Mamba detects vulnerabilities across C, C++, Rust, Solana and Objective‑C by transforming LLVM IR into fast Datalog facts evaluated with Soufflé.
View on GitHubGenerates call graphs, CFG and ICFG for precise whole‑program understanding.
Outputs lightweight facts in SQLite ready for Soufflé rule execution.
Write expressive Datalog rules to uncover memory‑safety bugs and logic flaws.
Built in Rust for speed, safety and seamless integration into security pipelines.
Inclusion‑based Andersen analysis with lazy cycle detection for scalability.
View algorithmWork‑list engine supports liveness, reaching definitions, available & busy expr.
View algorithmMamba is implemented in Rust, parses LLVM bitcode directly, stores IR facts in SQLite, and evaluates Datalog rules with the blazing‑fast Soufflé engine, delivering whole‑program insights in seconds, even on massive codebases.
Zero‑cost abstractions and memory‑safe core analysis.
Portable database of IR facts for offline queries or AI pipelines.
Declarative queries run orders‑of‑magnitude faster than imperative scans.