Documentation: dev-tools: Add a section for static analysis tools

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Complement the Kernel Testing Guide documentation page by adding a
section about static analysis tools.

Signed-off-by: Marcelo Schmitt <marcelo.schmitt1@gmail.com>
Acked-by: Daniel Latypov <dlatypov@google.com>
Acked-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Julia Lawall <julia.lawall@inria.fr>
Reviewed-by: David Gow <davidgow@google.com>
Reviewed-by: Shuah Khan <skhan@linuxfoundation.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>

authored by

Marcelo Schmitt and committed by

Jonathan Corbet 4 years ago 12379401 2c2de6f2

+31

1 changed file

expand all

Documentation

dev-tools

testing-overview.rst

+31

Documentation/dev-tools/testing-overview.rst

··· 115 115 Some of these tools integrate with KUnit or kselftest and will 116 116 automatically fail tests if an issue is detected. 117 117 118 + Static Analysis Tools 119 + ===================== 120 + 121 + In addition to testing a running kernel, one can also analyze kernel source code 122 + directly (**at compile time**) using **static analysis** tools. The tools 123 + commonly used in the kernel allow one to inspect the whole source tree or just 124 + specific files within it. They make it easier to detect and fix problems during 125 + the development process. 126 + 127 + Sparse can help test the kernel by performing type-checking, lock checking, 128 + value range checking, in addition to reporting various errors and warnings while 129 + examining the code. See the Documentation/dev-tools/sparse.rst documentation 130 + page for details on how to use it. 131 + 132 + Smatch extends Sparse and provides additional checks for programming logic 133 + mistakes such as missing breaks in switch statements, unused return values on 134 + error checking, forgetting to set an error code in the return of an error path, 135 + etc. Smatch also has tests against more serious issues such as integer 136 + overflows, null pointer dereferences, and memory leaks. See the project page at 137 + http://smatch.sourceforge.net/. 138 + 139 + Coccinelle is another static analyzer at our disposal. Coccinelle is often used 140 + to aid refactoring and collateral evolution of source code, but it can also help 141 + to avoid certain bugs that occur in common code patterns. The types of tests 142 + available include API tests, tests for correct usage of kernel iterators, checks 143 + for the soundness of free operations, analysis of locking behavior, and further 144 + tests known to help keep consistent kernel usage. See the 145 + Documentation/dev-tools/coccinelle.rst documentation page for details. 146 + 147 + Beware, though, that static analysis tools suffer from **false positives**. 148 + Errors and warns need to be evaluated carefully before attempting to fix them.