Hi,
Am writing to you to check the applicability of Clang as a frontend to our static analysis engine.
Our engine simulates runtime behavior of C/C++ programs statically; it typically requires the exact intended semantics to be captured as part of the AST. However, sometimes, we may live with incomplete simulation of semantics in corner cases.
The input to our engine is millions of lines of mature, production quality code, sometimes highly legacy too; we cannot modify them for the analysis; these sources would span multiple dialects & are compilable by one of the several compilers (and versions thereof) that exist today
We do not have the luxury of terminating the analysis due to parser failure; we do have the ability to live with incomplete information in corner cases though. All the above essentially means that we need a permissive parser that works out of the box for all the common dialects (like g++, msvc++, etc.) and almost works fine for the non-so-popular dialects.
We could contribute back testcases, and perhaps other hacks as we create them
Our software runs on Linux
Please let us know if Clang would be applicable to us. Also, if you have any useful pointers in this regard, kindly share the same.
Thanks,
Yadavendra Yadav
Hi,
Am writing to you to check the applicability of Clang as a frontend to our
static analysis engine.
clang is definitely usable for static analysis; in fact, a static
analyzer already exists. See http://clang-analyzer.llvm.org/ . KLEE
(http://klee.llvm.org/) might also be of interest.
Our engine simulates runtime behavior of C/C++ programs statically; it
typically requires the exact intended semantics to be captured as part of
the AST. However, sometimes, we may live with incomplete simulation of
semantics in corner cases.
The input to our engine is millions of lines of mature, production quality
code, sometimes highly legacy too; we cannot modify them for the analysis;
these sources would span multiple dialects & are compilable by one of the
several compilers (and versions thereof) that exist today
We do not have the luxury of terminating the analysis due to parser
failure; we do have the ability to live with incomplete information in
corner cases though. All the above essentially means that we need a
permissive parser that works out of the box for all the common dialects
(like g++, msvc++, etc.) and almost works fine for the non-so-popular
dialects.
clang has good compatibility with g++, incomplete compatibility with
msvc++. The best answer here is to try compiling some of the
codebases in question with clang. It might be possible to do static
analysis even if there are errors; clang does construct an AST even in
the presence of errors. How well that would work would probably
depend on the sorts of errors you run into; some "errors" (which are
really warnings at error severity) can be ignored, while others
indicate the AST will be incomplete. You'll have a much easier time
if you allow making minor modifications to the code being analyzed,
especially if you need an accurate AST.
We could contribute back testcases, and perhaps other hacks as we create
them
clang is under active active development; testcases are always welcome.
Our software runs on Linux
clang's Linux support is mature.
Please let us know if Clang would be applicable to us. Also, if you have
any useful pointers in this regard, kindly share the same.
Good luck with your project.
-Eli