On Wed, 2022-06-01 at 23:22 +0530, Mir Immad wrote: > HI everyone, > > I'm Immad Mir -- one of the GSoC students this year. I'll be working on > adding static analysis support for POSIX file description APIs this > summer.
Welcome Immad - I'm looking forward to helping you on this project. For reference, I think you posted an initial prototype of this work earlier this year here: https://gcc.gnu.org/pipermail/gcc/2022-January/238192.html https://gcc.gnu.org/pipermail/gcc/2022-February/238215.html > > The plan is to let the static analyzer know about the FD APIs through > the > use of function attributes, although initially we might hardcode the > logic > to get started working. I'm looking for the suggestions on this from > the > people who have experience working with file-descriptors. We talked about this off-list; I think next steps could be: (1) get your initial prototype working again, hardcoding the names of the functions for simplicity at first (2) find a list of system calls (e.g. those implemented on Linux), and see which ones relate to file descriptors e.g. acquiring them, using them, releasing them, and duplicating them. Look for patterns of usage that could be expressed using function attributes. Probably ignore "ioctl" for now. (3) probably talk to glibc's developers about this, since glibc provides headers that wrap system calls, which would want to use the attributes if we provide them (4) implement the attributes, so that the analyzer doesn't have hardcoded function names, and can instead rely on function attributes. GCC's attributes are implemented in gcc/c-family/c-attribs.cc; see the big c_common_attribute_table array, which associates the string names of the attrbutes with properties, including a handler callback. These either set flags of a decl, or the attribute itself is appended to a singly-linked list on that decl (for those things that don't directly relate to fields of a decl). I believe Siddhesh Poyarekar has been looking at attributes from the glibc side of things, so I'm CCing him in case he has input on this. I'm wondering if other people on this list have ideas for projects that make heavy use of syscalls/file-descriptors that would benefit from having this analyzer feature. Maybe systemd? Welcome again; hope this makes sense and is helpful Dave
