Faults in Linux: Ten Years Later
This page contains the semantic patches and analyzed output for the
following checkers (the descriptions are from Chou et al, SOSP 2001):
-
Block: To avoid deadlock, do not call blocking functions with
interrupts disabled or a spinlock held. We consider the variant BlockLock,
which can be described as: to avoid deadlock, do not call blocking
functions with a spinlock held.
-
Null: Check potentially NULL pointers returned from routines
-
Var: Do not allocate large stack variables (> 1K) on the fixed-size
kernel stack
-
INull: Do not make inconsistent assumptions about whether a pointer is
NULL
-
Range: Always check bounds of array indices and loop bounds derived
from user data
-
Lock: Release acquired locks;Do not double-acquire locks
-
Intr: Restore disable interrupts
-
Free: Do not use freed memory
-
Float: Do not use floating point in the kernel
-
Size: Allocate enough memory to hold the type for which you are allocating.
The following checkers were not present in Chou et al.'s work, and focus on
RCU locking functions:
-
LockRCU: Release acquired RCU locks
-
BlockRCU: Do not call blocking functions with RCU locks held.
-
DerefRCU: An RCU dereference should occur with an RCU lock held.