Static analysis forms an important basis for the kind of work we, security folks do. But unfortunately, it doesn’t seem to be our strong suit. These are the notes I made while I was working SVF’s pointer analysis framework.
(Insert suitable disclaimers about the correctness of the material here!)
Translation of C language to LLVM IR
SVF Implementation of Andersen’s Analysis
Equivalence of analysis in C Source Code and IR
Cycles in the Constraint Graph
Field Sensitive Pointer Analysis
SVF’s Field-Sensitivity: Handling of GEP Edges
Cycles in Field Sensitive Pointer Analysis