[cfe-dev] Extend Static Analyzer

austin seipp as at hacks.yi.org
Tue Jun 28 20:18:46 PDT 2011


You don't need to interface with Sema at all. What you want can be
implemented as a simple self contained checker that the analyzer will
run when you use something like 'scan-build'. For example, take a look
at something like lib/StaticAnalyzer/Checkers/UnixAPIChecker.cpp. This
checker implements some very basic analysis warnings for incorrect
usage of unix apis like open. The checker is invoked when the analyzer
goes through the control flow graph (CFG) and sees a function call
happen (it inherits from check::PreStmt<CallExpr>.) It simply
dispatches based on the identifier of the called function and issues
BugReports when believes something is awry.

Note that even a simple analysis like this will potentially need to
worry about the path through the CFG leading to the call, because
variables that may be mentioned at the call site obviously can be
affected by the control flow. You can see some of this logic for
example in the 'CheckOpen' function of UnixAPIChecker.

I would recommend you read lib/StaticAnalyzer/README.txt to get an
idea of how the analyzer core deals with control flow and exposes it,
as well as looking at UnixAPIChecker - for basic function calls, it's
probably similar to what you want to do. I don't know Objective-C
however, so I can't give you any specific help with that, but if you
look around there are several Objective-C specific checkers that are
included which should give you an idea of how to move forward.

PS. Don't forget to add your new checker to
lib/StaticAnalyzer/Checkers/Checkers.td - if you want it run by
default with scan-build (for testing) then you can just stick your
checker into the 'Core' package during development and it'll
automatically be turned on.

On Tue, Jun 28, 2011 at 7:32 PM, ajotwani <ajotwani85 at gmail.com> wrote:
> I am trying to extend the functionality of the static analyzer to do some
> very basic checks and include the results in the analyzer report. For
> example, I want to check for any file accesses within objective c code
> (writetofile, etc.) and include the findings in the existing analysis report
> produced. I am thinking this can be done by adding the checks to
> SemaChecking.cpp and then adding the appropriate warning message
> declarations to DiagnosticSemaKinds.td. Is this the right track or should
> something like this be added elsewhere?
>
> Thanks.
>
>
>
> --
> View this message in context: http://clang-developers.42468.n3.nabble.com/Extend-Static-Analyzer-tp3120000p3120000.html
> Sent from the Clang Developers mailing list archive at Nabble.com.
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>



-- 
Regards,
Austin



More information about the cfe-dev mailing list