From: Dan Carpenter <dan.carpenter@oracle.com>
To: Jakub Kicinski <kuba@kernel.org>,
Zhang Changzhong <zhangchangzhong@huawei.com>
Cc: linux-sparse@vger.kernel.org, linux-kernel@vger.kernel.org,
edwin.peer@broadcom.com
Subject: Re: sparse annotation for error types?
Date: Tue, 8 Dec 2020 16:28:44 +0300 [thread overview]
Message-ID: <20201208132844.GC2767@kadam> (raw)
In-Reply-To: <20201205143250.2378b9f9@kicinski-fedora-pc1c0hjn.DHCP.thefacebook.com>
Hi Zhang,
Are you using Coccinelle to detect these bugs?
On Sat, Dec 05, 2020 at 02:32:50PM -0800, Jakub Kicinski wrote:
> Hi!
>
> Recently we've been getting a steady stream of patches from Changzhong
> to fix missing assignment to error variables before jumping to error
> cases.
I've mucked about with this a little in Smatch trying to work out some
heuristics to use. I added a warning for a NULL return followed by a
goto. Then on Friday I added a warning for a _dev_err() print followed
by a goto. But neither of those rules catches the bug fixed by commit
4de377b65903 ("net: marvell: prestera: Fix error return code in
prestera_port_create()"), where the error was invalid data.
if (idx >= size)
goto free_whatever;
I'm going to print a warning if the function ends in a cleanup block
that can only be reached by gotos. We'll see how that works tomorrow.
static void match_return(struct statement *stmt)
{
struct sm_state *sm, *tmp;
sval_t sval;
char *name;
bool is_last;
// Only complain if the function returns a variable
if (!stmt->ret_value || stmt->ret_value->type != EXPR_SYMBOL)
return;
// The function returns an int
if (cur_func_return_type() != &int_ctype)
return;
// It's only reachable via a goto
if (get_state(my_id, "path", NULL) != &label)
return;
// It returns a negative error code
sm = get_extra_sm_state(stmt->ret_value);
if (!sm || !estate_rl(sm->state) ||
!sval_is_negative(rl_min(estate_rl(sm->state))))
return;
FOR_EACH_PTR(sm->possible, tmp) {
// There is at least one path where "ret" is zero
if (estate_get_single_value(tmp->state, &sval) &&
sval.value == 0)
goto warn;
} END_FOR_EACH_PTR(tmp);
return;
warn:
// It's the last statement of a function
is_last = is_last_stmt(stmt);
name = expr_to_str(stmt->ret_value);
sm_warning("missing error code '%s' rl='%s' is_last=%d", name, sm->state->name, is_last);
free_string(name);
}
regards,
dan carpenter
next prev parent reply other threads:[~2020-12-08 13:30 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-05 22:32 sparse annotation for error types? Jakub Kicinski
2020-12-05 23:10 ` Linus Torvalds
2020-12-06 0:13 ` Luc Van Oostenryck
2020-12-08 13:28 ` Dan Carpenter [this message]
2020-12-09 2:53 ` Zhang Changzhong
2020-12-19 11:55 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201208132844.GC2767@kadam \
--to=dan.carpenter@oracle.com \
--cc=edwin.peer@broadcom.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sparse@vger.kernel.org \
--cc=zhangchangzhong@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.