Vladimir Sementsov-Ogievskiy <vsement...@virtuozzo.com> writes: > Add script to find and fix trivial use-after-free of Error objects. > How to use: > spatch --sp-file scripts/coccinelle/auto-propagated-errp.cocci \ > --macro-file scripts/cocci-macro-file.h --in-place \ > --no-show-diff ( FILES... | --use-gitgrep . )
Pasto: you mean scripts/coccinelle/error-use-after-free.cocci. --use-gitgrep is just one of several methods. Any particular reason for recommending it over the others? > > Signed-off-by: Vladimir Sementsov-Ogievskiy <vsement...@virtuozzo.com> > --- > scripts/coccinelle/error-use-after-free.cocci | 52 +++++++++++++++++++ > MAINTAINERS | 1 + > 2 files changed, 53 insertions(+) > create mode 100644 scripts/coccinelle/error-use-after-free.cocci > > diff --git a/scripts/coccinelle/error-use-after-free.cocci > b/scripts/coccinelle/error-use-after-free.cocci > new file mode 100644 > index 0000000000..7cfa42355b > --- /dev/null > +++ b/scripts/coccinelle/error-use-after-free.cocci > @@ -0,0 +1,52 @@ > +// Find and fix trivial use-after-free of Error objects > +// > +// Copyright (c) 2020 Virtuozzo International GmbH. > +// > +// This program is free software; you can redistribute it and/or > +// modify it under the terms of the GNU General Public License as > +// published by the Free Software Foundation; either version 2 of the > +// License, or (at your option) any later version. > +// > +// This program is distributed in the hope that it will be useful, > +// but WITHOUT ANY WARRANTY; without even the implied warranty of > +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > +// GNU General Public License for more details. > +// > +// You should have received a copy of the GNU General Public License > +// along with this program. If not, see > +// <http://www.gnu.org/licenses/>. > +// > +// How to use: > +// spatch --sp-file scripts/coccinelle/auto-propagated-errp.cocci \ > +// --macro-file scripts/cocci-macro-file.h --in-place \ > +// --no-show-diff ( FILES... | --use-gitgrep . ) Same pasto. I doubt including basic spatch instructions with every script is a good idea. Better explain it in one place, with proper maintenance. scripts/coccinelle/README? We could be a bit more verbose there, e.g. to clarify required vs. suggested options. > + > +@ exists@ > +identifier fn, fn2; > +expression err; > +@@ > + > + fn(...) > + { > + <... > +( > + error_free(err); > ++ err = NULL; > +| > + error_report_err(err); > ++ err = NULL; > +| > + error_reportf_err(err, ...); > ++ err = NULL; > +| > + warn_report_err(err); > ++ err = NULL; > +| > + warn_reportf_err(err, ...); > ++ err = NULL; > +) > + ... when != err = NULL > + when != exit(...) > + fn2(..., err, ...) > + ...> > + } This inserts err = NULL after error_free() if there is a path to a certain kind of use of @err without such an assignment. The "when != exit()" part excludes certain "phony" paths. It's not a tight check; there are other ways to unconditionally terminate the process or jump elsewhere behind Coccinelle's back. Not a problem, the script is meant to have its output reviewed manually. Should we mention the need to review the script's output? > diff --git a/MAINTAINERS b/MAINTAINERS > index b5c86ec494..ba97cc43fc 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -2037,6 +2037,7 @@ F: include/qemu/error-report.h > F: qapi/error.json > F: util/error.c > F: util/qemu-error.c > +F: scripts/coccinelle/*err*.cocci Silently captures existing scripts in addition to this new one. Tolerable. The globbing looks rather brittle, though. > > GDB stub > M: Alex Bennée <alex.ben...@linaro.org>