resolving the almost decade old checker dependency issue
play

Resolving the almost decade old checker dependency issue in the - PowerPoint PPT Presentation

Aug 29, 2023 •442 likes •603 views

. . . . . . . . . . . . . . . . Resolving the almost decade old checker dependency issue in the Clang Static Analyzer Kristf Umann dkszelethus@gmail.com Etvs Lornd University, Budapest Ericsson Hungary . . . . . .

  1. . . . . . . . . . . . . . . . . Resolving the almost decade old checker dependency issue in the Clang Static Analyzer Kristóf Umann dkszelethus@gmail.com Eötvös Loránd University, Budapest Ericsson Hungary . . . . . . . . . . . . . . . . . . . . . . . . April 8., 2019

  2. . . . . . . . . . . . . . . . The original problem: easy-to-mess-up command line interface clang -cc1 -analyze myfile.cpp \ -analyzer-checker=cplusplus.InnerPointer \ ...meant to be notes-as-warnings clang -cc1 -analyze myfile.cpp \ -analyzer-checker=cplusplus.InnerPointer \ -analyzer-config unix.Malloc:Optimist=true . . . . . . . . . . . . . . . . . . . . . . . . . ...meant to be Optimistic -analyzer-config note-as-warning=true

  3. . . . . . . . . . . . . . . . . . . No warnings, no errors, the analyzer simply . . . . . . . . . . . . . . . . . . . . . . doesn’t do what you intended...

  4. . . . . . . . . . . . . . . . . . Bug unearthed: ”The Checker Naming Bug” Multiple checker objects could receive the same name Incorrect checker names in bug reports . . . . . . . . . . . . . . . . . . . . . . . Errors while parsing checker confjgurations

  5. . . . . . . . . . . . . . . . . . Real-life problems coming from the Checker Naming Bug clang -cc1 -analyze myfile.cpp \ -analyzer-checker=cplusplus.InnerPointer \ . . . . . . . . . . . . . . . . . . . . . . . -analyzer-config unix.Malloc:Optimistic=true

  6. . . . . . . . . . . . . . . . . . Real-life problems coming from the Checker Naming Bug clang -cc1 -analyze myfile.cpp \ -analyzer-checker=cplusplus.InnerPointer \ . . . . . . . . . . . . . . . . . . . . . . . -analyzer-config cplusplus.InnerPointer:Optimistic=true

  7. . . . . . . . . . . . . . . . . . InnerPointerChecker and MallocChecker have the same name! Turns out InnerPointerChecker depends on MallocChecker! InnerPointerChecker enables both itself and MallocChecker . . . . . . . . . . . . . . . . . . . . . . . Fixing this bug implies the need to reimplement dependencies...

  8. . cplusplus.NewDeleteLeaks security.insecureAPI.DeprecatedOrUnsafeBufgerHandling security.insecureAPI.mktemp a bunch more security checkers security.insecureAPI.bcopy security.insecureAPI.bcmp security.insecureAPI.UncheckedReturn security.insecureAPI.SecuritySyntaxChecker cplusplus.NewDelete alpha.cplusplus.IteratorModeling unix.MismatchedDeallocator unix.Malloc cplusplus.InnerPointer unix.DynamicMemoryModeling unix.cstring.BadSizeArg alpha.unix.cstring.OutOfBounds unix.cstring.NullArg alpha.unix.cstring.NotNullTerminated security.FloatLoopCounter alpha.cplusplus.InvalidatedIterator unix.cstring.CStringModeling core.StackAddrEscapeBase valist.Uninitialized valist.CopyToSelf valist.ValistBase alpha.core.CallAndMessageUnInitRefArg core.CallAndMessage core.StackAddressEscape alpha.core.StackAddressAsyncEscape osx.cocoa.RetainCount alpha.cplusplus.IteratorRange osx.OSObjectRetainCount osx.cocoa.RetainCountBase osx.cocoa.ObjCGenerics core.DynamicTypePropagation alpha.osx.MissingInvalidationMethod alpha.osx.InstanceVariableInvalidation alpha.osx.IvarInvalidationModeling alpha.cplusplus.MismatchedIterator alpha.unix.cstring.BufgerOverlap osx.cocoa.NSError . . . . . . . . . . . . . . . . . . . . . osx.coreFoundation.CFError . osx.NSOrCFErrorDerefChecker . . . . . . . . . . . . . . . . . valist.Unterminated

  9. . CString Modeling object? . . . . . . . . . . alpha.unix.cstring.BufgerOverlap . alpha.unix.cstring.NotNullTerminated unix.cstring.NullArg alpha.unix.cstring.OutOfBounds unix.cstring.BadSizeArg unix.Malloc cplusplus.InnerPointer unix.MismatchedDeallocator cplusplus.NewDelete cplusplus.NewDeleteLeaks clang -cc1 -analyze myfile.cpp \ -analyzer-checker=cplusplus.InnerPointer \ . . . . . . . . . . . . . . . . . . . . . . . . . . . . -analyzer-config unix.Malloc:Optimistic=true Too complex to fjt on a slide...

  10. . CString Modeling object? . . . . . . . . . . alpha.unix.cstring.BufgerOverlap . alpha.unix.cstring.NotNullTerminated unix.cstring.NullArg alpha.unix.cstring.OutOfBounds unix.cstring.BadSizeArg unix.Malloc cplusplus.InnerPointer unix.MismatchedDeallocator cplusplus.NewDelete cplusplus.NewDeleteLeaks clang -cc1 -analyze myfile.cpp \ -analyzer-checker=cplusplus.InnerPointer \ . . . . . . . . . . . . . . . . . . . . . . . . . . . . -analyzer-config cplusplus.InnerPointer:Optimistic=true

  11. . . . . . . . . . . . . CString Modeling object? . alpha.unix.cstring.BufgerOverlap alpha.unix.cstring.NotNullTerminated unix.cstring.NullArg alpha.unix.cstring.OutOfBounds unix.cstring.BadSizeArg unix.Malloc cplusplus.InnerPointer unix.MismatchedDeallocator cplusplus.NewDelete cplusplus.NewDeleteLeaks . . . . . . . . . . . . . . . . . . . . . . . . . . . How do we solve this?

  12. . . . . . . . . . . . . unix.cstring.CStringModeling . alpha.unix.cstring.BufgerOverlap alpha.unix.cstring.NotNullTerminated unix.cstring.NullArg alpha.unix.cstring.OutOfBounds unix.cstring.BadSizeArg unix.DynamicMemoryModeling cplusplus.InnerPointer unix.Malloc unix.MismatchedDeallocator cplusplus.NewDelete cplusplus.NewDeleteLeaks . . . . . . . . . . . . . . . . . . . . . . . . . . . Be able to represent dependencies with a directed tree

  13. . . . . . . . . . . . . . . . Resolve dependencies at a higher level Declare dependencies in TableGen Don’t allow checkers to enable more than one checker Make sure dependencies are enabled in the correct order def InnerPointerChecker : Checker<"InnerPointer">, HelpText<"Looks for pointers to temp. strings">, Dependencies<[DynamicMemoryModeling]> , . . . . . . . . . . . . . . . . . . . . . . . . . Documentation<NotDocumented>;

  14. . . . . . . . . . . . . . . . . Conclusion We are able to list checker dependencies We can now list and verify checker options Checker names won’t depend on how we invoke the analyzer Plugins can now depend on builtin checkers . . . . . . . . . . . . . . . . . . . . . . . . Already in trunk!

  15. . cplusplus.NewDeleteLeaks security.insecureAPI.DeprecatedOrUnsafeBufgerHandling security.insecureAPI.mktemp a bunch more security checkers security.insecureAPI.bcopy security.insecureAPI.bcmp security.insecureAPI.UncheckedReturn security.insecureAPI.SecuritySyntaxChecker cplusplus.NewDelete alpha.cplusplus.IteratorModeling unix.MismatchedDeallocator unix.Malloc cplusplus.InnerPointer unix.DynamicMemoryModeling unix.cstring.BadSizeArg alpha.unix.cstring.OutOfBounds unix.cstring.NullArg alpha.unix.cstring.NotNullTerminated security.FloatLoopCounter alpha.cplusplus.InvalidatedIterator unix.cstring.CStringModeling core.StackAddrEscapeBase valist.Unterminated valist.Uninitialized valist.CopyToSelf valist.ValistBase alpha.core.CallAndMessageUnInitRefArg core.CallAndMessage core.StackAddressEscape alpha.core.StackAddressAsyncEscape osx.cocoa.RetainCount alpha.cplusplus.IteratorRange osx.OSObjectRetainCount osx.cocoa.RetainCountBase osx.cocoa.ObjCGenerics core.DynamicTypePropagation alpha.osx.MissingInvalidationMethod alpha.osx.InstanceVariableInvalidation alpha.osx.IvarInvalidationModeling alpha.cplusplus.MismatchedIterator alpha.unix.cstring.BufgerOverlap osx.cocoa.NSError . . . . . . . . . . . . . . . . . . . . . osx.coreFoundation.CFError . osx.NSOrCFErrorDerefChecker . . . . . . . . . . . . . . . . . Thank you for your attention!

Recommend

Cha-Q 2 adding feature resolving issue adding feature resolving issue 3 Systematic Edits 4

Cha-Q 2 adding feature resolving issue adding feature resolving issue 3 Systematic Edits 4

Mining Repositories for Systematic Edits Presenter: Reinout Stevens Cha-Q 2 adding feature resolving issue adding feature resolving issue 3 Systematic Edits 4 Systematic Edits 4 Systematic Edits 4 Systematic Edits 4 Overview of the

412 views • 23 slides
Test Code by Resolving Method Call and Field Dependency Presented by Abdus Satter Institute of

Test Code by Resolving Method Call and Field Dependency Presented by Abdus Satter Institute of

5th International Workshop on Quantitative Approaches to Software Quality Automatically Identifying Dead Fields in Test Code by Resolving Method Call and Field Dependency Presented by Abdus Satter Institute of Information Technology University

543 views • 43 slides
Cost Cost Ov Over erruns uns and Cos and Cost t Gr Growth: wth: A A Thr hree Decade ee

Cost Cost Ov Over erruns uns and Cos and Cost t Gr Growth: wth: A A Thr hree Decade ee

Cost Cost Ov Over erruns uns and Cos and Cost t Gr Growth: wth: A A Thr hree Decade ee Decade Old Old Cost Cost Perf erfor ormanc mance e Issue Issue within within DoDs Acquisition Acquisition En Envir vironment onment

404 views • 36 slides
Policy Issue Identification: Resolving Conflicts over Life- Sustaining Treatment in Virginia Dea

Policy Issue Identification: Resolving Conflicts over Life- Sustaining Treatment in Virginia Dea

Policy Issue Identification: Resolving Conflicts over Life- Sustaining Treatment in Virginia Dea Mahanes, MSN, RN, CCNS, FNCS NURS638 Health Policy, Leadership &amp; Advocacy Virginia Commonwealth University Learning Objectives Understand

401 views • 20 slides
Guide to resolving Seller Centre issues Statuses indicating issue in SC Product is not visible

Guide to resolving Seller Centre issues Statuses indicating issue in SC Product is not visible

Guide to resolving Seller Centre issues Statuses indicating issue in SC Product is not visible on ZALORA website Product has 0 stock New 1 product that (1) is not approved yet , (2) is rejected by Quality Control (QC) Product is

57 views • 4 slides
Nuspell: version 3 of the new spell checker FOSS spell checker implemented in C++17 with aid of

Nuspell: version 3 of the new spell checker FOSS spell checker implemented in C++17 with aid of

Nuspell: version 3 of the new spell checker FOSS spell checker implemented in C++17 with aid of Mozilla Sander van Geloven FOSDEM, Brussels February 1, 2020 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

611 views • 39 slides
Nuspell: the new spell checker FOSS spell checker implemented in C++14 with aid of Mozilla.

Nuspell: the new spell checker FOSS spell checker implemented in C++14 with aid of Mozilla.

Nuspell: the new spell checker FOSS spell checker implemented in C++14 with aid of Mozilla. Sander van Geloven FOSDEM, Brussels February 2, 2019 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

327 views • 21 slides
10 Steps for Resolving Conflict Listen, Listen and Listen some more. 1. Avoid judgement and

10 Steps for Resolving Conflict Listen, Listen and Listen some more. 1. Avoid judgement and

10 Steps for Resolving Conflict Listen, Listen and Listen some more. 1. Avoid judgement and assumptions. Seek to clarify repeat back what you believe you heard. 2. Get to a point of understanding on the issue. 3. Acknowledge

210 views • 4 slides
Dependency Grammars Topological Dependency Trees: A Constraint-based Account of Linear

Dependency Grammars Topological Dependency Trees: A Constraint-based Account of Linear

Dependency Grammars Topological Dependency Trees: A Constraint-based Account of Linear Precedence Extensible Dependency Grammar: A New Methodology Sibel Ciddi NPFL106 - Linguistics 2013 Summer Framework Immediate dependency

656 views • 18 slides
Have some fun Checker: Checker: http://www.cs.caltech.edu/~ vhuang/cs 20/c/applet/more.html

Have some fun Checker: Checker: http://www.cs.caltech.edu/~ vhuang/cs 20/c/applet/more.html

Have some fun Checker: Checker: http://www.cs.caltech.edu/~ vhuang/cs 20/c/applet/more.html 1 Local Beam Search Run multiple searches to find the Run multiple searches to find the solution The best K states are selected. Like

636 views • 24 slides
Design Considerations for a DECADE SDT draft-kutscher-decade-protocol-00

Design Considerations for a DECADE SDT draft-kutscher-decade-protocol-00

Design Considerations for a DECADE SDT draft-kutscher-decade-protocol-00 draft-kutscher-decade-protocol-00 Dirk.Kutscher@neclab.eu Martin Stiemerling@neclab.eu Jan Seedorf@neclab.eu IETF-82, Taipei DECADE WG 1 Background DECADE

481 views • 24 slides
Lecture 19: Dependency Grammars and Dependency Parsing Julia Hockenmaier juliahmr@illinois.edu

Lecture 19: Dependency Grammars and Dependency Parsing Julia Hockenmaier juliahmr@illinois.edu

CS447: Natural Language Processing http://courses.engr.illinois.edu/cs447 Lecture 19: Dependency Grammars and Dependency Parsing Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Todays lecture Dependency Grammars Dependency

792 views • 54 slides
The UPPAAL Model Checker The UPPAAL Model Checker Julin Proenza Systems, Robotics and Vision

The UPPAAL Model Checker The UPPAAL Model Checker Julin Proenza Systems, Robotics and Vision

The UPPAAL Model Checker The UPPAAL Model Checker Julin Proenza Systems, Robotics and Vision Group. UIB. SPAIN Julin Proenza. UIB. Oct 2008 The aim of this presentation Introduce the basic concepts of model checking from a practical

804 views • 68 slides
MIPS Pipeline with Tomasulos Algorithm ADD ADD RS IR Issue WB Dispatch DIV LSQ MEM

MIPS Pipeline with Tomasulos Algorithm ADD ADD RS IR Issue WB Dispatch DIV LSQ MEM

MIPS Pipeline with Tomasulos Algorithm ADD ADD RS IR Issue WB Dispatch DIV LSQ MEM REG FILE MULT Common Data Bus (CDB) Renaming Source Registers Example A: DIVD F0 , F2, F4 RAW dependency between (A,B) B: ADDD F6, F0 , F8

619 views • 35 slides
The Double Pulsar: A Decade of Discovery (and what you can do over the next decade with

The Double Pulsar: A Decade of Discovery (and what you can do over the next decade with

The Double Pulsar: A Decade of Discovery (and what you can do over the next decade with FAST!) Maura McLaughlin West Virginia University 20 May 2014 : US-China Workshop 20 May 2014

731 views • 23 slides
The issue of this article Since the decade of 70s, teachers training became a crucial

The issue of this article Since the decade of 70s, teachers training became a crucial

Blended Learning and the Professional Development issue for teachers in Technical- Vocational Education by: Styliani Molasioti, Athanasios Papastamoulis CONFERENCE IN : Quality in Blended Learning Blended Learning Quality-Concepts Optimized

619 views • 30 slides
Dependency Parsing CMSC 470 Marine Carpuat Dependency Grammars Syntactic structure = lexical

Dependency Parsing CMSC 470 Marine Carpuat Dependency Grammars Syntactic structure = lexical

Dependency Parsing CMSC 470 Marine Carpuat Dependency Grammars Syntactic structure = lexical items linked by binary asymmetrical relations called dependencies Example Dependency Parse Dependencies (usually) form a tree: - Connected -

593 views • 23 slides
Lecture 3: Model-checker NuSMV B. Srivathsan Chennai Mathematical Institute NPTEL-course July -

Lecture 3: Model-checker NuSMV B. Srivathsan Chennai Mathematical Institute NPTEL-course July -

Lecture 3: Model-checker NuSMV B. Srivathsan Chennai Mathematical Institute NPTEL-course July - November 2015 1 / 31 Model-checker Specify the model of the system Specify the requirements Model-checker will automatically check if system

1.72k views • 112 slides
Dependency Grammars and Parsing CMSC 473/673 UMBC Outline Review: PCFGs and CKY Dependency

Dependency Grammars and Parsing CMSC 473/673 UMBC Outline Review: PCFGs and CKY Dependency

Dependency Grammars and Parsing CMSC 473/673 UMBC Outline Review: PCFGs and CKY Dependency Grammars Dependency Parsing (Shift-reduce) From syntax to semantics Probabilistic Context Free Grammar 1.0 S NP VP 1.0 PP P NP .4 NP Det

862 views • 75 slides
Thoughts on Learner Data and Motivation Learner Language Dependency Parsing and Dependency

Thoughts on Learner Data and Motivation Learner Language Dependency Parsing and Dependency

Thoughts on Learner Data and Dependency Parsing Niels Ott, Ramon Ziai, Julia Krivanek, Detmar Meurers Introduction and Thoughts on Learner Data and Motivation Learner Language Dependency Parsing and Dependency Annotation Approximated

812 views • 53 slides
Dependency Grammars: Avoiding Constituents Traditional way of thinking Goes back to Panini

Dependency Grammars: Avoiding Constituents Traditional way of thinking Goes back to Panini

Dependency Parsing Dependency Grammars: Avoiding Constituents Traditional way of thinking Goes back to Panini (P an .ini circa 350BC) Modern form: Lucien Tesni` ere, 1950s Typed dependency structure : Captures grammatical

591 views • 34 slides
Using a Grammar Checker for Evaluation and Postprocessing of Statistical Machine Translation Sara

Using a Grammar Checker for Evaluation and Postprocessing of Statistical Machine Translation Sara

Using a Grammar Checker for Evaluation and Postprocessing of Statistical Machine Translation Sara Stymne and Lars Ahrenberg Link oping University, Sweden LREC May 20, 2010 Using a Grammar Checker for Evaluation and Postprocessing of

755 views • 29 slides
Dependency Parsing 2 CMSC 723 / LING 723 / INST 725 Marine Carpuat Fig credits: Joakim Nivre,

Dependency Parsing 2 CMSC 723 / LING 723 / INST 725 Marine Carpuat Fig credits: Joakim Nivre,

Dependency Parsing 2 CMSC 723 / LING 723 / INST 725 Marine Carpuat Fig credits: Joakim Nivre, Dan Jurafsky &amp; James Martin Dependency Parsing Formalizing dependency trees Transition-based dependency parsing Shift-reduce parsing

1.02k views • 52 slides
Dependency Parsing CMSC 723 / LING 723 / INST 725 Marine Carpuat Fig credits: Joakim Nivre, Dan

Dependency Parsing CMSC 723 / LING 723 / INST 725 Marine Carpuat Fig credits: Joakim Nivre, Dan

Dependency Parsing CMSC 723 / LING 723 / INST 725 Marine Carpuat Fig credits: Joakim Nivre, Dan Jurafsky &amp; James Martin Dependency Parsing Formalizing dependency trees Transition-based dependency parsing Shift-reduce parsing

676 views • 24 slides

More recommend