On Wed, 22 May 2019, Dan Carpenter wrote:
>
> On Mon, May 20, 2019 at 10:12:14PM +0530, Himanshu Jha wrote:
> > o Why do we have so many open warnings for context imbalance ? Or
> > Why did we stop at some point annotating the codebase ?
> >
>
> What we're looking for here is mostly bugs where we forget to drop the
> lock on an error path. Sparse isn't a great tool for this because it
> doesn't have very sophisticated flow analysis.
>
> Smatch has decent flow analysis but it too sucks for finding locking
> bugs because I wrote the check_locks.c code 10 years ago. I said I
> would re-write it seven years ago but I never got around to it. The
> smatch check doesn't do cross function analysis, for example...
>
> > struct foo {
> > struct mutex lock;
> > int balance __protected_by(lock);
> > }
> >
> > Can this be done ? Or lock should be global ?
> >
> > Because clang analysis wants it to be global!
>
> A __protected_by() annotation sounds like a good idea. I don't really
> care about the format too much. If the information were in a comment
> and we could parse with a perl script that would be fine. Or we could
> do:
>
> struct foo {
> struct mutex lock;
> __start_protected(lock);
> int a, b, c;
> __end_protected(lock);
> };
That looks really nice :)
julia
>
> In Smatch, I would add an "if (is_probe_function()) return;" and similar
> hacks to silence the majority of false positives.
>
> regards,
> dan carpenter
>
