Participants
Tom Browder
Tom Browder
Greg Stark
Greg Stark
Tomas Vondra
Tomas Vondra
Attachments

No attachments in this thread

Thread Outline
#1...#2
Tom BrowderTomas Vondra
Mar 05, 2016
#1Tom BrowderTom Browder
Mar 05, 2016
#2Tomas VondraTomas Vondrato Tom Browder (#1)
Mar 05, 2016
#3Tom BrowderTom Browderto Tomas Vondra (#2)
Mar 05, 2016
#4...#7
Greg StarkTom Browder
to Tomas Vondra (#2)
Mar 05, 2016
#4Greg StarkGreg Starkto Tomas Vondra (#2)
Mar 05, 2016
#5Greg StarkGreg Starkto Greg Stark (#4)
Mar 05, 2016
#6Tom BrowderTom Browderto Greg Stark (#5)
Mar 05, 2016
#7Greg StarkGreg Starkto Tom Browder (#6)
Mar 05, 2016

Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

Started by Tom Browderalmost 10 years ago7 messages
#1Tom Browder
Tom Browder
tom.browder@gmail.com

Interesting article in latest issue of subject titled:

"A Differential Approach to Undefined Behavior Detection"

which may describe procedures not used in other static analysis programs.

Article references the authors' website here:

http://css.csail.mit.edu/stack

which contains more info links and a link to the software on github here:

https://github.com/xiw/stack

Best regards,

-Tom

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#2Tomas Vondra
Tomas Vondra
tomas.vondra@2ndquadrant.com
In reply to: Tom Browder (#1)
Re: Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

Hi,

On Sat, 2016-03-05 at 06:24 -0600, Tom Browder wrote:

Interesting article in latest issue of subject titled:

"A Differential Approach to Undefined Behavior Detection"

which may describe procedures not used in other static analysis programs.

Article references the authors' website here:

http://css.csail.mit.edu/stack

which contains more info links and a link to the software on github here:

https://github.com/xiw/stack

Best regards,

AFAIK this is not an entirely new tool - it was published a few years
back (2013?) along with a paper that also mentioned a few issues in
PostgreSQL. And it was dealt with, see for example this thread

/messages/by-id/20130715215950.GA4165@eldon.alvh.no-ip.org

Or is this something new?

regards

--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#3Tom Browder
Tom Browder
tom.browder@gmail.com
In reply to: Tomas Vondra (#2)
Re: Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

On Sat, Mar 5, 2016 at 6:41 AM, Tomas Vondra
<tomas.vondra@2ndquadrant.com> wrote:

On Sat, 2016-03-05 at 06:24 -0600, Tom Browder wrote:

Interesting article in latest issue of subject titled:

"A Differential Approach to Undefined Behavior Detection"

...

AFAIK this is not an entirely new tool - it was published a few years
back (2013?) along with a paper that also mentioned a few issues in
PostgreSQL. And it was dealt with, see for example this thread

/messages/by-id/20130715215950.GA4165@eldon.alvh.no-ip.org

Or is this something new?

No, and I think the article mentions that at least one bug was found
in the postgresql code.

Sorry for the false alarm.

Best regards,

-Tom

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#4Greg Stark
Greg Stark
stark@mit.edu
In reply to: Tomas Vondra (#2)
Re: Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

On Sat, Mar 5, 2016 at 12:41 PM, Tomas Vondra
<tomas.vondra@2ndquadrant.com> wrote:

And it was dealt with

Well. Not dealt with yet. I think it's more or less clear how to
tackle it using macros and builtins now but there's a lot of drudgery
work to actually rewrite all the checks. I have the reports from Xi
Wang's tool saved if anyone else wants to take it up. I would say it's
on my TODO list but that's more of an abstract concept than an actual
list.

--
greg

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#5Greg Stark
Greg Stark
stark@mit.edu
In reply to: Greg Stark (#4)
Re: Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

On Sat, Mar 5, 2016 at 12:59 PM, Greg Stark <stark@mit.edu> wrote:

Well. Not dealt with yet. I think it's more or less clear how to
tackle it using macros and builtins now but there's a lot of drudgery
work to actually rewrite all the checks. I have the reports from Xi
Wang's tool saved if anyone else wants to take it up. I would say it's
on my TODO list but that's more of an abstract concept than an actual
list.

[Removing all the other xposted lists -- don't do that!]

And fwiw the reason it's not an urgent issue for Postgres is because
we build with -fwrapv, essentially asking the compiler for a C
language that offers more guarantees than the standard (but matches
traditional C environments). So there isn't an active bug on Postgres
with GCC (or I think Clang) but may be with other compilers if they
don't have that option.

--
greg

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#6Tom Browder
Tom Browder
tom.browder@gmail.com
In reply to: Greg Stark (#5)
Re: Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

On Sat, Mar 5, 2016 at 7:03 AM, Greg Stark <stark@mit.edu> wrote:

On Sat, Mar 5, 2016 at 12:59 PM, Greg Stark <stark@mit.edu> wrote:

Well. Not dealt with yet. I think it's more or less clear how to
tackle it using macros and builtins now but there's a lot of drudgery
work to actually rewrite all the checks. I have the reports from Xi
Wang's tool saved if anyone else wants to take it up. I would say it's
on my TODO list but that's more of an abstract concept than an actual
list.

[Removing all the other xposted lists -- don't do that!]

Okay, sorry. I thought since the reply was pg-specific it would cut down noise.

-Tom

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#7Greg Stark
Greg Stark
stark@mit.edu
In reply to: Tom Browder (#6)
Re: Static code checker research worth investigating (Communications of the ACM, 03/2016, Vol. 59, No. 03, p. 99)

On Sat, Mar 5, 2016 at 2:35 PM, Tom Browder <tom.browder@gmail.com> wrote:

[Removing all the other xposted lists -- don't do that!]

Okay, sorry. I thought since the reply was pg-specific it would cut down noise.

I'm sorry I was unclear. I meant, I was removing all the others from
my reply and was saying not to cross-post like that in the first
place. I see you removed them in your response too which is good but I
missed that and responded to the previous message.

--
greg

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

← Back to Topics