, Sebastian; Olesen, Mads Chr; Cassez, Franck et al.
IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM 2013). Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE), 2013. p. 69-73 6648186.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - PtrTracker

T2 - 2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation, SCAM 2013

AU - Biallas, Sebastian

AU - Olesen, Mads Chr

AU - Cassez, Franck

AU - Huuck, Ralf

PY - 2013

Y1 - 2013

N2 - Static program analysis for bug detection in industrial C/C++ code has many challenges. One of them is to analyze pointer and pointer structures efficiently. While there has been much research into various aspects of pointer analysis either for compiler optimization or for verification tasks, both classical categories are not optimized for bug detection, where speed and precision are important, but soundness (no missed bugs) and completeness (no false positives) do not necessarily need to be guaranteed. In this work we present a new pointer analysis tool for C/C++ code. The tool introduces the notion of heap graphs that are inspired by shape analysis without the computational overhead, but also without the verification soundness guarantees. We explain the underlying ideas and that it lends itself to a fast, modular and incremental analysis, features that are essential for large code bases. To demonstrate the practicality of the solution we integrate the pointer analyzer into the C/C++ bug checking tool Goanna. We show that run-times of the new analyzer are close to compile times on large code bases and, most importantly, that the new solution is able to reduce false positives as well as to detect previously unknown pointer bugs in the Git source code.

AB - Static program analysis for bug detection in industrial C/C++ code has many challenges. One of them is to analyze pointer and pointer structures efficiently. While there has been much research into various aspects of pointer analysis either for compiler optimization or for verification tasks, both classical categories are not optimized for bug detection, where speed and precision are important, but soundness (no missed bugs) and completeness (no false positives) do not necessarily need to be guaranteed. In this work we present a new pointer analysis tool for C/C++ code. The tool introduces the notion of heap graphs that are inspired by shape analysis without the computational overhead, but also without the verification soundness guarantees. We explain the underlying ideas and that it lends itself to a fast, modular and incremental analysis, features that are essential for large code bases. To demonstrate the practicality of the solution we integrate the pointer analyzer into the C/C++ bug checking tool Goanna. We show that run-times of the new analyzer are close to compile times on large code bases and, most importantly, that the new solution is able to reduce false positives as well as to detect previously unknown pointer bugs in the Git source code.

UR - http://www.scopus.com/inward/record.url?scp=84891105595&partnerID=8YFLogxK

U2 - 10.1109/SCAM.2013.6648186

DO - 10.1109/SCAM.2013.6648186

M3 - Conference proceeding contribution

AN - SCOPUS:84891105595

SP - 69

EP - 73

BT - IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM 2013)

PB - Institute of Electrical and Electronics Engineers (IEEE)

CY - Piscataway, NJ

Y2 - 22 September 2013 through 23 September 2013

ER -

PtrTracker: Pragmatic pointer analysis

Abstract

Other

Access to Document

Other files and links

Cite this