[3/9] virt/kvm: correct error-handling code

Message ID	Pine.LNX.4.64.0907281752560.28189@ask.diku.dk (mailing list archive)
State	New, archived
Headers	show Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by demeter.kernel.org (8.14.2/8.14.2) with ESMTP id n6SFsXcA028296 for <patchwork-kvm@patchwork.kernel.org>; Tue, 28 Jul 2009 15:54:34 GMT Date: Tue, 28 Jul 2009 17:53:24 +0200 (CEST) From: Julia Lawall <julia@diku.dk> To: avi@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org Subject: [PATCH 3/9] virt/kvm: correct error-handling code Message-ID: <Pine.LNX.4.64.0907281752560.28189@ask.diku.dk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: kvm-owner@vger.kernel.org Precedence: bulk

Message ID

Pine.LNX.4.64.0907281752560.28189@ask.diku.dk (mailing list archive)

State

New, archived

Headers

Date: Tue, 28 Jul 2009 17:53:24 +0200 (CEST)
From: Julia Lawall <julia@diku.dk>
To: avi@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	kernel-janitors@vger.kernel.org
Subject: [PATCH 3/9] virt/kvm: correct error-handling code
Message-ID: <Pine.LNX.4.64.0907281752560.28189@ask.diku.dk>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Commit Message

Julia Lawall July 28, 2009, 3:53 p.m. UTC

From: Julia Lawall <julia@diku.dk>

This code is not executed before file has been initialized to the result of
calling eventfd_fget.  This function returns an ERR_PTR value in an error
case instead of NULL.  Thus the test that file is not NULL is always true.

A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@match exists@
expression x, E;
statement S1, S2;
@@

x = eventfd_fget(...)
... when != x = E
(
*  if (x == NULL || ...) S1 else S2
|
*  if (x == NULL && ...) S1 else S2
)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>

---
 virt/kvm/eventfd.c                  |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Avi Kivity Sept. 9, 2009, 2:42 p.m. UTC | #1

On 07/28/2009 06:53 PM, Julia Lawall wrote:
> From: Julia Lawall<julia@diku.dk>
>
> This code is not executed before file has been initialized to the result of
> calling eventfd_fget.  This function returns an ERR_PTR value in an error
> case instead of NULL.  Thus the test that file is not NULL is always true.
>
> A simplified version of the semantic match that finds this problem is as
> follows: (http://coccinelle.lip6.fr/)
>
> //<smpl>
> @match exists@
> expression x, E;
> statement S1, S2;
> @@
>
> x = eventfd_fget(...)
> ... when != x = E
> (
> *  if (x == NULL || ...) S1 else S2
> |
> *  if (x == NULL&&  ...) S1 else S2
> )
> //</smpl>
>
>    

Applied, thanks (yes, old patch, missed it).

diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c
index 99017e8..bb4ebd8 100644
--- a/virt/kvm/eventfd.c
+++ b/virt/kvm/eventfd.c
@@ -230,7 +230,7 @@  fail:
 	if (eventfd && !IS_ERR(eventfd))
 		eventfd_ctx_put(eventfd);
 
-	if (file && !IS_ERR(file))
+	if (!IS_ERR(file))
 		fput(file);
 
 	kfree(irqfd);

[3/9] virt/kvm: correct error-handling code

Commit Message

Comments

Patch