Coccinelle archive on lore.kernel.org
 help / Atom feed
* [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device()
@ 2019-02-10  4:56 Wen Yang
  2019-02-11 12:07 ` Markus Elfring
  0 siblings, 1 reply; 3+ messages in thread
From: Wen Yang @ 2019-02-10  4:56 UTC (permalink / raw)
  To: Julia Lawall, Gilles Muller, Nicolas Palix, Michal Marek
  Cc: Wen Yang, cocci, linux-kernel

The of_find_device_by_node() takes a reference to the underlying device
structure, we should release that reference.
By using this semantic patch, we have found some object reference leaks,
such as:
11907e9d3533 ("ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe")
a12085d13997 ("mtd: rawnand: atmel: fix possible object reference leak")
11493f26856a ("mtd: rawnand: jz4780: fix possible object reference leak")
There are still dozens of reference leaks in the current kernel code.

Signed-off-by: Wen Yang <yellowriver2010@hotmail.com>
Reviewed-by: Julia Lawall <Julia.Lawall@lip6.fr>
---
v2->v1:
- put exists after search, and then drop the when exists below.
- should not use the same e as in the when's below.
- Make a new type metavariable and use it to put a cast on the result of platform_get_drvdata.

 scripts/coccinelle/free/put_device.cocci | 54 ++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 scripts/coccinelle/free/put_device.cocci

diff --git a/scripts/coccinelle/free/put_device.cocci b/scripts/coccinelle/free/put_device.cocci
new file mode 100644
index 0000000..510103a
--- /dev/null
+++ b/scripts/coccinelle/free/put_device.cocci
@@ -0,0 +1,54 @@
+/// Find missing put_device for every of_find_device_by_node.
+///
+// Confidence: Moderate
+// Copyright: (C) 2018-2019 Wen Yang, ZTE.  GPLv2.
+// Comments:
+// Options: --no-includes --include-headers
+
+virtual report
+virtual org
+
+@search exists@
+local idexpression id;
+expression x,e,e1,e2,e3,e4;
+position p1,p2;
+type T,T1,T2,T3;
+@@
+
+id = of_find_device_by_node@p1(x)
+... when != e = id
+if (id == NULL || ...) { ... return ...; }
+... when != put_device(&id->dev)
+    when != platform_device_put(id)
+    when != of_dev_put(id)
+    when != if (id) { ... put_device(&id->dev) ... }
+    when != e1 = (T)id
+    when != e2 = &id->dev
+    when != e3 = get_device(&id->dev)
+    when != e4 = (T1)platform_get_drvdata(id)
+(
+return id;
+|
+return (T2)dev_get_drvdata(&id->dev);
+|
+return (T3)platform_get_drvdata(id);
+|
+return@p2 ...;
+)
+
+@script:python depends on report@
+p1 << search.p1;
+p2 << search.p2;
+@@
+
+msg = "ERROR: missing put_device; of_find_device_by_node on line %s and return without releasing on line %s" % (p1[0].line,p2[0].line)
+coccilib.report.print_report(p2[0],msg)
+
+@script:python depends on org@
+p1 << search.p1;
+p2 << search.p2;
+@@
+
+msg = "ERROR: missing put_device; of_find_device_by_node on line %s and return without releasing on line %s" % (p1[0].line,p2[0].line)
+cocci.print_main(msg,p1)
+cocci.print_secs("",p2)
-- 
2.7.4

_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device()
  2019-02-10  4:56 [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device() Wen Yang
@ 2019-02-11 12:07 ` Markus Elfring
       [not found]   ` <HK0PR02MB3634EB7F9772EFE770B142C0B2650@HK0PR02MB3634.apcprd02.prod.outlook.com>
  0 siblings, 1 reply; 3+ messages in thread
From: Markus Elfring @ 2019-02-11 12:07 UTC (permalink / raw)
  To: Wen Yang; +Cc: Coccinelle

> +    when != e4 = (T1)platform_get_drvdata(id)
> +(
> +return id;
> +|
> +return (T2)dev_get_drvdata(&id->dev);
> +|
> +return (T3)platform_get_drvdata(id);
> +|
> +return at p2 ...;
> +)

How do you think about to adjust this SmPL disjunction a bit like the following?

+    when != e4 = (T1)platform_get_drvdata(id)
+(
+ return
+(       id
+|       (T2)dev_get_drvdata(&id->dev)
+|       (T3)platform_get_drvdata(id)
+)
+|return@p2 ...
+);



>> +coccilib.report.print_report(p2[0],msg)

Would you like to consider the message construction without using the extra Python variable “msg”?

Regards,
Markus
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device()
       [not found]   ` <HK0PR02MB3634EB7F9772EFE770B142C0B2650@HK0PR02MB3634.apcprd02.prod.outlook.com>
@ 2019-02-12 21:04     ` Markus Elfring
  0 siblings, 0 replies; 3+ messages in thread
From: Markus Elfring @ 2019-02-12 21:04 UTC (permalink / raw)
  To: Yang Wen; +Cc: Coccinelle

> For c programmers, the first way of writing may be easier to understand;

I suggest the reduction of a bit of redundant C code within
SmPL search specifications.


> in addition, the second way, its two brackets are not well aligned.

There can be different preferences for the SmPL coding style
around nested disjunctions.


> Msg has a lot of chars more than one line, it will also add the line number in p1/p2 into msg.
> If we remove the msg variable, the print_report function may be more complicated.

The message text can be also rearranged on separate lines
without additional variables for such simple commands, can't it?


> In addition, we see that many cocci also have msg variables.

Do you know further possibilities for longer string literals (in Python)?
https://docs.python.org/3/reference/lexical_analysis.html#string-literal-concatenation

Regards,
Markus
_______________________________________________
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, back to index

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-10  4:56 [Cocci] [PATCH v2] coccinelle: semantic patch for missing put_device() Wen Yang
2019-02-11 12:07 ` Markus Elfring
     [not found]   ` <HK0PR02MB3634EB7F9772EFE770B142C0B2650@HK0PR02MB3634.apcprd02.prod.outlook.com>
2019-02-12 21:04     ` Markus Elfring

Coccinelle archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/cocci/0 cocci/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 cocci cocci/ https://lore.kernel.org/cocci \
		cocci@systeme.lip6.fr cocci@archiver.kernel.org
	public-inbox-index cocci


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/fr.lip6.systeme.cocci


AGPL code for this site: git clone https://public-inbox.org/ public-inbox