I'm new to the Clang dev list and will be working on adding static analysis checking for C++. I've been doing a lot of reading of the existing code and am ready to start coding. It would be very useful to get some feedback and suggestions on implementation.
My first checker will be designed to detect bad iterator usage. In particular, it will be looking for uninitialized iterators, invalidated iterators and invalid iterator operations. The basic algorithm is:
1) Locate all STL container instance declarations. This is needed because we need to associate each iterator with a particular container instance. STL containers have well defined operations that invalidate bound iterators.
2) Locate all iterator declarations.
3) Locate all iterator definitions (assignments) and bind to the instance used to initialize.
4) Do a modified reaching definition analysis on the iterators where certain operations on an instance such as insert, clear, reserve, etc. can invalidate the iterator. Use the binding of the instance to the iterator to invalidate the iterator.
5) Flag with warnings uses of iterators that have been invalidated.
6) Flag with warnings binary operations on iterators bound to different instances.
Please feel free to offer any suggestions or comments. Thanks.