-
Notifications
You must be signed in to change notification settings - Fork 438
TypeClone
TypeClone is implemented in SVF under the name fstbhc.
Build LLVM and Clang from source code except use ctir-clang instead of upstream Clang.
Then, with this LLVM build, build SVF, skipping steps 1 to 3.
Now the newly built clang and clang++ can be used to build ctir-annotated code with the -ctir option.
TypeClone requires all bitcode to be ctir-annotated.
For example, clang -ctir -S -emit-llvm program.c will produce LLVM assembly, program.ll, ready to be analysed by TypeClone.
WLLVM can also be used without any friction (errors that -ctir is an unknown option can be safely ignored).
To analyse a program with TypeClone, without considering reuse:
$ wpa -fstbhc program.ll
To analyse a program with TypeClone, whilst considering reuse:
$ wpa -fstbhc -tbhc-all-reuse program.ll
To only consider reuse at store instructions (and GEP instructions whose purpose is ultimately a store), replace -tbhc-all-reuse with -tbhc-store-reuse:
$ wpa -fstbhc -tbhc-store-reuse program.ll
To print the type graph (text only):
$ wpa -fstbhc -print-dchg program.ll