Commit 01da5216 authored Dec 03, 2025 by Ally Heev Committed by Andrew Morton Dec 10, 2025

checkpatch: add uninitialized pointer with __free attribute check

Uinitialized pointers with __free attribute can cause undefined behavior
as the memory randomly assigned to the pointer is freed automatically when
the pointer goes out of scope.  add check in checkpatch to detect such
issues.

Link: https://lkml.kernel.org/r/20251203-aheev-checkpatch-uninitialized-free-v7-1-841e3b31d8f3@gmail.com


Signed-off-by: Ally Heev <allyheev@gmail.com>
Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/all/8a4c0b43-cf63-400d-b33d-d9c447b7e0b9@suswa.mountain/
Link: https://lore.kernel.org/all/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/


Acked-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Cc: David Hunter <david.hunter.linux@gmail.com>
Cc: Dwaipayan Ray <dwaipayanray1@gmail.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: James Bottomley <james.bottomley@HansenPartnership.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com>
Cc: Menon, Nishanth <nm@ti.com>
Cc: Stephen Boyd <sboyd@kernel.org>
Cc: Viresh Kumar <vireshk@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

parent e6b4d264

Documentation/dev-tools/checkpatch.rst

+23 −0

Original line number	Diff line number	Diff line
		@@ -1009,6 +1009,29 @@ Functions and Variables

		return bar;

		UNINITIALIZED_PTR_WITH_FREE
		Pointers with __free attribute should be declared at the place of use
		and initialized (see include/linux/cleanup.h). In this case
		declarations at the top of the function rule can be relaxed. Not doing
		so may lead to undefined behavior as the memory assigned (garbage,
		in case not initialized) to the pointer is freed automatically when
		the pointer goes out of scope.

		Also see: https://lore.kernel.org/lkml/58fd478f408a34b578ee8d949c5c4b4da4d4f41d.camel@HansenPartnership.com/

		Example::

		type var __free(free_func);
		... // var not used, but, in future someone might add a return here
		var = malloc(var_size);
		...

		should be initialized as::

		...
		type var __free(free_func) = malloc(var_size);
		...


		Permissions
		-----------

scripts/checkpatch.pl

+6 −0

Original line number	Diff line number	Diff line
		@@ -7732,6 +7732,12 @@ sub process {
		ERROR("MISSING_SENTINEL", "missing sentinel in ID array\n" . "$here\n$stat\n");
		}
		}

		# check for uninitialized pointers with __free attribute
		while ($line =~ /\\s($Ident)\s+__free\s$\s$Ident\s$\s[,;]/g) {
		ERROR("UNINITIALIZED_PTR_WITH_FREE",
		"pointer '$1' with __free attribute should be initialized\n" . $herecurr);
		}
		}

		# If we have no input at all, then there is nothing to report on