From: Jens Gustedt <jens.gustedt@inria.fr>
To: musl@lists.openwall.com
Subject: Re: Results of static analysis with clang static analyser
Date: Fri, 25 Sep 2015 23:37:28 +0200 [thread overview]
Message-ID: <1443217048.31292.2.camel@inria.fr> (raw)
In-Reply-To: <560569BF.4020505@akamai.com>
[-- Attachment #1: Type: text/plain, Size: 1687 bytes --]
Hello,
Am Freitag, den 25.09.2015, 11:35 -0400 schrieb Matt Avery:
> I'm not sure how keen you are to use asserts, but adding them helps
> the static analyzer not evaluate impossible paths.
I don't think that adding asserts is an option for musl. But for this
case at least which were discussing in particular, this really isn't
needed.
> From the docs:
> ALWAYS analyze a project in its "debug" configuration
> Most projects can be built in a "debug" mode that enables assertions.
> Assertions are picked up by the static analyzer to prune infeasible paths, which
> in some cases can greatly reduce the number of false positives (bogus error
> reports) emitted by the tool.
>
> Adding an assert(tsd != 0) after the arithmetic operation,
No, here this is really not the right way to do. The test for tsd in
that code is just a check for a particular state of the algorithm,
nothing else. The easiest would really to avoid that completely, for
example the way that I did in the patch that I sent afterwards. There
is exactly one point were that state can be met, and we can just jump
from there. By that we'd avoid a conditional branch all along, making
static analysis even easier :)
> or even better, assert(stack > __pthread_tsd_size) before should be enough?
Hm, IIRC stack is a pointer and __pthread_tsd_size is an
integer?
Jens
--
:: INRIA Nancy Grand Est ::: Camus ::::::: ICube/ICPS :::
:: ::::::::::::::: office Strasbourg : +33 368854536 ::
:: :::::::::::::::::::::: gsm France : +33 651400183 ::
:: ::::::::::::::: gsm international : +49 15737185122 ::
:: http://icube-icps.unistra.fr/index.php/Jens_Gustedt ::
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
next prev parent reply other threads:[~2015-09-25 21:37 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-23 5:58 Khem Raj
2015-09-23 19:38 ` Rich Felker
2015-09-23 20:02 ` Jens Gustedt
2015-09-24 0:34 ` Rich Felker
2015-09-24 7:22 ` Jens Gustedt
2015-09-24 8:51 ` [PATCH] help static analysis by avoiding to hold state in a pointer that is subject to arithmetic Jens Gustedt
2015-09-25 15:35 ` Results of static analysis with clang static analyser Matt Avery
2015-09-25 21:37 ` Jens Gustedt [this message]
2015-09-23 20:11 ` Szabolcs Nagy
2015-09-24 6:35 ` Rich Felker
2015-09-23 20:34 ` Szabolcs Nagy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1443217048.31292.2.camel@inria.fr \
--to=jens.gustedt@inria.fr \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).