Possible mentor: Nuno Lopes
The PHP API has a couple of functions that are error prone and may easily cause segfaults in PHP, especially on less used platforms. The list of such functions include zend_parse_parameters*(), zend_error() and a few others. Our current check script is made in PHP and is regex based. It is available in SVN. This script is difficult to maintain and generates way too many false-positives. The work would involve creating a LLVM clang analysis tool to perform some data-flow static analysis and output error messages for the problems found. A sample output of the script mentioned is available at: http://gcov.php.net.
There is still interest in continuing this project.