Re: [PATCH 2/2] staging: emxx_udc: test returned value

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Julia Lawall <julia.lawall@lip6.fr>
Cc: kernel-janitors@vger.kernel.org, devel@driverdev.osuosl.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] staging: emxx_udc: test returned value
Date: Sat, 04 Apr 2015 16:54:25 +0000	[thread overview]
Message-ID: <20150404165425.GA21227@kroah.com> (raw)
In-Reply-To: <alpine.DEB.2.02.1504041818180.2075@localhost6.localdomain6>

On Sat, Apr 04, 2015 at 06:20:53PM +0200, Julia Lawall wrote:
> 
> 
> On Sat, 4 Apr 2015, Greg Kroah-Hartman wrote:
> 
> > On Sat, Apr 04, 2015 at 04:59:30PM +0200, Julia Lawall wrote:
> > > Put NULL test on the result of the previous call instead on one of its
> > > arguments.  A simplified version of the semantic match that finds this
> > > problem is as follows (http://coccinelle.lip6.fr/):
> > > 
> > > // <smpl>
> > > r@
> > > expression *e1;
> > > expression *e2;
> > > identifier f;
> > > statement S1,S2;
> > > @@
> > > 
> > > e1 = f(...,e2,...);
> > > (
> > > if (e1 = NULL || ...) S1 else S2
> > > |
> > > *if (e2 = NULL || ...) S1 else S2
> > > )
> > > // </smpl>
> > > 
> > > Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
> > > 
> > > ---
> > >  drivers/staging/emxx_udc/emxx_udc.c |    2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/drivers/staging/emxx_udc/emxx_udc.c b/drivers/staging/emxx_udc/emxx_udc.c
> > > index fbf82bc..7de1e9e 100644
> > > --- a/drivers/staging/emxx_udc/emxx_udc.c
> > > +++ b/drivers/staging/emxx_udc/emxx_udc.c
> > > @@ -2998,7 +2998,7 @@ static void  nbu2ss_ep_fifo_flush(struct usb_ep *_ep)
> > >  	}
> > >  
> > >  	ep = container_of(_ep, struct nbu2ss_ep, ep);
> > > -	if (!_ep) {
> > > +	if (!ep) {
> > 
> > This is actually even worse, container_of() can't return NULL.  Or if it
> > does, something is really wrong (it can only happen if the field happens
> > to be the first field in the structure and the original pointer was
> > NULL).  So I would say that all tests for container_of (and
> > functions/macros that are just wrappers around container_of()) can just
> > be deleted as they will never be triggered.
> 
> Couldn't one say:
> 
> x = NULL;
> y = &x->whatever;
> z = container_of(y, struct blah, whatever);
> 
> and end up with z being NULL?

Yes, if you were really lucky.  If you are passing a pointer to
container_of() it had better be checked to be NULL before, not after,
the operation, as afterward makes no sense because this is just pointer
math happening.

thanks,

greg k-h

WARNING: multiple messages have this Message-ID (diff)

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Julia Lawall <julia.lawall@lip6.fr>
Cc: kernel-janitors@vger.kernel.org, devel@driverdev.osuosl.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] staging: emxx_udc: test returned value
Date: Sat, 4 Apr 2015 18:54:25 +0200	[thread overview]
Message-ID: <20150404165425.GA21227@kroah.com> (raw)
In-Reply-To: <alpine.DEB.2.02.1504041818180.2075@localhost6.localdomain6>

On Sat, Apr 04, 2015 at 06:20:53PM +0200, Julia Lawall wrote:
> 
> 
> On Sat, 4 Apr 2015, Greg Kroah-Hartman wrote:
> 
> > On Sat, Apr 04, 2015 at 04:59:30PM +0200, Julia Lawall wrote:
> > > Put NULL test on the result of the previous call instead on one of its
> > > arguments.  A simplified version of the semantic match that finds this
> > > problem is as follows (http://coccinelle.lip6.fr/):
> > > 
> > > // <smpl>
> > > r@
> > > expression *e1;
> > > expression *e2;
> > > identifier f;
> > > statement S1,S2;
> > > @@
> > > 
> > > e1 = f(...,e2,...);
> > > (
> > > if (e1 == NULL || ...) S1 else S2
> > > |
> > > *if (e2 == NULL || ...) S1 else S2
> > > )
> > > // </smpl>
> > > 
> > > Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
> > > 
> > > ---
> > >  drivers/staging/emxx_udc/emxx_udc.c |    2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/drivers/staging/emxx_udc/emxx_udc.c b/drivers/staging/emxx_udc/emxx_udc.c
> > > index fbf82bc..7de1e9e 100644
> > > --- a/drivers/staging/emxx_udc/emxx_udc.c
> > > +++ b/drivers/staging/emxx_udc/emxx_udc.c
> > > @@ -2998,7 +2998,7 @@ static void  nbu2ss_ep_fifo_flush(struct usb_ep *_ep)
> > >  	}
> > >  
> > >  	ep = container_of(_ep, struct nbu2ss_ep, ep);
> > > -	if (!_ep) {
> > > +	if (!ep) {
> > 
> > This is actually even worse, container_of() can't return NULL.  Or if it
> > does, something is really wrong (it can only happen if the field happens
> > to be the first field in the structure and the original pointer was
> > NULL).  So I would say that all tests for container_of (and
> > functions/macros that are just wrappers around container_of()) can just
> > be deleted as they will never be triggered.
> 
> Couldn't one say:
> 
> x = NULL;
> y = &x->whatever;
> z = container_of(y, struct blah, whatever);
> 
> and end up with z being NULL?

Yes, if you were really lucky.  If you are passing a pointer to
container_of() it had better be checked to be NULL before, not after,
the operation, as afterward makes no sense because this is just pointer
math happening.

thanks,

greg k-h

next prev parent reply	other threads:[~2015-04-04 16:54 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-04-04 14:59 [PATCH 0/2] test returned value Julia Lawall
2015-04-04 14:59 ` Julia Lawall
2015-04-04 14:59 ` [PATCH 1/2] clk: versatile: " Julia Lawall
2015-04-04 14:59   ` Julia Lawall
2015-04-08 18:25   ` Stephen Boyd
2015-04-08 18:25     ` Stephen Boyd
2015-04-09  7:30   ` Linus Walleij
2015-04-09  7:30     ` Linus Walleij
2015-04-09 15:23     ` Stephen Boyd
2015-04-09 15:23       ` Stephen Boyd
2015-04-04 14:59 ` [PATCH 2/2] staging: emxx_udc: " Julia Lawall
2015-04-04 14:59   ` Julia Lawall
2015-04-04 15:59   ` Dan Carpenter
2015-04-04 15:59     ` Dan Carpenter
2015-04-04 16:07     ` Greg Kroah-Hartman
2015-04-04 16:07       ` Greg Kroah-Hartman
2015-04-04 16:07   ` Greg Kroah-Hartman
2015-04-04 16:07     ` Greg Kroah-Hartman
2015-04-04 16:20     ` Julia Lawall
2015-04-04 16:20       ` Julia Lawall
2015-04-04 16:54       ` Greg Kroah-Hartman [this message]
2015-04-04 16:54         ` Greg Kroah-Hartman
2015-04-04 17:12       ` Dan Carpenter
2015-04-04 17:12         ` Dan Carpenter
2015-04-04 17:21         ` Julia Lawall
2015-04-04 17:21           ` Julia Lawall
2015-04-04 17:31           ` Dan Carpenter
2015-04-04 17:31             ` Dan Carpenter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150404165425.GA21227@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=devel@driverdev.osuosl.org \
    --cc=julia.lawall@lip6.fr \
    --cc=kernel-janitors@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.