Question about whole program alias analysis (espcially, for linux kernel)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Question about whole program alias analysis (espcially, for linux kernel)

Dae R. Jeong

I'm trying to conduct an alias analysis for a linux kernel. What I
want to do is to extract groups of (may-)aliased pointers and to
extract instructions reading from/writing to them in an entire linux
kernel (with a given kernel config). So, I think I want to build a
linux kernel with LTO and to conduct an alias analysis with all object

Since I'm very new with GCC and its internal, I don't know where to
start. I don't care about precision for now (as a just starting
point), so, any inter-procedural alias/points-to analysis is
fine. Unsoundness coming from assembly codes is just okay. It seems
that GIMPLE is a good IR for my purpose, though I'm not sure. I found
the -fipa-pta flag, I don't know how to exploit it...

Is there any starting point or recommendations? It would be best if
there is a some whole-program analysis tool that I can use. If not, I
would really appreciate someone who give me any information.

I can find a tool (e.g., SVF,, which
can do similar things, based on LLVM toolchain. But I don't want to
use it because using LLVM makes things complicated as long as a linux
can't be built with LLVM.

Dae R. Jeong.