What's the difference between deep and shallow static analysis?

Question

What's the difference between shallow and deep static analysis? I'm using Xcode at the moment, and noticed that there's a build setting that distinguishes between the two.

I'm curious about this in the general case, and I'm also wondering if there's any difference in how Clang implements this distinction.

I tried some Google-foo and I couldn't find an answer. I tried going through the Apple and Clang docs to see if they explain it but I didn't find anything. Hopefully I didn't miss an obvious stone to overturn in my searching.

Answer 1

(1) A talk from apple's Evan Cheng (compilation tech) gives an indication (see pages 157/158):

• shallow - quick analysis
• deep - more thorough analysis

Recommendation: Always analyze in deep mode as part of qualifications

(2) Some more details you can find in the source code of the analyzerOptions There is the UserModeKind variable:

00184   /// \brief Describes the kinds for high-level analyzer mode.
00185   enum UserModeKind {
00186     UMK_NotSet = 0,
00187     /// Perform shallow but fast analyzes.
00188     UMK_Shallow = 1,
00189     /// Perform deep analyzes.
00190     UMK_Deep = 2
00191   };
00192 
00193   /// Controls the high-level analyzer mode, which influences the default 
00194   /// settings for some of the lower-level config options (such as IPAMode).
00195   /// \sa getUserMode
00196   UserModeKind UserMode;
00197 
00198   /// Controls the mode of inter-procedural analysis.
00199   IPAKind IPAMode;

Without looking too deep into the code you see that one difference is the deactivation of the (timeconsuming) inter-procedural analysis...