Static analysis tools for LLVM IR [closed]

Question

I am trying to find if there are any static analysis tools available that perform analysis on LLVM IR and report issues to the developer?

Any suggestion is appreciated.

Answer 1

For anyone interested, I have been able to find few research tools that perform analysis on LLVM IR and report errors/warnings to the developer. Following is the list:

1. KLEE - Runs symbolic execution on LLVM IR generated from C source code and generates a report as explained here: http://klee.github.io/tutorials/testing-regex/.
2. KLOVER - Built on top of KLEE to generate test cases for C++ programs
3. LLBMC - LLVM IR is converted to Intermediate logical representation, which is converted to SMT-LIB formula. SMT-lib Formula is then solved using SMT solver. More details can be found here: http://llbmc.org/files/papers/ASE13.pdf
4. LAV - It is a bug finding tool built on top of the LLVM compiler infrastructure. LAV combines symbolic execution, SAT encoding of program's control-flow and some features of bounded model checking.