Re: [U-Boot] [PATCH 1/1] scripts/coccinelle: add some more coccinelle tests

2018-03-07 Thread Tom Rini
On Wed, Mar 07, 2018 at 02:57:19AM +0100, Heinrich Schuchardt wrote:

> kmerr: verify that malloc and calloc are followed by a check to verify
> that we are not out of memory.
> 
> badzero: Compare pointer-typed values to NULL rather than 0
> 
> Both checks are copied from the Linux kernel archive.
> 
> Signed-off-by: Heinrich Schuchardt 
> ---
>  scripts/coccinelle/null/badzero.cocci | 238 
> ++
>  scripts/coccinelle/null/kmerr.cocci   |  72 ++
>  2 files changed, 310 insertions(+)
>  create mode 100644 scripts/coccinelle/null/badzero.cocci
>  create mode 100644 scripts/coccinelle/null/kmerr.cocci
> 
> diff --git a/scripts/coccinelle/null/badzero.cocci 
> b/scripts/coccinelle/null/badzero.cocci
> new file mode 100644
> index 00..f597c8007b
> --- /dev/null
> +++ b/scripts/coccinelle/null/badzero.cocci
> @@ -0,0 +1,238 @@
> +/// Compare pointer-typed values to NULL rather than 0
> +///
> +//# This makes an effort to choose between !x and x == NULL.  !x is used
> +//# if it has previously been used with the function used to initialize x.
> +//# This relies on type information.  More type information can be obtained
> +//# using the option -all_includes and the option -I to specify an
> +//# include path.
> +//
> +// Confidence: High
> +// Copyright: (C) 2012 Julia Lawall, INRIA/LIP6.  GPLv2.
> +// Copyright: (C) 2012 Gilles Muller, INRIA/LiP6.  GPLv2.
> +// URL: http://coccinelle.lip6.fr/
> +// Requires: 1.0.0
> +// Options:

We should probably be adding an SPDX tag here.  Or, adding one in Linux
and pulling it in then?  Thanks!

-- 
Tom


signature.asc
Description: PGP signature
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot


[U-Boot] [PATCH 1/1] scripts/coccinelle: add some more coccinelle tests

2018-03-06 Thread Heinrich Schuchardt
kmerr: verify that malloc and calloc are followed by a check to verify
that we are not out of memory.

badzero: Compare pointer-typed values to NULL rather than 0

Both checks are copied from the Linux kernel archive.

Signed-off-by: Heinrich Schuchardt 
---
 scripts/coccinelle/null/badzero.cocci | 238 ++
 scripts/coccinelle/null/kmerr.cocci   |  72 ++
 2 files changed, 310 insertions(+)
 create mode 100644 scripts/coccinelle/null/badzero.cocci
 create mode 100644 scripts/coccinelle/null/kmerr.cocci

diff --git a/scripts/coccinelle/null/badzero.cocci 
b/scripts/coccinelle/null/badzero.cocci
new file mode 100644
index 00..f597c8007b
--- /dev/null
+++ b/scripts/coccinelle/null/badzero.cocci
@@ -0,0 +1,238 @@
+/// Compare pointer-typed values to NULL rather than 0
+///
+//# This makes an effort to choose between !x and x == NULL.  !x is used
+//# if it has previously been used with the function used to initialize x.
+//# This relies on type information.  More type information can be obtained
+//# using the option -all_includes and the option -I to specify an
+//# include path.
+//
+// Confidence: High
+// Copyright: (C) 2012 Julia Lawall, INRIA/LIP6.  GPLv2.
+// Copyright: (C) 2012 Gilles Muller, INRIA/LiP6.  GPLv2.
+// URL: http://coccinelle.lip6.fr/
+// Requires: 1.0.0
+// Options:
+
+virtual patch
+virtual context
+virtual org
+virtual report
+
+@initialize:ocaml@
+@@
+let negtable = Hashtbl.create 101
+
+@depends on patch@
+expression *E;
+identifier f;
+@@
+
+(
+  (E = f(...)) ==
+- 0
++ NULL
+|
+  (E = f(...)) !=
+- 0
++ NULL
+|
+- 0
++ NULL
+  == (E = f(...))
+|
+- 0
++ NULL
+  != (E = f(...))
+)
+
+
+@t1 depends on !patch@
+expression *E;
+identifier f;
+position p;
+@@
+
+(
+  (E = f(...)) ==
+* 0@p
+|
+  (E = f(...)) !=
+* 0@p
+|
+* 0@p
+  == (E = f(...))
+|
+* 0@p
+  != (E = f(...))
+)
+
+@script:python depends on org@
+p << t1.p;
+@@
+
+coccilib.org.print_todo(p[0], "WARNING comparing pointer to 0")
+
+@script:python depends on report@
+p << t1.p;
+@@
+
+coccilib.report.print_report(p[0], "WARNING comparing pointer to 0")
+
+// Tests of returned values
+
+@s@
+identifier f;
+expression E,E1;
+@@
+
+ E = f(...)
+ ... when != E = E1
+ !E
+
+@script:ocaml depends on s@
+f << s.f;
+@@
+
+try let _ = Hashtbl.find negtable f in ()
+with Not_found -> Hashtbl.add negtable f ()
+
+@ r disable is_zero,isnt_zero exists @
+expression *E;
+identifier f;
+@@
+
+E = f(...)
+...
+(E == 0
+|E != 0
+|0 == E
+|0 != E
+)
+
+@script:ocaml@
+f << r.f;
+@@
+
+try let _ = Hashtbl.find negtable f in ()
+with Not_found -> include_match false
+
+// This rule may lead to inconsistent path problems, if E is defined in two
+// places
+@ depends on patch disable is_zero,isnt_zero @
+expression *E;
+expression E1;
+identifier r.f;
+@@
+
+E = f(...)
+<...
+(
+- E == 0
++ !E
+|
+- E != 0
++ E
+|
+- 0 == E
++ !E
+|
+- 0 != E
++ E
+)
+...>
+?E = E1
+
+@t2 depends on !patch disable is_zero,isnt_zero @
+expression *E;
+expression E1;
+identifier r.f;
+position p1;
+position p2;
+@@
+
+E = f(...)
+<...
+(
+* E == 0@p1
+|
+* E != 0@p2
+|
+* 0@p1 == E
+|
+* 0@p1 != E
+)
+...>
+?E = E1
+
+@script:python depends on org@
+p << t2.p1;
+@@
+
+coccilib.org.print_todo(p[0], "WARNING comparing pointer to 0, suggest !E")
+
+@script:python depends on org@
+p << t2.p2;
+@@
+
+coccilib.org.print_todo(p[0], "WARNING comparing pointer to 0")
+
+@script:python depends on report@
+p << t2.p1;
+@@
+
+coccilib.report.print_report(p[0], "WARNING comparing pointer to 0, suggest 
!E")
+
+@script:python depends on report@
+p << t2.p2;
+@@
+
+coccilib.report.print_report(p[0], "WARNING comparing pointer to 0")
+
+@ depends on patch disable is_zero,isnt_zero @
+expression *E;
+@@
+
+(
+  E ==
+- 0
++ NULL
+|
+  E !=
+- 0
++ NULL
+|
+- 0
++ NULL
+  == E
+|
+- 0
++ NULL
+  != E
+)
+
+@ t3 depends on !patch disable is_zero,isnt_zero @
+expression *E;
+position p;
+@@
+
+(
+* E == 0@p
+|
+* E != 0@p
+|
+* 0@p == E
+|
+* 0@p != E
+)
+
+@script:python depends on org@
+p << t3.p;
+@@
+
+coccilib.org.print_todo(p[0], "WARNING comparing pointer to 0")
+
+@script:python depends on report@
+p << t3.p;
+@@
+
+coccilib.report.print_report(p[0], "WARNING comparing pointer to 0")
diff --git a/scripts/coccinelle/null/kmerr.cocci 
b/scripts/coccinelle/null/kmerr.cocci
new file mode 100644
index 00..2d600694a5
--- /dev/null
+++ b/scripts/coccinelle/null/kmerr.cocci
@@ -0,0 +1,72 @@
+/// This semantic patch looks for malloc etc that are not followed by a
+/// NULL check.  It only gives a report in the case where there is some
+/// error handling code later in the function, which may be helpful
+/// in determining what the error handling code for the call to malloc etc
+/// should be.
+///
+// Confidence: High
+// Copyright: (C) 2010 Nicolas Palix, DIKU.  GPLv2.
+// Copyright: (C) 2010 Julia Lawall, DIKU.  GPLv2.
+// Copyright: (C) 2010 Gilles Muller, INRIA/LiP6.  GPLv2.
+// URL: http://coccinelle.lip6.fr/
+// Comments:
+// O

[U-Boot] [PATCH 1/1] scripts/coccinelle: add some more coccinelle tests

2017-11-10 Thread Heinrich Schuchardt
Add some useful static code analysis scripts for coccinelle
copied from the Linux kernel v4.14-rc8:

Warn on check against NULL before calling free.
scripts/coccinelle/free/ifnullfree.cocci

Detect superfluous NULL check for list iterator.
scripts/coccinelle/iterators/itnull.cocci

Check if list iterator is reassigned.
scripts/coccinelle/iterators/list_entry_update.cocci

Check if list iterator is used after loop.
scripts/coccinelle/iterators/use_after_iter.cocci

Find wrong argument of sizeof in allocation function:
scripts/coccinelle/misc/badty.cocci

Signed-off-by: Heinrich Schuchardt 
---
 scripts/coccinelle/free/ifnullfree.cocci   |  59 +
 scripts/coccinelle/iterators/itnull.cocci  |  94 +
 .../coccinelle/iterators/list_entry_update.cocci   |  62 +
 scripts/coccinelle/iterators/use_after_iter.cocci  | 147 +
 scripts/coccinelle/misc/badty.cocci|  76 +++
 5 files changed, 438 insertions(+)
 create mode 100644 scripts/coccinelle/free/ifnullfree.cocci
 create mode 100644 scripts/coccinelle/iterators/itnull.cocci
 create mode 100644 scripts/coccinelle/iterators/list_entry_update.cocci
 create mode 100644 scripts/coccinelle/iterators/use_after_iter.cocci
 create mode 100644 scripts/coccinelle/misc/badty.cocci

diff --git a/scripts/coccinelle/free/ifnullfree.cocci 
b/scripts/coccinelle/free/ifnullfree.cocci
new file mode 100644
index 00..14a4cd98e8
--- /dev/null
+++ b/scripts/coccinelle/free/ifnullfree.cocci
@@ -0,0 +1,59 @@
+/// NULL check before some freeing functions is not needed.
+///
+/// Based on checkpatch warning
+/// "kfree(NULL) is safe this check is probably not required"
+/// and kfreeaddr.cocci by Julia Lawall.
+///
+// Copyright: (C) 2014 Fabian Frederick.  GPLv2.
+// Comments: -
+// Options: --no-includes --include-headers
+
+virtual patch
+virtual org
+virtual report
+virtual context
+
+@r2 depends on patch@
+expression E;
+@@
+- if (E != NULL)
+(
+  kfree(E);
+|
+  kzfree(E);
+|
+  debugfs_remove(E);
+|
+  debugfs_remove_recursive(E);
+|
+  usb_free_urb(E);
+|
+  kmem_cache_destroy(E);
+|
+  mempool_destroy(E);
+|
+  dma_pool_destroy(E);
+)
+
+@r depends on context || report || org @
+expression E;
+position p;
+@@
+
+* if (E != NULL)
+*  \(kfree@p\|kzfree@p\|debugfs_remove@p\|debugfs_remove_recursive@p\|
+* usb_free_urb@p\|kmem_cache_destroy@p\|mempool_destroy@p\|
+* dma_pool_destroy@p\)(E);
+
+@script:python depends on org@
+p << r.p;
+@@
+
+cocci.print_main("NULL check before that freeing function is not needed", p)
+
+@script:python depends on report@
+p << r.p;
+@@
+
+msg = "WARNING: NULL check before freeing functions like kfree, 
debugfs_remove, debugfs_remove_recursive or usb_free_urb is not needed. Maybe 
consider reorganizing relevant code to avoid passing NULL values."
+coccilib.report.print_report(p[0], msg)
diff --git a/scripts/coccinelle/iterators/itnull.cocci 
b/scripts/coccinelle/iterators/itnull.cocci
new file mode 100644
index 00..f58732b56a
--- /dev/null
+++ b/scripts/coccinelle/iterators/itnull.cocci
@@ -0,0 +1,94 @@
+/// Many iterators have the property that the first argument is always bound
+/// to a real list element, never NULL.
+//# False positives arise for some iterators that do not have this property,
+//# or in cases when the loop cursor is reassigned.  The latter should only
+//# happen when the matched code is on the way to a loop exit (break, goto,
+//# or return).
+///
+// Confidence: Moderate
+// Copyright: (C) 2010-2012 Nicolas Palix.  GPLv2.
+// Copyright: (C) 2010-2012 Julia Lawall, INRIA/LIP6.  GPLv2.
+// Copyright: (C) 2010-2012 Gilles Muller, INRIA/LiP6.  GPLv2.
+// URL: http://coccinelle.lip6.fr/
+// Comments:
+// Options: --no-includes --include-headers
+
+virtual patch
+virtual context
+virtual org
+virtual report
+
+@depends on patch@
+iterator I;
+expression x,E,E1,E2;
+statement S,S1,S2;
+@@
+
+I(x,...) { <...
+(
+- if (x == NULL && ...) S
+|
+- if (x != NULL || ...)
+  S
+|
+- (x == NULL) ||
+  E
+|
+- (x != NULL) &&
+  E
+|
+- (x == NULL && ...) ? E1 :
+  E2
+|
+- (x != NULL || ...) ?
+  E1
+- : E2
+|
+- if (x == NULL && ...) S1 else
+  S2
+|
+- if (x != NULL || ...)
+  S1
+- else S2
+|
++ BAD(
+  x == NULL
++ )
+|
++ BAD(
+  x != NULL
++ )
+)
+  ...> }
+
+@r depends on !patch exists@
+iterator I;
+expression x,E;
+position p1,p2;
+@@
+
+*I@p1(x,...)
+{ ... when != x = E
+(
+*  x@p2 == NULL
+|
+*  x@p2 != NULL
+)
+  ... when any
+}
+
+@script:python depends on org@
+p1 << r.p1;
+p2 << r.p2;
+@@
+
+cocci.print_main("iterator-bound variable",p1)
+cocci.print_secs("useless NULL test",p2)
+
+@script:python depends on report@
+p1 << r.p1;
+p2 << r.p2;
+@@
+
+msg = "ERROR: iterator variable bound on line %s cannot be NULL" % (p1[0].line)
+coccilib.report.print_report(p2[0], msg)
diff --git a/scripts/coccinelle/iterators/list_entry_update.cocci 
b/scripts/coccinelle/iterators/list_entry_update.cocci
new file mode 100644
index 0