Finding Bugs Using Path-Sensitive Static Analysis - Gabor Horvath - CppCon 2021

---
Path-sensitive static analysis simulates the runtime behavior of the program code and uses the analysis state to evaluate which branches can be taken. It is an effective tool to find non-trivial bugs in code at compile time. While checks based on such analysis can take longer time to run, they have a sophisticated understanding of the code that helps them uncover semantic issues. First, I will discuss how can you turn these checks on and how to make sense of the warning messages they produce. Furthermore, I will do a deep dive on what makes path-sensitive analysis an effective tool to reason about code and how MSVC is leveraging this power to find bugs. In particular, I will explain how modern tools like constraint solvers can help increase the precision of the analysis. Throughout the talk, I will not only feature already released checks but also give a glimpse of the upcoming ones that we are actively working on. All the checks in the demo will be available for free in the community edition of Visual Studio and as security actions in GitHub.

---
Gabor Horvath

Gabor started a Ph.D. in 2016. He is a contributor to research projects related to static analysis since 2012. He is a clang contributor, participated in Google Summer of Code twice as a student and many times as a mentor, interned for Apple, Microsoft and Google. He taught C++ and compiler construction to undergrads at Eotvos Lorand University. Currently, he is working at Microsoft's C++ Static Analysis team to improve MSVC's static analysis capabilities.

---

*--*