Language Fuzzing Using Constraint Logic Programming
Validated by the FSE Artifact Evaluation Committee.
Sapper: A Language for HW-Level Security Policy Enforcement
Widening for Control-Flow
Pointer Analysis for C-Style Languages
Inclusion-Based Pointer Analysis
- Source code and benchmarks for the field-insensitive version, implemented using CIL (see the papers: "The Ant and the Grasshopper: Fast and Accurate Pointer Analysis for Millions of Lines of Code" and "Exploiting Pointer and Location Equivalence to Optimize Pointer Analysis"). Additional dependencies: Google Performance Tools and the BuDDy BDD Package.
- Updated field-sensitive version, implemented using LLVM. This code was written for a pre-release version of LLVM 2.5 and does not work in current versions of LLVM.
Flow-Sensitive Pointer Analysis
- Semi-sparse analysis (see the paper: "Semi-Sparse Flow-Sensitive Pointer Analysis"). Important usage information in this README. Note in particular that this code was written for a pre-release version of LLVM 2.5 and does not work in current versions of LLVM.
- Staged analysis (see the paper: "Flow-Sensitive Pointer Analysis for Millions of Lines of Code"). IMPORTANT NOTE: this is an older, out-of-date version of the code that is not the same as that used for the paper; it may contain bugs and should be taken with a grain of salt. Unfortunately the proper version of this code has been lost; posting this older version is the best that I can do. Note that the code is written for a pre-release version of LLVM 2.5 and does not work in current versions of LLVM.