1. Patchew
  2. linux
  3. View series

[PATCH RESEND v6] checkpatch: add uninitialized pointer with __free attribute check

Ally Heev posted 1 patch 6 days, 10 hours ago 
Documentation/dev-tools/checkpatch.rst | 23 +++++++++++++++++++++++
scripts/checkpatch.pl                  |  6 ++++++
2 files changed, 29 insertions(+)
[PATCH RESEND v6] checkpatch: add uninitialized pointer with __free attribute check
Posted by Ally Heev 6 days, 10 hours ago 
uninitialized pointers with __free attribute can cause undefined
behavior as the memory randomly assigned to the pointer is freed
automatically when the pointer goes out of scope.
add check in checkpatch to detect such issues.

Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
Acked-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Ally Heev <allyheev@gmail.com>
---
Testing:
ran checkpatch.pl before and after the change on
crypto/asymmetric_keys/x509_public_key.c, which has
both initialized with NULL and uninitialized pointers
---
Changes in v6:
- added declaration at the place of use suggestion
- Link to v5: https://lore.kernel.org/r/20251124-aheev-checkpatch-uninitialized-free-v5-1-0c523b1a3f5a@gmail.com

Changes in v5:
- fixed checkpatch doc
- Link to v4: https://lore.kernel.org/r/20251107-aheev-checkpatch-uninitialized-free-v4-1-4822a6ac728f@gmail.com

Changes in v4:
- fixed UNINITIALIZED_PTR_WITH_FREE description
- Link to v3: https://lore.kernel.org/r/20251025-aheev-checkpatch-uninitialized-free-v3-1-a67f72b1c2bd@gmail.com

Changes in v3:
- remove $FreeAttribute
- Link to v2: https://lore.kernel.org/r/20251024-aheev-checkpatch-uninitialized-free-v2-0-16c0900e8130@gmail.com

Changes in v2:
- change cover letter and title to reflect new changes
- fix regex to handle multiple declarations in a single line case
- convert WARN to ERROR for uninitialized pointers
- add a new WARN for pointers initialized with NULL
- NOTE: tried handling multiple declarations on a single line by splitting
        them and matching the parts with regex, but, it turned out to be
	complex and overkill. Moreover, multi-line declarations pose a threat
- Link to v1: https://lore.kernel.org/r/20251021-aheev-checkpatch-uninitialized-free-v1-1-18fb01bc6a7a@gmail.com
---
 Documentation/dev-tools/checkpatch.rst | 23 +++++++++++++++++++++++
 scripts/checkpatch.pl                  |  6 ++++++
 2 files changed, 29 insertions(+)

diff --git a/Documentation/dev-tools/checkpatch.rst b/Documentation/dev-tools/checkpatch.rst
index d5c47e560324fb2399a5b1bc99c891ed1de10535..b6e02fb91e85710fecfc0a5e5c83a8e7f32d1d3c 100644
--- a/Documentation/dev-tools/checkpatch.rst
+++ b/Documentation/dev-tools/checkpatch.rst
@@ -1009,6 +1009,29 @@ Functions and Variables
 
       return bar;
 
+  **UNINITIALIZED_PTR_WITH_FREE**
+    Pointers with __free attribute should be declared at the place of use
+    and initialized (see include/linux/cleanup.h). In this case
+    declarations at the top of the function rule can be relaxed. Not doing
+    so may lead to undefined behavior as the memory assigned (garbage,
+    in case not initialized) to the pointer is freed automatically when
+    the pointer goes out of scope.
+
+    Also see: https://lore.kernel.org/lkml/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
+
+    Example::
+
+      type var __free(free_func);
+      ... // var not used, but, in future someone might add a return here
+      var = malloc(var_size);
+      ...
+
+    should be initialized as::
+
+      ...
+      type var __free(free_func) = malloc(var_size);
+      ...
+
 
 Permissions
 -----------
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index 92669904eecc7a8d2afd3f2625528e02b6d17cd6..e697d81d71c0b3628f7b59807e8bc40d582621bb 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -7721,6 +7721,12 @@ sub process {
 				ERROR("MISSING_SENTINEL", "missing sentinel in ID array\n" . "$here\n$stat\n");
 			}
 		}
+
+# check for uninitialized pointers with __free attribute
+		while ($line =~ /\*\s*($Ident)\s+__free\s*\(\s*$Ident\s*\)\s*[,;]/g) {
+			ERROR("UNINITIALIZED_PTR_WITH_FREE",
+			      "pointer '$1' with __free attribute should be initialized\n" . $herecurr);
+		}
 	}
 
 	# If we have no input at all, then there is nothing to report on

---
base-commit: 6548d364a3e850326831799d7e3ea2d7bb97ba08
change-id: 20251021-aheev-checkpatch-uninitialized-free-5c39f75e10a1

Best regards,
-- 
Ally Heev <allyheev@gmail.com>
Re: [PATCH RESEND v6] checkpatch: add uninitialized pointer with __free attribute check
Posted by Krzysztof Kozlowski 6 days, 8 hours ago 
On 25/11/2025 14:32, Ally Heev wrote:
> uninitialized pointers with __free attribute can cause undefined
> behavior as the memory randomly assigned to the pointer is freed
> automatically when the pointer goes out of scope.
> add check in checkpatch to detect such issues.
> 
> Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
> Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
> Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
> Acked-by: Dan Williams <dan.j.williams@intel.com>
> Signed-off-by: Ally Heev <allyheev@gmail.com>


<form letter>
This is a friendly reminder during the review process.

It looks like you received a tag and forgot to add it.

If you do not know the process, here is a short explanation:
Please add Acked-by/Reviewed-by/Tested-by tags when posting new versions
of patchset, under or above your Signed-off-by tag, unless patch changed
significantly (e.g. new properties added to the DT bindings). Tag is
"received", when provided in a message replied to you on the mailing
list. Tools like b4 can help here. However, there's no need to repost
patches *only* to add the tags. The upstream maintainer will do that for
tags received on the version they apply.

Please read:
https://elixir.bootlin.com/linux/v6.12-rc3/source/Documentation/process/submitting-patches.rst#L577

If a tag was not added on purpose, please state why and what changed.
</form letter>


Best regards,
Krzysztof
Re: [PATCH RESEND v6] checkpatch: add uninitialized pointer with __free attribute check
Posted by ally heev 6 days, 7 hours ago 
On Tue, 2025-11-25 at 16:09 +0100, Krzysztof Kozlowski wrote:
> On 25/11/2025 14:32, Ally Heev wrote:
> > uninitialized pointers with __free attribute can cause undefined
> > behavior as the memory randomly assigned to the pointer is freed
> > automatically when the pointer goes out of scope.
> > add check in checkpatch to detect such issues.
> > 
> > Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
> > Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
> > Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
> > Acked-by: Dan Williams <dan.j.williams@intel.com>
> > Signed-off-by: Ally Heev <allyheev@gmail.com>
> 
> 
> <form letter>
> This is a friendly reminder during the review process.
> 
> It looks like you received a tag and forgot to add it.
> 
> If you do not know the process, here is a short explanation:
> Please add Acked-by/Reviewed-by/Tested-by tags when posting new versions
> of patchset, under or above your Signed-off-by tag, unless patch changed
> significantly (e.g. new properties added to the DT bindings). Tag is
> "received", when provided in a message replied to you on the mailing
> list. Tools like b4 can help here. However, there's no need to repost
> patches *only* to add the tags. The upstream maintainer will do that for
> tags received on the version they apply.
> 
> Please read:
> https://elixir.bootlin.com/linux/v6.12-rc3/source/Documentation/process/submitting-patches.rst#L577
> 
> If a tag was not added on purpose, please state why and what changed.
> </form letter>
> 
> 
> Best regards,
> Krzysztof

Oopsie. I should have sent a new version instead of resending a failed
one. I have updated the `UNINITIALIZED_PTR_WITH_FREE` error description
in the checkpatch doc as outlined in v6 changelog, so, didn't add a
Reviewed-by tag

For some reason gmail blocked me from sending v6 to everyone in the
patch except me. b4 thought it successfully sent the patch and
incremented the version number. So, I had to resend it

Thanks,
Ally
Re: [PATCH RESEND v6] checkpatch: add uninitialized pointer with __free attribute check
Posted by Krzysztof Kozlowski 5 days, 15 hours ago 
On 25/11/2025 17:11, ally heev wrote:
> On Tue, 2025-11-25 at 16:09 +0100, Krzysztof Kozlowski wrote:
>> On 25/11/2025 14:32, Ally Heev wrote:
>>> uninitialized pointers with __free attribute can cause undefined
>>> behavior as the memory randomly assigned to the pointer is freed
>>> automatically when the pointer goes out of scope.
>>> add check in checkpatch to detect such issues.
>>>
>>> Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
>>> Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
>>> Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
>>> Acked-by: Dan Williams <dan.j.williams@intel.com>
>>> Signed-off-by: Ally Heev <allyheev@gmail.com>
>>
>>
>> <form letter>
>> This is a friendly reminder during the review process.
>>
>> It looks like you received a tag and forgot to add it.
>>
>> If you do not know the process, here is a short explanation:
>> Please add Acked-by/Reviewed-by/Tested-by tags when posting new versions
>> of patchset, under or above your Signed-off-by tag, unless patch changed
>> significantly (e.g. new properties added to the DT bindings). Tag is
>> "received", when provided in a message replied to you on the mailing
>> list. Tools like b4 can help here. However, there's no need to repost
>> patches *only* to add the tags. The upstream maintainer will do that for
>> tags received on the version they apply.
>>
>> Please read:
>> https://elixir.bootlin.com/linux/v6.12-rc3/source/Documentation/process/submitting-patches.rst#L577
>>
>> If a tag was not added on purpose, please state why and what changed.
>> </form letter>
>>
>>
>> Best regards,
>> Krzysztof
> 
> Oopsie. I should have sent a new version instead of resending a failed
> one. I have updated the `UNINITIALIZED_PTR_WITH_FREE` error description
> in the checkpatch doc as outlined in v6 changelog, so, didn't add a
> Reviewed-by tag


Again, your changelog should explain the reason. Second, you implemented
reviewer suggestion, received the tag so why do you think that Rb tag
does not apply?

Best regards,
Krzysztof
Re: [PATCH RESEND v6] checkpatch: add uninitialized pointer with __free attribute check
Posted by ally heev 5 days, 8 hours ago 
On Wed, 2025-11-26 at 09:10 +0100, Krzysztof Kozlowski wrote:
> On 25/11/2025 17:11, ally heev wrote:
> > On Tue, 2025-11-25 at 16:09 +0100, Krzysztof Kozlowski wrote:
> > > On 25/11/2025 14:32, Ally Heev wrote:
> > > > uninitialized pointers with __free attribute can cause undefined
> > > > behavior as the memory randomly assigned to the pointer is freed
> > > > automatically when the pointer goes out of scope.
> > > > add check in checkpatch to detect such issues.
> > > > 
> > > > Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
> > > > Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
> > > > Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/
> > > > Acked-by: Dan Williams <dan.j.williams@intel.com>
> > > > Signed-off-by: Ally Heev <allyheev@gmail.com>
> > > 
> > > 
> > > <form letter>
> > > This is a friendly reminder during the review process.
> > > 
> > > It looks like you received a tag and forgot to add it.
> > > 
> > > If you do not know the process, here is a short explanation:
> > > Please add Acked-by/Reviewed-by/Tested-by tags when posting new versions
> > > of patchset, under or above your Signed-off-by tag, unless patch changed
> > > significantly (e.g. new properties added to the DT bindings). Tag is
> > > "received", when provided in a message replied to you on the mailing
> > > list. Tools like b4 can help here. However, there's no need to repost
> > > patches *only* to add the tags. The upstream maintainer will do that for
> > > tags received on the version they apply.
> > > 
> > > Please read:
> > > https://elixir.bootlin.com/linux/v6.12-rc3/source/Documentation/process/submitting-patches.rst#L577
> > > 
> > > If a tag was not added on purpose, please state why and what changed.
> > > </form letter>
> > > 
> > > 
> > > Best regards,
> > > Krzysztof
> > 
> > Oopsie. I should have sent a new version instead of resending a failed
> > one. I have updated the `UNINITIALIZED_PTR_WITH_FREE` error description
> > in the checkpatch doc as outlined in v6 changelog, so, didn't add a
> > Reviewed-by tag
> 
> 
> Again, your changelog should explain the reason. Second, you implemented
> reviewer suggestion, received the tag so why do you think that Rb tag
> does not apply?
> 
> Best regards,
> Krzysztof

Sorry again :(. I thought the new changes, although minor, would entail
new comments. I have experienced this in my old patches

Regards,
Ally

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.