[prev in list] [next in list] [prev in thread] [next in thread]
List: squeak-vm-dev
Subject: [Vm-dev] VM safety: missing failing guards in SmartSyntaxPlugin
From: Nicolas Cellier <nicolas.cellier.aka.nice () gmail ! com>
Date: 2015-03-31 22:49:51
Message-ID: CAKnRiT7S4N70N68QX+ouqNCcPfhriRtEqTDMG-LirByTtLRVNw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #3 (multipart/related)]
[Attachment #5 (multipart/alternative)]
Hi again,
with clang analyzer I noticed a bunch of failing guards missing.
For example, take this one:
[image: Images intégrées 1]This code comes from:
primitiveSocketConnectionStatus: socket
| s status |
<var: #s type: 'SocketPtr '>
self primitive: 'primitiveSocketConnectionStatus'
parameters: #(Oop).
s := self socketValueOf: socket.
interpreterProxy failed ifFalse: [
status := self sqSocketConnectionStatus: s].
^ status asSmallIntegerObj
Maybe it's innocuous to generate an integerObjectOf:
somethingNotInitialized, but who knows what more dangerous expression might
be returned...
This is the SmartSyntaxPluginCodeGenerator at work.
looking at this SmartSyntaxPluginTMethod method, I feel like it is a
missing guard near the bottom, find correction attached:
fixUpReturnOneStmt: stmt on: sStream
stmt isReturn ifFalse: [^sStream nextPut: stmt].
(stmt expression isSend
and: [#('primitiveFail' 'primitiveFailFor:') includes: stmt expression
selector]) ifTrue:
["failure return"
sStream nextPut: stmt expression.
sStream nextPut: self nullReturnExpr.
^nil].
(stmt expression isVariable and: ['nil' = stmt expression name])
ifTrue:
["^ nil -- this is never right unless automatically generated"
sStream nextPut: stmt.
^nil].
(stmt expression isVariable and: ['self' = stmt expression name])
ifTrue:
["^ self"
self generateFailureGuardOn: sStream.
fullArgs isEmpty ifFalse:[ sStream nextPut: (self popExpr:
fullArgs size)].
sStream nextPut: self nullReturnExpr.
^nil].
(stmt expression isVariable | stmt expression isConstant |
suppressingFailureGuards) ifTrue:
["^ variable or ^ constant or ^ expr without guardchecking"
self generateFailureGuardOn: sStream.
sStream nextPut: (self pop: fullArgs size + 1 thenReturnExpr: stmt
expression).
sStream nextPut: self nullReturnExpr.
^nil].
"^ expr with guardchecking"
"vvvvvv LOOK HERE vvvvvvvvvvvvvv"
self generateFailureGuardOn: sStream.
"^^^^^^ THIS GUARD WAS MISSING I HAD TO ADD IT"
sStream nextPut: (self assign: (self oopVariable: '_return_value')
expression: stmt expression).
self generateFailureGuardOn: sStream.
sStream nextPut: (self pop: fullArgs size + 1 thenReturnExpr: (self
oopVariable: '_return_value')).
sStream nextPut: self nullReturnExpr
[Attachment #8 (text/html)]
<div dir="ltr"><div><div><div><div><div><div>Hi again,<br></div>with clang analyzer I \
noticed a bunch of failing guards missing.<br></div>For example, take this \
one:<br><br><img alt="Images intégrées 1" src="cid:ii_14c71fd8f594d381" width="532" \
height="297">This code comes from:<br></div>primitiveSocketConnectionStatus: \
socket<br><br> | s status |<br> <var: #s type: 'SocketPtr \
'><br> self primitive: 'primitiveSocketConnectionStatus'<br> \
parameters: #(Oop).<br> s := self socketValueOf: socket.<br> \
interpreterProxy failed ifFalse: [<br> status := self \
sqSocketConnectionStatus: s].<br> ^ status asSmallIntegerObj<br><br>Maybe \
it's innocuous to generate an integerObjectOf: somethingNotInitialized, but who \
knows what more dangerous expression might be returned...<br><br></div>This is the \
SmartSyntaxPluginCodeGenerator at work.<br></div>looking at this \
SmartSyntaxPluginTMethod method, I feel like it is a missing guard near the bottom, \
find correction attached:<br><br>fixUpReturnOneStmt: stmt on: sStream<br><br> \
stmt isReturn ifFalse: [^sStream nextPut: stmt].<br> (stmt expression \
isSend<br> and: [#('primitiveFail' 'primitiveFailFor:') \
includes: stmt expression selector]) ifTrue: <br> ["failure \
return"<br> sStream nextPut: stmt expression.<br> \
sStream nextPut: self nullReturnExpr.<br> ^nil].<br> (stmt \
expression isVariable and: ['nil' = stmt expression name]) ifTrue: <br> \
["^ nil -- this is never right unless automatically generated"<br> \
sStream nextPut: stmt.<br> ^nil].<br> (stmt expression \
isVariable and: ['self' = stmt expression name]) ifTrue: <br> \
["^ self"<br> self generateFailureGuardOn: sStream.<br> \
fullArgs isEmpty ifFalse:[ sStream nextPut: (self popExpr: fullArgs size)].<br> \
sStream nextPut: self nullReturnExpr.<br> ^nil].<br> (stmt \
expression isVariable | stmt expression isConstant | suppressingFailureGuards) \
ifTrue:<br> ["^ variable or ^ constant or ^ expr without \
guardchecking"<br> self generateFailureGuardOn: sStream.<br> \
sStream nextPut: (self pop: fullArgs size + 1 thenReturnExpr: stmt expression).<br> \
sStream nextPut: self nullReturnExpr.<br> ^nil].<br> "^ \
expr with guardchecking"<br><br></div><div> "vvvvvv LOOK \
HERE vvvvvvvvvvvvvv"<br></div><div> self \
generateFailureGuardOn: sStream.<br></div> "^^^^^^ THIS GUARD \
WAS MISSING I HAD TO ADD IT"<br><br><div> sStream nextPut: (self assign: \
(self oopVariable: '_return_value') expression: stmt expression).<br> \
self generateFailureGuardOn: sStream.<br> sStream nextPut: (self pop: fullArgs \
size + 1 thenReturnExpr: (self oopVariable: '_return_value')).<br> \
sStream nextPut: self nullReturnExpr<br><br></div></div>
--001a1142ec62a3921f05129d6a1e--
["=?UTF-8?B?Q2FwdHVyZSBk4oCZZcyBY3JhbiAyMDE1LTA0LTAxIGHMgCAwMC4zNy41NS5wbmc=?=" (image/png)]
["SmartSyntaxPluginTMethod-fixUpReturnOneStmton.st" (application/octet-stream)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic