On Sun, Sep 10, 2023 at 2:06 PM Prabhu Subramanian <pra...@appthreat.dev> wrote:
> Hello, > > I am a newbie here. Apologies if this is not the right group for the below > message. > > I am one of the developers of a static program analysis/slicer tool called > atom (Apache-2.0). Atom uses the popular joern library (which internally > uses Eclipse CDT for c/c++). > > https://github.com/AppThreat/atom > > With atom, it is possible to generate an intermediate representation for a > project and then slice it into two modes - usages and data-flow. This is > discussed in the below document. > > https://github.com/AppThreat/atom/blob/main/specification/docs/slices.md > > We recently improved the performance of generating atom to support large > code bases like v8. It is possible to produce the usages slice in around 18 > minutes using the below commands. > > ## Prerequisites > > Ensure java >= 17 is installed > Download atom from https://github.com/AppThreat/atom/releases > > ```shell > > unzip atom.zip > cd atom-1.0.0/bin > > ./atom -J-Xms40g -J-Xmx40g usages --slice-outfile usages.json -o app.atom > --language c <path to v8>/src > ``` > > ## Proposal > > The information in the usages slice, such as locations, signature, and > type can be used to improve testing and fuzzing of projects like v8. Can you be a bit more specific? How exactly can this information be used for better testing or fuzzing? > I am unsure if this is an area actively explored here, It certainly is. > but we would love to discuss further if this is useful. > Note that a lot of the "interesting" things that V8 does have to do with JIT code generation and custom heap management, so usually tools that rely on C++ code analysis can only gain very limited insight into everything that's happening. If you believe that your analysis tool does provide useful input for fuzzers, then one thing you could do is run your own fuzzer over V8, and submit any relevant issues it discovers to the Chrome VRP <https://bughunters.google.com/about/rules/5745167867576320/chrome-vulnerability-reward-program-rules> to make it worth your while. > The link below is a gzipped version of the usages slice json generated > today for convenience. > > https://github.com/AppThreat/atom/files/12568103/usages.json.tar.gz > > Best, > Prabhu > > -- > -- -- v8-dev mailing list v8-dev@googlegroups.com http://groups.google.com/group/v8-dev --- You received this message because you are subscribed to the Google Groups "v8-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CAKSzg3SMce0ocOT5H5AqKwqQ7ybh6hnt89e95o08z%2BY8hNji%2BA%40mail.gmail.com.
