From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: [hare-scsi-devel:scsi-result-rework 8/146] drivers/scsi/sg.c:501 sg_read() warn: this array is probably non-NULL. 'srp->sense_b'
Date: Thu, 22 Apr 2021 08:29:30 +0800 [thread overview]
Message-ID: <202104220810.pz8bouWV-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 13465 bytes --]
CC: kbuild-all(a)lists.01.org
TO: Hannes Reinecke <hare@suse.de>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/hare/scsi-devel.git scsi-result-rework
head: 19720ea7b22b443a182646eef7edc36e32e7b515
commit: 650e66d86e623824cc550f1b8411951116a6b6ea [8/146] scsi: Kill DRIVER_SENSE
:::::: branch date: 9 hours ago
:::::: commit date: 2 days ago
config: i386-randconfig-m021-20210421 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
drivers/scsi/sg.c:501 sg_read() warn: this array is probably non-NULL. 'srp->sense_b'
drivers/scsi/sg.c:579 sg_new_read() warn: this array is probably non-NULL. 'srp->sense_b'
Old smatch warnings:
drivers/scsi/sg.c:484 sg_read() error: we previously assumed 'srp' could be null (see line 470)
drivers/scsi/sg.c:1100 sg_ioctl_common() warn: inconsistent indenting
vim +501 drivers/scsi/sg.c
78ed001d9e7106 Arnd Bergmann 2019-12-04 439
^1da177e4c3f41 Linus Torvalds 2005-04-16 440 static ssize_t
^1da177e4c3f41 Linus Torvalds 2005-04-16 441 sg_read(struct file *filp, char __user *buf, size_t count, loff_t * ppos)
^1da177e4c3f41 Linus Torvalds 2005-04-16 442 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 443 Sg_device *sdp;
^1da177e4c3f41 Linus Torvalds 2005-04-16 444 Sg_fd *sfp;
^1da177e4c3f41 Linus Torvalds 2005-04-16 445 Sg_request *srp;
^1da177e4c3f41 Linus Torvalds 2005-04-16 446 int req_pack_id = -1;
^1da177e4c3f41 Linus Torvalds 2005-04-16 447 sg_io_hdr_t *hp;
78ed001d9e7106 Arnd Bergmann 2019-12-04 448 struct sg_header *old_hdr;
78ed001d9e7106 Arnd Bergmann 2019-12-04 449 int retval;
^1da177e4c3f41 Linus Torvalds 2005-04-16 450
26b5b874aff565 Jann Horn 2018-06-25 451 /*
26b5b874aff565 Jann Horn 2018-06-25 452 * This could cause a response to be stranded. Close the associated
26b5b874aff565 Jann Horn 2018-06-25 453 * file descriptor to free up any resources being held.
26b5b874aff565 Jann Horn 2018-06-25 454 */
26b5b874aff565 Jann Horn 2018-06-25 455 retval = sg_check_file_access(filp, __func__);
26b5b874aff565 Jann Horn 2018-06-25 456 if (retval)
26b5b874aff565 Jann Horn 2018-06-25 457 return retval;
26b5b874aff565 Jann Horn 2018-06-25 458
^1da177e4c3f41 Linus Torvalds 2005-04-16 459 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
^1da177e4c3f41 Linus Torvalds 2005-04-16 460 return -ENXIO;
95e159d6dd808b Hannes Reinecke 2014-06-25 461 SCSI_LOG_TIMEOUT(3, sg_printk(KERN_INFO, sdp,
95e159d6dd808b Hannes Reinecke 2014-06-25 462 "sg_read: count=%d\n", (int) count));
d6b10348f93979 Mike Christie 2005-11-08 463
78ed001d9e7106 Arnd Bergmann 2019-12-04 464 if (sfp->force_packid)
78ed001d9e7106 Arnd Bergmann 2019-12-04 465 retval = get_sg_io_pack_id(&req_pack_id, buf, count);
78ed001d9e7106 Arnd Bergmann 2019-12-04 466 if (retval)
78ed001d9e7106 Arnd Bergmann 2019-12-04 467 return retval;
78ed001d9e7106 Arnd Bergmann 2019-12-04 468
^1da177e4c3f41 Linus Torvalds 2005-04-16 469 srp = sg_get_rq_mark(sfp, req_pack_id);
^1da177e4c3f41 Linus Torvalds 2005-04-16 470 if (!srp) { /* now wait on packet to arrive */
78ed001d9e7106 Arnd Bergmann 2019-12-04 471 if (atomic_read(&sdp->detaching))
78ed001d9e7106 Arnd Bergmann 2019-12-04 472 return -ENODEV;
78ed001d9e7106 Arnd Bergmann 2019-12-04 473 if (filp->f_flags & O_NONBLOCK)
78ed001d9e7106 Arnd Bergmann 2019-12-04 474 return -EAGAIN;
3f0c6aba0b65a6 Jörn Engel 2012-04-12 475 retval = wait_event_interruptible(sfp->read_wait,
cc833acbee9db5 Douglas Gilbert 2014-06-25 476 (atomic_read(&sdp->detaching) ||
3f0c6aba0b65a6 Jörn Engel 2012-04-12 477 (srp = sg_get_rq_mark(sfp, req_pack_id))));
78ed001d9e7106 Arnd Bergmann 2019-12-04 478 if (atomic_read(&sdp->detaching))
78ed001d9e7106 Arnd Bergmann 2019-12-04 479 return -ENODEV;
78ed001d9e7106 Arnd Bergmann 2019-12-04 480 if (retval)
cb59e840838193 Douglas Gilbert 2005-04-02 481 /* -ERESTARTSYS as signal hit process */
78ed001d9e7106 Arnd Bergmann 2019-12-04 482 return retval;
^1da177e4c3f41 Linus Torvalds 2005-04-16 483 }
78ed001d9e7106 Arnd Bergmann 2019-12-04 484 if (srp->header.interface_id != '\0')
78ed001d9e7106 Arnd Bergmann 2019-12-04 485 return sg_new_read(sfp, buf, count, srp);
^1da177e4c3f41 Linus Torvalds 2005-04-16 486
^1da177e4c3f41 Linus Torvalds 2005-04-16 487 hp = &srp->header;
78ed001d9e7106 Arnd Bergmann 2019-12-04 488 old_hdr = kzalloc(SZ_SG_HEADER, GFP_KERNEL);
78ed001d9e7106 Arnd Bergmann 2019-12-04 489 if (!old_hdr)
78ed001d9e7106 Arnd Bergmann 2019-12-04 490 return -ENOMEM;
78ed001d9e7106 Arnd Bergmann 2019-12-04 491
cb59e840838193 Douglas Gilbert 2005-04-02 492 old_hdr->reply_len = (int) hp->timeout;
cb59e840838193 Douglas Gilbert 2005-04-02 493 old_hdr->pack_len = old_hdr->reply_len; /* old, strange behaviour */
cb59e840838193 Douglas Gilbert 2005-04-02 494 old_hdr->pack_id = hp->pack_id;
cb59e840838193 Douglas Gilbert 2005-04-02 495 old_hdr->twelve_byte =
^1da177e4c3f41 Linus Torvalds 2005-04-16 496 ((srp->data.cmd_opcode >= 0xc0) && (12 == hp->cmd_len)) ? 1 : 0;
cb59e840838193 Douglas Gilbert 2005-04-02 497 old_hdr->target_status = hp->masked_status;
cb59e840838193 Douglas Gilbert 2005-04-02 498 old_hdr->host_status = hp->host_status;
cb59e840838193 Douglas Gilbert 2005-04-02 499 old_hdr->driver_status = hp->driver_status;
^1da177e4c3f41 Linus Torvalds 2005-04-16 500 if ((CHECK_CONDITION & hp->masked_status) ||
650e66d86e6238 Hannes Reinecke 2019-10-21 @501 (srp->sense_b && (srp->sense_b[0] & 0x70) == 0x70)) {
650e66d86e6238 Hannes Reinecke 2019-10-21 502 old_hdr->driver_status |= DRIVER_SENSE;
cb59e840838193 Douglas Gilbert 2005-04-02 503 memcpy(old_hdr->sense_buffer, srp->sense_b,
cb59e840838193 Douglas Gilbert 2005-04-02 504 sizeof (old_hdr->sense_buffer));
650e66d86e6238 Hannes Reinecke 2019-10-21 505 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 506 switch (hp->host_status) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 507 /* This setup of 'result' is for backward compatibility and is best
^1da177e4c3f41 Linus Torvalds 2005-04-16 508 ignored by the user who should use target, host + driver status */
^1da177e4c3f41 Linus Torvalds 2005-04-16 509 case DID_OK:
^1da177e4c3f41 Linus Torvalds 2005-04-16 510 case DID_PASSTHROUGH:
^1da177e4c3f41 Linus Torvalds 2005-04-16 511 case DID_SOFT_ERROR:
cb59e840838193 Douglas Gilbert 2005-04-02 512 old_hdr->result = 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 513 break;
^1da177e4c3f41 Linus Torvalds 2005-04-16 514 case DID_NO_CONNECT:
^1da177e4c3f41 Linus Torvalds 2005-04-16 515 case DID_BUS_BUSY:
^1da177e4c3f41 Linus Torvalds 2005-04-16 516 case DID_TIME_OUT:
cb59e840838193 Douglas Gilbert 2005-04-02 517 old_hdr->result = EBUSY;
^1da177e4c3f41 Linus Torvalds 2005-04-16 518 break;
^1da177e4c3f41 Linus Torvalds 2005-04-16 519 case DID_BAD_TARGET:
^1da177e4c3f41 Linus Torvalds 2005-04-16 520 case DID_ABORT:
^1da177e4c3f41 Linus Torvalds 2005-04-16 521 case DID_PARITY:
^1da177e4c3f41 Linus Torvalds 2005-04-16 522 case DID_RESET:
^1da177e4c3f41 Linus Torvalds 2005-04-16 523 case DID_BAD_INTR:
cb59e840838193 Douglas Gilbert 2005-04-02 524 old_hdr->result = EIO;
^1da177e4c3f41 Linus Torvalds 2005-04-16 525 break;
^1da177e4c3f41 Linus Torvalds 2005-04-16 526 case DID_ERROR:
cb59e840838193 Douglas Gilbert 2005-04-02 527 old_hdr->result = (srp->sense_b[0] == 0 &&
^1da177e4c3f41 Linus Torvalds 2005-04-16 528 hp->masked_status == GOOD) ? 0 : EIO;
^1da177e4c3f41 Linus Torvalds 2005-04-16 529 break;
^1da177e4c3f41 Linus Torvalds 2005-04-16 530 default:
cb59e840838193 Douglas Gilbert 2005-04-02 531 old_hdr->result = EIO;
^1da177e4c3f41 Linus Torvalds 2005-04-16 532 break;
^1da177e4c3f41 Linus Torvalds 2005-04-16 533 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 534
^1da177e4c3f41 Linus Torvalds 2005-04-16 535 /* Now copy the result back to the user buffer. */
^1da177e4c3f41 Linus Torvalds 2005-04-16 536 if (count >= SZ_SG_HEADER) {
c8c12792d5fe11 Al Viro 2019-10-17 537 if (copy_to_user(buf, old_hdr, SZ_SG_HEADER)) {
cb59e840838193 Douglas Gilbert 2005-04-02 538 retval = -EFAULT;
cb59e840838193 Douglas Gilbert 2005-04-02 539 goto free_old_hdr;
cb59e840838193 Douglas Gilbert 2005-04-02 540 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 541 buf += SZ_SG_HEADER;
cb59e840838193 Douglas Gilbert 2005-04-02 542 if (count > old_hdr->reply_len)
cb59e840838193 Douglas Gilbert 2005-04-02 543 count = old_hdr->reply_len;
^1da177e4c3f41 Linus Torvalds 2005-04-16 544 if (count > SZ_SG_HEADER) {
cb59e840838193 Douglas Gilbert 2005-04-02 545 if (sg_read_oxfer(srp, buf, count - SZ_SG_HEADER)) {
cb59e840838193 Douglas Gilbert 2005-04-02 546 retval = -EFAULT;
cb59e840838193 Douglas Gilbert 2005-04-02 547 goto free_old_hdr;
cb59e840838193 Douglas Gilbert 2005-04-02 548 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 549 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 550 } else
cb59e840838193 Douglas Gilbert 2005-04-02 551 count = (old_hdr->result == 0) ? 0 : -EIO;
^1da177e4c3f41 Linus Torvalds 2005-04-16 552 sg_finish_rem_req(srp);
97d27b0dd015e9 Hannes Reinecke 2017-04-07 553 sg_remove_request(sfp, srp);
cb59e840838193 Douglas Gilbert 2005-04-02 554 retval = count;
cb59e840838193 Douglas Gilbert 2005-04-02 555 free_old_hdr:
cb59e840838193 Douglas Gilbert 2005-04-02 556 kfree(old_hdr);
cb59e840838193 Douglas Gilbert 2005-04-02 557 return retval;
^1da177e4c3f41 Linus Torvalds 2005-04-16 558 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 559
^1da177e4c3f41 Linus Torvalds 2005-04-16 560 static ssize_t
^1da177e4c3f41 Linus Torvalds 2005-04-16 561 sg_new_read(Sg_fd * sfp, char __user *buf, size_t count, Sg_request * srp)
^1da177e4c3f41 Linus Torvalds 2005-04-16 562 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 563 sg_io_hdr_t *hp = &srp->header;
3b524a683af899 Tony Battersby 2015-02-11 564 int err = 0, err2;
^1da177e4c3f41 Linus Torvalds 2005-04-16 565 int len;
^1da177e4c3f41 Linus Torvalds 2005-04-16 566
78ed001d9e7106 Arnd Bergmann 2019-12-04 567 if (in_compat_syscall()) {
78ed001d9e7106 Arnd Bergmann 2019-12-04 568 if (count < sizeof(struct compat_sg_io_hdr)) {
78ed001d9e7106 Arnd Bergmann 2019-12-04 569 err = -EINVAL;
78ed001d9e7106 Arnd Bergmann 2019-12-04 570 goto err_out;
78ed001d9e7106 Arnd Bergmann 2019-12-04 571 }
78ed001d9e7106 Arnd Bergmann 2019-12-04 572 } else if (count < SZ_SG_IO_HDR) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 573 err = -EINVAL;
^1da177e4c3f41 Linus Torvalds 2005-04-16 574 goto err_out;
^1da177e4c3f41 Linus Torvalds 2005-04-16 575 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 576 hp->sb_len_wr = 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 577 if ((hp->mx_sb_len > 0) && hp->sbp) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 578 if ((CHECK_CONDITION & hp->masked_status) ||
650e66d86e6238 Hannes Reinecke 2019-10-21 @579 (srp->sense_b && (srp->sense_b[0] & 0x70) == 0x70)) {
d6b10348f93979 Mike Christie 2005-11-08 580 int sb_len = SCSI_SENSE_BUFFERSIZE;
^1da177e4c3f41 Linus Torvalds 2005-04-16 581 sb_len = (hp->mx_sb_len > sb_len) ? sb_len : hp->mx_sb_len;
^1da177e4c3f41 Linus Torvalds 2005-04-16 582 len = 8 + (int) srp->sense_b[7]; /* Additional sense length field */
^1da177e4c3f41 Linus Torvalds 2005-04-16 583 len = (len > sb_len) ? sb_len : len;
^1da177e4c3f41 Linus Torvalds 2005-04-16 584 if (copy_to_user(hp->sbp, srp->sense_b, len)) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 585 err = -EFAULT;
^1da177e4c3f41 Linus Torvalds 2005-04-16 586 goto err_out;
650e66d86e6238 Hannes Reinecke 2019-10-21 587 } else
650e66d86e6238 Hannes Reinecke 2019-10-21 588 hp->driver_status |= DRIVER_SENSE;
^1da177e4c3f41 Linus Torvalds 2005-04-16 589 hp->sb_len_wr = len;
^1da177e4c3f41 Linus Torvalds 2005-04-16 590 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 591 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 592 if (hp->masked_status || hp->host_status || hp->driver_status)
^1da177e4c3f41 Linus Torvalds 2005-04-16 593 hp->info |= SG_INFO_CHECK;
98aaaec4a150c3 Arnd Bergmann 2019-03-14 594 err = put_sg_io_hdr(hp, buf);
^1da177e4c3f41 Linus Torvalds 2005-04-16 595 err_out:
3b524a683af899 Tony Battersby 2015-02-11 596 err2 = sg_finish_rem_req(srp);
97d27b0dd015e9 Hannes Reinecke 2017-04-07 597 sg_remove_request(sfp, srp);
3b524a683af899 Tony Battersby 2015-02-11 598 return err ? : err2 ? : count;
^1da177e4c3f41 Linus Torvalds 2005-04-16 599 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 600
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 33217 bytes --]
next reply other threads:[~2021-04-22 0:29 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-22 0:29 kernel test robot [this message]
2021-04-23 9:39 [hare-scsi-devel:scsi-result-rework 8/146] drivers/scsi/sg.c:501 sg_read() warn: this array is probably non-NULL. 'srp->sense_b' Dan Carpenter
2021-04-23 9:39 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202104220810.pz8bouWV-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.