Faults in Linux: Coccinelle: Reading The Reports

As part of my project, I was required to go understand the previous reports. Previous reports that are generated by tool Coccinelle. I need to list 10 bugs and 10 FPs(False positives by Coccinelle) in the reports.

You can look at the patterns here.

From large array size on stack to double unlockingmissing unlock, to dereferencing nulls, to use after freeing memory, Linux Kernel has it all.

This post is a How To on reading the reports.

We will take the example of bugs which uses X after freeing it.

Here are the reports related to a use after kfree and reports on use after a function that directly or indirectly calls kfree. Have a look at it there are so many of them.

It has reports for Linux Version 2.4 and 2.6. Click on the results, of any version and you can see something like this.

Deciphering the report

  • BUG [[view:/var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::face=ovl-face1::linb=68::colb=2::cole=7][kfree /var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::68]]

[[view:/var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::face=ovl-face2::linb=70::colb=17::cole=19][ref]]
** [[view:/var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::face=ovl-face1::linb=68::colb=2::cole=7][kfree /var/linuxes/linux-2.6.33/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c::68]]

It means it is a Bug. There are two things in the Coccinelle reports. FPs (False Positives) and Bugs (as in Real Bugs in the kernel code).

Let’s move ahead.

It says look at the source code of Linux version 2.6.33 in drivers/video/omap/displays/panel-sharp-ls037v7dw01.c line number 68, here X is freed using kfree.

Look at the next line. It says, at line 70 in source code of linux 2.6.33 inside drivers/video/ompa2/displays/panel-sharp-ls037v7dw01.c, it is referenced after kfreeing!

Locating it

Look at this url http://lxr.free-electrons.com/source/security/keys/gc.c?v=2.6.32#L132. To locate the information we just deciphered from the reports, edit this link and replace the string after source/ to ? to the path you found which was drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c.

v=2.6.32 is linux version. Replace it with 2.6.33 as written in the above reports.

#L132 is the line number, in our case it was 68.

Here is your new link :

http://lxr.free-electrons.com/source/drivers/video/omap2/displays/panel-sharp-ls037v7dw01.c?v=2.6.33#L68

Press Enter and You can see the kfree. Now go on and look at the use after kfree.

Other options to locate

You can also git clone the source code from the kernel tree and locate it on your machine.

 

 

 

 

#bugs, #coccinelle, #linux-kernel