Research On C/C++Programs’Function Call Relations Based On Static Analysis

Function call relations reveal the dependency relations between functions in software systems, and are widely used in the filed of software engineering, including program understanding and analyzing, software testing and maintaining, compilation optimizing, interprocedural data flow analyzing, etc. An integrated function call rela-tion makes a good contribution to program verification and deadlock analysis, and improves the completeness of verification and analysis. Most of the existing static analysis methods obtain the function call relations in the process of program com-piling, but the analysis result just gives an approximate expression of function call relations where the program is executed, and cannot get the function call relations that are dynamically determined at run time, thus lowers the accuracy of analysis result, such as function calls realized by function pointers, and virtual function calls in object-oriented language.To solve these problems, this paper proposes a static analysis method named CR-CFG (Call Relations-CFG) for function call relations generation based on Control Flow Graph (CFG). Compared with existing static analysis methods, CR-CFG can analyze the function calls realized by function pointers and virtual functions more precisely. The main work of CR-CFG is as follows:(1) Extracting code information statically. CR-CFG uses a gcc plugin written by this paper to get the type definition and the function CFG information of the source files, and saves them in files with a formatted form. Depending on the executable file name and the information generated by make command, all the source files, target files’name and path that the execution file relies are statically obtained. Based on the dependent source files and target files’information, CR-CFG gains the type and function information from these files’ corresponding type, function and virtual function table information files, and builds the structure model of the information and function analysis paths.(2) Simulating program execution. This paper proposes a simulation algorithm based on flow sensitive and context sensitive proposed, and statically analyzes the statements on each analysis path depending on the information model built in the first part. This algorithm expressly deals with special syntax of C/C++programs, such as the variable assignments associated with function pointers, parsing of function pointers and virtual function calls, exception handling, etc.(3) Mapping function call graph. Upon the analysis results of the simulation algorithm, this paper generates the complete function call relations of the programs, and maps the function call graph by the Graph Viz tool.(4) In the experimental section, specific examples are used to verify the correct-ness and completeness of CR-CFG, and a comparison with the existing static analysis tools is conducted. Performance tests on some C/C++open source codes are ran in order to verify the performance of this analysis method. Experimental results show that CR-CFG is more precise when analyzing function pointers and virtual functions, thus improves the accuracy of analysis results. More importantly, CR-CFG has a good performance in open source codes tests, which leads to broad application prospects.