Program Analysis using Phoenix

For C/C++, writing a C2 phase plug-in may be the best choice. I prefer to put the analysis phase after the "Type Checker" phase. On the other hand, reading from PE executables requires .pdb (linking with /debug and /profile). A more serious problem is that LIR cannot be raised to HIR in such case, which makes it hard for further analysis. Besides, the alias algorithm seems too conservative, and the SSA algorithm is sometimes a little confusing.

For C#/.NET, writing an analysis tool (stand-alone .exe) is quite simple: set FunctionUnit.HighLevelIRFunctionUnitState for RaisePhase in the generated code. Remember to skip function units with !functionUnit.AliasInfo.IsComplete since they are unmanaged code.

Missing information in Phoenix IR is still a headache, as well as not-so-canonical IR forms. There's a talk with Open64 guys on Wednesday. I'm wondering if Open64 IR or LLVM IR would be better for program analysis. However, Visual C++ is always the ultimate front-end on Windows: other compilers could even hardly parse Windows.h as Microsoft-specific grammars keep growing.