Ted Kremenek wrote:
C++ support in Clang is rapidly progressing,
Cool. Is there a page with notes on the design? I'm curious what
approach you are using. Elsa's GLR design seems like a good approach,
but it doesn't cover all the latest complicated template features, and
the latest problems I saw seemed difficult to solve in that design. (It
was long enough ago that I don't remember the exact problem.)
but because the Clang static analyzer performs static analysis at the
source level simply having C++ parsing support does not imply
immediate support in the analyzer. Bringing that feature up will
likely require active participation from the open source community.
What about running over a language-independent IR instead? That's the
approach we've used in Treehydra and it seems like it would be even
better because I think you have much cleaner IRs in LLVM.
The clang analyzer currently does mostly local analysis, essentially
operating under the conservative approximation that the implementation
of the callee of functions/methods is unavailable for analysis. That
plan is to add more global analysis over time, hopefully over the next
year (time permitting).
We generally do unsound analysis instead (assuming the callees do
nothing, or do a little bit we can guess at, like writing to
reference-typed arguments) to cut down on false positives. Maybe the
best possible tool has a dial to tune the level of conservatism. I have
no idea what the best default for general-purpose checking is, though.
Dave
_______________________________________________
dev-static-analysis mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-static-analysis
