«

On a large scale C++ project we are considering to make a static code
analysis tool capable of giving answers to high level questions like
(examples):

- Which entry points on this layer in the software can result in
calls to a given function on a lower layer

- Which tables in a database can be updated by executing from a given entry
point in a given layer

- Which business logic classes are used from both of two given entry points
in a given layer

- etc...

What we plan to do is to make our compiler (or some other standard tool)
generate source browser info or something similar, post process this source
browser info into a call graph, and make a query tool capable of analyzing
the call graph according to user queries and thus provide answers to
questions like those listed above.

Some things we would have to take into account are

- Parts of the application are table driven (ie. which function to call is
depending on circumstances looked up in configuration tables). To cater for
this, we might extend the call graph with arcs corresponding to the
information in the configuration tables.

- Polymorphism: The call graph must deal with polymorphism in a way that
makes sense in our application - this means that for each virtual function
in a base class, the call graph should contain an arc from that function to
any overrides in base classes. Otherwise we would not be able to track a
call through a base class pointer to the implementation in a derived class.

- The tool is for internal use only, so it does not need to be slick in any
sense, but it is a must that we can trust the results produced.


My questions are:

- Can any existing tools make analyses like this? (Bear in mind that such a
tool would have to be configurable and extensible to take into account the
way our application is structured, eg. that parts of our application is
table driven.)

- Is it possible to make such a tool work in the real world at all? There
might be fundamental problem we havent thought of like eg. algorithmic
complexity.

- Anyone with experiences with making or using a similar tool?


Thanks
Jens


--
Jens Nordahl
Remove these characters for sending mail: r, t, c, f, s and m

"Jens Nordahl" <> wrote
>
> On a large scale C++ project we are considering to make a static code
> analysis tool capable of giving answers to high level questions like
> (examples):
>
> - Which entry points on this layer in the software can result in
> calls to a given function on a lower layer
>
> - Which tables in a database can be updated by executing from a given entry
> point in a given layer
>
> - Which business logic classes are used from both of two given entry points
> in a given layer
>
> - etc...
>
> What we plan to do is to make our compiler (or some other standard tool)
> generate source browser info or something similar, post process this source
> browser info into a call graph, and make a query tool capable of analyzing
> the call graph according to user queries and thus provide answers to
> questions like those listed above.
>
> Some things we would have to take into account are
>
> - Parts of the application are table driven (ie. which function to call is
> depending on circumstances looked up in configuration tables). To cater for
> this, we might extend the call graph with arcs corresponding to the
> information in the configuration tables.
>
> - Polymorphism: The call graph must deal with polymorphism in a way that
> makes sense in our application - this means that for each virtual function
> in a base class, the call graph should contain an arc from that function to
> any overrides in base classes. Otherwise we would not be able to track a
> call through a base class pointer to the implementation in a derived class.
>
> - The tool is for internal use only, so it does not need to be slick in any
> sense, but it is a must that we can trust the results produced.
>
>
> My questions are:
>
> - Can any existing tools make analyses like this? (Bear in mind that such a
> tool would have to be configurable and extensible to take into account the
> way our application is structured, eg. that parts of our application is
> table driven.)
>
> - Is it possible to make such a tool work in the real world at all? There
> might be fundamental problem we havent thought of like eg. algorithmic
> complexity.
>
> - Anyone with experiences with making or using a similar tool?

SourceNavigator does a respectable job, but obviously, it doesn't try to make
guesses about table-driven applications. It's open source, so you're free to
adapt it, but be aware that doing so (or writing your own) is probably a bigger
project than whatever you plan to document.

Details about SourceNavigator can be found on the web or possibly in one of the
Red Hat newsgroups. Unfortunately, it is off-topic for comp.lang.c++.

Claudio Puviani