* samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2021-11-07 18:48 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2021-11-07 18:48 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 36422 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jason Gunthorpe <jgg@nvidia.com>
CC: Alex Williamson <alex.williamson@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Cornelia Huck <cohuck@redhat.com>
CC: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>
CC: Kirti Wankhede <kwankhede@nvidia.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: b5013d084e03e82ceeab4db8ae8ceeaebe76b0eb
commit: af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd vfio/mdev: Remove CONFIG_VFIO_MDEV_DEVICE
date: 5 months ago
:::::: branch date: 19 hours ago
:::::: commit date: 5 months ago
config: x86_64-randconfig-c007-20211030 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 5db7568a6a1fcb408eb8988abdaff2a225a8eb72)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
# define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x)))
^
include/linux/compiler.h:33:34: note: expanded from macro '__branch_check__'
______r = __builtin_expect(!!(x), expect); \
^
include/linux/hid.h:1002:15: note: 'c' is <= 'limit'
if (unlikely(c > limit || !bmap)) {
^
include/linux/compiler.h:48:68: note: expanded from macro 'unlikely'
# define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x)))
^
include/linux/compiler.h:35:19: note: expanded from macro '__branch_check__'
expect, is_constant); \
^~~~~~~~~~~
include/linux/hid.h:1002:15: note: Left side of '||' is false
if (unlikely(c > limit || !bmap)) {
^
include/linux/hid.h:1002:29: note: 'bmap' is null
if (unlikely(c > limit || !bmap)) {
^
include/linux/compiler.h:48:68: note: expanded from macro 'unlikely'
# define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x)))
^
include/linux/compiler.h:35:19: note: expanded from macro '__branch_check__'
expect, is_constant); \
^~~~~~~~~~~
include/linux/hid.h:1002:2: note: Taking true branch
if (unlikely(c > limit || !bmap)) {
^
include/linux/hid.h:1003:3: note: Assuming the condition is true
pr_warn_ratelimited("%s: Invalid code %d type %d\n",
^
include/linux/printk.h:528:2: note: expanded from macro 'pr_warn_ratelimited'
printk_ratelimited(KERN_WARNING pr_fmt(fmt), ##__VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/printk.h:511:6: note: expanded from macro 'printk_ratelimited'
if (__ratelimit(&_rs)) \
^~~~~~~~~~~~~~~~~
include/linux/ratelimit_types.h:41:28: note: expanded from macro '__ratelimit'
#define __ratelimit(state) ___ratelimit(state, __func__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/hid.h:1003:3: note: Taking true branch
pr_warn_ratelimited("%s: Invalid code %d type %d\n",
^
include/linux/printk.h:528:2: note: expanded from macro 'pr_warn_ratelimited'
printk_ratelimited(KERN_WARNING pr_fmt(fmt), ##__VA_ARGS__)
^
include/linux/printk.h:511:2: note: expanded from macro 'printk_ratelimited'
if (__ratelimit(&_rs)) \
^
include/linux/hid.h:1004:9: note: Access to field 'name' results in a dereference of a null pointer (loaded from variable 'input')
input->name, c, type);
^
include/linux/printk.h:528:49: note: expanded from macro 'pr_warn_ratelimited'
printk_ratelimited(KERN_WARNING pr_fmt(fmt), ##__VA_ARGS__)
^~~~~~~~~~~
include/linux/printk.h:512:17: note: expanded from macro 'printk_ratelimited'
printk(fmt, ##__VA_ARGS__); \
^~~~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
drivers/iio/imu/fxos8700_core.c:167:8: warning: Excessive padding in 'struct fxos8700_data' (106 padding bytes, where 42 is optimal).
Optimal fields order:
buf,
regmap,
trig,
consider reordering the fields or adding explicit padding members [clang-analyzer-optin.performance.Padding]
struct fxos8700_data {
~~~~~~~^~~~~~~~~~~~~~~
drivers/iio/imu/fxos8700_core.c:167:8: note: Excessive padding in 'struct fxos8700_data' (106 padding bytes, where 42 is optimal). Optimal fields order: buf, regmap, trig, consider reordering the fields or adding explicit padding members
struct fxos8700_data {
~~~~~~~^~~~~~~~~~~~~~~
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
drivers/gnss/sirf.c:191:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = &data->serdev->dev;
^~~ ~~~~~~~~~~~~~~~~~~
drivers/gnss/sirf.c:191:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = &data->serdev->dev;
^~~ ~~~~~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
>> samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
int fd = *(int *)data;
^
samples/vfio-mdev/mtty.c:1118:6: note: Assuming 'mdev' is non-null
if (!mdev)
^~~~~
samples/vfio-mdev/mtty.c:1118:2: note: Taking false branch
if (!mdev)
^
samples/vfio-mdev/mtty.c:1121:15: note: Calling 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
include/linux/mdev.h:159:2: note: Returning without writing to 'mdev->driver_data', which participates in a condition later
return mdev->driver_data;
^
include/linux/mdev.h:159:2: note: Returning pointer, which participates in a condition later
return mdev->driver_data;
^~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1121:15: note: Returning from 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1122:6: note: Assuming 'mdev_state' is non-null
if (!mdev_state)
^~~~~~~~~~~
samples/vfio-mdev/mtty.c:1122:2: note: Taking false branch
if (!mdev_state)
^
samples/vfio-mdev/mtty.c:1125:2: note: Control jumps to 'case 15214:' at line 1196
switch (cmd) {
^
samples/vfio-mdev/mtty.c:1199:7: note: 'data' initialized to a null pointer value
u8 *data = NULL, *ptr = NULL;
^~~~
samples/vfio-mdev/mtty.c:1204:7: note: Calling 'copy_from_user'
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:191:2: note: Taking true branch
if (likely(check_copy_size(to, n, false)))
^
include/linux/uaccess.h:193:2: note: Returning value (loaded from 'n'), which participates in a condition later
return n;
^~~~~~~~
samples/vfio-mdev/mtty.c:1204:7: note: Returning from 'copy_from_user'
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1204:7: note: Assuming the condition is false
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1204:3: note: Taking false branch
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^
samples/vfio-mdev/mtty.c:1211:7: note: Assuming 'ret' is 0
if (ret)
^~~
samples/vfio-mdev/mtty.c:1211:3: note: Taking false branch
if (ret)
^
samples/vfio-mdev/mtty.c:1214:7: note: Assuming 'data_size' is 0
if (data_size) {
^~~~~~~~~
samples/vfio-mdev/mtty.c:1214:3: note: Taking false branch
if (data_size) {
^
samples/vfio-mdev/mtty.c:1222:20: note: Passing null pointer value via 6th parameter 'data'
hdr.count, data);
^~~~
samples/vfio-mdev/mtty.c:1221:9: note: Calling 'mtty_set_irqs'
ret = mtty_set_irqs(mdev, hdr.flags, hdr.index, hdr.start,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:906:7: note: 'mdev' is non-null
if (!mdev)
^~~~
samples/vfio-mdev/mtty.c:906:2: note: Taking false branch
if (!mdev)
^
samples/vfio-mdev/mtty.c:909:15: note: Calling 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
include/linux/mdev.h:159:2: note: Returning without writing to 'mdev->driver_data', which participates in a condition later
return mdev->driver_data;
^
include/linux/mdev.h:159:2: note: Returning pointer, which participates in a condition later
return mdev->driver_data;
^~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:909:15: note: Returning from 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:910:7: note: 'mdev_state' is non-null
if (!mdev_state)
^~~~~~~~~~
samples/vfio-mdev/mtty.c:910:2: note: Taking false branch
if (!mdev_state)
^
samples/vfio-mdev/mtty.c:914:2: note: Control jumps to 'case VFIO_PCI_INTX_IRQ_INDEX:' at line 915
switch (index) {
^
samples/vfio-mdev/mtty.c:916:3: note: Control jumps to 'case 32:' at line 920
switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
^
samples/vfio-mdev/mtty.c:922:8: note: Assuming the condition is false
if (flags & VFIO_IRQ_SET_DATA_NONE) {
--
struct w83793_data *pos, *data = NULL;
^~~~
drivers/hwmon/w83793.c:1299:6: note: Assuming the condition is false
if (!mutex_trylock(&watchdog_data_mutex))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1299:2: note: Taking false branch
if (!mutex_trylock(&watchdog_data_mutex))
^
drivers/hwmon/w83793.c:1301:2: note: Left side of '&&' is false
list_for_each_entry(pos, &watchdog_data_list, list) {
^
include/linux/list.h:628:13: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
include/linux/kernel.h:704:61: note: expanded from macro 'container_of'
BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
^
drivers/hwmon/w83793.c:1301:2: note: Taking false branch
list_for_each_entry(pos, &watchdog_data_list, list) {
^
include/linux/list.h:628:13: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:308:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
drivers/hwmon/w83793.c:1301:2: note: Loop condition is false. Exiting loop
list_for_each_entry(pos, &watchdog_data_list, list) {
^
include/linux/list.h:628:13: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:306:2: note: expanded from macro '__compiletime_assert'
do { \
^
drivers/hwmon/w83793.c:1301:2: note: Loop condition is false. Execution continues on line 1309
list_for_each_entry(pos, &watchdog_data_list, list) {
^
include/linux/list.h:628:2: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
drivers/hwmon/w83793.c:1315:6: note: Assuming 'watchdog_is_open' is 0
if (!watchdog_is_open)
^~~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1315:2: note: Taking true branch
if (!watchdog_is_open)
^
drivers/hwmon/w83793.c:1321:6: note: 'watchdog_is_open' is 0
if (watchdog_is_open)
^~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1321:2: note: Taking false branch
if (watchdog_is_open)
^
drivers/hwmon/w83793.c:1325:18: note: Passing null pointer value via 1st parameter 'data'
watchdog_enable(data);
^~~~
drivers/hwmon/w83793.c:1325:2: note: Calling 'watchdog_enable'
watchdog_enable(data);
^~~~~~~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1253:7: note: Access to field 'client' results in a dereference of a null pointer (loaded from variable 'data')
if (!data->client) {
^~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
>> samples/vfio-mdev/mbochs.c:326:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:326:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:356:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:356:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:432:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(mdev);
^~~ ~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:432:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(mdev);
^~~ ~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:722:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:722:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:795:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:795:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:810:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:810:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> samples/vfio-mdev/mbochs.c:811:6: warning: Value stored to 'fourcc' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
u32 fourcc = dmabuf->mode.drm_format;
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:811:6: note: Value stored to 'fourcc' during its initialization is never read
u32 fourcc = dmabuf->mode.drm_format;
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:827:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:827:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:856:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:856:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(dmabuf->mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:869:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:869:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(mdev_state->mdev);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:1070:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mdev_dev(mdev);
^~~ ~~~~~~~~~~~~~~
samples/vfio-mdev/mbochs.c:1070:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mdev_dev(mdev);
^~~ ~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
drivers/input/rmi4/rmi_f11.c:1129:2: warning: Value stored to 'query_offset' is never read [clang-analyzer-deadcode.DeadStores]
query_offset += rc;
^ ~~
drivers/input/rmi4/rmi_f11.c:1129:2: note: Value stored to 'query_offset' is never read
query_offset += rc;
^ ~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
drivers/input/rmi4/rmi_f12.c:133:3: warning: Value stored to 'offset' is never read [clang-analyzer-deadcode.DeadStores]
offset += 1;
^ ~
drivers/input/rmi4/rmi_f12.c:133:3: note: Value stored to 'offset' is never read
offset += 1;
^ ~
drivers/input/rmi4/rmi_f12.c:401:2: warning: Value stored to 'query_addr' is never read [clang-analyzer-deadcode.DeadStores]
query_addr += 3;
^ ~
drivers/input/rmi4/rmi_f12.c:401:2: note: Value stored to 'query_addr' is never read
query_addr += 3;
^ ~
drivers/input/rmi4/rmi_f12.c:520:3: warning: Value stored to 'data_offset' is never read [clang-analyzer-deadcode.DeadStores]
data_offset += item->reg_size;
^ ~~~~~~~~~~~~~~
drivers/input/rmi4/rmi_f12.c:520:3: note: Value stored to 'data_offset' is never read
data_offset += item->reg_size;
^ ~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
drivers/hid/hid-led.c:70:8: warning: Excessive padding in 'struct hidled_config' (8 padding bytes, where 0 is optimal).
Optimal fields order:
name,
short_name,
report_size,
init,
write,
type,
max_brightness,
num_leds,
report_type,
consider reordering the fields or adding explicit padding members [clang-analyzer-optin.performance.Padding]
struct hidled_config {
~~~~~~~^~~~~~~~~~~~~~~
drivers/hid/hid-led.c:70:8: note: Excessive padding in 'struct hidled_config' (8 padding bytes, where 0 is optimal). Optimal fields order: name, short_name, report_size, init, write, type, max_brightness, num_leds, report_type, consider reordering the fields or adding explicit padding members
struct hidled_config {
~~~~~~~^~~~~~~~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
net/core/datagram.c:305:5: warning: 5th function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
!__skb_wait_for_more_packets(sk, sk_queue, err,
^
vim +930 samples/vfio-mdev/mtty.c
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 898
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 899 static int mtty_set_irqs(struct mdev_device *mdev, uint32_t flags,
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 900 unsigned int index, unsigned int start,
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 901 unsigned int count, void *data)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 902 {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 903 int ret = 0;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 904 struct mdev_state *mdev_state;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 905
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 906 if (!mdev)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 907 return -EINVAL;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 908
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 909 mdev_state = mdev_get_drvdata(mdev);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 910 if (!mdev_state)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 911 return -EINVAL;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 912
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 913 mutex_lock(&mdev_state->ops_lock);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 914 switch (index) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 915 case VFIO_PCI_INTX_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 916 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 917 case VFIO_IRQ_SET_ACTION_MASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 918 case VFIO_IRQ_SET_ACTION_UNMASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 919 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 920 case VFIO_IRQ_SET_ACTION_TRIGGER:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 921 {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 922 if (flags & VFIO_IRQ_SET_DATA_NONE) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 923 pr_info("%s: disable INTx\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 924 if (mdev_state->intx_evtfd)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 925 eventfd_ctx_put(mdev_state->intx_evtfd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 926 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 927 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 928
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 929 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 @930 int fd = *(int *)data;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 931
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 932 if (fd > 0) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 933 struct eventfd_ctx *evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 934
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 935 evt = eventfd_ctx_fdget(fd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 936 if (IS_ERR(evt)) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 937 ret = PTR_ERR(evt);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 938 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 939 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 940 mdev_state->intx_evtfd = evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 941 mdev_state->irq_fd = fd;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 942 mdev_state->irq_index = index;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 943 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 944 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 945 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 946 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 947 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 948 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 949 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 950 case VFIO_PCI_MSI_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 951 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 952 case VFIO_IRQ_SET_ACTION_MASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 953 case VFIO_IRQ_SET_ACTION_UNMASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 954 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 955 case VFIO_IRQ_SET_ACTION_TRIGGER:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 956 if (flags & VFIO_IRQ_SET_DATA_NONE) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 957 if (mdev_state->msi_evtfd)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 958 eventfd_ctx_put(mdev_state->msi_evtfd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 959 pr_info("%s: disable MSI\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 960 mdev_state->irq_index = VFIO_PCI_INTX_IRQ_INDEX;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 961 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 962 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 963 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 964 int fd = *(int *)data;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 965 struct eventfd_ctx *evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 966
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 967 if (fd <= 0)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 968 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 969
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 970 if (mdev_state->msi_evtfd)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 971 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 972
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 973 evt = eventfd_ctx_fdget(fd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 974 if (IS_ERR(evt)) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 975 ret = PTR_ERR(evt);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 976 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 977 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 978 mdev_state->msi_evtfd = evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 979 mdev_state->irq_fd = fd;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 980 mdev_state->irq_index = index;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 981 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 982 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 983 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 984 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 985 case VFIO_PCI_MSIX_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 986 pr_info("%s: MSIX_IRQ\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 987 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 988 case VFIO_PCI_ERR_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 989 pr_info("%s: ERR_IRQ\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 990 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 991 case VFIO_PCI_REQ_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 992 pr_info("%s: REQ_IRQ\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 993 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 994 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 995
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 996 mutex_unlock(&mdev_state->ops_lock);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 997 return ret;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 998 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 999
:::::: The code at line 930 was first introduced by commit
:::::: 9d1a546c53b4c1c378b0f34de84ddee2c7d4c90c docs: Sample driver to demonstrate how to use Mediated device framework.
:::::: TO: Kirti Wankhede <kwankhede@nvidia.com>
:::::: CC: Alex Williamson <alex.williamson@redhat.com>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 30422 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-01-06 14:24 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-06 14:24 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 20538 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jason Gunthorpe <jgg@nvidia.com>
CC: Alex Williamson <alex.williamson@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Cornelia Huck <cohuck@redhat.com>
CC: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>
CC: Kirti Wankhede <kwankhede@nvidia.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 75acfdb6fd922598a408a0d864486aeb167c1a97
commit: af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd vfio/mdev: Remove CONFIG_VFIO_MDEV_DEVICE
date: 7 months ago
:::::: branch date: 16 hours ago
:::::: commit date: 7 months ago
config: x86_64-randconfig-c007-20220103 (https://download.01.org/0day-ci/archive/20220106/202201062233.8js3Y1GC-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project b50fea47b6c454581fce89af359f3afe5154986c)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:308:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
drivers/hwmon/w83793.c:1301:2: note: Loop condition is false. Exiting loop
list_for_each_entry(pos, &watchdog_data_list, list) {
^
include/linux/list.h:628:13: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:306:2: note: expanded from macro '__compiletime_assert'
do { \
^
drivers/hwmon/w83793.c:1301:2: note: Loop condition is false. Execution continues on line 1309
list_for_each_entry(pos, &watchdog_data_list, list) {
^
include/linux/list.h:628:2: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
drivers/hwmon/w83793.c:1315:6: note: Assuming 'watchdog_is_open' is 0
if (!watchdog_is_open)
^~~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1315:2: note: Taking true branch
if (!watchdog_is_open)
^
drivers/hwmon/w83793.c:1321:6: note: 'watchdog_is_open' is 0
if (watchdog_is_open)
^~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1321:2: note: Taking false branch
if (watchdog_is_open)
^
drivers/hwmon/w83793.c:1325:18: note: Passing null pointer value via 1st parameter 'data'
watchdog_enable(data);
^~~~
drivers/hwmon/w83793.c:1325:2: note: Calling 'watchdog_enable'
watchdog_enable(data);
^~~~~~~~~~~~~~~~~~~~~
drivers/hwmon/w83793.c:1253:7: note: Access to field 'client' results in a dereference of a null pointer (loaded from variable 'data')
if (!data->client) {
^~~~
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
Suppressed 8 warnings (8 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
drivers/siox/siox-core.c:240:4: warning: Value stored to 'status' is never read [clang-analyzer-deadcode.DeadStores]
status &= ~SIOX_STATUS_WDG;
^ ~~~~~~~~~~~~~~~~
drivers/siox/siox-core.c:240:4: note: Value stored to 'status' is never read
status &= ~SIOX_STATUS_WDG;
^ ~~~~~~~~~~~~~~~~
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
>> samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
int fd = *(int *)data;
^
samples/vfio-mdev/mtty.c:1118:6: note: Assuming 'mdev' is non-null
if (!mdev)
^~~~~
samples/vfio-mdev/mtty.c:1118:2: note: Taking false branch
if (!mdev)
^
samples/vfio-mdev/mtty.c:1121:15: note: Calling 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
include/linux/mdev.h:159:2: note: Returning without writing to 'mdev->driver_data', which participates in a condition later
return mdev->driver_data;
^
include/linux/mdev.h:159:2: note: Returning pointer, which participates in a condition later
return mdev->driver_data;
^~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1121:15: note: Returning from 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1122:6: note: Assuming 'mdev_state' is non-null
if (!mdev_state)
^~~~~~~~~~~
samples/vfio-mdev/mtty.c:1122:2: note: Taking false branch
if (!mdev_state)
^
samples/vfio-mdev/mtty.c:1125:2: note: Control jumps to 'case 15214:' at line 1196
switch (cmd) {
^
samples/vfio-mdev/mtty.c:1199:7: note: 'data' initialized to a null pointer value
u8 *data = NULL, *ptr = NULL;
^~~~
samples/vfio-mdev/mtty.c:1204:7: note: Calling 'copy_from_user'
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:191:2: note: Taking true branch
if (likely(check_copy_size(to, n, false)))
^
include/linux/uaccess.h:193:2: note: Returning value (loaded from 'n'), which participates in a condition later
return n;
^~~~~~~~
samples/vfio-mdev/mtty.c:1204:7: note: Returning from 'copy_from_user'
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1204:7: note: Assuming the condition is false
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1204:3: note: Taking false branch
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^
samples/vfio-mdev/mtty.c:1211:7: note: Assuming 'ret' is 0
if (ret)
^~~
samples/vfio-mdev/mtty.c:1211:3: note: Taking false branch
if (ret)
^
samples/vfio-mdev/mtty.c:1214:7: note: Assuming 'data_size' is 0
if (data_size) {
^~~~~~~~~
samples/vfio-mdev/mtty.c:1214:3: note: Taking false branch
if (data_size) {
^
samples/vfio-mdev/mtty.c:1222:20: note: Passing null pointer value via 6th parameter 'data'
hdr.count, data);
^~~~
samples/vfio-mdev/mtty.c:1221:9: note: Calling 'mtty_set_irqs'
ret = mtty_set_irqs(mdev, hdr.flags, hdr.index, hdr.start,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:906:7: note: 'mdev' is non-null
if (!mdev)
^~~~
samples/vfio-mdev/mtty.c:906:2: note: Taking false branch
if (!mdev)
^
samples/vfio-mdev/mtty.c:909:15: note: Calling 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
include/linux/mdev.h:159:2: note: Returning without writing to 'mdev->driver_data', which participates in a condition later
return mdev->driver_data;
^
include/linux/mdev.h:159:2: note: Returning pointer, which participates in a condition later
return mdev->driver_data;
^~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:909:15: note: Returning from 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:910:7: note: 'mdev_state' is non-null
if (!mdev_state)
^~~~~~~~~~
samples/vfio-mdev/mtty.c:910:2: note: Taking false branch
if (!mdev_state)
^
samples/vfio-mdev/mtty.c:914:2: note: Control jumps to 'case VFIO_PCI_INTX_IRQ_INDEX:' at line 915
switch (index) {
^
samples/vfio-mdev/mtty.c:916:3: note: Control jumps to 'case 32:' at line 920
switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
^
samples/vfio-mdev/mtty.c:922:8: note: Assuming the condition is false
if (flags & VFIO_IRQ_SET_DATA_NONE) {
vim +930 samples/vfio-mdev/mtty.c
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 898
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 899 static int mtty_set_irqs(struct mdev_device *mdev, uint32_t flags,
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 900 unsigned int index, unsigned int start,
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 901 unsigned int count, void *data)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 902 {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 903 int ret = 0;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 904 struct mdev_state *mdev_state;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 905
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 906 if (!mdev)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 907 return -EINVAL;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 908
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 909 mdev_state = mdev_get_drvdata(mdev);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 910 if (!mdev_state)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 911 return -EINVAL;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 912
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 913 mutex_lock(&mdev_state->ops_lock);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 914 switch (index) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 915 case VFIO_PCI_INTX_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 916 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 917 case VFIO_IRQ_SET_ACTION_MASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 918 case VFIO_IRQ_SET_ACTION_UNMASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 919 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 920 case VFIO_IRQ_SET_ACTION_TRIGGER:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 921 {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 922 if (flags & VFIO_IRQ_SET_DATA_NONE) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 923 pr_info("%s: disable INTx\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 924 if (mdev_state->intx_evtfd)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 925 eventfd_ctx_put(mdev_state->intx_evtfd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 926 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 927 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 928
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 929 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 @930 int fd = *(int *)data;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 931
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 932 if (fd > 0) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 933 struct eventfd_ctx *evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 934
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 935 evt = eventfd_ctx_fdget(fd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 936 if (IS_ERR(evt)) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 937 ret = PTR_ERR(evt);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 938 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 939 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 940 mdev_state->intx_evtfd = evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 941 mdev_state->irq_fd = fd;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 942 mdev_state->irq_index = index;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 943 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 944 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 945 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 946 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 947 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 948 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 949 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 950 case VFIO_PCI_MSI_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 951 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 952 case VFIO_IRQ_SET_ACTION_MASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 953 case VFIO_IRQ_SET_ACTION_UNMASK:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 954 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 955 case VFIO_IRQ_SET_ACTION_TRIGGER:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 956 if (flags & VFIO_IRQ_SET_DATA_NONE) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 957 if (mdev_state->msi_evtfd)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 958 eventfd_ctx_put(mdev_state->msi_evtfd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 959 pr_info("%s: disable MSI\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 960 mdev_state->irq_index = VFIO_PCI_INTX_IRQ_INDEX;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 961 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 962 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 963 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 964 int fd = *(int *)data;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 965 struct eventfd_ctx *evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 966
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 967 if (fd <= 0)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 968 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 969
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 970 if (mdev_state->msi_evtfd)
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 971 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 972
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 973 evt = eventfd_ctx_fdget(fd);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 974 if (IS_ERR(evt)) {
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 975 ret = PTR_ERR(evt);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 976 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 977 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 978 mdev_state->msi_evtfd = evt;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 979 mdev_state->irq_fd = fd;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 980 mdev_state->irq_index = index;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 981 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 982 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 983 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 984 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 985 case VFIO_PCI_MSIX_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 986 pr_info("%s: MSIX_IRQ\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 987 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 988 case VFIO_PCI_ERR_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 989 pr_info("%s: ERR_IRQ\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 990 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 991 case VFIO_PCI_REQ_IRQ_INDEX:
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 992 pr_info("%s: REQ_IRQ\n", __func__);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 993 break;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 994 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 995
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 996 mutex_unlock(&mdev_state->ops_lock);
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 997 return ret;
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 998 }
9d1a546c53b4c1 Kirti Wankhede 2016-11-17 999
:::::: The code at line 930 was first introduced by commit
:::::: 9d1a546c53b4c1c378b0f34de84ddee2c7d4c90c docs: Sample driver to demonstrate how to use Mediated device framework.
:::::: TO: Kirti Wankhede <kwankhede@nvidia.com>
:::::: CC: Alex Williamson <alex.williamson@redhat.com>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2021-11-06 7:32 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2021-11-06 7:32 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 21237 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jason Gunthorpe <jgg@nvidia.com>
CC: Alex Williamson <alex.williamson@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Cornelia Huck <cohuck@redhat.com>
CC: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>
CC: Kirti Wankhede <kwankhede@nvidia.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: fe91c4725aeed35023ba4f7a1e1adfebb6878c23
commit: af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd vfio/mdev: Remove CONFIG_VFIO_MDEV_DEVICE
date: 5 months ago
:::::: branch date: 16 hours ago
:::::: commit date: 5 months ago
config: i386-randconfig-c001-20211013 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project adf55ac6657693f7bfbe3087b599b4031a765a44)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout af3ab3f9b986cdbc1b97b8a3341ce78851edb0dd
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:308:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
drivers/greybus/manifest.c:196:2: note: Loop condition is false. Exiting loop
list_for_each_entry(descriptor, &intf->manifest_descs, links) {
^
include/linux/list.h:630:13: note: expanded from macro 'list_for_each_entry'
pos = list_next_entry(pos, member))
^
include/linux/list.h:555:2: note: expanded from macro 'list_next_entry'
list_entry((pos)->member.next, typeof(*(pos)), member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:306:2: note: expanded from macro '__compiletime_assert'
do { \
^
drivers/greybus/manifest.c:196:2: note: Loop condition is true. Entering loop body
list_for_each_entry(descriptor, &intf->manifest_descs, links) {
^
include/linux/list.h:628:2: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
drivers/greybus/manifest.c:197:7: note: Use of memory after it is freed
if (descriptor->type != GREYBUS_TYPE_STRING)
^~~~~~~~~~~~~~~~
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
>> samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
int fd = *(int *)data;
^
samples/vfio-mdev/mtty.c:1118:6: note: Assuming 'mdev' is non-null
if (!mdev)
^~~~~
samples/vfio-mdev/mtty.c:1118:2: note: Taking false branch
if (!mdev)
^
samples/vfio-mdev/mtty.c:1121:15: note: Calling 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
include/linux/mdev.h:159:2: note: Returning without writing to 'mdev->driver_data', which participates in a condition later
return mdev->driver_data;
^
include/linux/mdev.h:159:2: note: Returning pointer, which participates in a condition later
return mdev->driver_data;
^~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1121:15: note: Returning from 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1122:6: note: Assuming 'mdev_state' is non-null
if (!mdev_state)
^~~~~~~~~~~
samples/vfio-mdev/mtty.c:1122:2: note: Taking false branch
if (!mdev_state)
^
samples/vfio-mdev/mtty.c:1125:2: note: Control jumps to 'case 15214:' at line 1196
switch (cmd) {
^
samples/vfio-mdev/mtty.c:1199:7: note: 'data' initialized to a null pointer value
u8 *data = NULL, *ptr = NULL;
^~~~
samples/vfio-mdev/mtty.c:1204:7: note: Calling 'copy_from_user'
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:191:2: note: Taking true branch
if (likely(check_copy_size(to, n, false)))
^
include/linux/uaccess.h:193:2: note: Returning value (loaded from 'n'), which participates in a condition later
return n;
^~~~~~~~
samples/vfio-mdev/mtty.c:1204:7: note: Returning from 'copy_from_user'
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1204:7: note: Assuming the condition is false
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:1204:3: note: Taking false branch
if (copy_from_user(&hdr, (void __user *)arg, minsz))
^
samples/vfio-mdev/mtty.c:1211:7: note: Assuming 'ret' is 0
if (ret)
^~~
samples/vfio-mdev/mtty.c:1211:3: note: Taking false branch
if (ret)
^
samples/vfio-mdev/mtty.c:1214:7: note: Assuming 'data_size' is 0
if (data_size) {
^~~~~~~~~
samples/vfio-mdev/mtty.c:1214:3: note: Taking false branch
if (data_size) {
^
samples/vfio-mdev/mtty.c:1222:20: note: Passing null pointer value via 6th parameter 'data'
hdr.count, data);
^~~~
samples/vfio-mdev/mtty.c:1221:9: note: Calling 'mtty_set_irqs'
ret = mtty_set_irqs(mdev, hdr.flags, hdr.index, hdr.start,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:906:7: note: 'mdev' is non-null
if (!mdev)
^~~~
samples/vfio-mdev/mtty.c:906:2: note: Taking false branch
if (!mdev)
^
samples/vfio-mdev/mtty.c:909:15: note: Calling 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
include/linux/mdev.h:159:2: note: Returning without writing to 'mdev->driver_data', which participates in a condition later
return mdev->driver_data;
^
include/linux/mdev.h:159:2: note: Returning pointer, which participates in a condition later
return mdev->driver_data;
^~~~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:909:15: note: Returning from 'mdev_get_drvdata'
mdev_state = mdev_get_drvdata(mdev);
^~~~~~~~~~~~~~~~~~~~~~
samples/vfio-mdev/mtty.c:910:7: note: 'mdev_state' is non-null
if (!mdev_state)
^~~~~~~~~~
samples/vfio-mdev/mtty.c:910:2: note: Taking false branch
if (!mdev_state)
^
samples/vfio-mdev/mtty.c:914:2: note: Control jumps to 'case VFIO_PCI_INTX_IRQ_INDEX:' at line 915
switch (index) {
^
samples/vfio-mdev/mtty.c:916:3: note: Control jumps to 'case 32:' at line 920
switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
^
samples/vfio-mdev/mtty.c:922:8: note: Assuming the condition is false
if (flags & VFIO_IRQ_SET_DATA_NONE) {
vim +930 samples/vfio-mdev/mtty.c
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 898
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 899 static int mtty_set_irqs(struct mdev_device *mdev, uint32_t flags,
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 900 unsigned int index, unsigned int start,
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 901 unsigned int count, void *data)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 902 {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 903 int ret = 0;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 904 struct mdev_state *mdev_state;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 905
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 906 if (!mdev)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 907 return -EINVAL;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 908
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 909 mdev_state = mdev_get_drvdata(mdev);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 910 if (!mdev_state)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 911 return -EINVAL;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 912
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 913 mutex_lock(&mdev_state->ops_lock);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 914 switch (index) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 915 case VFIO_PCI_INTX_IRQ_INDEX:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 916 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 917 case VFIO_IRQ_SET_ACTION_MASK:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 918 case VFIO_IRQ_SET_ACTION_UNMASK:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 919 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 920 case VFIO_IRQ_SET_ACTION_TRIGGER:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 921 {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 922 if (flags & VFIO_IRQ_SET_DATA_NONE) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 923 pr_info("%s: disable INTx\n", __func__);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 924 if (mdev_state->intx_evtfd)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 925 eventfd_ctx_put(mdev_state->intx_evtfd);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 926 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 927 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 928
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 929 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 @930 int fd = *(int *)data;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 931
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 932 if (fd > 0) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 933 struct eventfd_ctx *evt;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 934
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 935 evt = eventfd_ctx_fdget(fd);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 936 if (IS_ERR(evt)) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 937 ret = PTR_ERR(evt);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 938 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 939 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 940 mdev_state->intx_evtfd = evt;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 941 mdev_state->irq_fd = fd;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 942 mdev_state->irq_index = index;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 943 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 944 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 945 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 946 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 947 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 948 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 949 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 950 case VFIO_PCI_MSI_IRQ_INDEX:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 951 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 952 case VFIO_IRQ_SET_ACTION_MASK:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 953 case VFIO_IRQ_SET_ACTION_UNMASK:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 954 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 955 case VFIO_IRQ_SET_ACTION_TRIGGER:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 956 if (flags & VFIO_IRQ_SET_DATA_NONE) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 957 if (mdev_state->msi_evtfd)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 958 eventfd_ctx_put(mdev_state->msi_evtfd);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 959 pr_info("%s: disable MSI\n", __func__);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 960 mdev_state->irq_index = VFIO_PCI_INTX_IRQ_INDEX;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 961 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 962 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 963 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 964 int fd = *(int *)data;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 965 struct eventfd_ctx *evt;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 966
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 967 if (fd <= 0)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 968 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 969
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 970 if (mdev_state->msi_evtfd)
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 971 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 972
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 973 evt = eventfd_ctx_fdget(fd);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 974 if (IS_ERR(evt)) {
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 975 ret = PTR_ERR(evt);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 976 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 977 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 978 mdev_state->msi_evtfd = evt;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 979 mdev_state->irq_fd = fd;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 980 mdev_state->irq_index = index;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 981 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 982 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 983 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 984 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 985 case VFIO_PCI_MSIX_IRQ_INDEX:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 986 pr_info("%s: MSIX_IRQ\n", __func__);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 987 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 988 case VFIO_PCI_ERR_IRQ_INDEX:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 989 pr_info("%s: ERR_IRQ\n", __func__);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 990 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 991 case VFIO_PCI_REQ_IRQ_INDEX:
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 992 pr_info("%s: REQ_IRQ\n", __func__);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 993 break;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 994 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 995
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 996 mutex_unlock(&mdev_state->ops_lock);
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 997 return ret;
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 998 }
9d1a546c53b4c1c Kirti Wankhede 2016-11-17 999
:::::: The code at line 930 was first introduced by commit
:::::: 9d1a546c53b4c1c378b0f34de84ddee2c7d4c90c docs: Sample driver to demonstrate how to use Mediated device framework.
:::::: TO: Kirti Wankhede <kwankhede@nvidia.com>
:::::: CC: Alex Williamson <alex.williamson@redhat.com>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 26988 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-01-06 14:24 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-07 18:48 samples/vfio-mdev/mtty.c:930:14: warning: Dereference of null pointer [clang-analyzer-core.NullDereference] kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2022-01-06 14:24 kernel test robot
2021-11-06 7:32 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.