public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors
@ 2022-06-16 15:21 dmalcolm at gcc dot gnu.org
2022-06-16 15:30 ` [Bug analyzer/106003] " dmalcolm at gcc dot gnu.org
` (13 more replies)
0 siblings, 14 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-06-16 15:21 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug ID: 106003
Summary: RFE: -fanalyzer could complain about misuse of
file-descriptors
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Target Milestone: ---
-fanalyzer could be extended to check POSIX file-descriptor APIs ("int" rather
than FILE *).
e.g.
- check for FD leaks
- check for double "close" of a FD (CWE-1341, I believe)
- check for read/write of a closed descriptor
- check for read/write of a descriptor opened for just writing/reading
etc
Immad Mir is looking at this for GSoC 2022.
Example of a "double file-descriptor close" bug:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13351
albeit in C++.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
@ 2022-06-16 15:30 ` dmalcolm at gcc dot gnu.org
2022-06-19 12:27 ` mir at gcc dot gnu.org
` (12 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-06-16 15:30 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
See also this mailing list thread:
https://gcc.gnu.org/pipermail/gcc/2022-June/238801.html
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
2022-06-16 15:30 ` [Bug analyzer/106003] " dmalcolm at gcc dot gnu.org
@ 2022-06-19 12:27 ` mir at gcc dot gnu.org
2022-07-02 16:45 ` cvs-commit at gcc dot gnu.org
` (11 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: mir at gcc dot gnu.org @ 2022-06-19 12:27 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Immad Mir <mir at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2022-06-19
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0 |1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
2022-06-16 15:30 ` [Bug analyzer/106003] " dmalcolm at gcc dot gnu.org
2022-06-19 12:27 ` mir at gcc dot gnu.org
@ 2022-07-02 16:45 ` cvs-commit at gcc dot gnu.org
2022-07-04 8:50 ` marxin at gcc dot gnu.org
` (10 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2022-07-02 16:45 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Immad Mir <mir@gcc.gnu.org>:
https://gcc.gnu.org/g:97baacba963c06e3d0e33cde04e7e687671e60e7
commit r13-1404-g97baacba963c06e3d0e33cde04e7e687671e60e7
Author: Immad Mir <mirimmad17@gmail.com>
Date: Sat Jul 2 22:09:37 2022 +0530
analyzer: implement five new warnings for misuse of POSIX file descriptor
APIs [PR106003].
This patch adds a new state machine to the analyzer for checking usage of
POSIX file descriptor
APIs with five new warnings.
It adds:
- check for FD leaks (CWE 775).
- check for double "close" of a FD (CWE-1341).
- check for read/write of a closed file descriptor.
- check whether a file descriptor was used without being checked for
validity.
- check for read/write of a descriptor opened for just writing/reading.
gcc/ChangeLog:
PR analyzer/106003
* Makefile.in (ANALYZER_OBJS): Add sm-fd.o.
* doc/invoke.texi: Add -Wanalyzer-fd-double-close,
-Wanalyzer-fd-leak,
-Wanalyzer-fd-access-mode-mismatch,
-Wanalyzer-fd-use-without-check,
-Wanalyzer-fd-use-after-close.
gcc/analyzer/ChangeLog:
PR analyzer/106003
* analyzer.opt (Wanalyzer-fd-leak): New option.
(Wanalyzer-fd-access-mode-mismatch): New option.
(Wanalyzer-fd-use-without-check): New option.
(Wanalyzer-fd-double-close): New option.
(Wanalyzer-fd-use-after-close): New option.
* sm.h (make_fd_state_machine): New decl.
* sm.cc (make_checkers): Call make_fd_state_machine.
* sm-fd.cc: New file.
gcc/testsuite/ChangeLog:
PR analyzer/106003
* gcc.dg/analyzer/fd-1.c: New test.
* gcc.dg/analyzer/fd-2.c: New test.
* gcc.dg/analyzer/fd-3.c: New test.
* gcc.dg/analyzer/fd-4.c: New test.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (2 preceding siblings ...)
2022-07-02 16:45 ` cvs-commit at gcc dot gnu.org
@ 2022-07-04 8:50 ` marxin at gcc dot gnu.org
2022-07-04 14:08 ` marxin at gcc dot gnu.org
` (9 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: marxin at gcc dot gnu.org @ 2022-07-04 8:50 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |marxin at gcc dot gnu.org
--- Comment #3 from Martin Liška <marxin at gcc dot gnu.org> ---
Hello Immad.
I noticed you pushed the git change, but it violates the GNU coding style in
some aspects. I see usage of Windows newlines, 8 spaces are not replaced with
tabular and there's one minor issue:
/home/marxin/BIG/buildbot/buildworker/marxinbox-gcc-clang/build/gcc/analyzer/sm-fd.cc:545:7:
warning: field 'm_invalid' will be initialized after field 'm_valid_read_write'
[-Wreorder-ctor]
Moreover, I noticed the patch hasn't been sent to gcc-patches mailing list.
Please do so next time before you commit a patch.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (3 preceding siblings ...)
2022-07-04 8:50 ` marxin at gcc dot gnu.org
@ 2022-07-04 14:08 ` marxin at gcc dot gnu.org
2022-07-04 14:16 ` mir at gcc dot gnu.org
` (8 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: marxin at gcc dot gnu.org @ 2022-07-04 14:08 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://gcc.gnu.org/bugzill
| |a/show_bug.cgi?id=106184
--- Comment #4 from Martin Liška <marxin at gcc dot gnu.org> ---
> /home/marxin/BIG/buildbot/buildworker/marxinbox-gcc-clang/build/gcc/analyzer/
> sm-fd.cc:545:7: warning: field 'm_invalid' will be initialized after field
> 'm_valid_read_write' [-Wreorder-ctor]
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106184
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (4 preceding siblings ...)
2022-07-04 14:08 ` marxin at gcc dot gnu.org
@ 2022-07-04 14:16 ` mir at gcc dot gnu.org
2022-07-23 17:40 ` dmalcolm at gcc dot gnu.org
` (7 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: mir at gcc dot gnu.org @ 2022-07-04 14:16 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
--- Comment #5 from Immad Mir <mir at gcc dot gnu.org> ---
Thanks for bringing that to my attention. I will make the suggested corrections
in a follow-up patch.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (5 preceding siblings ...)
2022-07-04 14:16 ` mir at gcc dot gnu.org
@ 2022-07-23 17:40 ` dmalcolm at gcc dot gnu.org
2022-07-27 13:58 ` mir at gcc dot gnu.org
` (6 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-07-23 17:40 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
--- Comment #6 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
I don't think we were tracking the RFE for this in bugzilla, so just a note
that Immad had now committed his patch for the three new attributes for
functions that make use of file descriptors:
https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=f8e6e2c046e1015697356ee7079fb39e0cb6add5
I've also added a link to this to https://gcc.gnu.org/wiki/StaticAnalyzer
Thanks Immad
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (6 preceding siblings ...)
2022-07-23 17:40 ` dmalcolm at gcc dot gnu.org
@ 2022-07-27 13:58 ` mir at gcc dot gnu.org
2022-08-02 18:03 ` mir at gcc dot gnu.org
` (5 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: mir at gcc dot gnu.org @ 2022-07-27 13:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106286, which changed state.
Bug 106286 Summary: fd_diagnostic should implement get_meaning_for_state_change vfunc
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106286
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |FIXED
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (7 preceding siblings ...)
2022-07-27 13:58 ` mir at gcc dot gnu.org
@ 2022-08-02 18:03 ` mir at gcc dot gnu.org
2022-10-24 21:00 ` dmalcolm at gcc dot gnu.org
` (4 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: mir at gcc dot gnu.org @ 2022-08-02 18:03 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106298, which changed state.
Bug 106298 Summary: RFE: analyzer handling of dup, dup2, and dup3
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106298
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (8 preceding siblings ...)
2022-08-02 18:03 ` mir at gcc dot gnu.org
@ 2022-10-24 21:00 ` dmalcolm at gcc dot gnu.org
2022-11-03 14:58 ` dmalcolm at gcc dot gnu.org
` (3 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-10-24 21:00 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106300, which changed state.
Bug 106300 Summary: RFE: analyzer support for more ways of obtaining an open file descriptor
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106300
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |FIXED
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (9 preceding siblings ...)
2022-10-24 21:00 ` dmalcolm at gcc dot gnu.org
@ 2022-11-03 14:58 ` dmalcolm at gcc dot gnu.org
2022-11-15 19:11 ` dmalcolm at gcc dot gnu.org
` (2 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-11-03 14:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 107486, which changed state.
Bug 107486 Summary: [13 Regression] ICE when pipe's argument is not a pointer type
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107486
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (10 preceding siblings ...)
2022-11-03 14:58 ` dmalcolm at gcc dot gnu.org
@ 2022-11-15 19:11 ` dmalcolm at gcc dot gnu.org
2022-11-15 19:13 ` dmalcolm at gcc dot gnu.org
2023-01-10 16:13 ` dmalcolm at gcc dot gnu.org
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-11-15 19:11 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106302, which changed state.
Bug 106302 Summary: RFE: provide a way for -fanalyzer to use target flags
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
Resolution|--- |FIXED
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (11 preceding siblings ...)
2022-11-15 19:11 ` dmalcolm at gcc dot gnu.org
@ 2022-11-15 19:13 ` dmalcolm at gcc dot gnu.org
2023-01-10 16:13 ` dmalcolm at gcc dot gnu.org
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-11-15 19:13 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106140, which changed state.
Bug 106140 Summary: RFE: analyzer could complain about misuses of socket APIs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106140
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
Resolution|--- |FIXED
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug analyzer/106003] RFE: -fanalyzer could complain about misuse of file-descriptors
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
` (12 preceding siblings ...)
2022-11-15 19:13 ` dmalcolm at gcc dot gnu.org
@ 2023-01-10 16:13 ` dmalcolm at gcc dot gnu.org
13 siblings, 0 replies; 15+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2023-01-10 16:13 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
--- Comment #7 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
For reference, this article (by one of my colleagues) talks about how valgrind
can detect file descriptor leaks *dynamically*:
https://developers.redhat.com/articles/2023/01/09/how-use-valgrind-track-file-descriptors#
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2023-01-10 16:13 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-16 15:21 [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors dmalcolm at gcc dot gnu.org
2022-06-16 15:30 ` [Bug analyzer/106003] " dmalcolm at gcc dot gnu.org
2022-06-19 12:27 ` mir at gcc dot gnu.org
2022-07-02 16:45 ` cvs-commit at gcc dot gnu.org
2022-07-04 8:50 ` marxin at gcc dot gnu.org
2022-07-04 14:08 ` marxin at gcc dot gnu.org
2022-07-04 14:16 ` mir at gcc dot gnu.org
2022-07-23 17:40 ` dmalcolm at gcc dot gnu.org
2022-07-27 13:58 ` mir at gcc dot gnu.org
2022-08-02 18:03 ` mir at gcc dot gnu.org
2022-10-24 21:00 ` dmalcolm at gcc dot gnu.org
2022-11-03 14:58 ` dmalcolm at gcc dot gnu.org
2022-11-15 19:11 ` dmalcolm at gcc dot gnu.org
2022-11-15 19:13 ` dmalcolm at gcc dot gnu.org
2023-01-10 16:13 ` dmalcolm at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).