Hello, I am currently researching methods for applying static analysis to software projects which use multiple languages. As part of this effort, I am writing a tool which does type inference across foreign function calls in order to detect bugs in programs which use the OCaml/C foreign function interface. While the tool isn't quite ready for release yet(soon i hope!), I have already found some bugs in several programs which I have run it on. I haven't run it on all of the programs on your web page, just the ssl and vorbis libraries(I actually just picked things at random from the OCaml Humps page) and wanted to let you know about the bugs I found in it. For the ocaml-vorbis library, I found just one small bug:
In file vorbis_stubs.c, function copy_buffer:120: CAMLparam/local was used but there is no CAMLreturn on this branch For the ssl library, my tool reported 4 errors and 2 warnings. The errors are: In file ssl_stubs.c, function ocaml_ssl_connect:216: Int_val instead of Val_int (or vice versa) In file ssl_stubs.c, function ocaml_ssl_write:228: While checking the sig of caml_raise_with_arg while looking at param (((long)err<<1)+1), Int_val instead of Val_int (or vice versa) In file ssl_stubs.c, function ocaml_ssl_read:240: While checking the sig of caml_raise_with_arg while looking at param (((long)err<<1)+1), Int_val instead of Val_int (or vice versa) In file ssl_stubs.c, function ocaml_ssl_accept:251: While checking the sig of Int_val Int_val instead of Val_int (or vice versa) The two warnings are about functions omitting a parameter of type 'unit'. Recall that OCaml represents "unit" as the value Val_int(0), so when a function is called with an argument of type "unit", a value will be placed on the C stack, even though it is rather useless. Although omitting this argument won't cause any ill effects, it is a type error(C and Ocaml will view the stack with different sizes) and I feel it should be fixed for "Good Practice". In file ssl_stubs.c, function ocaml_ssl_create_client_context:67: arity mismatch. Expecting a function with sig: unit but got instead: <empty> In file ssl_stubs.c, function ocaml_ssl_init:171: arity mismatch. Expecting a function with sig: unit but got instead: <empty> I hope you find this bug report useful. If you are interested in reading about how the tool works, I have released a technical report describing the technique and it is available from my web page[1]. Also, if you have any suggestions as to how a static analysis tool might further help you develop multi-lingual software more efficiently, I would love to hear about it. Cheers, -Mike 1 - http://www.cs.umd.edu/~furr/
