Up Next

Chapter 1  Introduction

This version of the document refers to CCured 1.3.5 (based on CIL 1.3.5) and was last modified on 28th September, 2006

CCured is a source-to-source translator for C. It analyzes the C program to determine the smallest number of run-time checks that must be inserted in the program to prevent all memory safety violations. The resulting program is memory safe, meaning that it will stop rather than overrun a buffer or scribble over memory that it shouldn't touch. Many programs can be made memory-safe this way while losing only 10–60% run-time performance (the performance cost is smaller for cleaner programs, and can be improved further by holding CCured's hand on the parts of the program that it does not understand by itself). Using CCured we have found bugs that Purify misses with an order of magnitude smaller run-time cost.

Small programs can be passed through CCured automatically. For medium size and large programs you have to hold CCured's hand a bit but we tried to explain the process clearly in this manual. We have used CCured on programs such as sendmail, bind, openssl, Apache modules, Linux device drivers, and the SPEC95 benchmarks. Some of these programs are quite big (300Kloc) and it can take a few days for somebody to “port” the program to CCured.

The translator itself is written in Ocaml (a dialect of ML). There is also a Perl script, ccured, that operates as a drop-in replacement for 'gcc', so that software packages' existing Makefiles can be used with very minor changes. Finally, CCured provides a library of runtime functions (including the Boehm-Weiser conservative garbage collector).

CCured is implemented on top of the CIL framework. for analysis and transformation of C programs. This one you can use to write easily a program analysis module that works on ANSI C code as well as on code that uses the GNU C extensions.

If you are anxious to see CCured in action you can try out our online demo.

In this manual you can find a tutorial on getting started with CCured (Chapter 3), documentation for all of the features (actually some of the more researchy features are not yet fully documented) and step-by-step accounts on what it took to use CCured on several example programs (Chapter 6). We suggest that you read the chapters in order and go to the “Advanced CCured Features” only if you need it. The Chapter 10 (CCured Warnings and Errors) will help you figure out if you are running into an error that is covered by an advanced feature.

In addition to this manual, you can find information on CCured in the research papers that we have written. A comprehensive look at CCured can be found in our ACM TOPLAS article, which includes much of the material from the other CCured papers. You may also be interested in the POPL '02 paper describing the type system and inference algorithm, and the “CCured in the Real World” paper from PLDI '03 that discusses several advanced features that we discovered were important for large legacy systems.

1.1  Authors

CCured was developed primarily by George Necula, Scott McPeak, Westley Weimer, Matthew Harren and Jeremy Condit. Other people helped with various components: Shree Rahul, Raymond To, Aman Bhargava, James Lee, Winston Liaw.

This work was supported in part by the National Science Foundation under Grants No. 9875171, 0085949 and 0081588, and gifts from Microsoft Research. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation or the other sponsors.


Up Next