Clog: A Declarative Language for C Static Code Checkers

Alexandru Dura; Christoph Reichenbach

doi:10.1145/3640537.3641579

Clog: A Declarative Language for C Static Code Checkers

Research output: Chapter in Book/Report/Conference proceeding › Paper in conference proceeding › peer-review

Abstract

We present Clog, a declarative language for describing static code checkers for C. Unlike other extensible state-of-the-art checker frameworks, Clog enables powerful interprocedural checkers without exposing the underlying program representation: Clog checkers consist of Datalog-style recursive rules that access the program under analysis via syntactic pattern matching and control flow edges only. We have implemented Clog on top of Clang, using a custom Datalog evaluation strategy that piggy-backs on Clang’s AST matching facilities while working around Clang’s limitations to achieve our design goal of representation independence. Our experiments demonstrate that Clog can concisely express a wide variety of checkers for different security vulnerabilities, with performance that is similar to Clang’s own analyses and highly competitive on real-world programs.

Original language	English
Title of host publication	CC 2024 - Proceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction
Editors	Gabriel Rodriguez, P. Sadayappan, Aravind Sukumaran-Rajam
Publisher	Association for Computing Machinery (ACM)
Pages	186-197
Number of pages	12
ISBN (Electronic)	9798400705076
DOIs	https://doi.org/10.1145/3640537.3641579
Publication status	Published - 2024 Feb 17
Event	33rd ACM SIGPLAN International Conference on Compiler Construction, CC 2024 - Edinburgh, United Kingdom Duration: 2024 Mar 2 → 2024 Mar 3

Conference

Conference	33rd ACM SIGPLAN International Conference on Compiler Construction, CC 2024
Country/Territory	United Kingdom
City	Edinburgh
Period	2024/03/02 → 2024/03/03

Subject classification (UKÄ)

Software Engineering

Free keywords

C
Datalog
Static Analysis Frameworks
Syntactic Patterns

Access to Document

10.1145/3640537.3641579Licence: CC BY-SA

1 Finished
1 Active

Performance bug detection through combined static and dynamic program analysis
Dura, A. (Researcher) & Reichenbach, C. (Researcher)
2018/10/15 → …
Project: Dissertation
WASP startup package Christoph Reichenbach
Reichenbach, C. (Researcher)
2017/10/16 → 2021/10/15
Project: Research

Cite this

@inproceedings{99e3fdd28a1049109e63e1bf0eb5fcb7,

title = "Clog: A Declarative Language for C Static Code Checkers",

abstract = "We present Clog, a declarative language for describing static code checkers for C. Unlike other extensible state-of-the-art checker frameworks, Clog enables powerful interprocedural checkers without exposing the underlying program representation: Clog checkers consist of Datalog-style recursive rules that access the program under analysis via syntactic pattern matching and control flow edges only. We have implemented Clog on top of Clang, using a custom Datalog evaluation strategy that piggy-backs on Clang{\textquoteright}s AST matching facilities while working around Clang{\textquoteright}s limitations to achieve our design goal of representation independence. Our experiments demonstrate that Clog can concisely express a wide variety of checkers for different security vulnerabilities, with performance that is similar to Clang{\textquoteright}s own analyses and highly competitive on real-world programs.",

keywords = "C, Datalog, Static Analysis Frameworks, Syntactic Patterns",

author = "Alexandru Dura and Christoph Reichenbach",

note = "Publisher Copyright: {\textcopyright} 2024 Copyright held by the owner/author(s).; 33rd ACM SIGPLAN International Conference on Compiler Construction, CC 2024 ; Conference date: 02-03-2024 Through 03-03-2024",

year = "2024",

month = feb,

day = "17",

doi = "10.1145/3640537.3641579",

language = "English",

pages = "186--197",

editor = "Gabriel Rodriguez and P. Sadayappan and Aravind Sukumaran-Rajam",

booktitle = "CC 2024 - Proceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

}

Dura, A & Reichenbach, C 2024, Clog: A Declarative Language for C Static Code Checkers. in G Rodriguez, P Sadayappan & A Sukumaran-Rajam (eds), CC 2024 - Proceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction. Association for Computing Machinery (ACM), pp. 186-197, 33rd ACM SIGPLAN International Conference on Compiler Construction, CC 2024, Edinburgh, United Kingdom, 2024/03/02. https://doi.org/10.1145/3640537.3641579

Clog: A Declarative Language for C Static Code Checkers. / Dura, Alexandru ; Reichenbach, Christoph.
CC 2024 - Proceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction. ed. / Gabriel Rodriguez; P. Sadayappan; Aravind Sukumaran-Rajam. Association for Computing Machinery (ACM), 2024. p. 186-197.

Research output: Chapter in Book/Report/Conference proceeding › Paper in conference proceeding › peer-review

TY - GEN

T1 - Clog

T2 - 33rd ACM SIGPLAN International Conference on Compiler Construction, CC 2024

AU - Dura, Alexandru

AU - Reichenbach, Christoph

PY - 2024/2/17

Y1 - 2024/2/17

N2 - We present Clog, a declarative language for describing static code checkers for C. Unlike other extensible state-of-the-art checker frameworks, Clog enables powerful interprocedural checkers without exposing the underlying program representation: Clog checkers consist of Datalog-style recursive rules that access the program under analysis via syntactic pattern matching and control flow edges only. We have implemented Clog on top of Clang, using a custom Datalog evaluation strategy that piggy-backs on Clang’s AST matching facilities while working around Clang’s limitations to achieve our design goal of representation independence. Our experiments demonstrate that Clog can concisely express a wide variety of checkers for different security vulnerabilities, with performance that is similar to Clang’s own analyses and highly competitive on real-world programs.

AB - We present Clog, a declarative language for describing static code checkers for C. Unlike other extensible state-of-the-art checker frameworks, Clog enables powerful interprocedural checkers without exposing the underlying program representation: Clog checkers consist of Datalog-style recursive rules that access the program under analysis via syntactic pattern matching and control flow edges only. We have implemented Clog on top of Clang, using a custom Datalog evaluation strategy that piggy-backs on Clang’s AST matching facilities while working around Clang’s limitations to achieve our design goal of representation independence. Our experiments demonstrate that Clog can concisely express a wide variety of checkers for different security vulnerabilities, with performance that is similar to Clang’s own analyses and highly competitive on real-world programs.

KW - C

KW - Datalog

KW - Static Analysis Frameworks

KW - Syntactic Patterns

U2 - 10.1145/3640537.3641579

DO - 10.1145/3640537.3641579

M3 - Paper in conference proceeding

AN - SCOPUS:85187234961

SP - 186

EP - 197

BT - CC 2024 - Proceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction

A2 - Rodriguez, Gabriel

A2 - Sadayappan, P.

A2 - Sukumaran-Rajam, Aravind

PB - Association for Computing Machinery (ACM)

Y2 - 2 March 2024 through 3 March 2024

ER -

Clog: A Declarative Language for C Static Code Checkers

Abstract

Conference

Subject classification (UKÄ)

Free keywords

Access to Document

Fingerprint

Projects

Performance bug detection through combined static and dynamic program analysis

WASP startup package Christoph Reichenbach

Cite this