SVFIR - SVF-tools/Software-Security-Analysis GitHub Wiki

SVFIR is the demo program sample to understand SVFIR and their graph representations, i.e., ICFG and PAG

SVFIR Layout

SVFIR/

|-- CMakeLists.txt
|-- SVFIR.cpp
|-- compile.sh
`-- src
    |-- swap.c
    |-- control-flow.c
    |-- example.c
    `-- demo.c

1. Get the latest code template

* Before coding, please type `cd $HOME/Software-Security-Analysis` and `git pull` in your terminal to make sure you always have the latest version of the code template.

width=600px

2. LLVM IR Generation

* Use `control + ~` to call out command line

Option 1: Generate LLVM IR of `example.c` via the following command line

cd /home/SVF-tools/Software-Security-Analysis/SVFIR
clang -S -c -O0 -fno-discard-value-names -emit-llvm src/example.c -o example.ll
opt -S -p=mem2reg example.ll -o example.ll   # optional command line to simplify the IR to promote memory operations to registers

Option 2: Generate LLVM IR via `compile.sh`

cd /home/SVF-tools/Software-Security-Analysis/SVFIR
sh compile.sh src/example.c

The .ll file (i.e., example.ll) will be generated under the /home/SVF-tools/Software-Security-Analysis/SVFIR folder

3. Run and debug code under the SVFIR folder

3.1 launch.json

You need to set the "program" to be the executable file of SVFIR, i.e., "${workspaceFolder}/bin/svfir" in launch.json in order to run and debug

You need to set the "args" to be the .ll file you have just generated, i.e., "${workspaceFolder}/SVFIR/example.ll" in launch.json in order to run and debug

3.2 Debug and run `SVFIR.cpp`

The code in SVFIR.cpp shows examples of printing and dumping three types of code graphs, including ICFG, PAG and Constraint Graph.
Tips for debugging: Always good to use "toString()" method to understand the value of each node and each edge on a code graph
The two dot files (i.e, example.ll.icfg.dot and example.ll.pag.dot) will be generated under the /home/SVF-tools/Teaching-Software-Verification/SVFIR folder

4. Visualize ICFG, Constraint Graph and SVFIR/PAG graph

4.1 VSCode Graphviz Interactive Preview extensions

width=650px

4.2 Open the dot file and graph visualization

Open the dot file under, for example, /home/SVF-tools/Teaching-Software-Verification/SVFIR/example.ll.icfg.dot which is the ICFG of the program and call out the command palette

width=650px

Enter > Graphviz and select `Interactive Preview (beside)

width=650px

You will see the ICFG on the right hand side

width=650px

SVFIR - SVF-tools/Software-Security-Analysis GitHub Wiki

SVFIR Layout

1. Get the latest code template

* Before coding, please type cd $HOME/Software-Security-Analysis and git pull in your terminal to make sure you always have the latest version of the code template.

2. LLVM IR Generation

* Use control + ~ to call out command line

Option 1: Generate LLVM IR of example.c via the following command line

Option 2: Generate LLVM IR via compile.sh

3. Run and debug code under the SVFIR folder

3.1 launch.json

3.2 Debug and run SVFIR.cpp

4. Visualize ICFG, Constraint Graph and SVFIR/PAG graph

4.1 VSCode Graphviz Interactive Preview extensions

4.2 Open the dot file and graph visualization

* Before coding, please type `cd $HOME/Software-Security-Analysis` and `git pull` in your terminal to make sure you always have the latest version of the code template.

* Use `control + ~` to call out command line

Option 1: Generate LLVM IR of `example.c` via the following command line

Option 2: Generate LLVM IR via `compile.sh`

3.2 Debug and run `SVFIR.cpp`