From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org, Jie Deng <jie.deng@intel.com>,
linux-i2c@vger.kernel.org,
virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org
Cc: lkp@intel.com, kbuild-all@lists.01.org, mst@redhat.com,
jasowang@redhat.com, wsa+renesas@sang-engineering.com,
wsa@kernel.org, andriy.shevchenko@linux.intel.com,
jarkko.nikula@linux.intel.com, jdelvare@suse.de
Subject: Re: [PATCH v2] i2c: virtio: add a virtio i2c frontend driver
Date: Mon, 14 Sep 2020 17:48:07 +0300 [thread overview]
Message-ID: <20200914144807.GC4282@kadam> (raw)
In-Reply-To: <c4bd4fd56df36864ed34d3572f00b2b838fd833a.1599795029.git.jie.deng@intel.com>
[-- Attachment #1: Type: text/plain, Size: 4878 bytes --]
Hi Jie,
url: https://github.com/0day-ci/linux/commits/Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
base: https://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux.git i2c/for-next
config: parisc-randconfig-m031-20200913 (attached as .config)
compiler: hppa-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
drivers/i2c/busses/i2c-virtio.c:160 virtio_i2c_xfer() error: we previously assumed 'vmsg' could be null (see line 137)
# https://github.com/0day-ci/linux/commit/0a54ec771966748fcbc86256b830b5f786168b7d
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
git checkout 0a54ec771966748fcbc86256b830b5f786168b7d
vim +/vmsg +160 drivers/i2c/busses/i2c-virtio.c
0a54ec77196674 Jie Deng 2020-09-11 109 static int virtio_i2c_xfer(struct i2c_adapter *adap, struct i2c_msg *msgs, int num)
0a54ec77196674 Jie Deng 2020-09-11 110 {
0a54ec77196674 Jie Deng 2020-09-11 111 struct virtio_i2c *vi = i2c_get_adapdata(adap);
0a54ec77196674 Jie Deng 2020-09-11 112 struct virtqueue *vq = vi->vq;
0a54ec77196674 Jie Deng 2020-09-11 113 struct virtio_i2c_msg *vmsg;
0a54ec77196674 Jie Deng 2020-09-11 114 unsigned long time_left;
0a54ec77196674 Jie Deng 2020-09-11 115 int len, i, ret = 0;
0a54ec77196674 Jie Deng 2020-09-11 116
0a54ec77196674 Jie Deng 2020-09-11 117 mutex_lock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 118 vmsg = &vi->vmsg;
0a54ec77196674 Jie Deng 2020-09-11 119 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 120
0a54ec77196674 Jie Deng 2020-09-11 121 for (i = 0; i < num; i++) {
0a54ec77196674 Jie Deng 2020-09-11 122 ret = virtio_i2c_add_msg(vq, vmsg, &msgs[i]);
0a54ec77196674 Jie Deng 2020-09-11 123 if (ret) {
0a54ec77196674 Jie Deng 2020-09-11 124 dev_err(&adap->dev, "failed to add msg[%d] to virtqueue.\n", i);
0a54ec77196674 Jie Deng 2020-09-11 125 break;
0a54ec77196674 Jie Deng 2020-09-11 126 }
0a54ec77196674 Jie Deng 2020-09-11 127
0a54ec77196674 Jie Deng 2020-09-11 128 virtqueue_kick(vq);
0a54ec77196674 Jie Deng 2020-09-11 129
0a54ec77196674 Jie Deng 2020-09-11 130 time_left = wait_for_completion_timeout(&vi->completion, adap->timeout);
0a54ec77196674 Jie Deng 2020-09-11 131 if (!time_left) {
0a54ec77196674 Jie Deng 2020-09-11 132 dev_err(&adap->dev, "msg[%d]: addr=0x%x timeout.\n", i, msgs[i].addr);
0a54ec77196674 Jie Deng 2020-09-11 133 break;
0a54ec77196674 Jie Deng 2020-09-11 134 }
0a54ec77196674 Jie Deng 2020-09-11 135
0a54ec77196674 Jie Deng 2020-09-11 136 vmsg = (struct virtio_i2c_msg *)virtqueue_get_buf(vq, &len);
0a54ec77196674 Jie Deng 2020-09-11 @137 if (vmsg) {
^^^^
Check for NULL.
0a54ec77196674 Jie Deng 2020-09-11 138 /* vmsg should point to the same address with &vi->vmsg */
0a54ec77196674 Jie Deng 2020-09-11 139 if (vmsg != &vi->vmsg) {
0a54ec77196674 Jie Deng 2020-09-11 140 dev_err(&adap->dev, "msg[%d]: addr=0x%x virtqueue error.\n",
0a54ec77196674 Jie Deng 2020-09-11 141 i, le16_to_cpu(vmsg->hdr.addr));
0a54ec77196674 Jie Deng 2020-09-11 142 break;
0a54ec77196674 Jie Deng 2020-09-11 143 }
0a54ec77196674 Jie Deng 2020-09-11 144 if (vmsg->status != VIRTIO_I2C_MSG_OK) {
0a54ec77196674 Jie Deng 2020-09-11 145 dev_err(&adap->dev, "msg[%d]: addr=0x%x error=%d.\n",
0a54ec77196674 Jie Deng 2020-09-11 146 i, le16_to_cpu(vmsg->hdr.addr), vmsg->status);
0a54ec77196674 Jie Deng 2020-09-11 147 break;
0a54ec77196674 Jie Deng 2020-09-11 148 }
0a54ec77196674 Jie Deng 2020-09-11 149 if ((msgs[i].flags & I2C_M_RD) && msgs[i].len)
0a54ec77196674 Jie Deng 2020-09-11 150 memcpy(msgs[i].buf, vmsg->buf, msgs[i].len);
0a54ec77196674 Jie Deng 2020-09-11 151
0a54ec77196674 Jie Deng 2020-09-11 152 kfree(vmsg->buf);
0a54ec77196674 Jie Deng 2020-09-11 153 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 154 }
0a54ec77196674 Jie Deng 2020-09-11 155
0a54ec77196674 Jie Deng 2020-09-11 156 reinit_completion(&vi->completion);
0a54ec77196674 Jie Deng 2020-09-11 157 }
0a54ec77196674 Jie Deng 2020-09-11 158
0a54ec77196674 Jie Deng 2020-09-11 159 mutex_unlock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 @160 kfree(vmsg->buf);
^^^^^^^^^
Unchecked dereference.
0a54ec77196674 Jie Deng 2020-09-11 161 return ((ret < 0) ? ret : i);
0a54ec77196674 Jie Deng 2020-09-11 162 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 28062 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org, Jie Deng <jie.deng@intel.com>,
linux-i2c@vger.kernel.org,
virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org
Cc: kbuild-all@lists.01.org, lkp@intel.com, mst@redhat.com,
wsa@kernel.org, wsa+renesas@sang-engineering.com,
jarkko.nikula@linux.intel.com, andriy.shevchenko@linux.intel.com,
jdelvare@suse.de
Subject: Re: [PATCH v2] i2c: virtio: add a virtio i2c frontend driver
Date: Mon, 14 Sep 2020 17:48:07 +0300 [thread overview]
Message-ID: <20200914144807.GC4282@kadam> (raw)
In-Reply-To: <c4bd4fd56df36864ed34d3572f00b2b838fd833a.1599795029.git.jie.deng@intel.com>
[-- Attachment #1: Type: text/plain, Size: 4878 bytes --]
Hi Jie,
url: https://github.com/0day-ci/linux/commits/Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
base: https://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux.git i2c/for-next
config: parisc-randconfig-m031-20200913 (attached as .config)
compiler: hppa-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
drivers/i2c/busses/i2c-virtio.c:160 virtio_i2c_xfer() error: we previously assumed 'vmsg' could be null (see line 137)
# https://github.com/0day-ci/linux/commit/0a54ec771966748fcbc86256b830b5f786168b7d
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
git checkout 0a54ec771966748fcbc86256b830b5f786168b7d
vim +/vmsg +160 drivers/i2c/busses/i2c-virtio.c
0a54ec77196674 Jie Deng 2020-09-11 109 static int virtio_i2c_xfer(struct i2c_adapter *adap, struct i2c_msg *msgs, int num)
0a54ec77196674 Jie Deng 2020-09-11 110 {
0a54ec77196674 Jie Deng 2020-09-11 111 struct virtio_i2c *vi = i2c_get_adapdata(adap);
0a54ec77196674 Jie Deng 2020-09-11 112 struct virtqueue *vq = vi->vq;
0a54ec77196674 Jie Deng 2020-09-11 113 struct virtio_i2c_msg *vmsg;
0a54ec77196674 Jie Deng 2020-09-11 114 unsigned long time_left;
0a54ec77196674 Jie Deng 2020-09-11 115 int len, i, ret = 0;
0a54ec77196674 Jie Deng 2020-09-11 116
0a54ec77196674 Jie Deng 2020-09-11 117 mutex_lock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 118 vmsg = &vi->vmsg;
0a54ec77196674 Jie Deng 2020-09-11 119 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 120
0a54ec77196674 Jie Deng 2020-09-11 121 for (i = 0; i < num; i++) {
0a54ec77196674 Jie Deng 2020-09-11 122 ret = virtio_i2c_add_msg(vq, vmsg, &msgs[i]);
0a54ec77196674 Jie Deng 2020-09-11 123 if (ret) {
0a54ec77196674 Jie Deng 2020-09-11 124 dev_err(&adap->dev, "failed to add msg[%d] to virtqueue.\n", i);
0a54ec77196674 Jie Deng 2020-09-11 125 break;
0a54ec77196674 Jie Deng 2020-09-11 126 }
0a54ec77196674 Jie Deng 2020-09-11 127
0a54ec77196674 Jie Deng 2020-09-11 128 virtqueue_kick(vq);
0a54ec77196674 Jie Deng 2020-09-11 129
0a54ec77196674 Jie Deng 2020-09-11 130 time_left = wait_for_completion_timeout(&vi->completion, adap->timeout);
0a54ec77196674 Jie Deng 2020-09-11 131 if (!time_left) {
0a54ec77196674 Jie Deng 2020-09-11 132 dev_err(&adap->dev, "msg[%d]: addr=0x%x timeout.\n", i, msgs[i].addr);
0a54ec77196674 Jie Deng 2020-09-11 133 break;
0a54ec77196674 Jie Deng 2020-09-11 134 }
0a54ec77196674 Jie Deng 2020-09-11 135
0a54ec77196674 Jie Deng 2020-09-11 136 vmsg = (struct virtio_i2c_msg *)virtqueue_get_buf(vq, &len);
0a54ec77196674 Jie Deng 2020-09-11 @137 if (vmsg) {
^^^^
Check for NULL.
0a54ec77196674 Jie Deng 2020-09-11 138 /* vmsg should point to the same address with &vi->vmsg */
0a54ec77196674 Jie Deng 2020-09-11 139 if (vmsg != &vi->vmsg) {
0a54ec77196674 Jie Deng 2020-09-11 140 dev_err(&adap->dev, "msg[%d]: addr=0x%x virtqueue error.\n",
0a54ec77196674 Jie Deng 2020-09-11 141 i, le16_to_cpu(vmsg->hdr.addr));
0a54ec77196674 Jie Deng 2020-09-11 142 break;
0a54ec77196674 Jie Deng 2020-09-11 143 }
0a54ec77196674 Jie Deng 2020-09-11 144 if (vmsg->status != VIRTIO_I2C_MSG_OK) {
0a54ec77196674 Jie Deng 2020-09-11 145 dev_err(&adap->dev, "msg[%d]: addr=0x%x error=%d.\n",
0a54ec77196674 Jie Deng 2020-09-11 146 i, le16_to_cpu(vmsg->hdr.addr), vmsg->status);
0a54ec77196674 Jie Deng 2020-09-11 147 break;
0a54ec77196674 Jie Deng 2020-09-11 148 }
0a54ec77196674 Jie Deng 2020-09-11 149 if ((msgs[i].flags & I2C_M_RD) && msgs[i].len)
0a54ec77196674 Jie Deng 2020-09-11 150 memcpy(msgs[i].buf, vmsg->buf, msgs[i].len);
0a54ec77196674 Jie Deng 2020-09-11 151
0a54ec77196674 Jie Deng 2020-09-11 152 kfree(vmsg->buf);
0a54ec77196674 Jie Deng 2020-09-11 153 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 154 }
0a54ec77196674 Jie Deng 2020-09-11 155
0a54ec77196674 Jie Deng 2020-09-11 156 reinit_completion(&vi->completion);
0a54ec77196674 Jie Deng 2020-09-11 157 }
0a54ec77196674 Jie Deng 2020-09-11 158
0a54ec77196674 Jie Deng 2020-09-11 159 mutex_unlock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 @160 kfree(vmsg->buf);
^^^^^^^^^
Unchecked dereference.
0a54ec77196674 Jie Deng 2020-09-11 161 return ((ret < 0) ? ret : i);
0a54ec77196674 Jie Deng 2020-09-11 162 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 28062 bytes --]
[-- Attachment #3: Type: text/plain, Size: 183 bytes --]
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org
Subject: Re: [PATCH v2] i2c: virtio: add a virtio i2c frontend driver
Date: Mon, 14 Sep 2020 17:48:07 +0300 [thread overview]
Message-ID: <20200914144807.GC4282@kadam> (raw)
In-Reply-To: <c4bd4fd56df36864ed34d3572f00b2b838fd833a.1599795029.git.jie.deng@intel.com>
[-- Attachment #1: Type: text/plain, Size: 4962 bytes --]
Hi Jie,
url: https://github.com/0day-ci/linux/commits/Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
base: https://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux.git i2c/for-next
config: parisc-randconfig-m031-20200913 (attached as .config)
compiler: hppa-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
drivers/i2c/busses/i2c-virtio.c:160 virtio_i2c_xfer() error: we previously assumed 'vmsg' could be null (see line 137)
# https://github.com/0day-ci/linux/commit/0a54ec771966748fcbc86256b830b5f786168b7d
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
git checkout 0a54ec771966748fcbc86256b830b5f786168b7d
vim +/vmsg +160 drivers/i2c/busses/i2c-virtio.c
0a54ec77196674 Jie Deng 2020-09-11 109 static int virtio_i2c_xfer(struct i2c_adapter *adap, struct i2c_msg *msgs, int num)
0a54ec77196674 Jie Deng 2020-09-11 110 {
0a54ec77196674 Jie Deng 2020-09-11 111 struct virtio_i2c *vi = i2c_get_adapdata(adap);
0a54ec77196674 Jie Deng 2020-09-11 112 struct virtqueue *vq = vi->vq;
0a54ec77196674 Jie Deng 2020-09-11 113 struct virtio_i2c_msg *vmsg;
0a54ec77196674 Jie Deng 2020-09-11 114 unsigned long time_left;
0a54ec77196674 Jie Deng 2020-09-11 115 int len, i, ret = 0;
0a54ec77196674 Jie Deng 2020-09-11 116
0a54ec77196674 Jie Deng 2020-09-11 117 mutex_lock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 118 vmsg = &vi->vmsg;
0a54ec77196674 Jie Deng 2020-09-11 119 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 120
0a54ec77196674 Jie Deng 2020-09-11 121 for (i = 0; i < num; i++) {
0a54ec77196674 Jie Deng 2020-09-11 122 ret = virtio_i2c_add_msg(vq, vmsg, &msgs[i]);
0a54ec77196674 Jie Deng 2020-09-11 123 if (ret) {
0a54ec77196674 Jie Deng 2020-09-11 124 dev_err(&adap->dev, "failed to add msg[%d] to virtqueue.\n", i);
0a54ec77196674 Jie Deng 2020-09-11 125 break;
0a54ec77196674 Jie Deng 2020-09-11 126 }
0a54ec77196674 Jie Deng 2020-09-11 127
0a54ec77196674 Jie Deng 2020-09-11 128 virtqueue_kick(vq);
0a54ec77196674 Jie Deng 2020-09-11 129
0a54ec77196674 Jie Deng 2020-09-11 130 time_left = wait_for_completion_timeout(&vi->completion, adap->timeout);
0a54ec77196674 Jie Deng 2020-09-11 131 if (!time_left) {
0a54ec77196674 Jie Deng 2020-09-11 132 dev_err(&adap->dev, "msg[%d]: addr=0x%x timeout.\n", i, msgs[i].addr);
0a54ec77196674 Jie Deng 2020-09-11 133 break;
0a54ec77196674 Jie Deng 2020-09-11 134 }
0a54ec77196674 Jie Deng 2020-09-11 135
0a54ec77196674 Jie Deng 2020-09-11 136 vmsg = (struct virtio_i2c_msg *)virtqueue_get_buf(vq, &len);
0a54ec77196674 Jie Deng 2020-09-11 @137 if (vmsg) {
^^^^
Check for NULL.
0a54ec77196674 Jie Deng 2020-09-11 138 /* vmsg should point to the same address with &vi->vmsg */
0a54ec77196674 Jie Deng 2020-09-11 139 if (vmsg != &vi->vmsg) {
0a54ec77196674 Jie Deng 2020-09-11 140 dev_err(&adap->dev, "msg[%d]: addr=0x%x virtqueue error.\n",
0a54ec77196674 Jie Deng 2020-09-11 141 i, le16_to_cpu(vmsg->hdr.addr));
0a54ec77196674 Jie Deng 2020-09-11 142 break;
0a54ec77196674 Jie Deng 2020-09-11 143 }
0a54ec77196674 Jie Deng 2020-09-11 144 if (vmsg->status != VIRTIO_I2C_MSG_OK) {
0a54ec77196674 Jie Deng 2020-09-11 145 dev_err(&adap->dev, "msg[%d]: addr=0x%x error=%d.\n",
0a54ec77196674 Jie Deng 2020-09-11 146 i, le16_to_cpu(vmsg->hdr.addr), vmsg->status);
0a54ec77196674 Jie Deng 2020-09-11 147 break;
0a54ec77196674 Jie Deng 2020-09-11 148 }
0a54ec77196674 Jie Deng 2020-09-11 149 if ((msgs[i].flags & I2C_M_RD) && msgs[i].len)
0a54ec77196674 Jie Deng 2020-09-11 150 memcpy(msgs[i].buf, vmsg->buf, msgs[i].len);
0a54ec77196674 Jie Deng 2020-09-11 151
0a54ec77196674 Jie Deng 2020-09-11 152 kfree(vmsg->buf);
0a54ec77196674 Jie Deng 2020-09-11 153 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 154 }
0a54ec77196674 Jie Deng 2020-09-11 155
0a54ec77196674 Jie Deng 2020-09-11 156 reinit_completion(&vi->completion);
0a54ec77196674 Jie Deng 2020-09-11 157 }
0a54ec77196674 Jie Deng 2020-09-11 158
0a54ec77196674 Jie Deng 2020-09-11 159 mutex_unlock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 @160 kfree(vmsg->buf);
^^^^^^^^^
Unchecked dereference.
0a54ec77196674 Jie Deng 2020-09-11 161 return ((ret < 0) ? ret : i);
0a54ec77196674 Jie Deng 2020-09-11 162 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 28062 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH v2] i2c: virtio: add a virtio i2c frontend driver
Date: Mon, 14 Sep 2020 17:48:07 +0300 [thread overview]
Message-ID: <20200914144807.GC4282@kadam> (raw)
In-Reply-To: <c4bd4fd56df36864ed34d3572f00b2b838fd833a.1599795029.git.jie.deng@intel.com>
[-- Attachment #1: Type: text/plain, Size: 4962 bytes --]
Hi Jie,
url: https://github.com/0day-ci/linux/commits/Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
base: https://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux.git i2c/for-next
config: parisc-randconfig-m031-20200913 (attached as .config)
compiler: hppa-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
drivers/i2c/busses/i2c-virtio.c:160 virtio_i2c_xfer() error: we previously assumed 'vmsg' could be null (see line 137)
# https://github.com/0day-ci/linux/commit/0a54ec771966748fcbc86256b830b5f786168b7d
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Jie-Deng/i2c-virtio-add-a-virtio-i2c-frontend-driver/20200911-115013
git checkout 0a54ec771966748fcbc86256b830b5f786168b7d
vim +/vmsg +160 drivers/i2c/busses/i2c-virtio.c
0a54ec77196674 Jie Deng 2020-09-11 109 static int virtio_i2c_xfer(struct i2c_adapter *adap, struct i2c_msg *msgs, int num)
0a54ec77196674 Jie Deng 2020-09-11 110 {
0a54ec77196674 Jie Deng 2020-09-11 111 struct virtio_i2c *vi = i2c_get_adapdata(adap);
0a54ec77196674 Jie Deng 2020-09-11 112 struct virtqueue *vq = vi->vq;
0a54ec77196674 Jie Deng 2020-09-11 113 struct virtio_i2c_msg *vmsg;
0a54ec77196674 Jie Deng 2020-09-11 114 unsigned long time_left;
0a54ec77196674 Jie Deng 2020-09-11 115 int len, i, ret = 0;
0a54ec77196674 Jie Deng 2020-09-11 116
0a54ec77196674 Jie Deng 2020-09-11 117 mutex_lock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 118 vmsg = &vi->vmsg;
0a54ec77196674 Jie Deng 2020-09-11 119 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 120
0a54ec77196674 Jie Deng 2020-09-11 121 for (i = 0; i < num; i++) {
0a54ec77196674 Jie Deng 2020-09-11 122 ret = virtio_i2c_add_msg(vq, vmsg, &msgs[i]);
0a54ec77196674 Jie Deng 2020-09-11 123 if (ret) {
0a54ec77196674 Jie Deng 2020-09-11 124 dev_err(&adap->dev, "failed to add msg[%d] to virtqueue.\n", i);
0a54ec77196674 Jie Deng 2020-09-11 125 break;
0a54ec77196674 Jie Deng 2020-09-11 126 }
0a54ec77196674 Jie Deng 2020-09-11 127
0a54ec77196674 Jie Deng 2020-09-11 128 virtqueue_kick(vq);
0a54ec77196674 Jie Deng 2020-09-11 129
0a54ec77196674 Jie Deng 2020-09-11 130 time_left = wait_for_completion_timeout(&vi->completion, adap->timeout);
0a54ec77196674 Jie Deng 2020-09-11 131 if (!time_left) {
0a54ec77196674 Jie Deng 2020-09-11 132 dev_err(&adap->dev, "msg[%d]: addr=0x%x timeout.\n", i, msgs[i].addr);
0a54ec77196674 Jie Deng 2020-09-11 133 break;
0a54ec77196674 Jie Deng 2020-09-11 134 }
0a54ec77196674 Jie Deng 2020-09-11 135
0a54ec77196674 Jie Deng 2020-09-11 136 vmsg = (struct virtio_i2c_msg *)virtqueue_get_buf(vq, &len);
0a54ec77196674 Jie Deng 2020-09-11 @137 if (vmsg) {
^^^^
Check for NULL.
0a54ec77196674 Jie Deng 2020-09-11 138 /* vmsg should point to the same address with &vi->vmsg */
0a54ec77196674 Jie Deng 2020-09-11 139 if (vmsg != &vi->vmsg) {
0a54ec77196674 Jie Deng 2020-09-11 140 dev_err(&adap->dev, "msg[%d]: addr=0x%x virtqueue error.\n",
0a54ec77196674 Jie Deng 2020-09-11 141 i, le16_to_cpu(vmsg->hdr.addr));
0a54ec77196674 Jie Deng 2020-09-11 142 break;
0a54ec77196674 Jie Deng 2020-09-11 143 }
0a54ec77196674 Jie Deng 2020-09-11 144 if (vmsg->status != VIRTIO_I2C_MSG_OK) {
0a54ec77196674 Jie Deng 2020-09-11 145 dev_err(&adap->dev, "msg[%d]: addr=0x%x error=%d.\n",
0a54ec77196674 Jie Deng 2020-09-11 146 i, le16_to_cpu(vmsg->hdr.addr), vmsg->status);
0a54ec77196674 Jie Deng 2020-09-11 147 break;
0a54ec77196674 Jie Deng 2020-09-11 148 }
0a54ec77196674 Jie Deng 2020-09-11 149 if ((msgs[i].flags & I2C_M_RD) && msgs[i].len)
0a54ec77196674 Jie Deng 2020-09-11 150 memcpy(msgs[i].buf, vmsg->buf, msgs[i].len);
0a54ec77196674 Jie Deng 2020-09-11 151
0a54ec77196674 Jie Deng 2020-09-11 152 kfree(vmsg->buf);
0a54ec77196674 Jie Deng 2020-09-11 153 vmsg->buf = NULL;
0a54ec77196674 Jie Deng 2020-09-11 154 }
0a54ec77196674 Jie Deng 2020-09-11 155
0a54ec77196674 Jie Deng 2020-09-11 156 reinit_completion(&vi->completion);
0a54ec77196674 Jie Deng 2020-09-11 157 }
0a54ec77196674 Jie Deng 2020-09-11 158
0a54ec77196674 Jie Deng 2020-09-11 159 mutex_unlock(&vi->i2c_lock);
0a54ec77196674 Jie Deng 2020-09-11 @160 kfree(vmsg->buf);
^^^^^^^^^
Unchecked dereference.
0a54ec77196674 Jie Deng 2020-09-11 161 return ((ret < 0) ? ret : i);
0a54ec77196674 Jie Deng 2020-09-11 162 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 28062 bytes --]
next prev parent reply other threads:[~2020-09-14 14:51 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-11 3:48 [PATCH v2] i2c: virtio: add a virtio i2c frontend driver Jie Deng
2020-09-11 3:48 ` Jie Deng
2020-09-11 3:53 ` Randy Dunlap
2020-09-11 3:53 ` Randy Dunlap
2020-09-14 1:16 ` Jie Deng
2020-09-14 1:16 ` Jie Deng
2020-09-14 2:46 ` Jason Wang
2020-09-14 2:46 ` Jason Wang
2020-09-14 3:43 ` Jie Deng
2020-09-14 3:43 ` Jie Deng
2020-09-14 14:48 ` Dan Carpenter [this message]
2020-09-14 14:48 ` Dan Carpenter
2020-09-14 14:48 ` Dan Carpenter
2020-09-14 14:48 ` Dan Carpenter
2020-09-14 15:24 ` Andy Shevchenko
2020-09-14 15:24 ` Andy Shevchenko
2020-09-14 15:47 ` Dan Carpenter
2020-09-14 15:47 ` Dan Carpenter
2020-09-14 15:47 ` Dan Carpenter
2020-09-14 15:47 ` Dan Carpenter
2020-09-14 16:08 ` Andy Shevchenko
2020-09-14 16:08 ` Andy Shevchenko
2020-09-14 16:08 ` Andy Shevchenko
2020-09-12 21:57 kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200914144807.GC4282@kadam \
--to=dan.carpenter@oracle.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=jarkko.nikula@linux.intel.com \
--cc=jasowang@redhat.com \
--cc=jdelvare@suse.de \
--cc=jie.deng@intel.com \
--cc=kbuild-all@lists.01.org \
--cc=kbuild@lists.01.org \
--cc=linux-i2c@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=mst@redhat.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=wsa+renesas@sang-engineering.com \
--cc=wsa@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.