From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C8670C433EB for ; Thu, 6 Aug 2020 11:13:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 036CE22D06 for ; Thu, 6 Aug 2020 11:13:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1596712395; bh=pTEK0v/eMU6Hweu7R4kE7tZQJ1Zz4AzqIfKiYeo5t4E=; h=References:In-Reply-To:From:Date:Subject:To:Cc:List-ID:From; b=BYl+dG4PmFOsXOIaSlhoztHEQL0T3nKgtgBmK6beSsD7nAUbCIfAkyvOOJLS6S3yg rPmYD1LUCjQLXiG9X0TFGYbOHm6YQSa1em12WriBl9SjZeAnx+Botawvx65kG1I/S5 +sRCe7FYU40a5azp0Wvam67LsROqE7qcm0OKrGNs= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728870AbgHFIo7 (ORCPT ); Thu, 6 Aug 2020 04:44:59 -0400 Received: from conssluserg-04.nifty.com ([210.131.2.83]:35593 "EHLO conssluserg-04.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727768AbgHFIo6 (ORCPT ); Thu, 6 Aug 2020 04:44:58 -0400 Received: from mail-ua1-f46.google.com (mail-ua1-f46.google.com [209.85.222.46]) (authenticated) by conssluserg-04.nifty.com with ESMTP id 0768iVEo005200; Thu, 6 Aug 2020 17:44:32 +0900 DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-04.nifty.com 0768iVEo005200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com; s=dec2015msa; t=1596703472; bh=iLRyjLHDiM1j11Hh0Jt/NFe8uSNpgWQk85B8WTb/cO0=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=T+NyKf4sLicS3p03PKiijYNYce6IXQMCWayE9017bHx6TrmcxRWQlqRjfMWvkwf2H Pn8W7fEnsOeZcLXN9rlLSwTKceFrxcI9QFRpVlG6LjHFTdaqnB0W0CyOgTbcnXi0YP zm3lKDB2OY0SMwLrIVZBIXWiNNcHxbrZFckSRaE6rNBV0nTr9C2z5NjCywoOgP2t3u poiMLGhY4IJJ+rHYQ8Nggp6nyJwv6cRz7jPaTYie/+vHm2OXleD3cjSEvOAXU3im9o wKrKgEZCW9hcbjH4PTh65GR4E0Nv1jP50aXaODmCjNUm//w5AoG3emVe4JIBeMY/EA fEHME3eeyE4dw== X-Nifty-SrcIP: [209.85.222.46] Received: by mail-ua1-f46.google.com with SMTP id g20so10124911uan.7; Thu, 06 Aug 2020 01:44:32 -0700 (PDT) X-Gm-Message-State: AOAM532/C3U1KyQNMv50LpGonID9xkOki/TaLbzSRENVmHJ/9h3ji2w4 DYA+CAPCUd73Xwpox0PUZKOniu/gamScr0wphqg= X-Google-Smtp-Source: ABdhPJzW4S/4EI07UAoDN4Y8J6aSLylUwAnH+TKxjWS+zeCGgdXDb38DMiXnksX1Wuwq9xDSdTCkNpm0osrdg6ktSZA= X-Received: by 2002:ab0:41:: with SMTP id 59mr4940875uai.40.1596703471156; Thu, 06 Aug 2020 01:44:31 -0700 (PDT) MIME-Version: 1.0 References: <20200728004736.3590053-1-nhuck@google.com> In-Reply-To: <20200728004736.3590053-1-nhuck@google.com> From: Masahiro Yamada Date: Thu, 6 Aug 2020 17:43:54 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v7] Makefile: Add clang-tidy and static analyzer support to makefile To: Nathan Huckleberry Cc: Michal Marek , Linux Kbuild mailing list , Linux Kernel Mailing List , clang-built-linux , Pirama Arumuga Nainar , Bill Wendling Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jul 28, 2020 at 9:47 AM Nathan Huckleberry wrote: > > This patch adds clang-tidy and the clang static-analyzer as make > targets. The goal of this patch is to make static analysis tools > usable and extendable by any developer or researcher who is familiar > with basic c++. > > The current static analysis tools require intimate knowledge of the > internal workings of the static analysis. Clang-tidy and the clang > static analyzers expose an easy to use api and allow users unfamiliar > with clang to write new checks with relative ease. > > ===Clang-tidy=== > > Clang-tidy is an easily extendable 'linter' that runs on the AST. > Clang-tidy checks are easy to write and understand. A check consists of > two parts, a matcher and a checker. The matcher is created using a > domain specific language that acts on the AST > (https://clang.llvm.org/docs/LibASTMatchersReference.html). When AST > nodes are found by the matcher a callback is made to the checker. The > checker can then execute additional checks and issue warnings. > > Here is an example clang-tidy check to report functions that have calls > to local_irq_disable without calls to local_irq_enable and vice-versa. > Functions flagged with __attribute((annotation("ignore_irq_balancing"))) > are ignored for analysis. (https://reviews.llvm.org/D65828) > > ===Clang static analyzer=== > > The clang static analyzer is a more powerful static analysis tool that > uses symbolic execution to find bugs. Currently there is a check that > looks for potential security bugs from invalid uses of kmalloc and > kfree. There are several more general purpose checks that are useful for > the kernel. > > The clang static analyzer is well documented and designed to be > extensible. > (https://clang-analyzer.llvm.org/checker_dev_manual.html) > (https://github.com/haoNoQ/clang-analyzer-guide/releases/download/v0.1/clang-analyzer-guide-v0.1.pdf) > > The main draw of the clang tools is how accessible they are. The clang > documentation is very nice and these tools are built specifically to be > easily extendable by any developer. They provide an accessible method of > bug-finding and research to people who are not overly familiar with the > kernel codebase. > > Signed-off-by: Nathan Huckleberry > --- > Changes v6->v7 > * Fix issues with relative paths > * Additional style fixes > MAINTAINERS | 1 + > Makefile | 3 + > scripts/clang-tools/Makefile.clang-tools | 23 ++++++ > .../{ => clang-tools}/gen_compile_commands.py | 0 > scripts/clang-tools/run-clang-tools.py | 74 +++++++++++++++++++ > 5 files changed, 101 insertions(+) > create mode 100644 scripts/clang-tools/Makefile.clang-tools > rename scripts/{ => clang-tools}/gen_compile_commands.py (100%) > create mode 100755 scripts/clang-tools/run-clang-tools.py > > diff --git a/MAINTAINERS b/MAINTAINERS > index 1d4aa7f942de..a444564e5572 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -4198,6 +4198,7 @@ W: https://clangbuiltlinux.github.io/ > B: https://github.com/ClangBuiltLinux/linux/issues > C: irc://chat.freenode.net/clangbuiltlinux > F: Documentation/kbuild/llvm.rst > +F: scripts/clang-tools/ > K: \b(?i:clang|llvm)\b > > CLEANCACHE API > diff --git a/Makefile b/Makefile > index fe0164a654c7..3e2df010b342 100644 > --- a/Makefile > +++ b/Makefile > @@ -747,6 +747,7 @@ KBUILD_CFLAGS += $(call cc-option,-fno-allow-store-data-races) > > include scripts/Makefile.kcov > include scripts/Makefile.gcc-plugins > +include scripts/clang-tools/Makefile.clang-tools > > ifdef CONFIG_READABLE_ASM > # Disable optimizations that make assembler listings hard to read. > @@ -1543,6 +1544,8 @@ help: > @echo ' export_report - List the usages of all exported symbols' > @echo ' headerdep - Detect inclusion cycles in headers' > @echo ' coccicheck - Check with Coccinelle' > + @echo ' clang-analyzer - Check with clang static analyzer' > + @echo ' clang-tidy - Check with clang-tidy' > @echo '' > @echo 'Tools:' > @echo ' nsdeps - Generate missing symbol namespace dependencies' > diff --git a/scripts/clang-tools/Makefile.clang-tools b/scripts/clang-tools/Makefile.clang-tools > new file mode 100644 > index 000000000000..5c9d76f77595 > --- /dev/null > +++ b/scripts/clang-tools/Makefile.clang-tools > @@ -0,0 +1,23 @@ > +# SPDX-License-Identifier: GPL-2.0 > +# > +# Copyright (C) Google LLC, 2020 > +# > +# Author: Nathan Huckleberry > +# > +PHONY += clang-tidy > +clang-tidy: > +ifdef CONFIG_CC_IS_CLANG > + $(PYTHON3) scripts/clang-tools/gen_compile_commands.py > + $(PYTHON3) scripts/clang-tools/run-clang-tools.py clang-tidy compile_commands.json > +else > + $(error clang-tidy requires CC=clang) > +endif > + > +PHONY += clang-analyzer > +clang-analyzer: > +ifdef CONFIG_CC_IS_CLANG > + $(PYTHON3) scripts/clang-tools/gen_compile_commands.py > + $(PYTHON3) scripts/clang-tools/run-clang-tools.py clang-analyzer compile_commands.json > +else > + $(error clang-analyzer requires CC=clang) > +endif You can unify the almost same two rules. PHONY += clang-tidy clang-analyzer clang-tidy clang-analyzer: ifdef CONFIG_CC_IS_CLANG $(PYTHON3) scripts/clang-tools/gen_compile_commands.py $(PYTHON3) scripts/clang-tools/run-clang-tools.py $@ compile_commands.json else $(error $@ requires CC=clang) endif But, before we proceed, please tell me what this check is intended for. Case 1) Build the kernel with CC=clang, and then run clang-tidy without CC=clang. $ make CC=clang defconfig $ make CC=clang -j$(nproc) $ make clang-tidy scripts/clang-tools/Makefile.clang-tools:13: *** clang-tidy requires CC=clang. Stop. Case 2) Build the kernel using GCC, and then run clang-tidy with CC=clang. $ make defconfig $ make -j$(nproc) $ make CC=clang clang-tidy This patch happily runs clang-tidy although compile_commands.json contains GCC commands. So, it checks if you have passed CC=clang to "make clang-tidy", where I do not see any user of the $(CC) variable. It does not care whether you have built the kernel with GCC or Clang. What happens if you run clang-tidy against compile_commands.json that contains GCC commands? I also care about stale commands in compile_commands.json. gen_compile_commands.py creates compile_commands.json based on *.cmd files it found. If you rebuild the kernel for various settings using GCC/clang without "make clean", stale .*.cmd files will grow. compile_commands.json will pick up commands from older compilation, i.e. the end up with the mixture of GCC/Clang commands. So, I'd like to know how clang-tidy handles the GCC commands from compile_commands.json > diff --git a/scripts/gen_compile_commands.py b/scripts/clang-tools/gen_compile_commands.py > similarity index 100% > rename from scripts/gen_compile_commands.py > rename to scripts/clang-tools/gen_compile_commands.py > diff --git a/scripts/clang-tools/run-clang-tools.py b/scripts/clang-tools/run-clang-tools.py > new file mode 100755 > index 000000000000..fa7655c7cec0 > --- /dev/null > +++ b/scripts/clang-tools/run-clang-tools.py > @@ -0,0 +1,74 @@ > +#!/usr/bin/env python > +# SPDX-License-Identifier: GPL-2.0 > +# > +# Copyright (C) Google LLC, 2020 > +# > +# Author: Nathan Huckleberry > +# > +"""A helper routine run clang-tidy and the clang static-analyzer on > +compile_commands.json. > +""" > + > +import argparse > +import json > +import multiprocessing > +import os > +import subprocess > +import sys > + > + > +def parse_arguments(): > + """Set up and parses command-line arguments. > + Returns: > + args: Dict of parsed args > + Has keys: [path, type] > + """ > + usage = """Run clang-tidy or the clang static-analyzer on a > + compilation database.""" > + parser = argparse.ArgumentParser(description=usage) > + > + type_help = "Type of analysis to be performed" > + parser.add_argument("type", > + choices=["clang-tidy", "clang-analyzer"], > + help=type_help) > + path_help = "Path to the compilation database to parse" > + parser.add_argument("path", type=str, help=path_help) > + > + return parser.parse_args() > + > + > +def init(l, a): > + global lock > + global args > + lock = l > + args = a > + > + > +def run_analysis(entry): > + # Disable all checks, then re-enable the ones we want > + checks = "-checks=-*," > + if args.type == "clang-tidy": > + checks += "linuxkernel-*" > + else: > + checks += "clang-analyzer-*" > + p = subprocess.run(["clang-tidy", "-p", args.path, checks, entry["file"]], > + stdout=subprocess.PIPE, > + stderr=subprocess.STDOUT, > + cwd=entry["directory"]) > + with lock: > + sys.stderr.buffer.write(p.stdout) > + > + > +def main(): > + args = parse_arguments() > + > + lock = multiprocessing.Lock() > + pool = multiprocessing.Pool(initializer=init, initargs=(lock, args)) > + # Read JSON data into the datastore variable > + with open(args.path, "r") as f: > + datastore = json.load(f) > + pool.map(run_analysis, datastore) > + > + > +if __name__ == "__main__": > + main() > -- > 2.28.0.rc0.142.g3c755180ce-goog > -- Best Regards Masahiro Yamada