[cfe-dev] clang static analyzer: call graph for indirect calls?
Christian Convey
christian.convey at gmail.com
Tue Jan 6 06:32:04 PST 2015
Hello,
Is it the case that the clang static analyzer will perform
interprocedural analyses over exactly the set of paths shown in the
call graph?
My overall goal is to figure out whether or not clang static analyzer
will apply checkers to execution paths which flow over indirect calls.
I came up with this test case:
>>>>>>>
void f() {
}
void direct_caller() {
f();
}
void indirect_caller() {
void (*func)() = f;
func();
}
<<<<<<
And I got the following results:
>>>>>>
/tmp $ clang -cc1 -I /usr/lib/llvm-3.4/lib/clang/3.4/include -I
/usr/include -I /usr/include/x86_64-linux-gnu -analyze
-analyzer-checker=debug.DumpCallGraph test.c
--- Call graph Dump ---
Function: < root > calls: f direct_caller indirect_caller
Function: indirect_caller calls:
Function: direct_caller calls: f
Function: f calls:
<<<<<<<
I'm trying to figure out if from this result, I can correctly infer
that the clang static analyzer would not perform interprocedural
analysis on the call string ("indirect_caller", "f").
Thanks,
Christian
More information about the cfe-dev
mailing list