c

Writing low-level systems code in C involves manual memory management and pointer manipulation, compiling and linking with gcc/clang and toolchains, building with Make/CMake, debugging with gdb and sanitizers, and profiling with tools like valgrind or perf.

c

12-Month Skill Trend

Momentum and market value over time
Trending
Score
+20 in 12 mo
96
12 mo agoNow
Career
Value
+$12K in 12 mo
$42K/year
12 mo agoNow

Recommended Survey Paper

Quick overview of the field
View more

Must-Read Papers

Most classic and influential ideas
View more

Prior static analysis studies of C software have been limited to small-scale or manually sampled datasets, lacking representative, large-scale empirical evidence from real-world Linux distributions. Method: This work conducts the first large-scale empirical evaluation across 3,538 mainstream C packages in Gentoo—a full Linux distribution—using GCC’s built-in static analyzer. Contribution/Results: We systematically characterize defect distributions and code quality patterns: uninitialized variables and null pointer dereferences are the most prevalent issues; warnings follow a heavy-tailed distribution independent of application domain; 89% of packages emit zero warnings, while a small fraction accounts for the vast majority; memory management defects are surprisingly rare. This establishes the first reproducible, distribution-scale static analysis benchmark for open-source C ecosystems, providing quantitative baselines and empirically grounded insights for software quality assessment, static analysis tool improvement, and security governance.

Analyzes common static analysis warnings in popular C packagesExamines warning distribution across 3,538 Gentoo Linux packagesIdentifies uninitialized variables and NULL pointer dereferences as top issues

Static analysis and optimization of C programs are hindered by pointer-induced indirect memory accesses. To address this, we propose a pointer semantic decoupling modeling technique that decomposes pointers into data containers and symbolic offsets, enabling precise, loop-level pointer relationship characterization in the compiler’s intermediate representation. This method automatically uncovers parallelization opportunities missed by conventional static analyses—achieving, for the first time, full automatic identification of all known parallelizable loops in the HPCCG benchmark. Experimental evaluation demonstrates an 18% performance improvement on HPCCG, an 11× speedup on PBKDF2, and successful deployment across real-world codebases including OpenSSL, Mantevo, and LZO. Our approach establishes a new paradigm for loop-centric pointer static analysis and automatic parallelization, significantly enhancing both precision and practical applicability.

Enables auto-parallelization and improves performance in benchmarks.Enhances static analysis for loop-based pointers in C programs.Separates pointers into data containers and offsets for optimization.

Towards Automated Verification of LLM-Synthesized C Programs

Oct 18, 2024
PM
Prasita Mukherjee
🏛️ Purdue University

Automatically verifying C programs generated by large language models (LLMs) remains challenging due to their syntactic and semantic irregularities, which hinder formal verification. Method: This paper proposes SynVer—a novel framework that tightly integrates LLM-based program synthesis with formal verification. SynVer introduces verifiability-aware biasing mechanisms operating at both syntactic and semantic levels to guide LLMs toward generating verification-friendly code. It further incorporates separation logic (SL) specifications and the Verified Software Toolchain (VST) to enable end-to-end, fully automated verification—from specification to C implementation to machine-checked safety proofs. Results: Evaluated on diverse benchmarks covering basic coding tasks, SL assertions, and API specifications, SynVer significantly improves the automatic verification success rate of LLM-generated C programs. Empirical results demonstrate its scalability, robustness, and effectiveness in bridging the gap between neural code generation and rigorous formal assurance.

Automating verification of LLM-generated C programsDeveloping scalable specification-verification tool for synthesisImposing syntactic and semantic biases for verification

SECOMP: Formally Secure Compilation of Compartmentalized C Programs

Jan 29, 2024
JT
Jérémy Thibault
🏛️ MPI-SP | Seoul National University | Ruhr University Bochum | Rochester Institute of Technology | MPI-SWS | Portland State University

Undefined behavior (UB) in C programs can propagate security vulnerabilities across module boundaries. This paper presents the first end-to-end machine-verified secure compiler that confines UB effects via memory compartments—logically isolated execution units—thereby preventing cross-compartment attack propagation. Methodologically, it introduces the first machine-checked proof of a fully abstract, type-safety–based secure compilation criterion for C; proposes an interface-driven compartment isolation semantics and a modular, extensible secure compilation proof framework; and extends CompCert with compartment semantics, re-verifying critical optimizations while jointly proving both compiler correctness and adversarial contextual security. The system supports formal verification from C source code to ARM/Clang target binaries, guaranteeing that compartment crashes—even under malicious host environments—preserve global security invariants.

C languagemodularizationsecurity issues

High-Level Synthesis (HLS) tools impose stringent structural constraints on C code, and manual code refactoring is labor-intensive and error-prone. Method: This paper proposes the first LLM-driven iterative HLS code refactoring framework, integrating systematic prompt engineering, feedback-guided multi-round rewriting, and modular hierarchical decomposition to enable bottom-up, semantics-preserving automatic refactoring of complex algorithms. Contribution/Results: By deeply embedding large language models into the HLS workflow, the framework achieves end-to-end translation from generic C code to HLS-ready code. Evaluated on three cryptographic algorithms, one hash function, five NIST randomness tests, and QuickSort, it demonstrates superior efficacy: the complexity of generated HLS code exceeds that of existing LLM-based Verilog synthesis approaches by one to two orders of magnitude, significantly narrowing the semantic and structural gap between software and hardware design.

Address software-to-hardware design gap with automated LLM frameworkAutomatically refactor C code for HLS compatibility using LLMsTransform complex C code into HLS-synthesizable formats iteratively

Latest Papers

What's happening recently
View more

This work addresses the unreliability of disassembly caused by the absence of compiler-intended semantic information in stripped binary executables. To overcome this limitation, the authors propose a novel lightweight metadata embedding mechanism that explicitly encodes critical semantics—such as code regions and memory boundaries—directly into the binary. This approach yields a decidable intermediate representation situated between raw binaries and source code. For the first time, it enables disassembly that is both decidable and recompilable, facilitating precise lifting to high-level intermediate representations. Experimental evaluation demonstrates that the embedded metadata incurs only 17% of the size overhead of DWARF debug information, introduces no runtime performance penalty, and successfully supports behavior-preserving binary lifting, instrumentation, and recompilation across a wide range of real-world C/C++ programs.

binary formatcompilation metadatadisassembly

This work addresses the persistent challenge of memory safety errors in C programs, which stem from implicit memory usage semantics and the high cost of manual annotation. The authors propose a novel approach that leverages large language models—specifically OpenAI o3 and GPT-4o—to automatically generate formal memory safety annotations. These annotations are then integrated into CN, a hybrid testing and verification framework, enabling end-to-end validation. The method demonstrates substantial improvements in both efficiency and accuracy: OpenAI o3 achieves a 90% success rate on first-attempt annotation generation (97% overall), while GPT-4o attains 65%. These results substantiate the feasibility and practical promise of using AI to assist in rigorous memory safety analysis for low-level code.

annotation synthesisC codelegacy systems

PIP: Making Andersen's Points-to Analysis Sound and Practical for Incomplete C Programs

Dec 08, 2025
HR
Håvard Rognebakke Krogstie
🏛️ Norwegian University of Science and Technology | Independent Researcher

To address the challenges posed by C’s file-based compilation—resulting in incomplete programs—and the inability of existing Andersen-style pointer analyses to simultaneously ensure precision and efficiency, this paper proposes an efficient, scalable pointer analysis for incomplete programs. Our approach introduces two key innovations: (1) an implicit pointee tracking mechanism based on constraint graphs, which explicitly models cross-module accessible memory locations; and (2) the Prefer Implicit Pointees (PIP) optimization, which reduces redundant explicit pointer representations while preserving semantic completeness and lowering computational overhead. Experimental evaluation demonstrates that our constraint-solving engine achieves a 15× speedup over baseline approaches; PIP further accelerates analysis by 1.9×. Moreover, the may-alias false positive rate decreases by 40%, and memory consumption remains tightly bounded. These results confirm significant and synergistic improvements in precision, efficiency, and scalability.

Develop sound points-to analysis for incomplete C programs.Enhance precision and scalability for practical compiler optimization.Improve efficiency via implicit pointee tracking in constraint graph.

C-ing Clearly: Enhanced Binary Code Explanations using C code

Dec 16, 2025
TP
Teodor Poncu
🏛️ Bitdefender | The National University of Science and Technology Politehnica Bucharest

Large language models (LLMs) exhibit significant limitations in semantic understanding of low-level programming languages—particularly assembly code. To address this, we propose a fully automated, annotation-free synthetic data generation method: leveraging executable C programs to produce semantically aligned C–assembly bilingual instruction pairs, enabling cross-layer code knowledge transfer. Our approach supports instruction fine-tuning and is compatible with diverse LLM architectures and parameter scales. Evaluated on binary code summarization and vulnerability detection tasks, fine-tuned models achieve substantial improvements—average BLEU-4 score increases by 12.7% and F1 score by 9.3%—with consistent generalization across model families. The core contribution is the first systematic paradigm for generating high-quality, semantically faithful assembly explanations directly from executable code, eliminating reliance on manual annotation while preserving precise program semantics.

Demonstrates gains across various LLM families and sizesEnhances LLM understanding of assembly via C codeImproves binary code summarization and vulnerability detection

This work addresses the fragmentation in current C/C++ pointer analysis tooling by proposing the first modular pointer analysis framework. By decoupling intermediate representation (IR) construction, constraint generation, solver backends, and client queries, the framework enables plug-and-play integration and systematic comparison of diverse alias analysis algorithms—including flow- and context-sensitive as well as insensitive variants—while explicitly exposing the trade-offs between precision and performance. The design supports multiple solvers and query interfaces, achieving up to a 2.91× speedup over SVF on GNU coreutils. Furthermore, the framework has been successfully deployed in industrial-scale static analysis and fuzzing tools, leading to the discovery of over one thousand real-world vulnerabilities.

alias analysisC/C++modular framework

Hot Scholars

MA

Marcin Anholcer

Associate Professor, Poznań University of Economics and Business
Graph TheoryNetwork OptimizationNonlinear Optimization