clang scan-build stack escape checker example 1

Craig Ringer · Craig Ringer · commit 893926d8ae07 · 2020-09-04T15:24:48.000+08:00
for pg mailing list thread https://www.postgresql.org/message-id/CAMsr+YE8tveiaGPuNzw+5fuo0yeZf7LePVLpx9MxUrFHMBG0gQ@mail.gmail.com
diff --git a/c/clang_return_stack_checks/.gitignore b/c/clang_return_stack_checks/.gitignore
@@ -0,0 +1,2 @@
+guard.so
+return_stack_escape
diff --git a/c/clang_return_stack_checks/Makefile b/c/clang_return_stack_checks/Makefile
@@ -0,0 +1,13 @@
+CC ?= clang
+CFLAGS ?= -Wall -Wextra
+
+all: return_stack_escape
+
+guard.so: guard.c guard.h
+	$(CC) -shared -fPIC $< -o $@
+
+return_stack_escape: return_stack_escape.c guard.so
+	$(CC) $< ./guard.so -o $@
+
+clean:
+	rm -f guard.so return_stack_escape
diff --git a/c/clang_return_stack_checks/README.md b/c/clang_return_stack_checks/README.md
@@ -0,0 +1 @@
+Examples for thread https://www.postgresql.org/message-id/CAMsr+YE8tveiaGPuNzw+5fuo0yeZf7LePVLpx9MxUrFHMBG0gQ@mail.gmail.com
diff --git a/c/clang_return_stack_checks/guard.c b/c/clang_return_stack_checks/guard.c
@@ -0,0 +1,3 @@
+#include "guard.h"
+
+struct guard * guard_ptr = 0;
diff --git a/c/clang_return_stack_checks/guard.h b/c/clang_return_stack_checks/guard.h
@@ -0,0 +1,27 @@
+#include <stdint.h>
+#include <assert.h>
+
+struct guard
+{
+	int8_t guard_set;
+};
+
+extern struct guard * guard_ptr;
+
+static void
+set_guard(struct guard * const g)
+{
+	assert(!g->guard_set);
+	assert(!guard_ptr);
+	g->guard_set = 1;
+	guard_ptr = g;
+}
+
+static inline void
+clear_guard(struct guard * const g)
+{
+	assert(g->guard_set);
+	assert(guard_ptr);
+	g->guard_set = 0;
+	guard_ptr = 0;
+}
diff --git a/c/clang_return_stack_checks/return_stack_escape.c b/c/clang_return_stack_checks/return_stack_escape.c
@@ -0,0 +1,43 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <error.h>
+
+#include "guard.h"
+
+int
+foo(int do_fail)
+{
+	struct guard g = {0};
+	set_guard(&g);
+
+	if (do_fail)
+		return do_fail;
+
+	clear_guard(&g);
+
+	return do_fail;
+}
+
+int
+main(int argc, char * argv[])
+{
+	int do_fail;
+	int ret;
+	char * endpos;
+
+	if (argc != 2)
+		error(2, 0, "usage: %s 0|1", argv[0]);
+
+	do_fail = strtol(argv[1], &endpos, 10);
+	if (*endpos != '\0')
+		error(2, 0, "couldn't parse \"%s\" as an integer", argv[1]);
+
+	ret = foo(do_fail);
+
+	if (guard_ptr)
+		printf("guard value: %hhd\n", guard_ptr->guard_set);
+	else
+		printf("guard value: no guard pointer\n");
+
+	return ret;
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Examples for thread https://www.postgresql.org/message-id/CAMsr+YE8tveiaGPuNzw+5fuo0yeZf7LePVLpx9MxUrFHMBG0gQ@mail.gmail.com`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+#include "guard.h"`
	`2`	`+`
	`3`	`+struct guard * guard_ptr = 0;`