* [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device()
@ 2019-02-10 4:56 Wen Yang
2019-02-11 12:07 ` Markus Elfring
0 siblings, 1 reply; 3+ messages in thread
From: Wen Yang @ 2019-02-10 4:56 UTC (permalink / raw)
To: Julia Lawall, Gilles Muller, Nicolas Palix, Michal Marek
Cc: Wen Yang, cocci, linux-kernel
The of_find_device_by_node() takes a reference to the underlying device
structure, we should release that reference.
By using this semantic patch, we have found some object reference leaks,
such as:
11907e9d3533 ("ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe")
a12085d13997 ("mtd: rawnand: atmel: fix possible object reference leak")
11493f26856a ("mtd: rawnand: jz4780: fix possible object reference leak")
There are still dozens of reference leaks in the current kernel code.
Signed-off-by: Wen Yang <yellowriver2010@hotmail.com>
Reviewed-by: Julia Lawall <Julia.Lawall@lip6.fr>
---
v2->v1:
- put exists after search, and then drop the when exists below.
- should not use the same e as in the when's below.
- Make a new type metavariable and use it to put a cast on the result of platform_get_drvdata.
scripts/coccinelle/free/put_device.cocci | 54 ++++++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
create mode 100644 scripts/coccinelle/free/put_device.cocci
diff --git a/scripts/coccinelle/free/put_device.cocci b/scripts/coccinelle/free/put_device.cocci
new file mode 100644
index 0000000..510103a
--- /dev/null
+++ b/scripts/coccinelle/free/put_device.cocci
@@ -0,0 +1,54 @@
+/// Find missing put_device for every of_find_device_by_node.
+///
+// Confidence: Moderate
+// Copyright: (C) 2018-2019 Wen Yang, ZTE. GPLv2.
+// Comments:
+// Options: --no-includes --include-headers
+
+virtual report
+virtual org
+
+@search exists@
+local idexpression id;
+expression x,e,e1,e2,e3,e4;
+position p1,p2;
+type T,T1,T2,T3;
+@@
+
+id = of_find_device_by_node@p1(x)
+... when != e = id
+if (id == NULL || ...) { ... return ...; }
+... when != put_device(&id->dev)
+ when != platform_device_put(id)
+ when != of_dev_put(id)
+ when != if (id) { ... put_device(&id->dev) ... }
+ when != e1 = (T)id
+ when != e2 = &id->dev
+ when != e3 = get_device(&id->dev)
+ when != e4 = (T1)platform_get_drvdata(id)
+(
+return id;
+|
+return (T2)dev_get_drvdata(&id->dev);
+|
+return (T3)platform_get_drvdata(id);
+|
+return@p2 ...;
+)
+
+@script:python depends on report@
+p1 << search.p1;
+p2 << search.p2;
+@@
+
+msg = "ERROR: missing put_device; of_find_device_by_node on line %s and return without releasing on line %s" % (p1[0].line,p2[0].line)
+coccilib.report.print_report(p2[0],msg)
+
+@script:python depends on org@
+p1 << search.p1;
+p2 << search.p2;
+@@
+
+msg = "ERROR: missing put_device; of_find_device_by_node on line %s and return without releasing on line %s" % (p1[0].line,p2[0].line)
+cocci.print_main(msg,p1)
+cocci.print_secs("",p2)
--
2.7.4
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device()
2019-02-10 4:56 [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device() Wen Yang
@ 2019-02-11 12:07 ` Markus Elfring
[not found] ` <HK0PR02MB3634EB7F9772EFE770B142C0B2650@HK0PR02MB3634.apcprd02.prod.outlook.com>
0 siblings, 1 reply; 3+ messages in thread
From: Markus Elfring @ 2019-02-11 12:07 UTC (permalink / raw)
To: Wen Yang; +Cc: Coccinelle
> + when != e4 = (T1)platform_get_drvdata(id)
> +(
> +return id;
> +|
> +return (T2)dev_get_drvdata(&id->dev);
> +|
> +return (T3)platform_get_drvdata(id);
> +|
> +return at p2 ...;
> +)
How do you think about to adjust this SmPL disjunction a bit like the following?
+ when != e4 = (T1)platform_get_drvdata(id)
+(
+ return
+( id
+| (T2)dev_get_drvdata(&id->dev)
+| (T3)platform_get_drvdata(id)
+)
+|return@p2 ...
+);
>> +coccilib.report.print_report(p2[0],msg)
Would you like to consider the message construction without using the extra Python variable “msg”?
Regards,
Markus
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device()
[not found] ` <HK0PR02MB3634EB7F9772EFE770B142C0B2650@HK0PR02MB3634.apcprd02.prod.outlook.com>
@ 2019-02-12 21:04 ` Markus Elfring
0 siblings, 0 replies; 3+ messages in thread
From: Markus Elfring @ 2019-02-12 21:04 UTC (permalink / raw)
To: Yang Wen; +Cc: Coccinelle
> For c programmers, the first way of writing may be easier to understand;
I suggest the reduction of a bit of redundant C code within
SmPL search specifications.
> in addition, the second way, its two brackets are not well aligned.
There can be different preferences for the SmPL coding style
around nested disjunctions.
> Msg has a lot of chars more than one line, it will also add the line number in p1/p2 into msg.
> If we remove the msg variable, the print_report function may be more complicated.
The message text can be also rearranged on separate lines
without additional variables for such simple commands, can't it?
> In addition, we see that many cocci also have msg variables.
Do you know further possibilities for longer string literals (in Python)?
https://docs.python.org/3/reference/lexical_analysis.html#string-literal-concatenation
Regards,
Markus
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-02-12 21:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-10 4:56 [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device() Wen Yang
2019-02-11 12:07 ` Markus Elfring
[not found] ` <HK0PR02MB3634EB7F9772EFE770B142C0B2650@HK0PR02MB3634.apcprd02.prod.outlook.com>
2019-02-12 21:04 ` Markus Elfring
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).