Author: Julia Lawall <julia@diku.dk> At the point of the test, action cannot be NULL, as it has been dereferenced in the code just above. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) …
Category: Linux
Jun 05 2010
drivers/ide: Use memdup_user
Author: Julia Lawall <julia@diku.dk> Use memdup_user when user data is immediately copied into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ – to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( – to==NULL + IS_ERR(to) || …) { } – …
Jun 01 2010
HID: roccat: introduce missing kfree
Author: Julia Lawall <julia@diku.dk> Error handling code following a kmalloc should free the allocated data. The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // @r exists@ local idexpression x; statement S; expression E; identifier f,f1,l; position p1,p2; expression *ptr != NULL; @@ x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(…); … if (x == NULL) S f1 …
Jun 01 2010
mfd: Fix davinci memory leak
Author: Julia Lawall <julia@diku.dk> Error handling code following a kmalloc should free the allocated data. The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // @r exists@ local idexpression x; statement S; expression E; identifier f,f1,l; position p1,p2; expression *ptr != NULL; @@ x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(…); … if (x == NULL) S f1 …
Jun 01 2010
drivers/mtd/maps: introduce missing kfree
Author: Julia Lawall <julia@diku.dk> Error handling code following a kmalloc should free the allocated data. The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // @r exists@ local idexpression x; statement S; expression E; identifier f,f1,l; position p1,p2; expression *ptr != NULL; @@ x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(…); … if (x == NULL) S f1 …
Jun 01 2010
drivers/isdn/hardware/mISDN: Use GFP_ATOMIC when a lock is held
Author: Julia Lawall <julia@diku.dk> The function inittiger is only called from nj_init_card, where a lock is held. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @gfp exists@ identifier fn; position p; @@ fn(…) { … when != spin_unlock_irqrestore when any GFP_KERNEL@p … when any } @locked@ identifier gfp.fn; @@ spin_lock_irqsave(…) … …
May 31 2010
staging: Use GFP_ATOMIC when a lock is held
Author: Julia Lawall <julia@diku.dk> In each case, the containing function is only called from one place, where a spin lock is held. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @gfp exists@ identifier fn; position p; @@ fn(…) { … when != spin_unlock when any GFP_KERNEL@p … when any } @locked@ …
May 30 2010
[SCSI] dpt_i2o: Use GFP_ATOMIC when a lock is held
Author: Julia Lawall <julia@diku.dk> The function adpt_i2o_post_wait is called from several places, in some of which, such as adpt_abort, a lock may be held. The functions adpt_i2o_reparse_lct and adpt_i2o_lct_get are called from several places, including adpt_rescan where a lock may be held. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @gfp …
May 29 2010
mfd: kzalloc doesn’t return ERR_PTR
Author: Julia Lawall <julia@diku.dk> Use !x rather than IS_ERR(x) to test the result of kzalloc. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression x,E; @@ x = \(kmalloc\|kzalloc\|kcalloc\)(…) … when != x = E – IS_ERR(x) + !x // Signed-off-by: Julia Lawall Signed-off-by: Samuel Ortiz — drivers/mfd/abx500-core.c | 2 …
May 28 2010
drivers/net: Eliminate a NULL pointer dereference
Author: Julia Lawall <julia@diku.dk> At the point of the print, dev is NULL. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) || …) { … when != if (…) S1 else S2 …