A tool for analyzing LLVM bitcode (generated either by C, C++ or Rust) using Datalog.
Soufflé, an open-source Datalog engine for program analysis, is the Datalog engine of choice.
First, the Soufflé Datalog engine needs to be installed. We recommend using the latest stable release, which can be installed via the package manager of certain distributions according to the instructions.
Soufflé can also be built from source. One needs to clone the Soufflé GitHub repo, check out the latest release version tag (2.1 at the time of writing) and build by following the available instructions.
The current version of cclyzer supports (in some cases partially) all versions of LLVM starting from 3.7 and up to 10. LLVM can be built from source even though this is not needed for newer Linux distributions, where installation via the system's package manager should suffice.
apt install llvm
dnf install gcc-c++ llvm-devel
You will also have to install the following packages:
apt install libclang-dev python-dev build-essential libboost-dev libboost-filesystem-dev libboost-program-options-dev libboost-python-dev
dnf install python-devel boost-python3-devel
Even though the necessary boost libraries are now available in your system, the compiler might fail to locate and link against them when building cclyzer. Next, we give one possible solution to this problem.
Locate the libboost libraries in your system by running:
echo "$(ldconfig -p | grep libboost_python* | tr ' ' '\n' | grep /)"
The above command should print something along the following lines:
/usr/lib/libboost_python27.so.1.70.0
/usr/lib/libboost_python27.so
/usr/lib/x86_64-linux-gnu/libboost_python3-py36.so.1.65.1
/usr/lib/x86_64-linux-gnu/libboost_python3-py36.so
/usr/lib/x86_64-linux-gnu/libboost_python-py27.so.1.65.1
/usr/lib/x86_64-linux-gnu/libboost_python-py27.so
As a next step you need to select the most recent version of Python 3,
/usr/lib/x86_64-linux-gnu/libboost_python3-py36.so.1.65.1 in our example,
and create a link to it in a directory you have write access such as
$HOME/.local/lib.
mkdir -p $HOME/.local/lib
ln -s /usr/lib/x86_64-linux-gnu/libboost_python3-py36.so.1.65.1 $HOME/.local/lib/libboost_python.so
Finally, append the following to .bashrc or .bash_profile to update the
LIBRARY_PATH and LD_LIBRARY_PATH environment variables. Do not forget to
source .bashrc or source .bash_profile afterwards.
export LIBRARY_PATH="$HOME/.local/lib:$LIBRARY_PATH"
export LD_LIBRARY_PATH="$HOME/.local/lib:$LD_LIBRARY_PATH"
In the base directory run:
make
The default way to run, using a context-insensitive analysis, is:
./cclyzer.sh -i <input_file>
To analyze a file with a specific analysis run:
./cclyzer.sh -a <analysis> -i <input_file>
where the available options for are:
- context-insensitive
- 1-call-site-sensitive+heap
- 2-call-site-sensitive+heap