krealloc() must not be used against devm_*() allocated
memory regions:
- if a bigger memory is to be allocated, krealloc() and
__krealloc() could return a different pointer than the
one given to them, creating a memory region which is not
managed, thus it will not be automatically released on
device removal.
- if a bigger memory is to be allocated, krealloc() could
kfree() the managed memory region which is passed to it.
The old pointer is left registered as a resource for the
device. On device removal, this dangling pointer will be
used and an unrelated memory region could be released.
- if the requested size is equal to 0, krealloc() can also
just behave like kfree(). Here too, the old pointer is
kept associated with the device. On device removal, this
invalid pointer will be used and an unrelated memory
region could be released.
For all these reasons, krealloc() must not be used on a
pointer returned by devm_*() functions.
Cc: Tejun Heo <tj@kernel.org>
Cc: Pekka Enberg <penberg@cs.helsinki.fi>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Yann Droneaud <ydroneaud@opteya.com>
Signed-off-by: Michal Marek <mmarek@suse.com>
Since commit 3ef0e5ba46 ('slab: introduce kzfree()'),
kfree() is no more the only function to be considered:
kzfree() should be recognized too.
In particular, kzfree() must not be called on memory
allocated through devm_*() functions.
Cc: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Yann Droneaud <ydroneaud@opteya.com>
Signed-off-by: Michal Marek <mmarek@suse.com>
Add new rules to detect the cases where sizeof is used in
function calls as a argument.
Also, for the patch mode third rule should behave same as
second rule with arguments reversed. So, change that as well.
Signed-off-by: Vaishali Thakkar <vaishali.thakkar@oracle.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Pull misc kbuild updates from Michal Marek:
"This is the non-critical part of kbuild:
- Coccinelle fixes, one semantic patch less in this round [Vaishali
Thakkar, Wolfram Sang, Kees Cook]
- rpm-pkg support for (open)SUSE's update-bootloader [Jiří Kosian]
- rpm-pkg restored support for $RPMOPTS [Srinivas Pandruvada]
- deb-pkg fixes for the linux-headers package [Bjørn Mork, Azriel
Samson]"
* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
coccicheck: Fix missing 0 index in kill loop
scripts/package/Makefile: rpmbuild add support of RPMOPTS
builddeb: fix missing headers in linux-headers package
builddeb: include objtool binary in headers package
kbuild/mkspec: support 'update-bootloader'-based systems
scripts: coccinelle: remove check to move constants to right
Coccinelle: setup_timer: Add space in front of parentheses
The header mentions this check depends on personal taste. I agree.
Running coccicheck on patches before I apply them, this SmPL produced
enough false positives for me that I'd rather see it removed.
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Add space in front of the offending parentheses to silent the
parse error for older Coccinelle versions. This makes the rule
usable with all Coccinelle versions.
Reported-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Vaishali Thakkar <vaishali.thakkar@oracle.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Fixes: c5eda8fd10 ("Coccinelle: Add api/setup_timer.cocci")
Signed-off-by: Michal Marek <mmarek@suse.com>
In order to protect against file removal races, debugfs files created via
debugfs_create_file() now get wrapped by a struct file_operations at their
opening.
If the original struct file_operations are known to be safe against removal
races by themselves already, the proxy creation may be bypassed by creating
the files through debugfs_create_file_unsafe().
In order to help debugfs users who use the common
DEFINE_SIMPLE_ATTRIBUTE() + debugfs_create_file()
idiom to transition to removal safe struct file_operations, the helper
macro DEFINE_DEBUGFS_ATTRIBUTE() has been introduced.
Thus, the preferred strategy is to use
DEFINE_DEBUGFS_ATTRIBUTE() + debugfs_create_file_unsafe()
now.
Introduce a Coccinelle script that searches for
DEFINE_SIMPLE_ATTRIBUTE()-defined struct file_operations handed into
debugfs_create_file(). Suggest to turn these usages into the
DEFINE_DEBUGFS_ATTRIBUTE() + debugfs_create_file_unsafe()
pattern.
Signed-off-by: Nicolai Stange <nicstange@gmail.com>
Acked-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Use the timer API function setup_timer instead of structure field
assignments to initialize a timer.
Signed-off-by: Vaishali Thakkar <vaishali.thakkar@oracle.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Rule r is only use in org or report mode, so only execute it in those
cases.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Rule r is only used in org or report mode, so only execute it in those
cases.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Rule r is only use in org or report mode, so only execute it in those
cases.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Rule r is only use in org or report mode, so only execute it in those
cases.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
& is no longer allowed in column 0, since Coccinelle 1.0.4.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Tested-by: Nishanth Menon <nm@ti.com>
Cc: stable@vger.kernel.org
Signed-off-by: Michal Marek <mmarek@suse.com>
Unsigned expressions cannot be lesser than zero. Presence of comparisons
'unsigned (<|<=|>|>=) 0' often indicates a bug, usually wrong type of variable.
The patch beside finding such comparisons tries to eliminate false positives,
mainly by bypassing range checks.
gcc can detect such comparisons also using -Wtype-limits switch, but it warns
also in correct cases, making too much noise.
Signed-off-by: Andrzej Hajda <a.hajda@samsung.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Extend checking on tables containing structures which are initialized
without specifying member name. Added new tables for checking:
i2c_device_id and platform_device_id.
Signed-off-by: Daniel Granat <d.granat@samsung.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Extend ifnullfree to the various destroy functions that were recently
extended to tolerate NULL arguments.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Adjust tests to compare against NULL, to match cases that explicitly make
that comparison.
Remove removal and re-addition of freeing functions.
Add position variable on usb_free_urb in the non-patch case.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Device node iterators perform an of_node_put on each iteration, so putting
an of_node_put before a continue results in a double put.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This effectively reverts 932058a5d5 ("coccinelle: misc: semantic patch
to delete overly complex return code processing").
There can be both symmetry and readability reasons for not wanting to do
the final function call as part of the return statement and to maintain
a clear separation of success and error paths.
Since this is in no way mandated by the coding standard, let's just
remove this semantic patch to avoid having "clean up" patches being
posted over and over in response to these Coccinelle warnings.
Signed-off-by: Johan Hovold <johan@kernel.org>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
The original version only considered the case where the then branch
contains only one call to PTR_ERR. Reimplement the whole thing to allow
multiple calls, with potentially different arguments.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Merge second patch-bomb from Andrew Morton:
"Almost all of the rest of MM. There was an unusually large amount of
MM material this time"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (141 commits)
zpool: remove no-op module init/exit
mm: zbud: constify the zbud_ops
mm: zpool: constify the zpool_ops
mm: swap: zswap: maybe_preload & refactoring
zram: unify error reporting
zsmalloc: remove null check from destroy_handle_cache()
zsmalloc: do not take class lock in zs_shrinker_count()
zsmalloc: use class->pages_per_zspage
zsmalloc: consider ZS_ALMOST_FULL as migrate source
zsmalloc: partial page ordering within a fullness_list
zsmalloc: use shrinker to trigger auto-compaction
zsmalloc: account the number of compacted pages
zsmalloc/zram: introduce zs_pool_stats api
zsmalloc: cosmetic compaction code adjustments
zsmalloc: introduce zs_can_compact() function
zsmalloc: always keep per-class stats
zsmalloc: drop unused variable `nr_to_migrate'
mm/memblock.c: fix comment in __next_mem_range()
mm/page_alloc.c: fix type information of memoryless node
memory-hotplug: fix comments in zone_spanned_pages_in_node() and zone_spanned_pages_in_node()
...
add [pci|dma]_pool_zalloc coccinelle check.
replaces instances of [pci|dma]_pool_alloc() followed by memset(0)
with [pci|dma]_pool_zalloc().
Signed-off-by: Sean O. Stalley <sean.stalley@intel.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Cc: Vinod Koul <vinod.koul@intel.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Cc: Gilles Muller <Gilles.Muller@lip6.fr>
Cc: Nicolas Palix <nicolas.palix@imag.fr>
Cc: Michal Marek <mmarek@suse.cz>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
i2c_add_driver (through i2c_register_driver) sets the owner field so we
can drop it also from i2c drivers, just like from platform drivers.
Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Acked-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.com>
Insert a blank line in order to improve the readability of the
generated patch and also make it consistent with the other
.cocci files.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Improve the commit log of the generated patch by mentioning the commit
log that makes threaded IRQs without a primary handler to be requested
with the IRQF_ONESHOT flag.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked- by: Valentin Rothberg <valentinrothberg@gmail.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This semantic patch replaces explicit computations of vma page count
with explicit function call.
Signed-off-by: Dmitry Kalinkin <dmitry.kalinkin@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Correct form is 'always requested'.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
According to Documentation/SubmittingPatches:
"Describe your changes in imperative mood, e.g. "make xyzzy do frotz"
instead of "[This patch] makes xyzzy do frotz" or "[I] changed xyzzy
to do frotz", as if you are giving orders to the codebase to change
its behaviour.
So do as recommended.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
According to Documentation/SubmittingPatches:
"Describe your changes in imperative mood, e.g. "make xyzzy do frotz"
instead of "[This patch] makes xyzzy do frotz" or "[I] changed xyzzy
to do frotz", as if you are giving orders to the codebase to change
its behaviour."
So do as recommended.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Make the sentence sensible.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
According to Documentation/SubmittingPatches:
"Describe your changes in imperative mood, e.g. "make xyzzy do frotz"
instead of "[This patch] makes xyzzy do frotz" or "[I] changed xyzzy
to do frotz", as if you are giving orders to the codebase to change
its behaviour."
So do as recommended.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Insert a blank line in order to improve the readability of the
generated patch and also make it consistent with the other
.cocci files.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
if()/BUG conversion to BUG_ON must be avoided when there's side effect
in condition. The reason being BUG_ON won't execute the condition when
CONFIG_BUG is not defined.
Inspired-by: J. Bruce Fields <bfields@fieldses.org>
Suggested-by: Julia Lawall <Julia.Lawall@lip6.fr>
Acked-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Since commit 1c6c69525b ("genirq: Reject
bogus threaded irq requests") threaded IRQs without a primary handler
need to be requested with IRQF_ONESHOT, otherwise the request will fail.
Until now, this coccinelle script only checked request_threaded_irq().
However, the counterpart devm function (see kernel/irq/devres.c) is also
affected by the missing flag which can be detected with this patch.
Signed-off-by: Valentin Rothberg <valentinrothberg@gmail.com>
Signed-off-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Pull misc kbuild changes from Michal Marek:
"There are only a few things in the misc branch:
- Fix for bugon.cocci semantic patch
- Kdevelop4 files are .gitignored
- Put make binrpm-pkg on diet"
* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
scripts/package: binrpm-pkg do not create source and devel package
.gitignore: Add Kdevelop4 project files
bugon.cocci: fix Options at the macro
The comma after --no-includes makes coccinelle to not run the script:
/usr/bin/spatch -D report --very-quiet --no-show-diff --cocci-file ./scripts/coccinelle/misc/bugon.cocci --no-includes, --include-headers --patch . --dir drivers/media/platform/coda/ -I ./arch/x86/include -I arch/x86/include/generated -I include -I ./arch/x86/include/uapi -I arch/x86/include/generated/uapi -I ./include/uapi -I include/generated/uapi -I ./include/linux/kconfig.h
Usage: spatch.opt --sp-file <SP> <infile> [-o <outfile>] [--iso-file <iso>] [options]
Options are:
--sp-file <file> the semantic patch file
-o <file> the output file
--in-place do the modification on the file directly
--backup-suffix suffix to use when making a backup for inplace
...
At least with Fedora 20 coccinelle package:
coccinelle-1.0.0-0.rc20.1.fc21.x86_64
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Tested-by: Wolfram Sang <wsa@the-dreams.de>
Fixes: 5be1df66 (Coccinelle: Script to replace if and BUG with BUG_ON)
Cc: stable@vger.kernel.org
Signed-off-by: Michal Marek <mmarek@suse.cz>
There are calls which silently set the owner of a module. This is the
preferred way [1], so avoid setting it manually. Currently, we only care
about platform drivers, but there might be more calls to be added later.
[1] https://lkml.org/lkml/2014/10/12/87
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This semantic patch simplifies cases where the effect of the processing of
a function call's return code is just to return the result of the function
directly. It may also delete a local return flag variable, if this is no
longer used.
This was proposed by Uwe Kleine-König.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Pull misc kbuild updates from Michal Marek:
"This is the non-critical part of kbuild for 3.17-rc1:
- make help hint to use make -s with make kernelrelease et al.
- moved a kbuild document to Documentation/kbuild where it belongs
- four new Coccinelle scripts, one dropped and one fixed
- new make kselftest target to run various tests on the kernel"
* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
kbuild: kselftest - new make target to build and run kernel selftests
Coccinelle: Script to replace if and BUG with BUG_ON
Coccinelle: Script to detect incorrect argument to sizeof
Coccinelle: Script to use ARRAY_SIZE instead of division of two sizeofs
Coccinelle: Script to detect cast after memory allocation
coccinelle/null: solve parse error
Documentation: headers_install.txt is part of kbuild
kbuild: make -s should be used with kernelrelease/kernelversion/image_name
All coccinelle scripts have a copyright in the header.
Signed-off-by: Fabian Frederick <fabf@skynet.be>
Suggested-by: Julia Lawall <Julia.Lawall@lip6.fr>
Acked-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Warns or generates patch for NULL check before the following functions:
kfree
usb_free_urb
debugfs_remove
debugfs_remove_recursive
Signed-off-by: Fabian Frederick <fabf@skynet.be>
Acked-by: Julia Lawall <Julia.Lawall@lip6.fr>
Cc: Gilles Muller <Gilles.Muller@lip6.fr>
Cc: Joe Perches <joe@perches.com>
Cc: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This script detects cases where BUG() follows an if condition on an
expression and replaces the if condition and BUG() with a BUG_ON having
the conditional expression of the if statement as argument.
Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This makes an effort to find cases where the argument to sizeof is wrong
in memory allocation functions by checking the type of the allocated
memory when it is a double pointer and ensuring the sizeof argument takes
a pointer to the the memory being allocated. There are false positives
in cases the sizeof argument is not used in constructing the return value.
Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This script detects cases where ARRAY_SIZE can be used such as
where there is a division of sizeof the array by the sizeof its first
element or by any indexed element or the element type. It replaces the
division of the two sizeofs by ARRAY_SIZE.
Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This script detects cases of use of cast for the value returned by
kmalloc, kzalloc, kcalloc, kmem_cache_alloc, kmem_cache_zalloc,
kmem_cache_alloc_node, kmalloc_node and kzalloc_node and removes
the cast as it is not useful. This Coccinelle script replaces
drop_kmalloc_cast.cocci as it removes the casting in more limited
cases of kmalloc, kzalloc and kcalloc.
Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This patch solves the parse-error by adding @@ . This is necessary since
Coccinelle version 1.0.0-rc20. Also, the comment is added to use a
recent version of Coccinelle.
Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
devm_request_and_ioremap() was obsoleted by the commit 7509657
("lib: devres: Introduce devm_ioremap_resource()") and has been
deprecated for a long time. So, let's remove this function.
In addition, all usages of devm_request_and_ioremap() are also
removed.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>