[GSoC-2021] Interested in project `Extend the static analysis pass`
Wed Mar 31 17:52:24 GMT 2021
On Wed, 2021-03-31 at 21:41 +0530, Saloni Garg wrote:
> On Tue, Mar 30, 2021 at 6:42 PM David Malcolm <firstname.lastname@example.org>
> > On Tue, 2021-03-30 at 16:06 +0530, Saloni Garg wrote:
> > > On Sun, Mar 28, 2021 at 8:03 PM David Malcolm <
> > > email@example.com>
> > > wrote:
> > >
> No, it's actually fun learning all this. Thank you for sharing all
> references. Although, I was already using gdb to travel inside the
> > > > > Please, let me know your thoughts on this.
> > > >
> > > > Looks like you're making a great start.
> > > >
> > > Thanks for the feedback. In parallel, can I start working on the
> > > Gsoc
> > > proposal as well?
> > Please do work on the formal proposal - without it we can't accept
> > you
> > as a GSoC student. The window for submitting proposals opened
> > yesterday, and I believe it closes in a couple of weeks, and you
> > need
> > to do that, so any experimentation you do now should really just be
> > in
> > support of writing a good proposal. It would be a shame to not
> > have a
> > good prospective candidate because they didn't allow enough time to
> > do
> > the proper GSoC paperwork before the deadline.
> Thanks for understanding. Here is an initial draft (
> of my GSoC proposal. I am yet to fill in the missing blocks.
> Please, let me know if you have any comments on the document itself.
Caveat: I'm not familiar with the expected format of such documents.
Looks like a good first draft.
- maybe update the title to be more specific (i.e. that it's about
extending the pass to support C++ exception-handling)
- my email address is misspelled (missing the leading "d")
- in Example 2, maybe spell out why it's a leak - when does the
allocated buffer stop being referenceable?
- you have a simple example of a false negative; is it possible to give
a simple example of a false positive? (I think "new" is meant to raise
an exception if it fails, so a diagnostics about a NULL-deref on
unchecked new might be a false positive. I'm not sure)
- maybe specify that this is exception-handling specifically for C++
code (GCC supports many languages)
- "sample example programs": for "sample" did you mean to write
- as well as understanding code, you'll need to understand data,
specifically getting a feel for the kinds of control flow graphs that
the analyzer is receiving as inputs i.e. what the analyzer "sees" when
the user inputs various C++ language constructs; what interprocedural
vs intraprocedural raise/try/catch situations look like, etc.
Hope this makes sense and is helpful
More information about the Gcc