[cfe-dev] C++ analysis with Clang?

[Anna Zaks]

On Jun 1, 2012, at 6:36 PM, Karl Mazurak wrote:

> Hi all -
> 
> Our group is considering using Clang for some program analysis, 
> primarily aimed at bug-hunting.  We're targeting C++, which I understand 
> means the static analyzer isn't an option just yet,
> but it looks like 
> there's still plenty there that could be useful - so much that I'm not 
> sure what to start experimenting with.
> 
> The plugin tutorial uses a PluginASTAction and links to an example with 
> a RecursiveASTVisitor, but of course we'd like to avoid reinventing the 
> wheel (at coding time or at run time) as much as possible.  For 
> instance, are CFGs pre-constructed somewhere?

CFG is part of Analyzes library and is used by both clang and the analyzer.
You can use ViewCFG and DumpCFG checkers to see how C++ statements are modeled (and what the deficiencies are):
clang -cc1 -analyze -analyzer-checker=debug.ViewCFG test.c

>  Does the dataflow 
> framework in Analysis/FlowSensitive work with C++?
The analyzer's C++ support is work in progress. You can run the analyzer's path sensitive checkers on C++ code, however, it does not reason about many C++ concepts. 

>  Is this Sema of any 
> use outside the path-sensitive analyzer?  

You can write a non-path-sensitive checkers, which visit different AST nodes (AST does have full C++ support). See AST Visitors in http://clang-analyzer.llvm.org/checker_dev_manual.html#ast. 

> And is there anything in Clang 
> that could be useful in aggregating results together in whole program 
> analysis?
> 

The static analyzer does not currently support whole program analysis. 

> Thanks!
> 
> -- 
> Karl
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20120604/cbb3b434/attachment.html>