Due to the structure of the IDE analysis it only analyses reachable procedures from the entry/exit procedure it is passed. For example, this means that the param transform (which uses IDE liveness to identify relevant registers) produces incorrect parameters for procedures like __do_global_dtors which are only called indirectly, and the read-uninitialised variable check fails. Currently the transform makes a sound approximation at the site of indirect calls, by making everything live, however the procedure we might resolve the call to does not get correct parameters by over-approximating its depedencies and dependees, as the analysis never reaches it via the call-graph. Rather than implement an ad-hoc fix for unreachable procedures, we make the assumption for simplification that we have a complete call graph (as we don't currently do indirect call resolution on that path), by just dropping unreachable procedures.
In general it is useful for the IDE analysis to produce meaningful, if over-approximate results for all procedures; not just those which are reachable from control flow. I am making this issue as a known problem, but its not a priority investing resources in fixing it and might requrie a complex change to the IDE solver; its not a problem in the IDE solver @b-paul has implemented in bincaml.
Due to the structure of the IDE analysis it only analyses reachable procedures from the entry/exit procedure it is passed. For example, this means that the param transform (which uses IDE liveness to identify relevant registers) produces incorrect parameters for procedures like __do_global_dtors which are only called indirectly, and the read-uninitialised variable check fails. Currently the transform makes a sound approximation at the site of indirect calls, by making everything live, however the procedure we might resolve the call to does not get correct parameters by over-approximating its depedencies and dependees, as the analysis never reaches it via the call-graph. Rather than implement an ad-hoc fix for unreachable procedures, we make the assumption for simplification that we have a complete call graph (as we don't currently do indirect call resolution on that path), by just dropping unreachable procedures.
In general it is useful for the IDE analysis to produce meaningful, if over-approximate results for all procedures; not just those which are reachable from control flow. I am making this issue as a known problem, but its not a priority investing resources in fixing it and might requrie a complex change to the IDE solver; its not a problem in the IDE solver @b-paul has implemented in bincaml.