Index: www/trunk/OpenProjects.html =================================================================== --- www/trunk/OpenProjects.html +++ www/trunk/OpenProjects.html @@ -38,10 +38,6 @@
Description of the project: lldb-mi implements a - machine-readable interface that is supported by many IDEs and text - editors. The current support is incomplete and does not implement - enough commands to work with most text editors. More importantly, - it isn't using the right abstraction layer: Instead of executing - textual commands via handleCommand() and scraping LLDB's - textual output, it should be using the methods and data structures - provided by the public SB API. -
-Confirmed Mentor: Adrian Prantl
- -Desirable skills: - Intermediate knowledge of C++. -
-Description of the project:
- The C++ std::string class provides a c_str() method that returns a raw pointer to a string's inner character buffer. When a std::string is destroyed, the character buffer is deallocated. A common bug is to access a dangling raw pointer to the buffer after string deallocation. These "use after free" bugs can cause crashes or other unexpected behavior.
+ The C++ std::string class provides a c_str() method that returns a raw pointer to a string's inner character buffer. When a std::string is destroyed, the character buffer is deallocated. A common bug is to access a dangling raw pointer to the buffer after string deallocation. These "use after free" bugs can cause crashes or other unexpected behavior.
This project will add a new checker to the static analyzer to find when a dangling inner string pointer is used. This will help find bugs not only with std::string and c_str() but also with LLVM's StringRef class and the new C++17 std::string_view.
Description of the project:
The static analyzer finds bugs by exploring many possible paths through a program. To reduce false positives, it uses a very fast but imprecise custom constraint manager to rule out infeasible paths that cannot actually be executed at run time.
-
+
This project will extend the analyzer to use the Z3 SMT solver to rule out additional infeasible paths by postprocessing bug reports. This will help the analyzer reduce false positives when the path involves complicated branches that the built-in constraint manager cannot reason about.
Confirmed Mentor: George Karpenkov