Author: Julia Lawall <julia@diku.dk> In each case, the print involves dereferencing a value that is NULL or is near NULL. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) || …) { … …
May 27 2010
[SCSI] hptiop: Eliminate a NULL pointer dereference
Author: Julia Lawall <julia@diku.dk> The end of the function is reachable both when host is and is not NULL. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) || …) { … when …
May 27 2010
drivers/dma: Eliminate a NULL pointer dereference
Author: Julia Lawall <julia@diku.dk> If td_desc is NULL, just skip both kfrees. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) || …) { … when != if (…) S1 else S2 when …
May 27 2010
[PATCH 2/11] drivers/watchdog: Eliminate a NULL pointer dereference
Author: Julia Lawall <julia@diku.dk> At the point of the call to dev_err, wm8350 is NULL. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) || …) { … when != if (…) S1 …
May 27 2010
USB: serial: digi_acceleport: Eliminate a NULL pointer dereference
Author: Julia Lawall <julia@diku.dk> If port is NULL, then the call to dev_err will dereference a value that is a small offset from NULL. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @r exists@ expression E,E1; identifier f; statement S1,S2,S3; @@ if ((E == NULL && …) …
May 27 2010
arch/x86/kernel: Add missing spin_unlock
Author: Julia Lawall <julia@diku.dk> Add a spin_unlock missing on the error path. The locks and unlocks are balanced in other functions, so it seems that the same should be the case here. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // @@ expression E1; @@ * spin_lock(E1,…); * spin_unlock(E1,…); // Cc: stable@kernel.org …
May 27 2010
fs/affs: use ERR_CAST
Author: Julia Lawall <julia@diku.dk> Use ERR_CAST(x) rather than ERR_PTR(PTR_ERR(x)). The former makes more clear what is the purpose of the operation, which otherwise looks like a no-op. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ type T; T x; identifier f; @@ T f (…) { } @@ expression x; …
May 27 2010
drivers/char/applicom.c: use memdup_user
Author: Julia Lawall <julia@diku.dk> Use memdup_user when user data is immediately copied into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ – to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( – to==NULL + IS_ERR(to) || …) { } – …
May 27 2010
drivers/char/ppdev.c: use kasprintf
Author: Julia Lawall <julia@diku.dk> kasprintf combines kmalloc and sprintf, and takes care of the size calculation itself. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression a,flag; expression list args; statement S; @@ a = – \(kmalloc\|kzalloc\)(…,flag) + kasprintf(flag,args) – sprintf(a,args); // Signed-off-by: Julia Lawall Cc: Michael Buesch Signed-off-by: Andrew …
May 27 2010
ipc/sem.c: use ERR_CAST
Author: Julia Lawall <julia@diku.dk> Use ERR_CAST(x) rather than ERR_PTR(PTR_ERR(x)). The former makes more clear what is the purpose of the operation, which otherwise looks like a no-op. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ type T; T x; identifier f; @@ T f (…) { } @@ expression x; …
