SlideShare una empresa de Scribd logo

C言語静的解析ツールと Ruby 1.9 trunk

ikegami__
ikegami__

Ruby 1.9 trunk のソースコードに、既存の静的解析ツール(cppcheck, splint, BLAST, Frama-C)を適用した/適用しようと試みた実験の紹介です。

TecnologíaEducación
1 de 35
Descargar para leer sin conexión
C Ruby 1.9 trunk @ikegami_ _
@ikegami_ _ • 2003 • 2003-2010 • Haskell • C • 10/27 - 11/10 2 • Ruby/Mathematica, Ruby/Ming, RushCheck, Karatsuba
1/2 • C++ • BLAST • Frama-C • • • • CIL GCC
2/2 • ← • • cppcheck C C++ • Emacs + Flymake • Vim + • Vim + QuickFix + errormaker
Emacs + Flymake + cppcheck →
• • cppcheck • splint • • BLAST • Frama-C
• -Wall • • • • •
• division by zero • assert • unroll • assertion • if • • • Call flow graph •
cppcheck • written in C++ • C/C++ • • Tokenize • Run all checks - pattern matching of the tokens http://sourceforge.net/apps/trac/cppcheck/
cppcheck ruby • ruby-1.9 trunk revision 33685 (2011-11-09 ) • compile.c 77 files 2:01:02.55 • error 6 • compile.c 54:46.94s •
cppcheck Ruby 6 [hash.c:2351]: (error) Memory leak: str [io.c:5264]: (error) fflush() called on input stream "stdin" may result in undefined behaviour [regcomp.c:5524]: (error) Memory leak: new_reg [vm_dump.c:831]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778 [vm_dump.c:834]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778 [vm_dump.c:835]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778
hash.c [hash.c:2351]: (error) Memory leak: str 2351 } /* ruby_setenv */ 2303 str = malloc(len += strlen(value) + 2); str free 2287 #elif defined __sun Solaris
io.c [io.c:5264]: (error) fflush() called on input stream "stdin" may result in undefined behaviour 5264 fflush(stdin); /* is it really needed? */ Q. How can I flush pending input so that a user's typeahead isn't read at the next prompt? Will fflush(stdin) work? A. fflush is defined only for output streams. (omit) comp.lang.c FAQ list · Question 12.26a
splint • written in C • • annotation • cppcheck • • cont.c gc.c random.c thread_pthread.h http://www.splint.org/
splint hash.c • ruby-1.9 trunk revision 33685 (2011-11-09 ) • 397 • header • Solaris Solaris configure • cppcheck hash.c x86
splint regcomp.c • ruby-1.9 trunk revision 33685 (2011-11-09 ) • 737 • •
splint regcomp.c regcomp.c:180:10: Only storage uslist->us->target (type struct _Node *) derived from released storage is not released (memory leak): uslist->us (omit) 176 static void 177 unset_addr_list_end(UnsetAddrList* uslist) 178 { 179 if (IS_NOT_NULL(uslist->us)) 180 xfree(uslist->us); 181 }
176 static void 177 unset_addr_list_end(UnsetAddrList* uslist) 178 { 179 if (IS_NOT_NULL(uslist->us)) 180 xfree(uslist->us); typedef struct { 181 } int offset; struct _Node* target; } UnsetAddr; uslist->us->target typedef struct { free int num; int alloc; UnsetAddr* us; } UnsetAddrList;
183 static int 184 unset_addr_list_add(UnsetAddrList* uslist, int offset, struct _Node* node) 185 { 186 UnsetAddr* p; 187 int size; 188 189 if (uslist->num >= uslist->alloc) { 190 size = uslist->alloc * 2; 191 p = (UnsetAddr* )xrealloc(uslist->us, sizeof(UnsetAddr) * size); 192 CHECK_NULL_RETURN_MEMERR(p); 193 uslist->alloc = size; 194 uslist->us = p; 195 } 196 197 uslist->us[uslist->num].offset = offset; 198 uslist->us[uslist->num].target = node; 199 uslist->num++; 200 return 0; ↑ free 201 }
false positive
BLAST • with CIL OCaml • • assert() • • assert http://mtc.epfl.ch/software-tools/blast/index-epfl.php
escape
#include <assert.h> int watched; /* a global variable */ void foo(int i) { watched = i; } ← void bar() {   int j;   foo(j);   assert(j == watched);   /* assert(j != watched); */ } % gcc -E -I ${BLAST_INCLUDE} -main bar target.c % pblast.opt target.i -main bar :-)
#include <assert.h> int *watched; void foo(int *p) { watched = p; } void bar() {   int i, *j;   i = 1;   j = &i;   foo(j);   assert(j == watched);   /* assert(j != watched); */ } % gcc -E -I ${BLAST_INCLUDE} -main bar target.c % pblast.opt target.i -main bar :-)
ruby 1.9 trunk • for while • if • • • •
Frama-C • with CIL OCaml •C • • • value plug-in ← • users plug-in http://frama-c.com/
division by zero void foo(int x, int y) { int z = x / y; /* y should not be zero */ return; } int main(int argc, char **argv) { int x = 1, y = 0; foo(x, y); return 0; }
Frama-C value plug-in % frama-c -val foo.c [value] Analyzing a complete application starting at main foo.c:3:[kernel] warning: division by zero: assert y ≢ 0;
division by zero • ruby trunk revision no. 33685 • bignum.c • 1044 ds[k] = (BDIGIT)(num / hbase); • util.c • • 331 n = (r - l + size) / size; Frama-C value plugin
Frama-C users plug-in • callee •
void foo(void) {} void bar(void) {foo();} int main(void) { bar(); return 0; } % frama-c -users foo.c [kernel] preprocessing with "gcc -C -E -I. foo.c" [users] ====== DISPLAYING USERS ====== bar: foo main: foo bar ====== END OF USERS ==========
ruby string.c callee http://sovmoess.tumblr.com/ post/12364993205/frama-c-ruby-1-9-string-c-callee @ikegami_ _
• • false positive • • CPU • annotation • annotation • Frama-C + jessie plug-in → Coq
•2 C • ruby-1.9 trunk revision 33685 • cppcheck/splint • escape • BLAST/Frama-C •

Recomendados

Scope and closures
Scope and closuresScope and closures
Scope and closures
Monu Chaudhary
 
Miblagh (2)
Miblagh (2)Miblagh (2)
Miblagh (2)
Muhammadi Iblagh
 
Go Go Gadget! - An Intro to Return Oriented Programming (ROP)
Go Go Gadget! - An Intro to Return Oriented Programming (ROP)Go Go Gadget! - An Intro to Return Oriented Programming (ROP)
Go Go Gadget! - An Intro to Return Oriented Programming (ROP)
Miguel Arroyo
 
lldb – Debugger auf Abwegen
lldb – Debugger auf Abwegenlldb – Debugger auf Abwegen
lldb – Debugger auf Abwegen
inovex GmbH
 
Vcs23
Vcs23Vcs23
Vcs23
Malikireddy Bramhananda Reddy
 
R/C++ talk at earl 2014
R/C++ talk at earl 2014R/C++ talk at earl 2014
R/C++ talk at earl 2014
Romain Francois
 
Rcpp11 useR2014
Rcpp11 useR2014Rcpp11 useR2014
Rcpp11 useR2014
Romain Francois
 
Radare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsRadare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies steps
Maijin
 

Recomendados

Scope and closures
Scope and closuresScope and closures
Scope and closures
Monu Chaudhary
 
Miblagh (2)
Miblagh (2)Miblagh (2)
Miblagh (2)
Muhammadi Iblagh
 
Go Go Gadget! - An Intro to Return Oriented Programming (ROP)
Go Go Gadget! - An Intro to Return Oriented Programming (ROP)Go Go Gadget! - An Intro to Return Oriented Programming (ROP)
Go Go Gadget! - An Intro to Return Oriented Programming (ROP)
Miguel Arroyo
 
lldb – Debugger auf Abwegen
lldb – Debugger auf Abwegenlldb – Debugger auf Abwegen
lldb – Debugger auf Abwegen
inovex GmbH
 
Vcs23
Vcs23Vcs23
Vcs23
Malikireddy Bramhananda Reddy
 
R/C++ talk at earl 2014
R/C++ talk at earl 2014R/C++ talk at earl 2014
R/C++ talk at earl 2014
Romain Francois
 
Rcpp11 useR2014
Rcpp11 useR2014Rcpp11 useR2014
Rcpp11 useR2014
Romain Francois
 
Radare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsRadare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies steps
Maijin
 
Understand more about C
Understand more about CUnderstand more about C
Understand more about C
Yi-Hsiu Hsu
 
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java scriptCodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime
 
Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。
Mr. Vengineer
 
Rcpp11 genentech
Rcpp11 genentechRcpp11 genentech
Rcpp11 genentech
Romain Francois
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Positive Hack Days
 
All I know about rsc.io/c2go
All I know about rsc.io/c2goAll I know about rsc.io/c2go
All I know about rsc.io/c2go
Moriyoshi Koizumi
 
Protecting C++
Protecting C++Protecting C++
Protecting C++
Pavel Filonov
 
TVM VTA (TSIM)
TVM VTA (TSIM) TVM VTA (TSIM)
TVM VTA (TSIM)
Mr. Vengineer
 
Web 2 . .3 Development Services
Web 2 . .3 Development ServicesWeb 2 . .3 Development Services
Web 2 . .3 Development Services
Theawaster485
 
When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)
Sylvain Hallé
 
Basicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt applicationBasicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt application
Dinesh Manajipet
 
Why my Go program is slow?
Why my Go program is slow?Why my Go program is slow?
Why my Go program is slow?
Inada Naoki
 
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!..."A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
akaptur
 
Codigo fuente
Codigo fuenteCodigo fuente
Codigo fuente
BlackD10
 
Bytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreterBytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreter
akaptur
 
Swift core
Swift coreSwift core
Swift core
Yusuke Kita
 
Roots of a quadratic equation1
Roots of a quadratic equation1Roots of a quadratic equation1
Roots of a quadratic equation1
Wilson ak
 
Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016
Steffen Wenz
 
深入淺出C語言
深入淺出C語言深入淺出C語言
深入淺出C語言
Simen Li
 
Cluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in CCluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in C
Steffen Wenz
 
Boosting Developer Productivity with Clang
Boosting Developer Productivity with ClangBoosting Developer Productivity with Clang
Boosting Developer Productivity with Clang
Samsung Open Source Group
 
C Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer CentreC Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer Centre
jatin batra
 

Más contenido relacionado

La actualidad más candente

Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Positive Hack Days
 
All I know about rsc.io/c2go
All I know about rsc.io/c2goAll I know about rsc.io/c2go
All I know about rsc.io/c2go
Moriyoshi Koizumi
 
Web 2 . .3 Development Services
Web 2 . .3 Development ServicesWeb 2 . .3 Development Services
Web 2 . .3 Development Services
Theawaster485
 
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!..."A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
akaptur
 
Codigo fuente
Codigo fuenteCodigo fuente
Codigo fuente
BlackD10
 
Bytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreterBytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreter
akaptur
 

La actualidad más candente (20)

Understand more about C
Understand more about CUnderstand more about C
Understand more about C
 
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java scriptCodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
 
Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。
 
Rcpp11 genentech
Rcpp11 genentechRcpp11 genentech
Rcpp11 genentech
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
 
All I know about rsc.io/c2go
All I know about rsc.io/c2goAll I know about rsc.io/c2go
All I know about rsc.io/c2go
 
Protecting C++
Protecting C++Protecting C++
Protecting C++
 
TVM VTA (TSIM)
TVM VTA (TSIM) TVM VTA (TSIM)
TVM VTA (TSIM)
 
Web 2 . .3 Development Services
Web 2 . .3 Development ServicesWeb 2 . .3 Development Services
Web 2 . .3 Development Services
 
When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)
 
Basicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt applicationBasicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt application
 
Why my Go program is slow?
Why my Go program is slow?Why my Go program is slow?
Why my Go program is slow?
 
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!..."A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
 
Codigo fuente
Codigo fuenteCodigo fuente
Codigo fuente
 
Bytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreterBytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreter
 
Swift core
Swift coreSwift core
Swift core
 
Roots of a quadratic equation1
Roots of a quadratic equation1Roots of a quadratic equation1
Roots of a quadratic equation1
 
Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016
 
深入淺出C語言
深入淺出C語言深入淺出C語言
深入淺出C語言
 
Cluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in CCluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in C
 

Similar a C言語静的解析ツールと Ruby 1.9 trunk

ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
Teddy Hsiung
 
Vim Script Programming
Vim Script ProgrammingVim Script Programming
Vim Script Programming
Lin Yo-An
 
Crash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenCrash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_Tizen
Lex Yu
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platform
Linaro
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)
Patricia Aas
 

Similar a C言語静的解析ツールと Ruby 1.9 trunk (20)

Boosting Developer Productivity with Clang
Boosting Developer Productivity with ClangBoosting Developer Productivity with Clang
Boosting Developer Productivity with Clang
 
C Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer CentreC Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer Centre
 
GoFFIng around with Ruby #RubyConfPH
GoFFIng around with Ruby #RubyConfPHGoFFIng around with Ruby #RubyConfPH
GoFFIng around with Ruby #RubyConfPH
 
C++ amp on linux
C++ amp on linuxC++ amp on linux
C++ amp on linux
 
Gun make
Gun makeGun make
Gun make
 
シェル芸でライフハック(特論)
シェル芸でライフハック(特論)シェル芸でライフハック(特論)
シェル芸でライフハック(特論)
 
Objective-Cひとめぐり
Objective-CひとめぐりObjective-Cひとめぐり
Objective-Cひとめぐり
 
Tales from the dark side: developing SDKs at scale
Tales from the dark side: developing SDKs at scaleTales from the dark side: developing SDKs at scale
Tales from the dark side: developing SDKs at scale
 
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
 
What has to be paid attention when reviewing code of the library you develop
What has to be paid attention when reviewing code of the library you developWhat has to be paid attention when reviewing code of the library you develop
What has to be paid attention when reviewing code of the library you develop
 
Java Jit. Compilation and optimization by Andrey Kovalenko
Java Jit. Compilation and optimization by Andrey KovalenkoJava Jit. Compilation and optimization by Andrey Kovalenko
Java Jit. Compilation and optimization by Andrey Kovalenko
 
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang) [Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
 
Diving into HHVM Extensions (php[tek] 2016)
Diving into HHVM Extensions (php[tek] 2016)Diving into HHVM Extensions (php[tek] 2016)
Diving into HHVM Extensions (php[tek] 2016)
 
start_printf: dev/ic/com.c comstart()
start_printf: dev/ic/com.c comstart()start_printf: dev/ic/com.c comstart()
start_printf: dev/ic/com.c comstart()
 
Vim Script Programming
Vim Script ProgrammingVim Script Programming
Vim Script Programming
 
Crash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenCrash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_Tizen
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platform
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)
 
Quiz 9
Quiz 9Quiz 9
Quiz 9
 
Unleash your inner console cowboy
Unleash your inner console cowboyUnleash your inner console cowboy
Unleash your inner console cowboy
 

Más de ikegami__

Más de ikegami__ (6)

Agda 入門@ProofSummit 2011
Agda 入門@ProofSummit 2011Agda 入門@ProofSummit 2011
Agda 入門@ProofSummit 2011
 
Mac Laptop で Gentoo
Mac Laptop で GentooMac Laptop で Gentoo
Mac Laptop で Gentoo
 
Lightening Talk at Open Source Conference 2007
Lightening Talk at Open Source Conference 2007Lightening Talk at Open Source Conference 2007
Lightening Talk at Open Source Conference 2007
 
Introduction to Haskell games in Open Source Conference 2007 Hokkaido
Introduction to Haskell games in Open Source Conference 2007 HokkaidoIntroduction to Haskell games in Open Source Conference 2007 Hokkaido
Introduction to Haskell games in Open Source Conference 2007 Hokkaido
 
Advanced Topics in Haskell
Advanced Topics in HaskellAdvanced Topics in Haskell
Advanced Topics in Haskell
 
Introduction to Haskell@Open Source Conference 2007 Hokkaido
Introduction to Haskell@Open Source Conference 2007 HokkaidoIntroduction to Haskell@Open Source Conference 2007 Hokkaido
Introduction to Haskell@Open Source Conference 2007 Hokkaido
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Último (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

C言語静的解析ツールと Ruby 1.9 trunk

  • 1. C Ruby 1.9 trunk @ikegami_ _
  • 2. @ikegami_ _ • 2003 • 2003-2010 • Haskell • C • 10/27 - 11/10 2 • Ruby/Mathematica, Ruby/Ming, RushCheck, Karatsuba
  • 3.
  • 4. 1/2 • C++ • BLAST • Frama-C • • • • CIL GCC
  • 5. 2/2 • ← • • cppcheck C C++ • Emacs + Flymake • Vim + • Vim + QuickFix + errormaker
  • 6. Emacs + Flymake + cppcheck →
  • 7. • cppcheck • splint • • BLAST • Frama-C
  • 8. -Wall • • • • •
  • 9. division by zero • assert • unroll • assertion • if • • • Call flow graph •
  • 10. cppcheck • written in C++ • C/C++ • • Tokenize • Run all checks - pattern matching of the tokens http://sourceforge.net/apps/trac/cppcheck/
  • 11. cppcheck ruby • ruby-1.9 trunk revision 33685 (2011-11-09 ) • compile.c 77 files 2:01:02.55 • error 6 • compile.c 54:46.94s •
  • 12. cppcheck Ruby 6 [hash.c:2351]: (error) Memory leak: str [io.c:5264]: (error) fflush() called on input stream "stdin" may result in undefined behaviour [regcomp.c:5524]: (error) Memory leak: new_reg [vm_dump.c:831]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778 [vm_dump.c:834]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778 [vm_dump.c:835]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778
  • 13. hash.c [hash.c:2351]: (error) Memory leak: str 2351 } /* ruby_setenv */ 2303 str = malloc(len += strlen(value) + 2); str free 2287 #elif defined __sun Solaris
  • 14. io.c [io.c:5264]: (error) fflush() called on input stream "stdin" may result in undefined behaviour 5264 fflush(stdin); /* is it really needed? */ Q. How can I flush pending input so that a user's typeahead isn't read at the next prompt? Will fflush(stdin) work? A. fflush is defined only for output streams. (omit) comp.lang.c FAQ list · Question 12.26a
  • 15. splint • written in C • • annotation • cppcheck • • cont.c gc.c random.c thread_pthread.h http://www.splint.org/
  • 16. splint hash.c • ruby-1.9 trunk revision 33685 (2011-11-09 ) • 397 • header • Solaris Solaris configure • cppcheck hash.c x86
  • 17. splint regcomp.c • ruby-1.9 trunk revision 33685 (2011-11-09 ) • 737 • •
  • 18. splint regcomp.c regcomp.c:180:10: Only storage uslist->us->target (type struct _Node *) derived from released storage is not released (memory leak): uslist->us (omit) 176 static void 177 unset_addr_list_end(UnsetAddrList* uslist) 178 { 179 if (IS_NOT_NULL(uslist->us)) 180 xfree(uslist->us); 181 }
  • 19. 176 static void 177 unset_addr_list_end(UnsetAddrList* uslist) 178 { 179 if (IS_NOT_NULL(uslist->us)) 180 xfree(uslist->us); typedef struct { 181 } int offset; struct _Node* target; } UnsetAddr; uslist->us->target typedef struct { free int num; int alloc; UnsetAddr* us; } UnsetAddrList;
  • 20. 183 static int 184 unset_addr_list_add(UnsetAddrList* uslist, int offset, struct _Node* node) 185 { 186 UnsetAddr* p; 187 int size; 188 189 if (uslist->num >= uslist->alloc) { 190 size = uslist->alloc * 2; 191 p = (UnsetAddr* )xrealloc(uslist->us, sizeof(UnsetAddr) * size); 192 CHECK_NULL_RETURN_MEMERR(p); 193 uslist->alloc = size; 194 uslist->us = p; 195 } 196 197 uslist->us[uslist->num].offset = offset; 198 uslist->us[uslist->num].target = node; 199 uslist->num++; 200 return 0; ↑ free 201 }
  • 22. BLAST • with CIL OCaml • • assert() • • assert http://mtc.epfl.ch/software-tools/blast/index-epfl.php
  • 24. #include <assert.h> int watched; /* a global variable */ void foo(int i) { watched = i; } ← void bar() {   int j;   foo(j);   assert(j == watched);   /* assert(j != watched); */ } % gcc -E -I ${BLAST_INCLUDE} -main bar target.c % pblast.opt target.i -main bar :-)
  • 25. #include <assert.h> int *watched; void foo(int *p) { watched = p; } void bar() {   int i, *j;   i = 1;   j = &i;   foo(j);   assert(j == watched);   /* assert(j != watched); */ } % gcc -E -I ${BLAST_INCLUDE} -main bar target.c % pblast.opt target.i -main bar :-)
  • 26. ruby 1.9 trunk • for while • if • • • •
  • 27. Frama-C • with CIL OCaml •C • • • value plug-in ← • users plug-in http://frama-c.com/
  • 28. division by zero void foo(int x, int y) { int z = x / y; /* y should not be zero */ return; } int main(int argc, char **argv) { int x = 1, y = 0; foo(x, y); return 0; }
  • 29. Frama-C value plug-in % frama-c -val foo.c [value] Analyzing a complete application starting at main foo.c:3:[kernel] warning: division by zero: assert y ≢ 0;
  • 30. division by zero • ruby trunk revision no. 33685 • bignum.c • 1044 ds[k] = (BDIGIT)(num / hbase); • util.c • • 331 n = (r - l + size) / size; Frama-C value plugin
  • 32. void foo(void) {} void bar(void) {foo();} int main(void) { bar(); return 0; } % frama-c -users foo.c [kernel] preprocessing with "gcc -C -E -I. foo.c" [users] ====== DISPLAYING USERS ====== bar: foo main: foo bar ====== END OF USERS ==========
  • 33. ruby string.c callee http://sovmoess.tumblr.com/ post/12364993205/frama-c-ruby-1-9-string-c-callee @ikegami_ _
  • 34. • false positive • • CPU • annotation • annotation • Frama-C + jessie plug-in → Coq
  • 35. •2 C • ruby-1.9 trunk revision 33685 • cppcheck/splint • escape • BLAST/Frama-C •