[analyzer] Cross-function and cross TU CFG analysis

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[analyzer] Cross-function and cross TU CFG analysis

Дилян Палаузов via cfe-dev
Hello.

Does Clang Static Analyzer/Clang Tidy support cross function and cross
translation unit CFG analysis?

Cross TU means I have a function `foo` in one TU; `foo` calls `bar'
which is defined in another TU.

Cross function means I have a function `foo` which calls `bar` function.
And I want to analyze 'bar' CFG with some information from 'foo' CFG.

Thank you.

--
Best regards,
Alexander Zaitsev



_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev

signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [analyzer] Cross-function and cross TU CFG analysis

Дилян Палаузов via cfe-dev
Hmm, i'm not aware of any of these. All of our libAnalysis analyses are intra-procedural, as far as i'm aware of.

Technically, it's as easy as any other cross-function analysis - you have access to all CFGs within the current translation unit, so you have all the information you'll ever need and you can be as stateful as you want when it comes to analyzing CFGs within the same translation unit, and it becomes more annoying across translation units. Theoretically, however, a good and generic-enough interprocedural data flow analysis technique is pretty hard to come up with.

We should eventually come up with such analyses when we start to tackle the idea of summary-based analysis for the Static Analyzer: function summaries should rather be CFG/data-flow/must-problem-based than symbolic-execution-based in order to get around the variety of issues collectively known under the name of "the inlined defensive checks problem".

On 2/3/19 5:38 PM, Alexander Zaitsev via cfe-dev wrote:
Hello.

Does Clang Static Analyzer/Clang Tidy support cross function and cross
translation unit CFG analysis?

Cross TU means I have a function `foo` in one TU; `foo` calls `bar'
which is defined in another TU.

Cross function means I have a function `foo` which calls `bar` function.
And I want to analyze 'bar' CFG with some information from 'foo' CFG.

Thank you.


_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev


_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev