C · How To

Faults in Linux: Coccinelle: Reading The Reports

As part of my project, I was required to go understand the previous reports. Previous reports that are generated by tool Coccinelle. I need to list 10 bugs and 10 FPs(False positives by Coccinelle) in the reports.

You can look at the patterns here.

From large array size on stack to double unlockingmissing unlock, to dereferencing nulls, to use after freeing memory, Linux Kernel has it all.

This post is a How To on reading the reports.

We will take the example of bugs which uses X after freeing it.

Here are the reports related to a use after kfree and reports on use after a function that directly or indirectly calls kfree. Have a look at it there are so many of them.

It has reports for Linux Version 2.4 and 2.6. Click on the results, of any version and you can see something like this.

Deciphering the report

* BUG [[view:/var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::face=ovl-face1::linb=68::colb=2::cole=7][kfree /var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::68]]
[[view:/var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::face=ovl-face2::linb=70::colb=17::cole=19][ref]]
** [[view:/var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::face=ovl-face1::linb=68::colb=2::cole=7][kfree /var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::68]]

It means it is a Bug. There are two things in the Coccinelle reports. FPs (False Positives) and Bugs (as in Real Bugs in the kernel code).

Let’s move ahead.

It says look at the source code of Linux version 2.6.33 in drivers/video/omap/displays/panel-sharp-ls037v7dw01.c line number 68, here X is freed using kfree.

Look at the next line. It says, at line 70 in source code of linux 2.6.33 inside drivers/video/ompa2/displays/panel-sharp-ls037v7dw01.c, it is referenced after kfreeing!

 

Locating it

Look at this url http://lxr.free-electrons.com/source/security/keys/gc.c?v=2.6.32#L132. To locate the information we just deciphered from the reports, edit this link and replace the string after source/ to ? to the path you found which was drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c.

v=2.6.32 is linux version. Replace it with 2.6.33 as written in the above reports.

#L132 is the line number, in our case it was 68.

Here is your new link :

http://lxr.free-electrons.com/source/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c?v=2.6.33#L68

Press Enter and You can see the kfree. Now go on and look at the use after kfree.

 

Other Options To Locate

You can also git clone the source code from the kernel tree and locate it on your machine.

 

You just found a Real Bug in Linux Kernel!

Coccinelle is awesome. Isn’t it?

Now you can go on and read the reports.

 

 

 

 

Advertisements

16 thoughts on “Faults in Linux: Coccinelle: Reading The Reports

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s