Question on where to start contributing to Clang static analyzer

Hi all,

I think Clang static analyzer is a great project and I'm interested in contributing. I've watched the "Building a Checker in 24 Hours" talk at the LLVM dev meeting, and I've seen the list of potential checkers here: http://clang-analyzer.llvm.org/potential_checkers.html

So my question is, what's a good place to start and do you have any tips? I have some academic background in symbolic checkers/constraint solvers, and I've been developing C++ for a while now.

My idea is to just pick up one of the (simpler) unimplemented checkers from the list and implement it to get my hands dirty.

Thoughts?

Thanks,
Brian Keng

Hi, Brian. Glad to hear you’re interested in the static analyzer!

Implementing a simple checker is a great way to get involved. I just looked through the list of potential checkers again, though, and a lot of them are either non-path-sensitive (though still important), or involve enhancements to the existing MallocChecker, which Anton is currently in the middle of improving. Two existing bug reports on Bugzilla suggest additional possibilities: checking that two C++ iterators are from the same container, and for checking that Objective-C collections are not mutated during iteration. I will warn you that the former has more pitfalls than it seems, since iterators are often copied around by value and thus won’t have an associated symbol. But the latter may not interest you as much. (Of course, the C++11 version of the latter may also be interesting.)

Please e-mail us / the list with any questions you have!
Jordan

Hi Brian,

Great to hear that you are interested in working on the analyzer.

In addition to Jordan’s suggestions, you could also work on productizing the SimpleStreamChecker, or rather rewriting StreamChecker along the lines of SimpleStreamChecker.

Currently, we have 2 alpha stream checkers. StreamChecker has some flaws and, thus, is not turned on by default. SimpleStreamChecker does follow the main checker writer principles, but was only written for the talk; because of it we want to keep the SimpleStreamChecker very simple and small. So, we have no stream checker turned on by default. It would be good if someone rewrote the StreamChecker using SimpleStreamChecker as guidance. We’d also need to evaluate it on real code and polish the diagnostics.

Cheers,
Anna.