Due to the many friendly emails that we received, it came to our attention that people do not only wish to use PhASAR as a standalone static analysis tool for general purpose and security data-flow analysis, but also wish to build performance optimizations based on PhASAR’s inter-procedural static analysis results.
For this reason, we are currently building a full-LTO pass that wraps PhASAR’s functionalities into an ordinary LLVM pass. Thus, we allow a tighter coupling between LLVM and PhASAR; other LLVM optimization passes will be able to directly access PhASAR inter-procedural static analysis information that may allow more aggressive performance optimizations.
In order to be able to perform code transformations based on static analysis, the analysis must be sound. For other applications—including security analysis—soundy analyses might be sufficient (A soundy analysis uses sensible under-approximations to cope with certain language features such as C’s setjmp()/longjmp() that would otherwise degrade precision.). Hence, we will add a new option to PhASAR that allows to control the level of soundness.