This paper presents SVF, a tool that enables scalable and precise interprocedural Static
Value-Flow analysis for C programs by leveraging recent advances in sparse analysis. SVF …

Programs are bloated. Our study shows that only 5% of libc is used on average across the
Ubuntu Desktop envi-ronment (2016 programs); the heaviest user, vlc media player, only …

Understanding program behaviors is important to verify program properties or to optimize
programs. Static analysis is a widely used technique to approximate program behaviors via …

We introduce a static detector, Saber, for detecting memory leaks in C programs. Leveraging
recent advances on sparse pointer analysis, Saber is the first to use a full-sparse value-flow …

We introduce a static detector, Saber, for detecting memory leaks in C programs. Leveraging
recent advances on sparse pointer analysis, Saber is the first to use a full-sparse value-flow …

After decades of research, constructing call graphs for modern C-based software remains
either imprecise or inefficient when scaling up to the ever-growing complexity. The main …

Zero-day Use-After-Free (UAF) vulnerabilities are increasingly popular and highly
dangerous, but few mitigations exist. We introduce a new pointer-analysis-based static …

Mainstream points-to analysis techniques for object-oriented languages rely predominantly
on the allocation-site abstraction to model heap objects. We present MAHJONG, a novel …

We present a new Strong UPdate Analysis for C programs, called Supa, that enables
computing points-to information on-demand via value-flow refinement, in environments with …

Points-to analysis is a fundamental static analysis technique which computes the set of
memory objects that a pointer may point to. Many different applications, such as security …