Hi, Quoting Samuel Thibault (2016-06-04 17:32:06) > Justus Winter, on Sat 04 Jun 2016 15:45:15 +0200, wrote: > > tl;dr: Compiler-assisted runtime checking of port handling in > > variables with automatic storage duration. Do we want to go there? > > That's interesting, but the proposed way would need annotating the whole > source code, I'm afraid we'll make mistakes there.
Are you afraid that it is too much work, or that the process is error-prone? On the former point, this method can be applied on a per-function, and even per-variable basis, so it can be introduced incrementally. On the latter, it makes all port handling errors fatal, while providing us with meaningful error messages and stack traces. > Passing a port to a function that will deallocate it will probably > need another macro BTW. I have provided Mach_port_move for that. > Ideally we'd have a static analysis tool which knows about the mig rules > for port references. Perhaps LeakSanitizer could be taught that? (we > probably want to port it to Hurd, anyway, and it seems very portable) Yes, static analysis tools are nicer (but come with their own set of limitations). Note that the *Sanitizers are also runtime tools. In any case, I doubt that we can create a tool that works entirely without modifying / annotating existing code. Justus
