diff options
author | Thomas Schwinge <thomas@codesourcery.com> | 2012-12-11 11:22:18 +0100 |
---|---|---|
committer | Thomas Schwinge <thomas@codesourcery.com> | 2012-12-11 11:22:18 +0100 |
commit | a61ab7b60a4f29bf7652aafea2319bdc11ab06d8 (patch) | |
tree | d3eb5bef5cedae809d671aa9f8b6523c9000faf0 /open_issues/code_analysis.mdwn | |
parent | 1c36eb6c025084af76c5b930ca4adc5953560fd7 (diff) | |
parent | 573d363a3458b8a37e6ec929c778dae8abf90fab (diff) |
Merge remote-tracking branch 'feldtkeller.SCHWINGE/master'
Conflicts:
hurd/libstore/nbd_store.mdwn
open_issues/glibc.mdwn
open_issues/libpthread_CLOCK_MONOTONIC.mdwn
open_issues/packaging_libpthread.mdwn
shortcuts.mdwn
Diffstat (limited to 'open_issues/code_analysis.mdwn')
-rw-r--r-- | open_issues/code_analysis.mdwn | 60 |
1 files changed, 39 insertions, 21 deletions
diff --git a/open_issues/code_analysis.mdwn b/open_issues/code_analysis.mdwn index 4702fce6..2ab8bf1d 100644 --- a/open_issues/code_analysis.mdwn +++ b/open_issues/code_analysis.mdwn @@ -42,10 +42,13 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. "1123688017.3905.22.camel@buko.sinrega.org"]]. This could be checked by a static analysis tool. - * [Static Source Code Analysis Tools for C](http://spinroot.com/static/) - * [[!wikipedia List_of_tools_for_static_code_analysis]] + * [Engineering zero-defect software](http://esr.ibiblio.org/?p=4340), Eric + S. Raymond, 2012-05-13 + + * [Static Source Code Analysis Tools for C](http://spinroot.com/static/) + * [Cppcheck](http://sourceforge.net/apps/mediawiki/cppcheck/) For example, [Debian's hurd_20110319-2 @@ -59,13 +62,9 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. * <http://www.google.com/search?q=coccinelle+analysis> - * clang - - * <http://www.google.com/search?q=clang+analysis> + * [clang](http://www.google.com/search?q=clang+analysis) - * Linux' sparse - - * <https://sparse.wiki.kernel.org/> + * [Linux' sparse](https://sparse.wiki.kernel.org/) * <http://klee.llvm.org/> @@ -83,6 +82,12 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. * [sixgill](http://sixgill.org/) + * [s-spider](http://code.google.com/p/s-spider/) + + * [CIL (C Intermediate Language)](http://kerneis.github.com/cil/) + + * [Frama-C](http://frama-c.com/) + * [Coverity](http://www.coverity.com/) (nonfree?) * [Splint](http://www.splint.org/) @@ -102,8 +107,8 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. * Used by GDB, for example. - * Is not thread-safe, [[!sourceware_bug 6547]], [[!sourceware_bug 9939]], - [[!sourceware_bug 12751]], [[!stackoverflow_question 314931]]. + * Is not thread-safe, [[!sourceware_PR 6547]], [[!sourceware_PR 9939]], + [[!sourceware_PR 12751]], [[!stackoverflow_question 314931]]. * <http://en.wikipedia.org/wiki/Electric_Fence> @@ -113,18 +118,25 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. * <https://wiki.ubuntu.com/CompilerFlags> - * IRC, freenode, #glibc, 2011-09-28 + * `MALLOC_CHECK_`/`MALLOC_PERTURB_` + + * IRC, freenode, #glibc, 2011-09-28 + + <vsrinivas> two things you can do -- there is an environment + variable (DEBUG_MALLOC_ iirc?) that can be set to 2 to make + ptmalloc (glibc's allocator) more forceful and verbose wrt error + checking + <vsrinivas> another is to grab a copy of Tor's source tree and copy + out OpenBSD's allocator (its a clearly-identifyable file in the + tree); LD_PRELOAD it or link it into your app, it is even more + aggressive about detecting memory misuse. + <vsrinivas> third, Red hat has a gdb python plugin that can + instrument glibc's heap structure. its kinda handy, might help? + <vsrinivas> MALLOC_CHECK_ was the envvar you want, sorry. - <vsrinivas> two things you can do -- there is an environment variable - (DEBUG_MALLOC_ iirc?) that can be set to 2 to make ptmalloc (glibc's - allocator) more forceful and verbose wrt error checking - <vsrinivas> another is to grab a copy of Tor's source tree and copy out - OpenBSD's allocator (its a clearly-identifyable file in the tree); - LD_PRELOAD it or link it into your app, it is even more aggressive - about detecting memory misuse. - <vsrinivas> third, Red hat has a gdb python plugin that can instrument - glibc's heap structure. its kinda handy, might help? - <vsrinivas> MALLOC_CHECK_ was the envvar you want, sorry. + * [`MALLOC_PERTURB_`](http://udrepper.livejournal.com/11429.html) + + * <http://git.fedorahosted.org/cgit/initscripts.git/diff/?id=deb0df0124fbe9b645755a0a44c7cb8044f24719> * In context of [[!message-id "1341350006-2499-1-git-send-email-rbraun@sceen.net"]]/the `alloca` issue @@ -140,6 +152,12 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. <youpi> ah, no, the libthreads code properly sets the guard, just for grow-up stacks + * GCC's AddressSanitizer (ASan; `-faddress-sanitizer`) + + [Finding races and memory errors with GCC instrumentation + (AddressSanitizer)](http://gcc.gnu.org/wiki/cauldron2012#Finding_races_and_memory_errors_with_GCC_instrumentation_.28AddressSanitizer.29), + GNU Tools Cauldron 2012. + * Input fuzzing Not a new topic; has been used (and a paper published) for early UNIX |