On Fri, Dec 30, 2011 at 3:15 PM, sa...@hederstierna.com <fred...@hederstierna.com> wrote: > Hi! > > I'm currently looking into possibilities to improve GCC for > static-code-analysis features. > Some weeks ago I proposed re-introducing -Wunreachable-code for finding dead > code: > > http://gcc.gnu.org/ml/gcc-patches/2011-12/msg00385.html > > (The warning was removed in > http://gcc.gnu.org/ml/gcc-patches/2009-11/msg00251.html) > > Though I have not got any reply yet, the patch might be wrong, but possibly > the remove_bb() call > could have some kind of 'reason' parameter to avoid false positives? > > Also I last year sent out ideas about static code analysis in: > > http://gcc.gnu.org/ml/gcc/2011-02/msg00227.html > > And got positive response. When I tries to check eg. null-deref-checking I > though > found some work done on this, the 'bug' is on > > http://gcc.gnu.org/bugzilla/show_bug.cgi?id=16351 > > I found a patch that add an extra 'static code analysis' pass to check > null-dereferencing at: > > http://gcc.gnu.org/ml/gcc-patches/2004-07/msg00423.html > > Though it was concluded that this should be done fold_stmt() function, is > this still valid? > And what is the difference between adding an additional > static-code-analysis-pass compared to > this null-checking pass? (Even though all optimization workers have been done > before checking this). > > I really would like to see under 2012 some more static code analysis features > to be added to GCC, > like null-deref-checking and dead-code checkers, possibly even better > array-over/under-run-bounds-checkers? > > Any comments or ideas are most welcome!
Static code analysis from generic middle-end routines like remove_bb or fold_stmt is not going to work well. Wunreachable-code was removed exactly because of that reason. Good static code analysis code will run as separate pass that does not change the intermediate language. Previously I suggested to run as IPA pass before any (or any complex) code transform took place. Static code analysis could re-use the analysis phase(s) of one or several SSA optimization passes we have, like I suggested previously for the simple case of re-using the CCP lattice computation (or the SCCVN machinery). As re-using of existing analysis phases might not be possible without minor changes in core GCC code I'm not convinced doing a plugin is the right way. Richard. > Thanks and Best Regards, > Fredrik
