The graph graph itself is simple; there are no βwrongβ call schedules (unless you have a style check that prohibits recursion).
The real problem is that to understand how code at a point in a program can be problematic, you usually need to understand the shape of the world (what data structures live, what values ββthey can contain, what relationships they can have) in that The moment when this code point is active. The call schedule shows how execution can get to the point of interest to the code, and all the code along this route of the call schedule sets the context for the code execution. This allows the static analyzer to perform "context-sensitive" analysis, which gives much more accurate answers.
This leads to a second problem: how to get an accurate call schedule? If you have a direct call B from A, itβs easy to record βA calls Bβ and feel that this is an accurate fact of the fact of the call. But if A makes a call through an indirect pointer (can you say that sending a virtual method?) Suddenly it is not clear who exactly is calling; you end up with A-can-call-B1, A-can-call-B2, ... Which one actually actually calls depends on the context in which A ... oops is executed, you need a call graph to produce a call graph. The good news is that you are plotting a call schedule from below: "I know that this is certainly true, so this must be true." In places where the analgesic cannot understand this, he usually makes a conservative assumption: ("All these challenges may be possible, I cannot rule them out."). This conservatism is one of the key reasons for the accuracy of your static analyzer.