[cfe-dev] Full program Analysis w. Clang

Anna Zaks ganna at apple.com
Mon Jun 11 20:24:52 PDT 2012


On Jun 11, 2012, at 6:23 PM, Alexandros Tzannes wrote:

> Hi all,
> I am interested in using Clang to write a checker that reads in custom annotations (we are considering using attributes rather than pragmas) to guarantee the absence of some types of bugs. The next step after this is done would be to try and infer as many of the annotations as possible, but this will require whole program analysis. I know that clang works per translation unit (TU), so I was wondering if there is some advice on how to go about it. Perhaps serialize the AST of different TUs, merge them and analyze the whole program offline (after compilation) to prove the desired safety guarantees.

Are you planning to write a static analyzer checker? In general, we are interested in adding whole program analyzes to the analyzer, but it's an ambitious project.

> It may actually be possible to perform inference per TU, as long as any cyclic call-graph dependencies are within a single TU.
> 

Scalability wise, developing summary based analyzes is better than serializing the AST. (Very simply put, you'd analyze each function separately, store their summaries, and re-analyze all the functions again taking into account the generated info. If you have cyclic dependencies, you could consider repeating the process more than once.)


> Any feedback/brainstorming will be greatly appreciated!
> 
> Cheers!
> Alex
> 
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev




More information about the cfe-dev mailing list