From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) by sourceware.org (Postfix) with ESMTPS id 0F0B43857C4D for ; Sun, 3 Jul 2022 09:06:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 0F0B43857C4D Received: by mail-pj1-x1029.google.com with SMTP id cp18-20020a17090afb9200b001ef79e8484aso1106726pjb.1 for ; Sun, 03 Jul 2022 02:06:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=xSX0FNWJS0WALfUzuL+iyLPL/IMPf+0anXdslXNindw=; b=R6KB6aHfrV7vfMqeWMK7CXopA3KjzePXrkVhHzvSMerp93lIGZx400m7JaVNU3a4oj ghZWwDCQz3Yqgeb3CGnN0o7HFNLlGOSypgKWH28PmXiRurZYE8IDErRILBIurvQRhpJs P5xqgdvAdgu2sxxXjk0yNBD3C27uxev2bNG7CS4mgYvZiPKDPCCtpUok0mLDGn2lCmiC bllxMPxgG5LEgLMRKP9w9sGjZsmFQoXFtjjcmoMSQrV34szOh0KE8Pfrf3E4n6tn02Yv JovUhu4/Ad2sqDRvn8DrqSuRL/8XIX5aI+y+gXiMSs7oABEsxYDj8CITeL14L/cqWWUR oPaw== X-Gm-Message-State: AJIora/f0jZldBMJJzEL0Z/zcczgOLB7GV7/CDDtQn5PQ3SK6TsLNx/t MKLyK5KI8vHbyXevmN1UXnBq5zU9S1bB/HTiNvA= X-Google-Smtp-Source: AGRyM1spO0NxAs7bS/YoLO2p0wAiHICULqNu/HNOwqO3CNQO4trjWKwtWp5BFNjRSPj/EZzHKPOaRHyh50NM7amKg7A= X-Received: by 2002:a17:90b:3b82:b0:1ec:ac0d:5d3b with SMTP id pc2-20020a17090b3b8200b001ecac0d5d3bmr29690990pjb.158.1656839180959; Sun, 03 Jul 2022 02:06:20 -0700 (PDT) MIME-Version: 1.0 References: <601493a0acd0f6cb6261f528ab8f36e5ce046077.camel@redhat.com> In-Reply-To: <601493a0acd0f6cb6261f528ab8f36e5ce046077.camel@redhat.com> From: Mir Immad Date: Sun, 3 Jul 2022 14:36:10 +0530 Message-ID: Subject: Re: [PATCH] PR 106003 To: David Malcolm , gcc@gcc.gnu.org X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM, HTML_MESSAGE, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, SUBJ_ALL_CAPS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: gcc@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2022 09:06:24 -0000 Thank you. I've committed the patch, and it is covered by the Developer Certificate of Origin (DCO). Immad. On Sat, Jul 2, 2022 at 9:02 PM David Malcolm wrote: > On Sat, 2022-07-02 at 19:34 +0530, Mir Immad wrote: > > From 62b7b7736975172f03b30783436fbc9217324223 Mon Sep 17 00:00:00 2001 > > From: mir > > Date: Sat, 2 Jul 2022 15:04:37 +0530 > > Subject: [PATCH] analyzer: implement five new warnings for misuse of > > POSIX > > file descriptor APIs [PR106003]. > > > > This patch adds a new state machine to the analyzer for checking usage > > of > > POSIX file descriptor > > APIs with five new warnings. > > > > It adds: > > - check for FD leaks (CWE 775). > > - check for double "close" of a FD (CWE-1341). > > - check for read/write of a closed file descriptor. > > - check whether a file descriptor was used without being checked for > > validity. > > - check for read/write of a descriptor opened for just writing/reading. > > > > gcc/ChangeLog: > > PR analyzer/106003 > > * Makefile.in (ANALYZER_OBJS): Add sm-fd.o. > > * doc/invoke.texi: Add -Wanalyzer-fd-double-close, -Wanalyzer-fd-leak, > > -Wanalyzer-fd-access-mode-mismatch, -Wanalyzer-fd-use-without-check, > > -Wanalyzer-fd-use-after-close. > > > > gcc/analyzer/ChangeLog: > > PR analyzer/106003 > > * analyzer.opt (Wanalyzer-fd-leak): New option. > > (Wanalyzer-fd-access-mode-mismatch): New option. > > (Wanalyzer-fd-use-without-check): New option. > > (Wanalyzer-fd-double-close): New option. > > (Wanalyzer-fd-use-after-close): New option. > > * sm.h (make_fd_state_machine): New decl. > > * sm.cc (make_checkers): Call make_fd_state_machine. > > * sm-fd.cc: New file. > > > > gcc/testsuite/ChangeLog: > > PR analyzer/106003 > > * gcc.dg/analyzer/fd-1.c: New test. > > * gcc.dg/analyzer/fd-2.c: New test. > > * gcc.dg/analyzer/fd-3.c: New test. > > * gcc.dg/analyzer/fd-4.c: New test. > > [...snip...] > > Hi Immad. > > Thanks for the updated patch. > > For everyone else, we've been discussing this patch off-list. We've > had some issues with gmail mangling patches; FWIW a pristine version of > the patch can be seen at: > https://mirimmad.github.io/patch-02-07.txt > > As discussed off-list, you've successfully bootstrapped this patch and > run the testsuite without regressions (and a bunch of extra PASSes), so > this patch is ready for you to push it to the "master" git branch (aka > trunk). Please go ahead with that (or let me know if you need help > [1]). > > Note that Tim's first analyzer patch is also ready to push, so there's > a chance that your patches might conflict with each other (though I > think you're touching different areas of the analyzer, so I'm hoping > that won't happen). > > There's plenty of scope for followups, such as adding attributes for > parameters that expect an open file-descriptor, or for handling socket > APIs, etc. Also, Murphy's Law means that there's sure to be at least > something we missed in review :/ > > Let's move followup patches to the gcc-patches mailing list, rather > than the "gcc" list. > > Thanks > Dave > > [1] though I'll only be checking email intermittently this weekend and > on Monday (which is a holiday here in the USA). > >