On Fri, 2019-11-15 at 20:23 -0500, David Malcolm wrote: > This patch adds a state machine checker for stdio's FILE stream API. > > gcc/ChangeLog: > * analyzer/sm-file.cc: New file. I note this seems somewhat incomplete -- which is fine given my recommendation was to focus on the double-free analyzer. The biggest question is do we want to include this in the first iteration? Perhaps as an example that others can flesh out to capture the missing stuff (like operations on released FD or file pointers?)
The similarities with double-free, use-after-free are significant. But I hesitate to suggest trying to generaize and merge them at this point. jeff
