Assignment 1 Python - SVF-tools/Software-Security-Analysis GitHub Wiki
Running Tests
Use Alt + F12 to open a terminal in VSCode and then type the below command line.
| Your implementation | ctest command line |
|---|---|
| Your reachability analysis | ctest -R "ass1-icfg-py/" |
| Your points-to analysis | ctest -R "ass1-pta-py/" |
| Your taint analysis | ctest -R "ass1-taint-py/" |
| The entire Assignment-1 | ctest -R "ass1-.*-py/" |
🔍 Debugging Tips for ICFG
Use the command wpa -ander -dump-icfg test1.ll to generate the ICFG graph for your .ll file. You can then view it as described above.
🧠 Debugging tips for ConstraintGraph and Points-to Sets
You can use the following commands to view the expected results for constraint graphs and points-to sets.
⚠️ Note: These outputs are NOT the results of your implementation — they represent the correct answers.
You should use them to compare with your own program’s output and debug accordingly.
- Use
wpa -ander -print-pts test1.llto print the final points-to set of each node to validateMAYALIASandNOALIAS.
- Use
wpa -ander -print-constraint-graph test1.llto print edges and nodes of the constraint graph.
- Use
wpa -ander -dump-constraint-graph test1.llto export the graph to a dot file for visualization.
Retrieve or manipulate a variable's points-to set using the SVF APIs shown here.
| Constraint Edge | Corresponding Color in Dot graphs (PAG and ConstraintGraph) |
|---|---|
| ADDR | Green |
| COPY | Black or (dashed arrow for interprocedural COPY edges) |
| LOAD | Red |
| STORE | Blue |
| GEP | Purple |
🔧 Workflow: Convert C++(C) to SVG for ICFG Visualization
This guide walks you through converting a C++(C) source file to an interactive SVG representation of its Interprocedural Control Flow Graph (ICFG) using SVF tools.
Press Alt + F12 to open a terminal first.
Step 1. Convert .cpp to .ll (LLVM IR)
clang++ -S -emit-llvm source.cpp(c) -o output.ll
-S: Generate assembly (LLVM IR).-emit-llvm: Emit LLVM IR instead of machine code.-o output.ll: Output filename for the IR.
Step 2. Generate a .dot file from .ll using SVF
wpa -ander -dump-icfg output.ll
wpa: Whole Program Analysis tool from SVF.-ander: Enables Andersen’s pointer analysis.-dump-icfg: Dumps the Interprocedural Control Flow Graph (ICFG) into a DOT file.
Step 3. Rename the ICFG dot file
mv svfir_initial.dot output.dot
- Rename the auto-generated dot file to something meaningful.
Step 4. Convert the .dot file to .svg for visualization
dot -Tsvg output.dot -o output.svg
dot: Graphviz command-line tool.-Tsvg: Output format as SVG.-o output.svg: Specifies the output file name.
Step 5. Open the .svg file in Chrome
google-chrome output.svg
However, if you're working inside a container, this command won’t work because GUI applications like Chrome can't run inside most containers.
Instead, copy the absolute path to the .svg file, then paste it into the address bar of Chrome on your host machine to view it
If you're successful, you'll see something similar to the output below.
✅ Alternatively, you can open it directly in VSCode with the Graphviz Preview extension.
✅ Example: Full Command Pipeline
clang++ -S -emit-llvm test1.cpp -o test1.ll
wpa -ander -dump-icfg test1.ll
mv svfir_initial.dot test1.dot
dot -Tsvg test1.dot -o test1.svg
google-chrome test1.svg
Submitting Your Work
- Upload
Assignment1.pyto UNSWWebCMSfor your submission.
Your implementation will be evaluated against our 10 internal tests. You will get the full marks if your code can pass them all. Our internal tests are private. Here, we only provided a handful test cases under Assignment-1/Tests/testcases. You are encouraged to add more test cases by yourself to validate the correctness of your implementation.
- You will be working on Assignment1.py only and there is NO need to modify other files under the Assignment-1 folder
3. Configuration && debugging
To debug in PyCharm with parameters, first set the parameters in Run > Edit Configurations, like below
After you set parameters, then set a breakpoint in your code, and finally right-click the script and select Debug to start debugging.
