-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
126 lines (83 loc) · 9.97 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<!DOCTYPE html>
<html lang="en-us">
<head>
<meta charset="UTF-8">
<title>SVF:Pointer Analysis for C and C++ </title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="stylesheets/normalize.css" media="screen">
<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,700' rel='stylesheet' type='text/css'>
<link rel="stylesheet" type="text/css" href="stylesheets/stylesheet.css" media="screen">
<link rel="stylesheet" type="text/css" href="stylesheets/github-light.css" media="screen">
</head>
<body>
<section class="page-header">
<h1 class="project-name">SVF</h1>
<h2 class="project-tagline">Source Code Analysis with Static Value-Flow</h2>
<a href="https://github.com/SVF-tools/SVF/wiki" class="btn">View Wiki on GitHub</a>
<a href="https://github.com/SVF-tools/SVF" class="btn">Download Source Code </a>
<a href="https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker" class="btn">Download Dockerfile</a>
</section>
<section class="main-content">
<h2>
<a id="what-is-svf" class="anchor" href="#what-is-svf" aria-hidden="true"><span class="octicon octicon-link"></span></a>What is SVF?</h2>
<p><a href="https://github.com/svf-tools/SVF">SVF</a> is a static tool that enables scalable and precise interprocedural dependence analysis for C and C++ programs. SVF allows value-flow construction and pointer analysis to be performed iteratively, thereby providing increasingly improved precision for both. </p>
<h2>
<a id="what-kind-of-analyses-does-svf-provide" class="anchor" href="#what-kind-of-analyses-does-svf-provide" aria-hidden="true"><span class="octicon octicon-link"></span></a>What kind of analyses does SVF provide?</h2>
<ul>
<li>Call graph construction for C and C++ programs</li>
<li>Field-sensitive Andersen's pointer analysis</li>
<li>Sparse flow-sensitive pointer analysis</li>
<li>Value-flow dependence analysis</li>
<li>Interprocedural memory SSA</li>
<li>Detecting source-sink related bugs, such as memory leaks and incorrect file-open close errors.</li>
<li>An <a href= "https://github.com/svf-tools/SVF-EclipsePlugin">Eclipse plugin </a> for visualizing bugs </li>
</ul>
<h2>
<a id="how-to-setup-svf" class="anchor" href="#how-to-setup-svf" aria-hidden="true"><span class="octicon octicon-link"></span></a>License </h2>
GPLv3
<h2>
<a id="how-to-setup-svf" class="anchor" href="#how-to-setup-svf" aria-hidden="true"><span class="octicon octicon-link"></span></a>How to setup SVF?</h2>
<p>Please download the <a href="https://github.com/svf-tools/SVF">source code</a> of SVF and refer to this <a href="https://github.com/svf-tools/SVF/wiki/Setup-Guide#getting-started"> step-by-step guide</a> to setup SVF.</p>
<h2>
<a id="how-to-run-svf" class="anchor" href="#how-to-run-svf" aria-hidden="true"><span class="octicon octicon-link"></span></a>How to run SVF?</h2>
<p>SVF analyzes a program by taking the LLVM IR of the program as its input. Please refer to <a href="https://github.com/svf-tools/SVF/wiki/User-Guide#quick-start">this user guide</a> to run SVF with <a href="https://github.com/svf-tools/SVF/wiki/Analyze-a-Simple-C-Program#an-example">a simple example</a> and generate the <a href="https://github.com/svf-tools/SVF/wiki/User-Guide#analysis-outputs">outputs</a> of each analysis pass in your local machine.</p>
<p>Alternatively, we have also prepared a <a href="http://www.cse.unsw.edu.au/%7Ecorg/svf/SVF.ova">virtual machine image</a> for you to run SVF on any machine with VirtualBox installed. Please refer to this <a href="https://github.com/svf-tools/SVF/wiki/Try-SVF-in-VirtualBox"> step-by-step guide</a> to try SVF in a VM. </p>
<h2>
<a id="how-does-svf-work-internally" class="anchor" href="#how-does-svf-work-internally" aria-hidden="true"><span class="octicon octicon-link"></span></a>References</h2>
<p>Please refer to <a href="https://github.com/svf-tools/SVF/wiki/Technical-documentation">this wiki documentation</a>, <a href="http://www.cse.unsw.edu.au/%7Ecorg/svf/doxygen/">doxygen code manual</a> and the following publications to understand the internal working of SVF.</p>
<p>Yaohui Chen, Peng Li, Jun Xu, Shengjian Guo,Rundong Zhou, Yulong Zhang, Tao Wei, and Long Lu. <a href ="https://arxiv.org/pdf/1906.07327.pdf">SAVIOR: Towards Bug-Driven Hybrid Testing</a>, 41st IEEE Symposium on Security and Privacy (S&P'20)</p>
<p>Dae R. Jeong, Kyungtae Kim, Basavesh Shivakumar, Byoungyoung Lee, and Insik Shin. <a href ="https://lifeasageek.github.io/papers/jeong:razzer.pdf">RAZZER: Finding Kernel Race Bugs through Fuzzing</a>, 40th IEEE Symposium on Security and Privacy (S&P'19) </p>
<p>Meni Orenbach, Yan Michalevsky, Christof Fetzer, and Mark Silberstein. <a href ="https://www.usenix.org/system/files/atc19-orenbach.pdf">CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves</a>, 2019 USENIX Annual Technical Conference (ATC'19) </p>
<p>Yuxiang Lei and Yulei Sui. <a href ="http://yuleisui.github.io/publications/sas2019a.pdf"> Fast and Precise Handling of Positive Weight Cycles for Field-sensitive Pointer Analysis </a>, 26th International Static Analysis Symposium (SAS'19) </p>
<p>Mustakimur Rahman Khandaker, Wenqing Liu, Abu Naser, Zhi Wang, and Jie Yang. <a href="https://www.usenix.org/system/files/sec19-khandaker.pdf"> Origin-sensitive Control Flow Integrity</a>, 28th USENIX Security Symposium (USENIX Security'19)</p>
<p>Timotej Kapus and Cristian Cadar. <a href ="https://srg.doc.ic.ac.uk/files/papers/segmem-esecfse-19.pdf">A Segmented Memory Model for Symbolic Execution</a>, ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE'19) </p>
<p>Yulei Sui and Jingling Xue. <a href ="http://yuleisui.github.io/publications/tse18.pdf"> Value-Flow-Based Demand-Driven Pointer Analysis for C and C++ </a>, IEEE Transaction on Software Engineering (TSE'18) </p>
<p>Yulei Sui, Hua Yan, Yunpeng Zhang, Jingling Xue and Zheng Zheng. <a href ="http://yuleisui.github.io/publications/jss18.pdf"> Parallel Construction of Interprocedural Memory SSA Form</a>, Journal of Systems and Software (JSS'18)</p>
<p>Hongxu Chen, Yinxing Xue, Yuekang Li, Bihuan Chen, Xiaofei Xie, Xiuheng Wu, and Yang Liu.<a href="https://chenbihuan.github.io/paper/ccs18-chen-hawkeye.pdf"> Hawkeye: Towards a Desired Directed Grey-box Fuzzer</a>, 25th ACM Conference on Computer and Communications Security (CCS'18)</p>
<p>David Trabish, Andrea Mattavelli, Noam Rinetzky and Cristian Cadar.<a href="https://srg.doc.ic.ac.uk/files/papers/chopper-icse-18.pdf"> Chopped Symbolic Execution</a>, 40th International Conference on Software Engineering (ICSE’18)</p>
<p>Chung Hwan Kim, Taegyu Kim, Hongjun Choi, Zhongshu Gu, Byoungyoung Lee, Xiangyu Zhang, and Dongyan Xu <a href ="https://lifeasageek.github.io/papers/kim-minion.pdf">Securing Real-Time Microcontroller Systems through Customized Memory View Switching</a>, The Network and Distributed System Security Symposium (NDSS'18) </p>
<p>David Gens, Simon Schmitt, Lucas Davi, and Ahmad-Reza Sadegh <a href ="https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_05A-1_Gens_paper.pdf">K-Miner: Uncovering Memory Corruption in Linux</a>, The Network and Distributed System Security Symposium (NDSS'18) </p>
<p>Xiaokang Fan, Yulei Sui and Jingling Xue. <a href ="https://yuleisui.github.io/publications/issta17.pdf"> Boosting the Precision of Virtual Call Integrity Protection with Partial Pointer Analysis for C++ </a>, The ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'17) </p>
<p>Yulei Sui and Jingling Xue. <a href ="https://yuleisui.github.io/publications/fse16.pdf"> On-Demand Strong Update Analysis via Value-Flow Refinement</a>, ACM SIGSOFT International Symposium on the Foundation of Software Engineering (FSE'16)</p>
<p>Yulei Sui and Jingling Xue. <a href ="https://yuleisui.github.io/publications/cc16.pdf"> SVF: Interprocedural Static Value-Flow Analysis in LLVM</a>, 25th International Conference on Compiler Construction (CC'16)</p>
<p>Yulei Sui, Peng Di and Jingling Xue. <a href ="https://yuleisui.github.io/publications/cgo16.pdf"> Sparse Flow-Sensitive Pointer Analysis
for Multithreaded Programs</a>, International Symposium on Code Generation and Optimization (CGO'16)</p>
<p>Yulei Sui, Ding Ye, and Jingling Xue. <a href="https://yuleisui.github.io/publications/tse14.pdf"> Detecting Memory Leaks Statically with Full-Sparse Value-Flow Analysis</a>, IEEE Transactions on Software Engineering (TSE'14)</p>
<p>Yulei Sui, Sen Ye and Jingling Xue. <a href = "https://yuleisui.github.io/publications/sas2014.pdf"> Region-based Selective Flow-Sensitive Pointer Analysis</a>, 21th International Static Analysis Symposium (SAS'14) </p>
<p>Ding Ye, Yulei Sui, and Jingling Xue. <a href = "https://yuleisui.github.io/publications/cgo14.pdf"> Accelerating Dynamic Detection of Uses of Undefined Values with Static Value-Flow Analysis</a>, 12th Annual IEEE/ACM International Symposium on Code Generation and Optimization (CGO'14)</p>
<p>Yulei Sui, Ding Ye, and Jingling Xue. <a href = "https://yuleisui.github.io/publications/issta12.pdf"> Static Memory Leak Detection Using Full-Sparse Value-Flow Analysis</a>, 2012 International Symposium on Software Testing and Analysis (ISSTA'12)</p>
<h2>
<a id="contacts" class="anchor" href="#contacts" aria-hidden="true"><span class="octicon octicon-link"></span></a>Contacts</h2>
Any comments, contributions and collaborations are welcomed.
Please contact the authors <a href="mailto:[email protected]">Yulei Sui</a> or <a href="mailto:[email protected]">Jingling Xue</a> if you have any questions.
</section>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-105021663-1', 'auto');
ga('send', 'pageview');
</script>
</body>
</html>