GNATstack

GNATstack is a static analysis tool that enables Ada/C/C++ software development teams to accurately predict the maximum size of the memory stack required for an embedded application.

GNATstack statically computes the maximum stack space required by each task in an application. The computed bounds can be used to ensure that sufficient space is reserved, thus guaranteeing safe execution with respect to stack usage. The tool uses a conservative analysis to deal with complexities such as subprogram recursion, while avoiding unnecessarily pessimistic estimates.

This static stack analysis tool exploits data generated by the compiler to compute worst-case stack requirements. It performs per-subprogram stack usage computation combined with control flow analysis.

GNATstack can analyze object-oriented applications, automatically determining maximum stack usage on code that uses dynamic dispatching in both Ada and C++. A dispatching call challenges static analysis because the identity of the subprogram being invoked is not known until run time. GNATstack solves this problem by statically determining the subset of potential targets for every dispatching call. This heavily reduces the analysis effort and yields precise stack usage bounds even on complex Ada/C++ code.

GNATstack's computation is based on information known at compile time. When the tool indicates that the result is accurate, then the computed bound will never be exceeded.

On the other hand, there may be situations in which the results will not be accurate. The tool will report such situations, for example because of missing information such as depth of subprogram recursion, indirect calls, etc. GNATstack includes an infrastructure that allows you to specify the missing call graph and stack usage information.

The main output of the tool is the worst-case stack usage for every entry point, together with the paths that lead to these stack needs. The list of entry points can be automatically computed (all the tasks, including the environment task) or can be specified by the user (a list of entry points or all the subprograms matching a certain regular expression).

The tool can also detect and display a list of potential problems when computing stack requirements:

  • Indirect (including dispatching) calls. The tool will indicate the number of indirect calls made from any subprogram.
  • External calls. The tool displays all the subprograms that are reachable from any entry point for which stack or call graph information is absent.
  • Unbounded frames. The tool displays all the subprograms that are reachable from any entry point and that have unbounded stack requirements. This situation can arise, for example, when the required stack size depends on the subprogram's actual parameters.
  • Cycles. The tool can detect all cycles (potential recursion) in the call graph.

GNATstack lets you supply a text fileĀ for the missing information, such as the potential targets for indirect calls, the stack requirements for external calls, and the bounds for unbounded frames.