[GSoC-2021] Interested in project `Extend the static analysis pass`

David Malcolm dmalcolm@redhat.com
Wed Mar 31 17:52:24 GMT 2021


On Wed, 2021-03-31 at 21:41 +0530, Saloni Garg wrote:
> On Tue, Mar 30, 2021 at 6:42 PM David Malcolm <dmalcolm@redhat.com>
> wrote:
> 
> > On Tue, 2021-03-30 at 16:06 +0530, Saloni Garg wrote:
> > > On Sun, Mar 28, 2021 at 8:03 PM David Malcolm <
> > > dmalcolm@redhat.com>
> > > wrote:

[...snip...]

> > > 
> No, it's actually fun learning all this. Thank you for sharing all
> the
> references. Although, I was already using gdb to travel inside the
> code.

Great!

> > 
> > > > > Please, let me know your thoughts on this.
> > > > 
> > > > Looks like you're making a great start.
> > > > 
> > > Thanks for the feedback.  In parallel, can I start working on the
> > > Gsoc
> > > proposal as well?
> > 
> > Please do work on the formal proposal - without it we can't accept
> > you
> > as a GSoC student.  The window for submitting proposals opened
> > yesterday, and I believe it closes in a couple of weeks, and you
> > need
> > to do that, so any experimentation you do now should really just be
> > in
> > support of writing a good proposal.  It would be a shame to not
> > have a
> > good prospective candidate because they didn't allow enough time to
> > do
> > the proper GSoC paperwork before the deadline.
> > 
> Thanks for understanding. Here is an initial draft (
>   
> https://docs.google.com/document/d/1inkkU5B55s_FOWRzUuf38s7XEet65kc0dW3yFn0yh1M/edit?usp=sharing
> )
> of my GSoC proposal. I am yet to fill in the missing blocks.
> Please, let me know if you have any comments on the document itself.

Caveat: I'm not familiar with the expected format of such documents.

Looks like a good first draft.

Some notes:
- maybe update the title to be more specific (i.e. that it's about
extending the pass to support C++ exception-handling)
- my email address is misspelled (missing the leading "d")
- in Example 2, maybe spell out why it's a leak - when does the
allocated buffer stop being referenceable?
- you have a simple example of a false negative; is it possible to give
a simple example of a false positive?  (I think "new" is meant to raise
an exception if it fails, so a diagnostics about a NULL-deref on
unchecked new might be a false positive.  I'm not sure)
- maybe specify that this is exception-handling specifically for C++
code (GCC supports many languages)
- "sample example programs": for "sample" did you mean to write
"simple" here?
- as well as understanding code, you'll need to understand data,
specifically getting a feel for the kinds of control flow graphs that
the analyzer is receiving as inputs i.e. what the analyzer "sees" when
the user inputs various C++ language constructs; what interprocedural
vs intraprocedural raise/try/catch situations look like, etc.

Hope this makes sense and is helpful
Dave



More information about the Gcc mailing list