Who is calling whom?

September 16, 2016 Harrold Spier

Critical to static analysis is whether a tool is capable of building a complete and correct call-graph. This is easy for direct calls, but becomes far more complicated if indirect calls are involved. See how this works for TASKING Safety Checker for ISO 26262 related applications.

Call graph construction in the presence of indirect calls

 iso-26262-who-calls-whom

The Making of Information Age: Enfield Telephone Exchange1

 

Safety Checker by TASKING is a Safety integrity level (SIL) aware static analyzer with the ability to check for interference in the memory space domain and the special function register domain which is helpful to prove "freedom from Interference" as described in the ISO 26262 functional safety standard.

The success of a good static analysis stands or falls to whether the tool is able to construct a correct call graph, also called a call tree. A call graph represents calling relationships between functions in an application. Constructing a call graph is rather simple if only direct calls are taken into account.

harrold-snippet-1.png
The construction of a call graph becomes much harder if indirect calls are also involved. Let’s take a look at an indirect call:

harrold-snippet-2.png

Here the address of the function my_cmpfunc() is passed as an argument to the C library function qsort(). This library function will then call the function indirectly.

The correct call graph should therefore look like this:

harrold-snippet-3.png

This can become really complicated if, for example, the return value of a function holds a function pointer which is called indirectly or is passed as argument to another function.

Let’s take a look at a more complex piece of code.

harrold-snippet-4.png

Can you still figure out what is going on?

Can you construct the call graph of this code?

Here are the other functions:

harrold-snippet-5.png

Click here to see the call graph produced by Safety Checker.

That’s the joy of programming. Once you implemented the algorithm correctly, the application can do the work faster and better than you do.

For more information about the Safety Checker by TASKING, see ASIL CODE INTEGRITY CHECK TOOL.

 

Reference:
[1] The Making of Information Age: Enfield Telephone Exchange. Digital image. The Making of Information Age: Enfield Telephone Exchange. N.p., n.d. Web. <https://i.ytimg.com/vi/GVDGuCjog_0/maxresdefault.jpg
 
Product

Previous Article
Call Graph Created by Safety Checker
Call Graph Created by Safety Checker

Next Article
ISO 26262 - Best ideas come in the Shower
ISO 26262 - Best ideas come in the Shower

TASKING wants employees to be creative, you get your best ideas w...