Author: Kulikov Vasiliy <segooon@gmail.com> ‘gap’ is unsigned, so this code is wrong: gap = -new_head; … if (gap > 0) { … } Make ‘gap’ signed. The semantic patch that finds this problem (many false-positive results): (http://coccinelle.lip6.fr/) // @ r1 @ identifier f; @@ int f(…) { … } @@ identifier r1.f; type T; unsigned …
Category: Linux
Jul 01 2010
V4L/DVB: drivers/media/video/zoran: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Jul 01 2010
V4L/DVB: drivers/media/video/tlg2300: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Jul 01 2010
V4L/DVB: drivers/media/video/uvc: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Jul 01 2010
V4L/DVB: drivers/media/video/gspca: Use kmemdup
Author: Julia Lawall <julia@diku.dk> Use kmemdup when some other buffer is immediately copied into the allocated region. A simplified version of the semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; statement S; @@ – to = \(kmalloc\|kzalloc\)(size,flag); + to = kmemdup(from,size,flag); if (to==NULL || …) S – memcpy(to, from, …
Jun 29 2010
V4L/DVB: drivers/media/video/pvrusb2: Add missing mutex_unlock
Author: Julia Lawall <julia@diku.dk> Add a mutex_unlock missing on the error path. In the other functions in the same file the locks and unlocks of this mutex appear to be balanced, so it would seem that the same should hold in this case. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // …
Jun 20 2010
V4L/DVB: drivers/media/dvb/frontends: remove duplicate structure field initialization
Author: Julia Lawall <julia@diku.dk> The read_status field is initialized twice to the same value. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r@ identifier I, s, fld; position p0,p; expression E; @@ struct I s =@p0 { … .fld@p = E, …}; @s@ identifier I, s, r.fld; position r.p0,p; expression E; …
Jun 20 2010
arch/sh/mm: Eliminate a double lock
Author: Julia Lawall <julia@diku.dk> The function begins and ends with a read_lock. The latter is changed to a read_unlock. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @locked@ expression E1; position p; @@ read_lock(E1@p,…); @r exists@ expression x
Jun 20 2010
HID: eliminate a double lock in debug code
Author: Julia Lawall <julia@diku.dk> The path around the loop ends with the lock held, so the call to mutex_lock is moved before the beginning of the loop. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @locked@ expression E1; position p; @@ read_lock(E1@p,…); @r exists@ expression x
Jun 08 2010
[S390] arch/s390/kvm: Use GFP_ATOMIC when a lock is held
Author: Julia Lawall <julia@diku.dk> The containing function is called from several places. At one of them, in the function __sigp_stop, the spin lock &fi->lock is held. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @gfp exists@ identifier fn; position p; @@ fn(…) { … when != spin_unlock when any GFP_KERNEL@p … …
