6.7 Knowing the limitations of analysis
It’s worth mentioning some limitations of the analysis that can be conducted with Clang’s AST and CFG. The most notable ones are mentioned here [2]:
Limitations of Clang’s AST: Clang’s AST is unsuitable for data flow analysis and control flow reasoning, leading to inaccurate results and inefficient analysis due to the loss of vital language information. Soundness of analysis is also a consideration, where the precision of certain analyses, such as liveness analysis, can be valuable if they are precise enough rather than always being conservative.
Issues with Clang’s CFG: While Clang’s CFG aims to bridge the gap between AST and LLVM IR, it encounters known problems, has limited interprocedural capabilities, and lacks adequate testing coverage.
One example mentioned in [2] relates to C++ coroutines, a new feature introduced in C++20. Some aspects of this functionality are implemented outside the Clang frontend...
