@article{30511,
  abstract     = {{<jats:title>Abstract</jats:title><jats:p>Many critical codebases are written in C, and most of them use preprocessor directives to encode variability, effectively encoding software product lines. These preprocessor directives, however, challenge any static code analysis. SPLlift, a previously presented approach for analyzing software product lines, is limited to Java programs that use a rather simple feature encoding and to analysis problems with a finite and ideally small domain. Other approaches that allow the analysis of real-world C software product lines use special-purpose analyses, preventing the reuse of existing analysis infrastructures and ignoring the progress made by the static analysis community. This work presents <jats:sc>VarAlyzer</jats:sc>, a novel static analysis approach for software product lines. <jats:sc>VarAlyzer</jats:sc> first transforms preprocessor constructs to plain C while preserving their variability and semantics. It then solves any given distributive analysis problem on transformed product lines in a variability-aware manner. <jats:sc>VarAlyzer</jats:sc> ’s analysis results are annotated with feature constraints that encode in which configurations each result holds. Our experiments with 95 compilation units of OpenSSL show that applying <jats:sc>VarAlyzer</jats:sc> enables one to conduct inter-procedural, flow-, field- and context-sensitive data-flow analyses on entire product lines for the first time, outperforming the product-based approach for highly-configurable systems.</jats:p>}},
  author       = {{Schubert, Philipp and Gazzillo, Paul and Patterson, Zach and Braha, Julian and Schiebel, Fabian Benedikt and Hermann, Ben and Wei, Shiyi and Bodden, Eric}},
  issn         = {{0928-8910}},
  journal      = {{Automated Software Engineering}},
  keywords     = {{inter-procedural static analysis, software product lines, preprocessor, LLVM, C/C++}},
  number       = {{1}},
  publisher    = {{Springer Science and Business Media LLC}},
  title        = {{{Static data-flow analysis for software product lines in C}}},
  doi          = {{10.1007/s10515-022-00333-1}},
  volume       = {{29}},
  year         = {{2022}},
}

@inproceedings{21598,
  abstract     = {{Static analysis is used to automatically detect bugs and security breaches, and aids compileroptimization. Whole-program analysis (WPA) can yield high precision, however causes long analysistimes and thus does not match common software-development workflows, making it often impracticalto use for large, real-world applications.This paper thus presents the design and implementation ofModAlyzer, a novel static-analysisapproach that aims at accelerating whole-program analysis by making the analysis modular andcompositional. It shows how to computelossless, persisted summaries for callgraph, points-to anddata-flow information, and it reports under which circumstances this function-level compositionalanalysis outperforms WPA.We implementedModAlyzeras an extension to LLVM and PhASAR, and applied it to 12 real-world C and C++ applications. At analysis time,ModAlyzermodularly and losslessly summarizesthe analysis effect of the library code those applications share, hence avoiding its repeated re-analysis.The experimental results show that the reuse of these summaries can save, on average, 72% ofanalysis time over WPA. Moreover, because it is lossless, the module-wise analysis fully retainsprecision and recall. Surprisingly, as our results show, it sometimes even yields precision superior toWPA. The initial summary generation, on average, takes about 3.67 times as long as WPA.}},
  author       = {{Schubert, Philipp and Hermann, Ben and Bodden, Eric}},
  booktitle    = {{European Conference on Object-Oriented Programming (ECOOP)}},
  title        = {{{Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis}}},
  year         = {{2021}},
}

@inproceedings{26406,
  author       = {{Schubert, Philipp and Hermann, Ben and Bodden, Eric and Leer, Richard}},
  booktitle    = {{SCAM '21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track)}},
  title        = {{{Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++}}},
  year         = {{2021}},
}

@inproceedings{26405,
  author       = {{Schubert, Philipp and Sattler, Florian and Schiebel, Fabian Benedikt and Hermann, Ben and Bodden, Eric}},
  booktitle    = {{2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}},
  title        = {{{Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++}}},
  year         = {{2021}},
}

@techreport{20712,
  author       = {{Schubert, Philipp and Bodden, Eric and Hermann, Ben}},
  title        = {{{Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries}}},
  year         = {{2020}},
}

@inproceedings{7626,
  author       = {{Schubert, Philipp and Hermann, Ben and Bodden, Eric}},
  booktitle    = {{Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019)}},
  location     = {{Prague, Czech Republic}},
  pages        = {{393--410}},
  title        = {{{PhASAR: An Inter-Procedural Static Analysis Framework for C/C++}}},
  doi          = {{10.1007/978-3-030-17465-1_22}},
  volume       = {{II}},
  year         = {{2019}},
}

@inproceedings{14898,
  author       = {{Schubert, Philipp and Leer, Richard and Hermann, Ben and Bodden, Eric}},
  booktitle    = {{Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019}},
  isbn         = {{9781450367202}},
  title        = {{{Know your analysis: how instrumentation aids understanding static analysis}}},
  doi          = {{10.1145/3315568.3329965}},
  year         = {{2019}},
}