- New course Software Security Analysis for learning code analysis and verification with SVF for fun and expertise!
- SVF now supports LLVM-16.0.0 with opaque pointers (Contributed by Xiao Cheng).
- Modernize SVF's CMake (Contributed by Johannes).
- SVF now supports LLVM-13.0.0 (Thank Shengjie Xu for his help!).
- Object clustering published in our OOPSLA paper is now available in SVF
- Hash-Consed Points-To Sets published in our SAS paper is now available in SVF
- Learning or teaching Software Analysis? Check out SVF-Teaching!
- SVF now supports LLVM-12.0.0 (Thank Xiyu Yang for her help!).
- VSFS published in our CGO paper is now available in SVF
- TypeClone published in our ECOOP paper is now available in SVF
- SVF now uses a single script for its build. Just type
source ./build.shin your terminal, that's it! - SVF now supports LLVM-10.0.0!
- We thank bsauce for writing a user manual of SVF (link1 and link2) in Chinese
- SVF now supports LLVM-9.0.0 (Thank Byoungyoung Lee for his help!).
- SVF now supports a set of field-sensitive pointer analyses.
- Use SVF as an external lib for your own project (Contributed by Hongxu Chen).
- SVF now supports LLVM-7.0.0.
- SVF now supports Docker. Try SVF in Docker!
- SVF now supports LLVM-6.0.0 (Contributed by Jack Anthony).
- SVF now supports LLVM-4.0.0 (Contributed by Jared Carlson. Thank Jared and Will for their in-depth discussions about updating SVF!)
- SVF now supports analysis for C++ programs.
SVF is a static value-flow analysis tool for LLVM-based languages. SVF (CC'16) is able to perform
- AE (abstract execution): cross-domain execution (ICSE'24), typestate analysis (FSE'24);
- WPA (whole program analysis): field-sensitive (SAS'19), flow-sensitive (CGO'21, OOPSLA'21) analysis;
- DDA (demand-driven analysis): flow-sensitive, context-sensitive points-to analysis (FSE'16, TSE'18);
- MSSA (memory SSA form construction): memory regions, side-effects, SSA form (JSS'18);
- SABER (memory error checking): memory leaks and double-frees (ISSTA'12, TSE'14, ICSE'18);
- MTA (analysis of multithreaded programs): value-flows for multithreaded programs (CGO'16);
- CFL (context-free-reachability analysis): standard CFL solver, graph and grammar (OOPSLA'22, PLDI'23);
- SVFIR and MemoryModel (SVFIR): SVFIR, memory abstraction and points-to data structure (SAS'21);
- Graphs: generating a variety of graphs, including call graph, ICFG, class hierarchy graph, constraint graph, value-flow graph for static analyses and code embedding (OOPSLA'20, TOSEM'21)
SVF's doxygen document is available here.
| About SVF | Setup Guide | User Guide | Developer Guide |
|---|---|---|---|
 |
 |
 |
 |
| Introducing SVF -- what it does and how we design it | A step by step setup guide to build SVF | Command-line options to run SVF, get analysis outputs, and test SVF with an example or PTABen | Detailed technical documentation and how to write your own analyses in SVF or use SVF as a lib for your tool |
We are looking for self-motivated PhD students and welcome industry collaboration to improve SVF (Please contact y.sui@unsw.edu.au)
We release SVF source code in the hope of benefiting others. You are kindly asked to acknowledge usage of the tool by citing some of our publications listed http://svf-tools.github.io/SVF, especially the following two:
@inproceedings{sui2016svf,
title={SVF: interprocedural static value-flow analysis in LLVM},
author={Sui, Yulei and Xue, Jingling},
booktitle={Proceedings of the 25th international conference on compiler construction},
pages={265--266},
year={2016},
organization={ACM}
}
@article{sui2014detecting,
title={Detecting memory leaks statically with full-sparse value-flow analysis},
author={Sui, Yulei and Ye, Ding and Xue, Jingling},
journal={IEEE Transactions on Software Engineering},
volume={40},
number={2},
pages={107--122},
year={2014},
publisher={IEEE}
}