expression e, v, flags;
expression list args;
@@
-+ return
- json_log(v, flags, 0, args);
-+ json_log(v, flags, SYNTHETIC_ERRNO(e), args);
- return -e;
++ return json_log(v, flags, SYNTHETIC_ERRNO(e), args);
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e
+# FIXME:
+# - Coccinelle doesn't like our TEST() macros, which then causes name conflicts; i.e. Cocci can't process
+# that TEST(xsetxattr) yields test_xsetxattr() and uses just xsetxattr() in this case, which then conflicts
+# with the tested xsetxattr() function, leading up to the whole test case getting skipped due to
+# conflicting typedefs
+# - something keeps pulling in src/boot/efi/*.h stuff, even though it's excluded
+# - Coccinelle has issues with some of our more complex macros
+
# Exclude following paths from the Coccinelle transformations
EXCLUDED_PATHS=(
"src/boot/efi/*"
# Symlinked to test-bus-vtable-cc.cc, which causes issues with the IN_SET macro
"src/libsystemd/sd-bus/test-bus-vtable.c"
"src/libsystemd/sd-journal/lookup3.c"
+ # Ignore man examples, as they redefine some macros we use internally, which makes Coccinelle complain
+ # and ignore code that tries to use the redefined stuff
+ "man/*"
)
TOP_DIR="$(git rev-parse --show-toplevel)"
+CACHE_DIR="$(dirname "$0")/.coccinelle-cache"
ARGS=()
# Create an array from files tracked by git...
-mapfile -t FILES < <(git ls-files ':/*.[ch]')
+mapfile -t FILES < <(git ls-files ':/*.c')
# ...and filter everything that matches patterns from EXCLUDED_PATHS
for excl in "${EXCLUDED_PATHS[@]}"; do
# shellcheck disable=SC2206
[[ ${#@} -ne 0 ]] && SCRIPTS=("$@") || SCRIPTS=("$TOP_DIR"/coccinelle/*.cocci)
+mkdir -p "$CACHE_DIR"
+echo "--x-- Using Coccinelle cache directory: $CACHE_DIR"
+echo "--x--"
+echo "--x-- Note: running spatch for the first time without populated cache takes"
+echo "--x-- a _long_ time (15-30 minutes). Also, the cache is quite large"
+echo "--x-- (~15 GiB), so make sure you have enough free space."
+echo
+
for script in "${SCRIPTS[@]}"; do
echo "--x-- Processing $script --x--"
TMPFILE="$(mktemp)"
echo "+ spatch --sp-file $script ${ARGS[*]} ..."
- parallel --halt now,fail=1 --keep-order --noswap --max-args=20 \
- spatch --macro-file="$TOP_DIR/coccinelle/macros.h" --smpl-spacing --sp-file "$script" "${ARGS[@]}" ::: "${FILES[@]}" \
- 2>"$TMPFILE" || cat "$TMPFILE"
+ # A couple of notes:
+ #
+ # 1) Limit this to 10 files at once, as processing the ASTs is _very_ memory hungry - e.g. with 20 files
+ # at once one spatch process can take around 2.5 GiB of RAM, which can easily eat up all available RAM
+ # when paired together with parallel
+ #
+ # 2) Make sure spatch can find our includes via -I <dir>, similarly as we do when compiling stuff
+ #
+ # 3) Make sure to include includes from includes (--recursive-includes), but use them only to get type
+ # definitions (--include-headers-for-types) - otherwise we'd start formating them as well, which might be
+ # unwanted, especially for includes we fetch verbatim from third-parties
+ #
+ # 4) Use cache, since generating the full AST is _very_ expensive, i.e. the uncached run takes 15 - 30
+ # minutes (for one rule(!)), vs 30 - 90 seconds when the cache is populated. One major downside of the
+ # cache is that it's quite big - ATTOW the cache takes around 15 GiB, but the performance boost is
+ # definitely worth it
+ parallel --halt now,fail=1 --keep-order --noswap --max-args=10 \
+ spatch --cache-prefix "$CACHE_DIR" \
+ -I src \
+ --recursive-includes \
+ --include-headers-for-types \
+ --smpl-spacing \
+ --sp-file "$script" \
+ "${ARGS[@]}" ::: "${FILES[@]}" \
+ 2>"$TMPFILE" || cat "$TMPFILE"
+ rm -f "$TMPFILE"
echo -e "--x-- Processed $script --x--\n"
done
/* SPDX-License-Identifier: LGPL-2.1-or-later */
@@
position p : script:python() { p[0].file != "src/journal/lookup3.c" };
-identifier id;
-expression e;
+expression e,e1;
@@
-if (...)
-- {
+- if (e) {
++ if (e)
(
- id@p(...);
+ e1@p;
|
- e@p;
-)
-- }
-
-@@
-position p : script:python() { p[0].file != "src/journal/lookup3.c" };
-identifier id;
-expression e;
-@@
-if (...)
-- {
-(
- return id@p(...);
-|
- return e@p;
+ return e1@p;
)
- }
int r;
/* Drop Ex from the written setting. E.g. ExecStart=, not ExecStartEx=. */
- const char *written_name = is_ex_prop ? strndupa(name, strlen(name) - 2) : name;
+ const char *written_name = is_ex_prop ? strndupa_safe(name, strlen(name) - 2) : name;
r = sd_bus_message_enter_container(message, 'a', is_ex_prop ? "(sasas)" : "(sasb)");
if (r < 0)
SD_ID128_FORMAT_VAL(bid),
hostname_cleanup(hostname),
os_release_pretty_name(pretty_name, os_name),
- v ? v : "bare",
+ v ?: "bare",
usage,
cutoff_from,
cutoff_to);
return r;
}
- t->dont_send = !!(call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED);
+ t->dont_send = FLAGS_SET(call->header->flags, BUS_MESSAGE_NO_REPLY_EXPECTED);
t->enforced_reply_signature = call->enforced_reply_signature;
/* let's copy the sensitive flag over. Let's do that as a safety precaution to keep a transaction
/* And possibly check the third line, too */
if (b->accept_fd) {
l = lines[i++];
- b->can_fds = !!memory_startswith(l, lines[i] - l, "AGREE_UNIX_FD");
+ b->can_fds = memory_startswith(l, lines[i] - l, "AGREE_UNIX_FD");
}
assert(i == n);
assert_return(!bus->patch_sender, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->bus_client = !!b;
+ bus->bus_client = b;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->is_monitor = !!b;
+ bus->is_monitor = b;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->accept_fd = !!b;
+ bus->accept_fd = b;
return 0;
}
/* This is not actually supported by any of our transports these days, but we do honour it for synthetic
* replies, and maybe one day classic D-Bus learns this too */
- bus->attach_timestamp = !!b;
+ bus->attach_timestamp = b;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->is_server = !!b;
+ bus->is_server = b;
bus->server_id = server_id;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->anonymous_auth = !!b;
+ bus->anonymous_auth = b;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->trusted = !!b;
+ bus->trusted = b;
return 0;
}
assert_return(bus = bus_resolve(bus), -ENOPKG);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->allow_interactive_authorization = !!b;
+ bus->allow_interactive_authorization = b;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->watch_bind = !!b;
+ bus->watch_bind = b;
return 0;
}
assert_return(bus->state == BUS_UNSET, -EPERM);
assert_return(!bus_origin_changed(bus), -ECHILD);
- bus->connected_signal = !!b;
+ bus->connected_signal = b;
return 0;
}
}
assert_se(sd_bus_message_exit_container(reply) >= 0);
- if (streq(path, "/value/a")) {
+ if (streq(path, "/value/a"))
/* ObjectManager must be here */
assert_se(found_object_manager_interface);
- }
} else
assert_se(sd_bus_message_skip(reply, "a{sa{sv}}") >= 0);
}
}
- e->watchdog = !!b;
+ e->watchdog = b;
return e->watchdog;
fail:
log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
ctx = kmod_new(NULL, NULL);
- if (!ctx) {
- log_error("Failed to allocate memory for kmod.");
- return -ENOMEM;
- }
+ if (!ctx)
+ return log_oom();
kmod_load_resources(ctx);
kmod_set_log_fn(ctx, systemd_kmod_log, NULL);
}
r = sd_ndisc_router_route_get_preference(rt, &preference);
- if (r == -ENOTSUP) {
+ if (r == -EOPNOTSUPP) {
log_link_debug_errno(link, r, "Received route prefix with unsupported preference, ignoring: %m");
return 0;
}
return 0;
}
- if (IN_SET(usec, 0, USEC_INFINITY) ||
+ if (!timestamp_is_set(usec) ||
DIV_ROUND_UP(usec, USEC_PER_MSEC) > UINT32_MAX) {
log_syntax(unit, LOG_WARNING, filename, line, 0,
"Route TCP retransmission timeout (RTO) must be in the range 0…%"PRIu32"ms, ignoring assignment: %s", UINT32_MAX, rvalue);
if (r < 0)
return r;
- if (strv_isempty(rule.names)) {
- json_log(e, flags, 0, "System call name list is empty.");
- return -EINVAL;
- }
+ if (strv_isempty(rule.names))
+ return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "System call name list is empty.");
STRV_FOREACH(i, rule.names) {
int nr;
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert PKCS7 signature to DER: %s",
ERR_error_string(ERR_get_error(), NULL));
- ret_signature->iov_base = TAKE_PTR(sig);
- ret_signature->iov_len = sigsz;
+ *ret_signature = IOVEC_MAKE(TAKE_PTR(sig), sigsz);
return 0;
#else
r = pidref_kill(&pidref, sig);
if (r < 0) {
- if (errno != -ESRCH)
+ if (r != -ESRCH)
log_warning_errno(errno, "Could not kill " PID_FMT ", ignoring: %m", pidref.pid);
} else {
n_killed++;
session ? session->esys_handle : ESYS_TR_PASSWORD,
ESYS_TR_NONE,
ESYS_TR_NONE,
- sensitive ? sensitive : &(TPM2B_SENSITIVE_CREATE) {},
+ sensitive ?: &(TPM2B_SENSITIVE_CREATE) {},
template,
/* outsideInfo= */ NULL,
&(TPML_PCR_SELECTION) {},
"Failed to unseal data: %s", sym_Tss2_RC_Decode(rc));
_cleanup_(iovec_done) struct iovec d = {};
- d = (struct iovec) {
- .iov_base = memdup(unsealed->buffer, unsealed->size),
- .iov_len = unsealed->size,
- };
+ d = IOVEC_MAKE(memdup(unsealed->buffer, unsealed->size), unsealed->size);
explicit_bzero_safe(unsealed->buffer, unsealed->size);
return r; /* Already logged by unit_find_paths() */
if (!path) {
- if (!arg_force) {
- log_info("Run 'systemctl edit%s --force --full %s' to create a new unit.",
- arg_runtime_scope == RUNTIME_SCOPE_GLOBAL ? " --global" :
- arg_runtime_scope == RUNTIME_SCOPE_USER ? " --user" : "",
- *name);
- return -ENOENT;
- }
+ if (!arg_force)
+ return log_info_errno(SYNTHETIC_ERRNO(ENOENT),
+ "Run 'systemctl edit%s --force --full %s' to create a new unit.",
+ arg_runtime_scope == RUNTIME_SCOPE_GLOBAL ? " --global" :
+ arg_runtime_scope == RUNTIME_SCOPE_USER ? " --user" : "",
+ *name);
/* Create a new unit from scratch */
r = unit_file_create_new(
(void) fd_add_uid_acl_permission(fd, 1, ACL_READ|ACL_WRITE|ACL_EXECUTE);
assert_se(fstat(fd, &st) >= 0);
- assert_se((st.st_mode & 0200) == 0200);
+ assert_se(FLAGS_SET(st.st_mode, 0200));
cmd = strjoina("getfacl -p ", fn);
assert_se(system(cmd) == 0);
int r;
r = uid_range_load_userns(&p, NULL);
- if (r < 0 && ERRNO_IS_NOT_SUPPORTED(r))
+ if (ERRNO_IS_NEG_NOT_SUPPORTED(r))
return;
assert_se(r >= 0);
return -ENXIO;
end += strspn(end, DIGITS);
- sysname = strndupa(sysname, end - sysname);
+ sysname = strndupa_safe(sysname, end - sysname);
r = sd_device_new_from_subsystem_sysname(&nvme, "nvme", sysname);
if (r < 0)