[cfe-dev] Handling of loops in the Clang Static Analyzer
Venugopal Raghavan via cfe-dev
cfe-dev at lists.llvm.org
Thu Feb 23 19:07:00 PST 2017
Hi,
I am re-sending the question I asked under a different thread so that the
subject is more relevant to the topic.
I did not quite realize it earlier but it seems that the static analyzer
unrolls a loop up to a certain number of times and then stops exploring
paths beyond that. In the checker I have written, I get the message "Block
count exceeded" and then state exploration stops. As a result, my checker
give false positives and does not achieve what it sets out to do.
I understand that handling loops is a difficult problem, but is there a
work-around available, perhaps, even some source annotation from the user?
Also, would it not be possible to re-start exploration after the loop if
there is some code independent of the loop computation. I understand that
this independent flow would eventually merge with the computation in the
loop in some manner (otherwise the loop computation would probably have
been "dead"), but, even then, it may be possible to so some useful analysis
with the "independent" code.
Finally, I understand that the checkers have been used with "realistic"
test cases. I am curious, how did they work if the test cases had loops in
them?
Thanks.
Regards,
Venugopal Raghavan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20170224/ed771619/attachment.html>
More information about the cfe-dev
mailing list