[cfe-dev] GSoC - Static Analyzer project ideas?

[Ted Kremenek]

On Mar 21, 2011, at 5:05 AM, Martin Milata wrote:

> Hello,
> 
> I would like to participate in this year's Google Summer of Code
> program. I'm interested in working on the Static Analyzer, because I
> think it has great potential to be a tool that a lot of programmers can
> benefit from, and it also overlaps with my academic interests.
> 
> The analyzer is not mentioned on the open projects page, so my question
> is if anybody has some project idea and/or is willing to mentor it? I
> have tried to come up with something, but I don't know if it would be
> really possible, useful and doable in the given time:
> 
> - support for interprocedural analysis
> 
> - support for external checkers (i.e. loadable at runtime, so clang does
>  not have to be recompiled in order to use new checker)
> 
> - false positive elimination with constraint solver (klee seems to
>  contain a solver that could be specifically used for this)
> 
> - C++ support (only thing mentioned on the analyzer web, I don't have an
>  idea of extent of the work needed)
> 
> Thank you for any feedback,
> Martin Milata

Hi Martin,

I'm happy to hear that you are so excited about the static analyzer, and there are definitely task areas of it that would make good GSoC projects.

I think the "support for external projects" is probably the most reasonable for a GSoC project you proposed.  Argiris recently reworked the checker registration system so that all checkers register themselves with a CheckerManager object.  I think we should be able to naturally extend this to dynamically loadable checkers.  Not only is this a tractable project, but it would have direct impact on others trying to extend the static analyzer.

I think all the other projects are great ideas, but unless you are intimately familiar with the static analyzer engine I don't think interprocedural analysis or integration of a constraint solver are good part-time projects.  They both will require a huge amount of work and intimate understanding of the analyzer core.  I just don't think you'll have enough time in a GSoC project, and I think if this is your first time working with the analyzer internals its probably best to start on a less ambitious project that will have more immediate direct impact.

Concerning C++ static analysis support, there is a bunch of random things to be done.  Some of it dovetails into inter-procedural analysis and enhancing the core analyzer engine, but writing C++ specific checkers would be really beneficial.  Note that full C++ support is definitely much more than a GSoC project, but it's definitely something you can help with by carving out key pieces that need to be done.

Cheers,
Ted