The test of an expression's address does not necessarily represent the
whole condition, it may only be a part of it. Also, an expression's
address is likely to be non-zero in every test expression, not only in
if statements.
This change aims at detecting an address test in more complex conditions
and not only in if statements.
Signed-off-by: Jérémy Lefaure <jeremy.lefaure@netatmo.com>
Signed-off-by: Julia Lawall <julia.lawall@inria.fr>
This semantic patch does not take into account the fact that of_node_put
can be safely applied to NULL. Thus it gives only false positives.
Drop it.
Reported-by: Qing Wang <wangqing@vivo.com>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
The BUG_ON script was never safe, in that it was not able to check
whether the condition was side-effecting. At this point, BUG_ON
should be well known, so it has probably outlived its usefuless.
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Suggested-by: Matthew Wilcox <willy@infradead.org>
Pull coccinelle updates from Julia Lawall:
- Update MAINTAINERS information (mailing list, web page, etc).
- Add a semantic patch from Wen Yang to check for do_div calls that may
cause truncation, motivated by commit b0ab99e773 ("sched: Fix
possible divide by zero in avg_atom() calculation")
* tag 'coccinelle-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux:
coccinelle: update Coccinelle entry
coccinelle: semantic patch to check for inappropriate do_div() calls
Currently use_after_iter.cocci generates false positives for code of the
following form:
~~~
list_for_each_entry(d, &ddata->irq_list, node) {
if (irq == d->irq)
break;
}
if (list_entry_is_head(d, &ddata->irq_list, node))
return IRQ_NONE;
~~~
[This specific example comes from drivers/power/supply/cpcap-battery.c]
Most list macros use list_entry_is_head() as loop exit condition meaning it
is not unsafe to reuse pos (a.k.a. d) in the code above.
Let's avoid reporting these cases.
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Commit 453431a549 ("mm, treewide: rename kzfree() to
kfree_sensitive()") renamed kzfree() to kfree_sensitive(),
it should be applied to coccinelle.
Signed-off-by: Weizhao Ouyang <o451686892@gmail.com>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Acked-by: Denis Efremov <efremov@linux.com>
There is a standard idiom for "if 'ret' holds an error, return it":
return ret < 0 ? ret : 0;
Developers prefer to keep the things as they are because stylistic
change to "return min(ret, 0);" breaks readability.
Let's suppress automatic generation for this type of patches.
Signed-off-by: Denis Efremov <efremov@linux.com>
The IRQF_ONESHOT should be present for threaded IRQ using default
primary handler. However intetrupt of many child devices, e.g. children
of MFD, is nested thus the IRQF_ONESHOT is not needed. The coccinelle
message about error misleads submitters and reviewers about the severity
of the issue, so make it a warning and mention possible false positive.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Remove the documentation link from the warning message because commit
3942ea7a10 ("deprecated.rst: Remove now removed uninitialized_var")
removed the section from documentation. Update the rule documentation
accordingly.
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Julia Lawall <julia.lawall@inria.fr>
Skip patches generation for structs with a single field.
Changing a zero-length array to a flexible array member in a struct
with no named members breaks the compilation. However, reporting
such cases is still valuable, e.g. commit 637464c59e
("ACPI: NFIT: Fix flexible_array.cocci warnings").
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Julia Lawall <julia.lawall@inria.fr>
The ptr_ret script script addresses a number of situations where we end up
testing an error pointer, and if it's an error returning it, or return 0
otherwise to transform it into a PTR_ERR_OR_ZERO call.
So it will convert a block like this:
if (IS_ERR(err))
return PTR_ERR(err);
return 0;
into
return PTR_ERR_OR_ZERO(err);
While this is technically correct, it has a number of drawbacks. First, it
merges the error and success path, which will make it harder for a reviewer
or reader to grasp.
It's also more difficult to extend if we were to add some code between the
error check and the function return, making the author essentially revert
that patch before adding new lines, while it would have been a trivial
addition otherwise for the rewiever.
Therefore, since that script is only about cosmetic in the first place,
let's remove it since it's not worth it.
Acked-by: Jani Nikula <jani.nikula@intel.com>
Acked-by: Thierry Reding <treding@nvidia.com>
Acked-by: Julia Lawall <julia.lawall@inria.fr>
Reviewed-by: Wolfram Sang <wsa+renesas@sang-engineering.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Maxime Ripard <maxime@cerno.tech>
Signed-off-by: Julia Lawall <julia.lawall@inria.fr>
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
While iterating over child nodes with the for_each functions, if
control is transferred from the middle of the loop, as in the case
of a break or return or goto, there is no decrement in the
reference counter thus ultimately resulting in a memory leak.
Add this script to detect potential memory leaks caused by
the absence of of_node_put() before break, goto, or, return
statements which transfer control outside the loop.
Signed-off-by: Sumera Priyadarsini <sylphrenadin@gmail.com>
Signed-off-by: Julia Lawall <julia.lawall@inria.fr>
