SlideShare a Scribd company logo
1 of 35
Download to read offline
C
    Ruby 1.9 trunk
          @ikegami_ _
@ikegami_ _

•   2003

•   2003-2010

    •              Haskell

    •   C

        •   10/27 - 11/10    2

•   Ruby/Mathematica, Ruby/Ming, RushCheck, Karatsuba
C言語静的解析ツールと Ruby 1.9 trunk
1/2
•                       C++

    •   BLAST

    •   Frama-C

        •
            •
            •
            •     CIL         GCC
2/2
•
                     ←
•
    • cppcheck         C C++

     • Emacs + Flymake
     • Vim +
       • Vim + QuickFix + errormaker
Emacs + Flymake + cppcheck




                    →
•
    • cppcheck
    • splint
•
    • BLAST
    • Frama-C
•               -Wall

•
    •
        •
            •
•
•   division by zero   •   assert

•             unroll
                       •
                           assertion
•   if


•
•
•   Call flow graph

•
cppcheck
•      written in C++

• C/C++
  •
  • Tokenize
  • Run all checks - pattern matching of the tokens
           http://sourceforge.net/apps/trac/cppcheck/
cppcheck                 ruby

•   ruby-1.9 trunk revision 33685 (2011-11-09   )

    •   compile.c      77 files   2:01:02.55

        •   error        6

    •   compile.c   54:46.94s

•
cppcheck                       Ruby
                   6

[hash.c:2351]: (error) Memory leak: str
[io.c:5264]: (error) fflush() called on input stream "stdin" may
result in undefined behaviour
[regcomp.c:5524]: (error) Memory leak: new_reg
[vm_dump.c:831]: (error) Possible null pointer dereference: vm -
otherwise it is redundant to check if vm is null at line 778
[vm_dump.c:834]: (error) Possible null pointer dereference: vm -
otherwise it is redundant to check if vm is null at line 778
[vm_dump.c:835]: (error) Possible null pointer dereference: vm -
otherwise it is redundant to check if vm is null at line 778
hash.c
           [hash.c:2351]: (error) Memory leak: str

2351 } /*              ruby_setenv         */
2303             str = malloc(len += strlen(value) + 2);

                 str     free

                  2287 #elif defined __sun

       Solaris
io.c
   [io.c:5264]: (error) fflush() called on input stream
   "stdin" may result in undefined behaviour

5264        fflush(stdin);          /* is it really needed? */

Q. How can I flush pending input so that a user's
typeahead isn't read at the next prompt? Will
fflush(stdin) work?
A. fflush is defined only for output streams. (omit)
               comp.lang.c FAQ list · Question 12.26a
splint
•                        written in C

•
•                              annotation

•   cppcheck

•
    •   cont.c gc.c random.c thread_pthread.h

                                   http://www.splint.org/
splint hash.c
•   ruby-1.9 trunk revision 33685 (2011-11-09   )

•   397

•   header

    •   Solaris        Solaris       configure



        •   cppcheck             hash.c
            x86
splint regcomp.c

•   ruby-1.9 trunk revision 33685 (2011-11-09   )

•   737

    •
        •
splint regcomp.c
regcomp.c:180:10: Only storage uslist->us->target
(type struct _Node *) derived from released storage is not
released (memory      leak): uslist->us
(omit)

 176     static void
 177     unset_addr_list_end(UnsetAddrList* uslist)
 178     {
 179       if (IS_NOT_NULL(uslist->us))
 180         xfree(uslist->us);
 181     }
176   static void
177   unset_addr_list_end(UnsetAddrList* uslist)
178   {
179     if (IS_NOT_NULL(uslist->us))
180       xfree(uslist->us);
                             typedef struct {
181   }                        int       offset;
                               struct _Node* target;
                             } UnsetAddr;
  uslist->us->target
                             typedef struct {
  free                         int     num;
                               int     alloc;
                               UnsetAddr* us;
                             } UnsetAddrList;
183   static int
184   unset_addr_list_add(UnsetAddrList* uslist, int offset, struct _Node* node)
185   {
186     UnsetAddr* p;
187     int size;
188
189       if (uslist->num >= uslist->alloc) {
190         size = uslist->alloc * 2;
191         p = (UnsetAddr* )xrealloc(uslist->us, sizeof(UnsetAddr) * size);
192         CHECK_NULL_RETURN_MEMERR(p);
193         uslist->alloc = size;
194         uslist->us = p;
195       }
196
197       uslist->us[uslist->num].offset = offset;
198       uslist->us[uslist->num].target = node;
199       uslist->num++;
200       return 0;                ↑ free
201   }
false positive
BLAST
 • with CIL                 OCaml

 •
   •            assert()

   •
   • assert
http://mtc.epfl.ch/software-tools/blast/index-epfl.php
escape
#include <assert.h>
int watched; /* a global variable */
void foo(int i) { watched = i; }     ←
void bar()
{
  int j;

  foo(j);
  assert(j == watched);
  /* assert(j != watched); */
}
   % gcc -E -I ${BLAST_INCLUDE} -main bar target.c
   % pblast.opt target.i -main bar
                                  :-)
#include <assert.h>
int *watched;

void foo(int *p) { watched = p; }

void bar()
{
  int i, *j;
  i = 1;
  j = &i;
  foo(j);
  assert(j == watched);
  /* assert(j != watched); */
}
   % gcc -E -I ${BLAST_INCLUDE} -main bar target.c
   % pblast.opt target.i -main bar
                                  :-)
ruby 1.9 trunk

• for   while

• if
  •
•
  •
  •
Frama-C
• with CIL               OCaml

•C
 •
 •
   • value plug-in   ←
   • users plug-in
                          http://frama-c.com/
division by zero
void foo(int x, int y)
{
  int z = x / y; /* y should not be zero */
  return;
}

int main(int argc, char **argv)
{
  int x = 1, y = 0;
  foo(x, y);
  return 0;
}
Frama-C value plug-in

% frama-c -val foo.c
[value] Analyzing a complete application starting at main

foo.c:3:[kernel] warning: division by zero: assert y ≢ 0;
division by zero
 • ruby trunk revision no. 33685
  • bignum.c
    • 1044 ds[k] = (BDIGIT)(num / hbase);
  • util.c
    •
      • 331 n = (r - l + size) / size;
Frama-C value plugin
Frama-C users plug-in


•       callee

    •
void foo(void) {}
void bar(void) {foo();}

int main(void)
{
  bar();
  return 0;
}
          % frama-c -users foo.c
          [kernel] preprocessing with "gcc -C -E -I. foo.c"

         [users] ====== DISPLAYING USERS ======
              bar: foo
              main: foo bar
              ====== END OF USERS ==========
ruby            string.c
callee
http://sovmoess.tumblr.com/
post/12364993205/frama-c-ruby-1-9-string-c-callee
                  @ikegami_ _
•
    •   false positive

    •
    •                                 CPU

•          annotation

    •                    annotation

    •   Frama-C + jessie plug-in → Coq
•2          C

  • ruby-1.9 trunk revision 33685
•      cppcheck/splint

  • escape
• BLAST/Frama-C
  •

More Related Content

What's hot

Understand more about C
Understand more about CUnderstand more about C
Understand more about CYi-Hsiu Hsu
 
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java scriptCodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java scriptCodiLime
 
Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。Mr. Vengineer
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisPositive Hack Days
 
All I know about rsc.io/c2go
All I know about rsc.io/c2goAll I know about rsc.io/c2go
All I know about rsc.io/c2goMoriyoshi Koizumi
 
Web 2 . .3 Development Services
Web 2 . .3 Development ServicesWeb 2 . .3 Development Services
Web 2 . .3 Development ServicesTheawaster485
 
When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)Sylvain Hallé
 
Basicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt applicationBasicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt applicationDinesh Manajipet
 
Why my Go program is slow?
Why my Go program is slow?Why my Go program is slow?
Why my Go program is slow?Inada Naoki
 
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!..."A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...akaptur
 
Codigo fuente
Codigo fuenteCodigo fuente
Codigo fuenteBlackD10
 
Bytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreterBytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreterakaptur
 
Roots of a quadratic equation1
Roots of a quadratic equation1Roots of a quadratic equation1
Roots of a quadratic equation1Wilson ak
 
Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016Steffen Wenz
 
深入淺出C語言
深入淺出C語言深入淺出C語言
深入淺出C語言Simen Li
 
Cluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in CCluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in CSteffen Wenz
 

What's hot (20)

Understand more about C
Understand more about CUnderstand more about C
Understand more about C
 
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java scriptCodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
CodiLime Tech Talk - Grzegorz Rozdzialik: What the java script
 
Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。Tiramisu をちょっと、味見してみました。
Tiramisu をちょっと、味見してみました。
 
Rcpp11 genentech
Rcpp11 genentechRcpp11 genentech
Rcpp11 genentech
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
 
All I know about rsc.io/c2go
All I know about rsc.io/c2goAll I know about rsc.io/c2go
All I know about rsc.io/c2go
 
Protecting C++
Protecting C++Protecting C++
Protecting C++
 
TVM VTA (TSIM)
TVM VTA (TSIM) TVM VTA (TSIM)
TVM VTA (TSIM)
 
Web 2 . .3 Development Services
Web 2 . .3 Development ServicesWeb 2 . .3 Development Services
Web 2 . .3 Development Services
 
When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)When RV Meets CEP (RV 2016 Tutorial)
When RV Meets CEP (RV 2016 Tutorial)
 
Basicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt applicationBasicsof c make and git for a hello qt application
Basicsof c make and git for a hello qt application
 
Why my Go program is slow?
Why my Go program is slow?Why my Go program is slow?
Why my Go program is slow?
 
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!..."A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
"A 1,500 line (!!) switch statement powers your Python!" - Allison Kaptur, !!...
 
Codigo fuente
Codigo fuenteCodigo fuente
Codigo fuente
 
Bytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreterBytes in the Machine: Inside the CPython interpreter
Bytes in the Machine: Inside the CPython interpreter
 
Swift core
Swift coreSwift core
Swift core
 
Roots of a quadratic equation1
Roots of a quadratic equation1Roots of a quadratic equation1
Roots of a quadratic equation1
 
Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016Powered by Python - PyCon Germany 2016
Powered by Python - PyCon Germany 2016
 
深入淺出C語言
深入淺出C語言深入淺出C語言
深入淺出C語言
 
Cluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in CCluj.py Meetup: Extending Python in C
Cluj.py Meetup: Extending Python in C
 

Similar to C言語静的解析ツールと Ruby 1.9 trunk

C Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer CentreC Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer Centrejatin batra
 
GoFFIng around with Ruby #RubyConfPH
GoFFIng around with Ruby #RubyConfPHGoFFIng around with Ruby #RubyConfPH
GoFFIng around with Ruby #RubyConfPHGautam Rege
 
C++ amp on linux
C++ amp on linuxC++ amp on linux
C++ amp on linuxMiller Lee
 
シェル芸でライフハック(特論)
シェル芸でライフハック(特論)シェル芸でライフハック(特論)
シェル芸でライフハック(特論)Yuki Shimazaki
 
Objective-Cひとめぐり
Objective-CひとめぐりObjective-Cひとめぐり
Objective-CひとめぐりKenji Kinukawa
 
Tales from the dark side: developing SDKs at scale
Tales from the dark side: developing SDKs at scaleTales from the dark side: developing SDKs at scale
Tales from the dark side: developing SDKs at scaleKenneth Geisshirt
 
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321Teddy Hsiung
 
What has to be paid attention when reviewing code of the library you develop
What has to be paid attention when reviewing code of the library you developWhat has to be paid attention when reviewing code of the library you develop
What has to be paid attention when reviewing code of the library you developAndrey Karpov
 
Java Jit. Compilation and optimization by Andrey Kovalenko
Java Jit. Compilation and optimization by Andrey KovalenkoJava Jit. Compilation and optimization by Andrey Kovalenko
Java Jit. Compilation and optimization by Andrey KovalenkoValeriia Maliarenko
 
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang) [Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang) Johnny Sung
 
Diving into HHVM Extensions (php[tek] 2016)
Diving into HHVM Extensions (php[tek] 2016)Diving into HHVM Extensions (php[tek] 2016)
Diving into HHVM Extensions (php[tek] 2016)James Titcumb
 
start_printf: dev/ic/com.c comstart()
start_printf: dev/ic/com.c comstart()start_printf: dev/ic/com.c comstart()
start_printf: dev/ic/com.c comstart()Kiwamu Okabe
 
Vim Script Programming
Vim Script ProgrammingVim Script Programming
Vim Script ProgrammingLin Yo-An
 
Crash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenCrash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenLex Yu
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLinaro
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Patricia Aas
 
Unleash your inner console cowboy
Unleash your inner console cowboyUnleash your inner console cowboy
Unleash your inner console cowboyKenneth Geisshirt
 

Similar to C言語静的解析ツールと Ruby 1.9 trunk (20)

Boosting Developer Productivity with Clang
Boosting Developer Productivity with ClangBoosting Developer Productivity with Clang
Boosting Developer Productivity with Clang
 
C Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer CentreC Programming Training in Ambala ! Batra Computer Centre
C Programming Training in Ambala ! Batra Computer Centre
 
GoFFIng around with Ruby #RubyConfPH
GoFFIng around with Ruby #RubyConfPHGoFFIng around with Ruby #RubyConfPH
GoFFIng around with Ruby #RubyConfPH
 
C++ amp on linux
C++ amp on linuxC++ amp on linux
C++ amp on linux
 
Gun make
Gun makeGun make
Gun make
 
シェル芸でライフハック(特論)
シェル芸でライフハック(特論)シェル芸でライフハック(特論)
シェル芸でライフハック(特論)
 
Objective-Cひとめぐり
Objective-CひとめぐりObjective-Cひとめぐり
Objective-Cひとめぐり
 
Tales from the dark side: developing SDKs at scale
Tales from the dark side: developing SDKs at scaleTales from the dark side: developing SDKs at scale
Tales from the dark side: developing SDKs at scale
 
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
ExperiencesSharingOnEmbeddedSystemDevelopment_20160321
 
What has to be paid attention when reviewing code of the library you develop
What has to be paid attention when reviewing code of the library you developWhat has to be paid attention when reviewing code of the library you develop
What has to be paid attention when reviewing code of the library you develop
 
Java Jit. Compilation and optimization by Andrey Kovalenko
Java Jit. Compilation and optimization by Andrey KovalenkoJava Jit. Compilation and optimization by Andrey Kovalenko
Java Jit. Compilation and optimization by Andrey Kovalenko
 
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang) [Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
[Golang] 以 Mobile App 工程師視角,帶你進入 Golang 的世界 (Introduction of GoLang)
 
Diving into HHVM Extensions (php[tek] 2016)
Diving into HHVM Extensions (php[tek] 2016)Diving into HHVM Extensions (php[tek] 2016)
Diving into HHVM Extensions (php[tek] 2016)
 
start_printf: dev/ic/com.c comstart()
start_printf: dev/ic/com.c comstart()start_printf: dev/ic/com.c comstart()
start_printf: dev/ic/com.c comstart()
 
Vim Script Programming
Vim Script ProgrammingVim Script Programming
Vim Script Programming
 
Crash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenCrash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_Tizen
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platform
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)
 
Quiz 9
Quiz 9Quiz 9
Quiz 9
 
Unleash your inner console cowboy
Unleash your inner console cowboyUnleash your inner console cowboy
Unleash your inner console cowboy
 

More from ikegami__

Agda 入門@ProofSummit 2011
Agda 入門@ProofSummit 2011Agda 入門@ProofSummit 2011
Agda 入門@ProofSummit 2011ikegami__
 
Mac Laptop で Gentoo
Mac Laptop で GentooMac Laptop で Gentoo
Mac Laptop で Gentooikegami__
 
Lightening Talk at Open Source Conference 2007
Lightening Talk at Open Source Conference 2007Lightening Talk at Open Source Conference 2007
Lightening Talk at Open Source Conference 2007ikegami__
 
Introduction to Haskell games in Open Source Conference 2007 Hokkaido
Introduction to Haskell games in Open Source Conference 2007 HokkaidoIntroduction to Haskell games in Open Source Conference 2007 Hokkaido
Introduction to Haskell games in Open Source Conference 2007 Hokkaidoikegami__
 
Advanced Topics in Haskell
Advanced Topics in HaskellAdvanced Topics in Haskell
Advanced Topics in Haskellikegami__
 
Introduction to Haskell@Open Source Conference 2007 Hokkaido
Introduction to Haskell@Open Source Conference 2007 HokkaidoIntroduction to Haskell@Open Source Conference 2007 Hokkaido
Introduction to Haskell@Open Source Conference 2007 Hokkaidoikegami__
 

More from ikegami__ (6)

Agda 入門@ProofSummit 2011
Agda 入門@ProofSummit 2011Agda 入門@ProofSummit 2011
Agda 入門@ProofSummit 2011
 
Mac Laptop で Gentoo
Mac Laptop で GentooMac Laptop で Gentoo
Mac Laptop で Gentoo
 
Lightening Talk at Open Source Conference 2007
Lightening Talk at Open Source Conference 2007Lightening Talk at Open Source Conference 2007
Lightening Talk at Open Source Conference 2007
 
Introduction to Haskell games in Open Source Conference 2007 Hokkaido
Introduction to Haskell games in Open Source Conference 2007 HokkaidoIntroduction to Haskell games in Open Source Conference 2007 Hokkaido
Introduction to Haskell games in Open Source Conference 2007 Hokkaido
 
Advanced Topics in Haskell
Advanced Topics in HaskellAdvanced Topics in Haskell
Advanced Topics in Haskell
 
Introduction to Haskell@Open Source Conference 2007 Hokkaido
Introduction to Haskell@Open Source Conference 2007 HokkaidoIntroduction to Haskell@Open Source Conference 2007 Hokkaido
Introduction to Haskell@Open Source Conference 2007 Hokkaido
 

Recently uploaded

UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 

Recently uploaded (20)

UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 

C言語静的解析ツールと Ruby 1.9 trunk

  • 1. C Ruby 1.9 trunk @ikegami_ _
  • 2. @ikegami_ _ • 2003 • 2003-2010 • Haskell • C • 10/27 - 11/10 2 • Ruby/Mathematica, Ruby/Ming, RushCheck, Karatsuba
  • 4. 1/2 • C++ • BLAST • Frama-C • • • • CIL GCC
  • 5. 2/2 • ← • • cppcheck C C++ • Emacs + Flymake • Vim + • Vim + QuickFix + errormaker
  • 6. Emacs + Flymake + cppcheck →
  • 7. • cppcheck • splint • • BLAST • Frama-C
  • 8. -Wall • • • • •
  • 9. division by zero • assert • unroll • assertion • if • • • Call flow graph •
  • 10. cppcheck • written in C++ • C/C++ • • Tokenize • Run all checks - pattern matching of the tokens http://sourceforge.net/apps/trac/cppcheck/
  • 11. cppcheck ruby • ruby-1.9 trunk revision 33685 (2011-11-09 ) • compile.c 77 files 2:01:02.55 • error 6 • compile.c 54:46.94s •
  • 12. cppcheck Ruby 6 [hash.c:2351]: (error) Memory leak: str [io.c:5264]: (error) fflush() called on input stream "stdin" may result in undefined behaviour [regcomp.c:5524]: (error) Memory leak: new_reg [vm_dump.c:831]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778 [vm_dump.c:834]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778 [vm_dump.c:835]: (error) Possible null pointer dereference: vm - otherwise it is redundant to check if vm is null at line 778
  • 13. hash.c [hash.c:2351]: (error) Memory leak: str 2351 } /* ruby_setenv */ 2303 str = malloc(len += strlen(value) + 2); str free 2287 #elif defined __sun Solaris
  • 14. io.c [io.c:5264]: (error) fflush() called on input stream "stdin" may result in undefined behaviour 5264 fflush(stdin); /* is it really needed? */ Q. How can I flush pending input so that a user's typeahead isn't read at the next prompt? Will fflush(stdin) work? A. fflush is defined only for output streams. (omit) comp.lang.c FAQ list · Question 12.26a
  • 15. splint • written in C • • annotation • cppcheck • • cont.c gc.c random.c thread_pthread.h http://www.splint.org/
  • 16. splint hash.c • ruby-1.9 trunk revision 33685 (2011-11-09 ) • 397 • header • Solaris Solaris configure • cppcheck hash.c x86
  • 17. splint regcomp.c • ruby-1.9 trunk revision 33685 (2011-11-09 ) • 737 • •
  • 18. splint regcomp.c regcomp.c:180:10: Only storage uslist->us->target (type struct _Node *) derived from released storage is not released (memory leak): uslist->us (omit) 176 static void 177 unset_addr_list_end(UnsetAddrList* uslist) 178 { 179 if (IS_NOT_NULL(uslist->us)) 180 xfree(uslist->us); 181 }
  • 19. 176 static void 177 unset_addr_list_end(UnsetAddrList* uslist) 178 { 179 if (IS_NOT_NULL(uslist->us)) 180 xfree(uslist->us); typedef struct { 181 } int offset; struct _Node* target; } UnsetAddr; uslist->us->target typedef struct { free int num; int alloc; UnsetAddr* us; } UnsetAddrList;
  • 20. 183 static int 184 unset_addr_list_add(UnsetAddrList* uslist, int offset, struct _Node* node) 185 { 186 UnsetAddr* p; 187 int size; 188 189 if (uslist->num >= uslist->alloc) { 190 size = uslist->alloc * 2; 191 p = (UnsetAddr* )xrealloc(uslist->us, sizeof(UnsetAddr) * size); 192 CHECK_NULL_RETURN_MEMERR(p); 193 uslist->alloc = size; 194 uslist->us = p; 195 } 196 197 uslist->us[uslist->num].offset = offset; 198 uslist->us[uslist->num].target = node; 199 uslist->num++; 200 return 0; ↑ free 201 }
  • 22. BLAST • with CIL OCaml • • assert() • • assert http://mtc.epfl.ch/software-tools/blast/index-epfl.php
  • 24. #include <assert.h> int watched; /* a global variable */ void foo(int i) { watched = i; } ← void bar() {   int j;   foo(j);   assert(j == watched);   /* assert(j != watched); */ } % gcc -E -I ${BLAST_INCLUDE} -main bar target.c % pblast.opt target.i -main bar :-)
  • 25. #include <assert.h> int *watched; void foo(int *p) { watched = p; } void bar() {   int i, *j;   i = 1;   j = &i;   foo(j);   assert(j == watched);   /* assert(j != watched); */ } % gcc -E -I ${BLAST_INCLUDE} -main bar target.c % pblast.opt target.i -main bar :-)
  • 26. ruby 1.9 trunk • for while • if • • • •
  • 27. Frama-C • with CIL OCaml •C • • • value plug-in ← • users plug-in http://frama-c.com/
  • 28. division by zero void foo(int x, int y) { int z = x / y; /* y should not be zero */ return; } int main(int argc, char **argv) { int x = 1, y = 0; foo(x, y); return 0; }
  • 29. Frama-C value plug-in % frama-c -val foo.c [value] Analyzing a complete application starting at main foo.c:3:[kernel] warning: division by zero: assert y ≢ 0;
  • 30. division by zero • ruby trunk revision no. 33685 • bignum.c • 1044 ds[k] = (BDIGIT)(num / hbase); • util.c • • 331 n = (r - l + size) / size; Frama-C value plugin
  • 32. void foo(void) {} void bar(void) {foo();} int main(void) { bar(); return 0; } % frama-c -users foo.c [kernel] preprocessing with "gcc -C -E -I. foo.c" [users] ====== DISPLAYING USERS ====== bar: foo main: foo bar ====== END OF USERS ==========
  • 33. ruby string.c callee http://sovmoess.tumblr.com/ post/12364993205/frama-c-ruby-1-9-string-c-callee @ikegami_ _
  • 34. • false positive • • CPU • annotation • annotation • Frama-C + jessie plug-in → Coq
  • 35. •2 C • ruby-1.9 trunk revision 33685 • cppcheck/splint • escape • BLAST/Frama-C •