[cfe-dev] query: using clang for static anlalysis
Eli Friedman
eli.friedman at gmail.com
Mon May 10 02:21:42 PDT 2010
On Mon, May 10, 2010 at 1:15 AM, Yadavendra Yadav <yadav.y2001 at gmail.com> wrote:
> Hi,
>
> Am writing to you to check the applicability of Clang as a frontend to our
> static analysis engine.
clang is definitely usable for static analysis; in fact, a static
analyzer already exists. See http://clang-analyzer.llvm.org/ . KLEE
(http://klee.llvm.org/) might also be of interest.
> Our engine simulates runtime behavior of C/C++ programs statically; it
> typically requires the exact intended semantics to be captured as part of
> the AST. However, sometimes, we may live with incomplete simulation of
> semantics in corner cases.
>
> The input to our engine is millions of lines of mature, production quality
> code, sometimes highly legacy too; we cannot modify them for the analysis;
> these sources would span multiple dialects & are compilable by one of the
> several compilers (and versions thereof) that exist today
>
> We do not have the luxury of terminating the analysis due to parser
> failure; we do have the ability to live with incomplete information in
> corner cases though. All the above essentially means that we need a
> permissive parser that works out of the box for all the common dialects
> (like g++, msvc++, etc.) and almost works fine for the non-so-popular
> dialects.
clang has good compatibility with g++, incomplete compatibility with
msvc++. The best answer here is to try compiling some of the
codebases in question with clang. It might be possible to do static
analysis even if there are errors; clang does construct an AST even in
the presence of errors. How well that would work would probably
depend on the sorts of errors you run into; some "errors" (which are
really warnings at error severity) can be ignored, while others
indicate the AST will be incomplete. You'll have a much easier time
if you allow making minor modifications to the code being analyzed,
especially if you need an accurate AST.
> We could contribute back testcases, and perhaps other hacks as we create
> them
clang is under active active development; testcases are always welcome.
> Our software runs on Linux
clang's Linux support is mature.
> Please let us know if Clang would be applicable to us. Also, if you have
> any useful pointers in this regard, kindly share the same.
Good luck with your project.
-Eli
More information about the cfe-dev
mailing list