Unleashing the Power of Type-Based Call Graph Construction by Using Regional Pointer Information
Yuandao Cai
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
This talk, presented by Yuandao Cai from The Hong Kong University of Science and Technology on behalf of the authors, introduces a novel approach to call graph construction, a fundamental task in program analysis and verification. The research tackles the long-standing challenge of precisely and efficiently resolving indirect function calls, particularly prevalent in C programs. While call graphs are critical for understanding program behavior and enabling various security and reliability analyses, existing methods struggle to balance precision with scalability when dealing with the complexities of C's function pointers.
AI review
This talk presents a genuinely novel and impactful approach to precise call graph construction for C programs. The hybrid analysis, which intelligently combines lightweight pointer analysis with a refined type analysis, delivers significant precision gains on real-world codebases like the Linux kernel with minimal performance overhead, directly enhancing the efficacy of downstream security tools.