-
Notifications
You must be signed in to change notification settings - Fork 0
Analysis Profiles
Hugo edited this page Feb 26, 2026
·
1 revision
The analyzer supports two analysis profiles that control the precision/performance tradeoff.
--analysis-profile=fast|fullThe default profile. Provides maximum analysis coverage and precision.
- No instruction-count limit for
StackBufferOverflowandMultipleStoreschecks - No per-function GEP/store budget limit
- Full alias backtracking through pointer stores is enabled
- Result: better coverage/precision, but potentially much slower on large translation units
Best for:
- Local development analysis
- Single-file analysis
- When precision is more important than speed
Designed for CI/CD batch scans where speed matters.
- Functions larger than 1200 IR instructions are skipped for
StackBufferOverflowandMultipleStoreschecks -
StackBufferOverflowanalyzes at most 16getelementptrsites per function -
MultipleStoresanalyzes at most 32storesites per function - Alias backtracking through pointer stores is disabled for these two checks
- Result: significantly faster runs, with possible false negatives on very large/complex functions
Best for:
- CI/CD pipeline scans
- Large codebases with compile_commands.json
- Quick feedback during development
When inputs are auto-discovered from compile_commands.json (no explicit input files on the CLI) and multiple files are found, the CLI automatically selects fast unless you explicitly pass --analysis-profile=full.
This prevents accidentally running a full-precision scan on an entire project, which could be very slow.
# Auto-selects fast because inputs come from compdb and there are multiple files
./build/stack_usage_analyzer --compdb=build/compile_commands.json
# Force full even with compdb auto-discovery
./build/stack_usage_analyzer --compdb=build/compile_commands.json --analysis-profile=full# Explicit fast profile
./build/stack_usage_analyzer --compile-commands=build/compile_commands.json --analysis-profile=fast
# Explicit full profile
./build/stack_usage_analyzer --compile-commands=build/compile_commands.json --analysis-profile=full
# Single file always defaults to full
./build/stack_usage_analyzer main.cpp