[cfe-dev] Work on analyzer's C++ support

[Ted Kremenek]

Hi Marcin,

I think these are great ideas.  Comments inline.

On Nov 3, 2010, at 3:04 AM, Marcin Świderski <marcin.sfider at gmail.com> wrote:

> I'm going to add some checks for C++ that will check for:
> - uninitialized object members,

This seems like a path-sensitive check that requires inter-procedural analysis of constructor calls.

> - problems in ctors derived from order of initialization,

Another path-sensitive check.  What do you mean by "problems"?

> - absence of virtual destructor when needed,
> - virtual method calls in ctors/dtors,
> - some const-correctness.

It's not clear to me that these are path-sensitive checks, or even require flow analysis.

> 
> I'll try to use the path-sensitive engine for some of them, extending it in the process, but I'm not sure if I'll make it. I'm doing this for my masters thesis and don't have much time, so I will be able to share my work probably in a month or so. If someone want to work on C++ in the path-sensitive engine during this time I'll contribute just the checks.

The constructor checking is probably the most interesting, but probably the hardest to do.  It also requires the most amount of new pieces working.

The good thing about the analyzer is that, unlike the compiler, you can skip analyzing entire swaths of code (if the engine isn't ready) and still find bugs.