From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg Kroah-Hartman Date: Sat, 04 Apr 2015 16:54:25 +0000 Subject: Re: [PATCH 2/2] staging: emxx_udc: test returned value Message-Id: <20150404165425.GA21227@kroah.com> List-Id: References: <1428159570-19467-1-git-send-email-Julia.Lawall@lip6.fr> <1428159570-19467-3-git-send-email-Julia.Lawall@lip6.fr> <20150404160712.GA19278@kroah.com> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Julia Lawall Cc: kernel-janitors@vger.kernel.org, devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org On Sat, Apr 04, 2015 at 06:20:53PM +0200, Julia Lawall wrote: > > > On Sat, 4 Apr 2015, Greg Kroah-Hartman wrote: > > > On Sat, Apr 04, 2015 at 04:59:30PM +0200, Julia Lawall wrote: > > > Put NULL test on the result of the previous call instead on one of its > > > arguments. A simplified version of the semantic match that finds this > > > problem is as follows (http://coccinelle.lip6.fr/): > > > > > > // > > > r@ > > > expression *e1; > > > expression *e2; > > > identifier f; > > > statement S1,S2; > > > @@ > > > > > > e1 = f(...,e2,...); > > > ( > > > if (e1 = NULL || ...) S1 else S2 > > > | > > > *if (e2 = NULL || ...) S1 else S2 > > > ) > > > // > > > > > > Signed-off-by: Julia Lawall > > > > > > --- > > > drivers/staging/emxx_udc/emxx_udc.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/drivers/staging/emxx_udc/emxx_udc.c b/drivers/staging/emxx_udc/emxx_udc.c > > > index fbf82bc..7de1e9e 100644 > > > --- a/drivers/staging/emxx_udc/emxx_udc.c > > > +++ b/drivers/staging/emxx_udc/emxx_udc.c > > > @@ -2998,7 +2998,7 @@ static void nbu2ss_ep_fifo_flush(struct usb_ep *_ep) > > > } > > > > > > ep = container_of(_ep, struct nbu2ss_ep, ep); > > > - if (!_ep) { > > > + if (!ep) { > > > > This is actually even worse, container_of() can't return NULL. Or if it > > does, something is really wrong (it can only happen if the field happens > > to be the first field in the structure and the original pointer was > > NULL). So I would say that all tests for container_of (and > > functions/macros that are just wrappers around container_of()) can just > > be deleted as they will never be triggered. > > Couldn't one say: > > x = NULL; > y = &x->whatever; > z = container_of(y, struct blah, whatever); > > and end up with z being NULL? Yes, if you were really lucky. If you are passing a pointer to container_of() it had better be checked to be NULL before, not after, the operation, as afterward makes no sense because this is just pointer math happening. thanks, greg k-h