diff options
| author | Arne Babenhauserheide <arne_bab@web.de> | 2011-10-04 17:22:17 +0200 |
|---|---|---|
| committer | Arne Babenhauserheide <arne_bab@web.de> | 2011-10-04 17:22:17 +0200 |
| commit | d0bdae24b59dde1783f928992d414f608a42b266 (patch) | |
| tree | 052e5254f6207fa384bdddd64b5580d0718b83c4 /open_issues/code_analysis.mdwn | |
| parent | cf1d668a185777e48faa180f201f58f93dcf3950 (diff) | |
| parent | 67f614c029ba729a9451e87c4885c198fc10251b (diff) | |
manual merge
Diffstat (limited to 'open_issues/code_analysis.mdwn')
| -rw-r--r-- | open_issues/code_analysis.mdwn | 44 |
1 files changed, 38 insertions, 6 deletions
diff --git a/open_issues/code_analysis.mdwn b/open_issues/code_analysis.mdwn index ab90a6b6..6cb304ef 100644 --- a/open_issues/code_analysis.mdwn +++ b/open_issues/code_analysis.mdwn @@ -19,7 +19,12 @@ analysis|performance]], [[formal_verification]], as well as general [[!toc]] -# Suggestions +# Bounty + +There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. + + +# Static * [[GCC]]'s warnings. Yes, really. @@ -27,6 +32,13 @@ analysis|performance]], [[formal_verification]], as well as general * [[!wikipedia List_of_tools_for_static_code_analysis]] + * [Cppcheck](http://sourceforge.net/apps/mediawiki/cppcheck/) + + For example, [Debian's hurd_20110319-2 + package](http://qa.debian.org/daca/cppcheck/sid/hurd_20110319-2.html) + (Samuel Thibault, 2011-08-05: *I had a look at those, some are spurious; + the realloc issues are for real*). + * Coccinelle * <http://lwn.net/Articles/315686/> @@ -45,8 +57,6 @@ analysis|performance]], [[formal_verification]], as well as general * <http://blog.llvm.org/2010/04/whats-wrong-with-this-code.html> - * [[community/gsoc/project_ideas/Valgrind]] - * [Smatch](http://smatch.sourceforge.net/) * [Parfait](http://labs.oracle.com/projects/parfait/) @@ -59,7 +69,12 @@ analysis|performance]], [[formal_verification]], as well as general * [sixgill](http://sixgill.org/) - * [Coverity](http://www.coverity.com/) -- commercial? + * [Coverity](http://www.coverity.com/) (nonfree?) + + +# Dynamic + + * [[community/gsoc/project_ideas/Valgrind]] * <http://en.wikipedia.org/wiki/Electric_Fence> @@ -69,7 +84,24 @@ analysis|performance]], [[formal_verification]], as well as general * <https://wiki.ubuntu.com/CompilerFlags> + * IRC, freenode, #glibc, 2011-09-28 -# Bounty + <vsrinivas> two things you can do -- there is an environment variable + (DEBUG_MALLOC_ iirc?) that can be set to 2 to make ptmalloc (glibc's + allocator) more forceful and verbose wrt error checking + <vsrinivas> another is to grab a copy of Tor's source tree and copy out + OpenBSD's allocator (its a clearly-identifyable file in the tree); + LD_PRELOAD it or link it into your app, it is even more aggressive + about detecting memory misuse. + <vsrinivas> third, Red hat has a gdb python plugin that can instrument + glibc's heap structure. its kinda handy, might help? + <vsrinivas> MALLOC_CHECK_ was the envvar you want, sorry. -There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks. + * Input fuzzying + + Not a new topic; has been used (and a paper published) for early UNIX + tools, I[[I|tschwinge]]RC. + + * <http://caca.zoy.org/wiki/zzuf> + + What about some [[RPC]] fuzzying? |