How to use LLVM to generate a call graph?

llvm static-analysis call-graph
10,395

First, you have to compile your kernel into LLVM IR (instead of native object files). Then, using llvm-ld, combine all the IR object files into a single large module. It could be quite a tricky thing to do, you'll have to modify the makefiles heavily, but I believe it is doable.

Now you can do your analysis. A simple call graph can be generated using the opt tool with -dot-callgraph pass. It is unlikely to handle function pointers, so you may want to modify it.

Tracking all the possible data flow paths that would carry your function pointers is quite a challenge, and in general case it is impossible to do (if there are any pointer to integer casts, if pointers are stored in complicated data structures, etc.). For a majority of specific cases you can try to implement a global abstract interpretation to approximate all the possible data flow paths for your pointers. It would not be accurate, of course, but then you'll get at least a conservative approximation.

Share:
10,395

Related videos on Youtube

addalbx
Author by

addalbx

I mostly read and write code.

Updated on June 04, 2022

Comments

  • addalbx
    addalbx about 2 years

    I'm looking into generating a call-graph for the linux kernel that would include function pointers (see my previous question Static call graph generation for the Linux kernel for more information). I've been told LLVM should be suitable for this purpose, however I was unable to find the relevant information on llvm.org

    Any help, including pointers to relevant documentation, would be appreciated.

  • Ira Baxter
    Ira Baxter about 12 years
    You really don't want to produce a dot callgraph for 8 million lines of code. It would cover a tennis cour, if dot could draw it, which it can't. Other than that, this is a great echo of the answer to the other question note by OP :-} with special emphasis on what fun function pointers are.
  • SK-logic
    SK-logic about 12 years
    @IraBaxter, certainly you don't want to display a dot callgraph for anything bigger than "hello, world!". But you may want to use that .dot file for your further analysis. I normally parse .dot files and store them into a database.
  • addalbx
    addalbx about 12 years
    Thanks for pointing out the opt tool. Yes, Ira, I'm not looking into generating a graphical representation of the call graph. Having it in any parsable format is OK, which the dot format qualifies for. Concerning function pointers, I have been told that LLVM should be able to do some of that points-to analysis for function pointers. I am not looking into implementing this myself, clearly.
  • user
    user over 9 years
    llvm-ld is deprecated, use llvm-link or gold plugin instead.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Static analysis of Java call graph
How to Generate a calling graph for C++ code
Can SonarQube be used as a Static Application Security Testing (SAST) tool?
If a subclass refers to a superclass ivar, synthesizing an unrelated property fails
Installing LLVM libraries along with Xcode
A "NullPointerException" could be thrown; "context" is nullable here
/usr/bin/ld: crtbegin.o: No such file: No such file or directory
How to choose the LLVM version clang is using?
Cannot build LLVM and Clang
warning: duplicate protocol definition of '...' is ignored