tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

checkpatch: add uninitialized pointer with __free attribute check

Uinitialized pointers with __free attribute can cause undefined behavior
as the memory randomly assigned to the pointer is freed automatically when
the pointer goes out of scope. add check in checkpatch to detect such
issues.

Link: https://lkml.kernel.org/r/20251203-aheev-checkpatch-uninitialized-free-v7-1-841e3b31d8f3@gmail.com
Signed-off-by: Ally Heev <allyheev@gmail.com>
Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
Acked-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Cc: David Hunter <david.hunter.linux@gmail.com>
Cc: Dwaipayan Ray <dwaipayanray1@gmail.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: James Bottomley <james.bottomley@HansenPartnership.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com>
Cc: Menon, Nishanth <nm@ti.com>
Cc: Stephen Boyd <sboyd@kernel.org>
Cc: Viresh Kumar <vireshk@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Ally Heev and committed by
Andrew Morton 01da5216 e6b4d264

+29
+23
Documentation/dev-tools/checkpatch.rst
··· 1009 1009 1010 1010 return bar; 1011 1011 1012 + **UNINITIALIZED_PTR_WITH_FREE** 1013 + Pointers with __free attribute should be declared at the place of use 1014 + and initialized (see include/linux/cleanup.h). In this case 1015 + declarations at the top of the function rule can be relaxed. Not doing 1016 + so may lead to undefined behavior as the memory assigned (garbage, 1017 + in case not initialized) to the pointer is freed automatically when 1018 + the pointer goes out of scope. 1019 + 1020 + Also see: https://lore.kernel.org/lkml/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/ 1021 + 1022 + Example:: 1023 + 1024 + type var __free(free_func); 1025 + ... // var not used, but, in future someone might add a return here 1026 + var = malloc(var_size); 1027 + ... 1028 + 1029 + should be initialized as:: 1030 + 1031 + ... 1032 + type var __free(free_func) = malloc(var_size); 1033 + ... 1034 + 1012 1035 1013 1036 Permissions 1014 1037 -----------
+6
scripts/checkpatch.pl
··· 7732 7732 ERROR("MISSING_SENTINEL", "missing sentinel in ID array\n" . "$here\n$stat\n"); 7733 7733 } 7734 7734 } 7735 + 7736 + # check for uninitialized pointers with __free attribute 7737 + while ($line =~ /\*\s*($Ident)\s+__free\s*\(\s*$Ident\s*\)\s*[,;]/g) { 7738 + ERROR("UNINITIALIZED_PTR_WITH_FREE", 7739 + "pointer '$1' with __free attribute should be initialized\n" . $herecurr); 7740 + } 7735 7741 } 7736 7742 7737 7743 # If we have no input at all, then there is nothing to report on