Sparse

Sparse is a computer software tool designed to find possible coding faults in the Linux kernel.[2] Unlike other such tools, this static analysis tool was initially designed to only flag constructs that were likely to be of interest to kernel developers, such as the mixing of pointers to user and kernel address spaces.

Sparse
Original author(s)Linus Torvalds
Developer(s)Josh Triplett, Christopher Li, Luc Van Oostenryck
Initial release2003
Stable release
0.6.3 / October 18, 2020 (2020-10-18)[1]
Repository
Written inC
Operating systemLinux, BSD, OS X, MinGW, Cygwin
TypeStatic code analysis
LicenseMIT License
Websitesparse.docs.kernel.org

Sparse checks for known problems and allows the developer to include annotations in the code that convey information about data types, such as the address space that pointers point to and the locks that a function acquires or releases.

Linus Torvalds started writing Sparse in 2003. Josh Triplett was its maintainer from 2006, a role taken over by Christopher Li in 2009[3] and by Luc Van Oostenryck in November 2018.[4] Sparse is released under the MIT License.

Annotations

Some of the checks performed by Sparse require annotating the source code using the __attribute__ GCC extension, or the Sparse-specific __context__ specifier.[5] Sparse defines the following list of attributes:

  • address_space(num)
  • bitwise
  • force
  • context(expression,in_context,out_context)

When an API is defined with a macro, the specifier __attribute__((context(...))) can be replaced by __context__(...).

Linux kernel definitions

The Linux kernel defines the following short forms as pre-processor macros in files linux/compiler.h and linux/types.h (when building without the __CHECKER__ flag, all these annotations are removed from the code):

#ifdef __CHECKER__
# define __user		__attribute__((noderef, address_space(1)))
# define __kernel	__attribute__((address_space(0)))
# define __safe		__attribute__((safe))
# define __force	__attribute__((force))
# define __nocast	__attribute__((nocast))
# define __iomem	__attribute__((noderef, address_space(2)))
# define __must_hold(x)	__attribute__((context(x,1,1)))
# define __acquires(x)	__attribute__((context(x,0,1)))
# define __releases(x)	__attribute__((context(x,1,0)))
# define __acquire(x)	__context__(x,1)
# define __release(x)	__context__(x,-1)
# define __cond_lock(x,c)	((c) ? ({ __acquire(x); 1; }) : 0)
# define __percpu	__attribute__((noderef, address_space(3)))
#ifdef CONFIG_SPARSE_RCU_POINTER
# define __rcu		__attribute__((noderef, address_space(4)))
#else
# define __rcu
#endif
extern void __chk_user_ptr(const volatile void __user *);
extern void __chk_io_ptr(const volatile void __iomem *);
#else
# define __user
# define __kernel
# define __safe
# define __force
# define __nocast
# define __iomem
# define __chk_user_ptr(x) (void)0
# define __chk_io_ptr(x) (void)0
# define __builtin_warning(x, y...) (1)
# define __must_hold(x)
# define __acquires(x)
# define __releases(x)
# define __acquire(x) (void)0
# define __release(x) (void)0
# define __cond_lock(x,c) (c)
# define __percpu
# define __rcu
#endif
#ifdef __CHECKER__
# define __bitwise    __attribute__((bitwise))
#else
# define __bitwise
#endif

Examples

The types __le32 and __be32 represent 32-bit integer types with different endianness. However, the C language does not allow to specify that variables of these types should not be mixed. The bitwise attribute is used to mark these types as restricted, so Sparse will give a warning if variables of these types or other integer variables are mixed:

typedef __u32 __bitwise     __le32;
typedef __u32 __bitwise     __be32;

To mark valid conversions between restricted types, a casting with the force attribute is used to avoid Sparse giving a warning.

See also

References

  1. Luc Van Oostenryck (2020-10-18). "Sparse 0.6.3". [email protected] (Mailing list). Retrieved 2020-12-05.
  2. Yoann Padioleau; René Rydhof Hansen; Julia L. Lawall; Gilles Muller (2006). Semantic patches for documenting and automating collateral evolutions in Linux device drivers. Proceedings of the 3rd workshop on Programming languages and operating systems: linguistic support for modern operating systems. CiteSeerX 10.1.1.122.7080. doi:10.1145/1215995.1216005. ISBN 1-59593-577-0. The Linux community has recently begun using various tools to better analyze C code. Sparse is a library that, like a compiler front end, provides convenient access to the abstract syntax tree and typing information of a C program.
  3. Christopher Li (2009-10-16). "Sparse 0.4.2 released". linux-sparse (Mailing list). Retrieved 2010-11-06.
  4. change Sparse's maintainer, retrieved December 10, 2018
  5. "Attribute Syntax Using the GNU Compiler Collection (GCC)". Free Software Foundation. Retrieved 2010-11-13.

Further reading

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.