Smatch v1.72 released

From: Dan Carpenter
Date: Wed Sep 01 2021 - 11:24:14 EST

Next message: Dave Hansen: "Re: [PATCH v29 23/32] x86/cet/shstk: Add user-mode shadow stack support"
Previous message: Alexei Starovoitov: "Re: [PATCH 0/8] x86/ftrace: Add direct batch interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Smatch is a C static checker with a lot of kernel specific checks. You
can download it from: http://repo.or.cz/w/smatch.git. Or if you prefer
a github mirror, then you can download it from
https://github.com/error27/smatch I'm trying to do more regular
releases (two per year).

Special shout out to Pavel Skripkin who wrote a check for use after
frees releated to free_netdev() and to Harshvardhan Jha who wrote some
new code and fixes for how Smatch handles bit tests.

With this release, internally the param/key API has been fleshed out and
improved. The check_unwind.c is an example of that where the
return_param_release() is used by hard coded data in the func_table[]
array and it is also used by the DB. It just removes a lot of boiler
plate code and it makes working with the database easier.

The other thing that's new is the SSA module which is also used in
check_unwind.c. It's so that if you have:

ret = alloc();
if (IS_ERR(ret))
return;
p->foo = ret;

Now if you "p->foo" that's the same as freeing "ret". The param/key API
and the SSA module are going to be important going forward and I'll
probably end up re-writing a lot of code to take advantage of them.

The exciting new check in this release is the scheduling in atomic
check. It requires the cross function DB to be useful. And the
warnings that it prints require cross function analysis to understand.

net/sctp/socket.c:480 sctp_send_asconf() warn: sleeping in atomic context

The line 480 calls sctp_primitive_ASCONF() which uses a GFP_KERNEL flag
so presumably it sleeps. Use the `smatch_data/db/smdb.py preempt`
command to print the call tree and find out where the spin lock is held.

$ smdb.py preempt sctp_send_asconf
sctp_addr_wq_timeout_handler() <- disables preempt
-> sctp_asconf_mgmt()
-> sctp_send_asconf_add_ip()
sctp_asconf_mgmt() <duplicate>
-> sctp_send_asconf_del_ip()
-> sctp_send_asconf()
$

When the call tree is so long like this there is a lot of chance for
false positives but really it's surprising how high quality these
warnings are.

Please test and let me know if you find any issues!

regards,
dan carpenter

Next message: Dave Hansen: "Re: [PATCH v29 23/32] x86/cet/shstk: Add user-mode shadow stack support"
Previous message: Alexei Starovoitov: "Re: [PATCH 0/8] x86/ftrace: Add direct batch interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]