-
Notifications
You must be signed in to change notification settings - Fork 142
Home
PhASAR is a LLVM-based static analysis framework written in C++. It allows users to specify arbitrary data-flow problems which are then solved in a fully-automated manner on the specified LLVM IR target code. Computing points-to information, call-graph(s), etc. is done by the framework, thus you can focus on what matters.
Moreover than the documentation on PhASAR wiki page, you probably would like to read
this README and then have a look on the material provided on https://phasar.org/
as well. Please also have a look on PhASAR's project directory and notice the project directory
examples/
as well as the custom tool tools/myphasartool.cpp
.
If you already read the documentation on PhASAR's wiki page(s) and went through the examples and still have questions on PhASAR, LLVM, or how to write an analysis, there is a slack channel where you can get help from other PhASARists. Please send a brief email to [email protected] and we will add you to the PhASAR slack channel.
PhASAR provides a static analysis framework that has been implemented on top of LLVM. PhASAR has been developed with the goal to make static analysis easier, more accessible. Furthermore, it tries to establish a novel platform to evaluate new concepts and ideas in the area of program analysis.
Please use the following bibtex entry to cite PhASAR:
@InProceedings{10.1007/978-3-030-17465-1_22,
author="Schubert, Philipp Dominik
and Hermann, Ben
and Bodden, Eric",
editor="Vojnar, Tom{\'a}{\v{s}} and Zhang, Lijun",
title="PhASAR: An Inter-procedural Static Analysis Framework for C/C++",
booktitle="Tools and Algorithms for the Construction and Analysis of Systems",
year="2019",
publisher="Springer International Publishing",
address="Cham",
pages="393--410",
abstract="Static program analysis is used to automatically determine program properties, or to detect bugs or security vulnerabilities in programs. It can be used as a stand-alone tool or to aid compiler optimization as an intermediary step. Developing precise, inter-procedural static analyses, however, is a challenging task, due to the algorithmic complexity, implementation effort, and the threat of state explosion which leads to unsatisfactory performance. Software written in C and C++ is notoriously hard to analyze because of the deliberately unsafe type system, unrestricted use of pointers, and (for C++) virtual dispatch. In this work, we describe the design and implementation of the LLVM-based static analysis framework PhASAR for C/C++ code. PhASAR allows data-flow problems to be solved in a fully automated manner. It provides class hierarchy, call-graph, points-to, and data-flow information, hence requiring analysis developers only to specify a definition of the data-flow problem. PhASAR thus hides the complexity of static analysis behind a high-level API, making static program analysis more accessible and easy to use. PhASAR is available as an open-source project. We evaluate PhASAR's scalability during whole-program analysis. Analyzing 12 real-world programs using a taint analysis written in PhASAR, we found PhASAR's abstractions and their implementations to provide a whole-program analysis that scales well to real-world programs. Furthermore, we peek into the details of analysis runs, discuss our experience in developing static analyses for C/C++, and present possible future improvements. Data or code related to this paper is available at: [34].",
isbn="978-3-030-17465-1"
}
The paper can be found here: Useful Literature.
- Home
- Reference Material
- Getting Started:
- Building PhASAR
- Using PhASAR with Docker
- A few uses of PhASAR
- Coding Conventions
- Contributing to PhASAR
- Errors and bug reporting
- Update to Newer LLVM Versions
- OS Support