* [jgunthorpe:vfio_ccw 7/12] drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)
@ 2021-09-15 7:58 Dan Carpenter
2021-09-15 16:29 ` Jason Gunthorpe
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2021-09-15 7:58 UTC (permalink / raw)
To: kbuild, Jason Gunthorpe; +Cc: lkp, kbuild-all, linux-kernel
tree: https://github.com/jgunthorpe/linux vfio_ccw
head: d0d01fdc87368c19ee6cac8e7ab2c0ef7ab33efb
commit: c7863bcc74538df3d39bd9407ae77f6ef778f7b3 [7/12] vfio/mdev: Add mdev available instance checking to the core
config: x86_64-randconfig-m001-20210914 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)
vim +/drv +319 drivers/vfio/mdev/mdev_core.c
417fd5bf242d76 Jason Gunthorpe 2021-04-06 255 int mdev_device_create(struct mdev_type *type, const guid_t *uuid)
7b96953bc640b6 Kirti Wankhede 2016-11-17 256 {
7b96953bc640b6 Kirti Wankhede 2016-11-17 257 int ret;
002fe996f67f4f Alex Williamson 2018-05-15 258 struct mdev_device *mdev, *tmp;
a9f8111d0b5f44 Jason Gunthorpe 2021-04-06 259 struct mdev_parent *parent = type->parent;
88a21f265ce50a Jason Gunthorpe 2021-06-17 260 struct mdev_driver *drv = parent->ops->device_driver;
7b96953bc640b6 Kirti Wankhede 2016-11-17 261
002fe996f67f4f Alex Williamson 2018-05-15 262 mutex_lock(&mdev_list_lock);
7b96953bc640b6 Kirti Wankhede 2016-11-17 263
7b96953bc640b6 Kirti Wankhede 2016-11-17 264 /* Check for duplicate */
002fe996f67f4f Alex Williamson 2018-05-15 265 list_for_each_entry(tmp, &mdev_list, next) {
278bca7f318e6a Andy Shevchenko 2019-01-10 266 if (guid_equal(&tmp->uuid, uuid)) {
002fe996f67f4f Alex Williamson 2018-05-15 267 mutex_unlock(&mdev_list_lock);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 268 return -EEXIST;
002fe996f67f4f Alex Williamson 2018-05-15 269 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 270 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 271
c7863bcc74538d Jason Gunthorpe 2021-09-07 @272 if (drv->get_available) {
^^^^^^^^^^^^^^^^^^
Dereference
c7863bcc74538d Jason Gunthorpe 2021-09-07 273 if (!type->available) {
c7863bcc74538d Jason Gunthorpe 2021-09-07 274 mutex_unlock(&mdev_list_lock);
c7863bcc74538d Jason Gunthorpe 2021-09-07 275 return -EUSERS;
c7863bcc74538d Jason Gunthorpe 2021-09-07 276 }
c7863bcc74538d Jason Gunthorpe 2021-09-07 277 type->available--;
c7863bcc74538d Jason Gunthorpe 2021-09-07 278 }
c7863bcc74538d Jason Gunthorpe 2021-09-07 279
7b96953bc640b6 Kirti Wankhede 2016-11-17 280 mdev = kzalloc(sizeof(*mdev), GFP_KERNEL);
7b96953bc640b6 Kirti Wankhede 2016-11-17 281 if (!mdev) {
002fe996f67f4f Alex Williamson 2018-05-15 282 mutex_unlock(&mdev_list_lock);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 283 return -ENOMEM;
7b96953bc640b6 Kirti Wankhede 2016-11-17 284 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 285
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 286 device_initialize(&mdev->dev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 287 mdev->dev.parent = parent->dev;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 288 mdev->dev.bus = &mdev_bus_type;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 289 mdev->dev.release = mdev_device_release;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 290 mdev->dev.groups = parent->ops->mdev_attr_groups;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 291 mdev->type = type;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 292 /* Pairs with the put in mdev_device_release() */
fbea43239074e1 Jason Gunthorpe 2021-04-06 293 kobject_get(&type->kobj);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 294
278bca7f318e6a Andy Shevchenko 2019-01-10 295 guid_copy(&mdev->uuid, uuid);
002fe996f67f4f Alex Williamson 2018-05-15 296 list_add(&mdev->next, &mdev_list);
002fe996f67f4f Alex Williamson 2018-05-15 297 mutex_unlock(&mdev_list_lock);
002fe996f67f4f Alex Williamson 2018-05-15 298
18d731242d5c67 Jason Gunthorpe 2021-04-06 299 ret = dev_set_name(&mdev->dev, "%pUl", uuid);
18d731242d5c67 Jason Gunthorpe 2021-04-06 300 if (ret)
18d731242d5c67 Jason Gunthorpe 2021-04-06 301 goto out_put_device;
7b96953bc640b6 Kirti Wankhede 2016-11-17 302
5715c4dd66a315 Parav Pandit 2019-06-06 303 /* Check if parent unregistration has started */
5715c4dd66a315 Parav Pandit 2019-06-06 304 if (!down_read_trylock(&parent->unreg_sem)) {
5715c4dd66a315 Parav Pandit 2019-06-06 305 ret = -ENODEV;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 306 goto out_put_device;
5715c4dd66a315 Parav Pandit 2019-06-06 307 }
5715c4dd66a315 Parav Pandit 2019-06-06 308
88a21f265ce50a Jason Gunthorpe 2021-06-17 309 if (parent->ops->create) {
c2ef2f50ad0ccf Jason Gunthorpe 2021-04-06 310 ret = parent->ops->create(mdev);
522ecce08ab20b Parav Pandit 2019-06-06 311 if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 312 goto out_unlock;
88a21f265ce50a Jason Gunthorpe 2021-06-17 313 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 314
522ecce08ab20b Parav Pandit 2019-06-06 315 ret = device_add(&mdev->dev);
7b96953bc640b6 Kirti Wankhede 2016-11-17 316 if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 317 goto out_remove;
7b96953bc640b6 Kirti Wankhede 2016-11-17 318
88a21f265ce50a Jason Gunthorpe 2021-06-17 @319 if (!drv)
^^^^
Check for NULL too late. Probably move it forward.
88a21f265ce50a Jason Gunthorpe 2021-06-17 320 drv = &vfio_mdev_driver;
88a21f265ce50a Jason Gunthorpe 2021-06-17 321 ret = device_driver_attach(&drv->driver, &mdev->dev);
88a21f265ce50a Jason Gunthorpe 2021-06-17 322 if (ret)
88a21f265ce50a Jason Gunthorpe 2021-06-17 323 goto out_del;
88a21f265ce50a Jason Gunthorpe 2021-06-17 324
417fd5bf242d76 Jason Gunthorpe 2021-04-06 325 ret = mdev_create_sysfs_files(mdev);
522ecce08ab20b Parav Pandit 2019-06-06 326 if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 327 goto out_del;
7b96953bc640b6 Kirti Wankhede 2016-11-17 328
002fe996f67f4f Alex Williamson 2018-05-15 329 mdev->active = true;
7b96953bc640b6 Kirti Wankhede 2016-11-17 330 dev_dbg(&mdev->dev, "MDEV: created\n");
5715c4dd66a315 Parav Pandit 2019-06-06 331 up_read(&parent->unreg_sem);
7b96953bc640b6 Kirti Wankhede 2016-11-17 332
002fe996f67f4f Alex Williamson 2018-05-15 333 return 0;
7b96953bc640b6 Kirti Wankhede 2016-11-17 334
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 335 out_del:
522ecce08ab20b Parav Pandit 2019-06-06 336 device_del(&mdev->dev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 337 out_remove:
88a21f265ce50a Jason Gunthorpe 2021-06-17 338 if (parent->ops->remove)
522ecce08ab20b Parav Pandit 2019-06-06 339 parent->ops->remove(mdev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 340 out_unlock:
5715c4dd66a315 Parav Pandit 2019-06-06 341 up_read(&parent->unreg_sem);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 342 out_put_device:
522ecce08ab20b Parav Pandit 2019-06-06 343 put_device(&mdev->dev);
7b96953bc640b6 Kirti Wankhede 2016-11-17 344 return ret;
7b96953bc640b6 Kirti Wankhede 2016-11-17 345 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [jgunthorpe:vfio_ccw 7/12] drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)
2021-09-15 7:58 [jgunthorpe:vfio_ccw 7/12] drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272) Dan Carpenter
@ 2021-09-15 16:29 ` Jason Gunthorpe
0 siblings, 0 replies; 2+ messages in thread
From: Jason Gunthorpe @ 2021-09-15 16:29 UTC (permalink / raw)
To: Dan Carpenter; +Cc: kbuild, lkp, kbuild-all, linux-kernel
On Wed, Sep 15, 2021 at 10:58:31AM +0300, Dan Carpenter wrote:
> tree: https://github.com/jgunthorpe/linux vfio_ccw
> head: d0d01fdc87368c19ee6cac8e7ab2c0ef7ab33efb
> commit: c7863bcc74538df3d39bd9407ae77f6ef778f7b3 [7/12] vfio/mdev: Add mdev available instance checking to the core
> config: x86_64-randconfig-m001-20210914 (attached as .config)
> compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
>
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@intel.com>
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> smatch warnings:
> drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)
>
> vim +/drv +319 drivers/vfio/mdev/mdev_core.c
>
> 417fd5bf242d76 Jason Gunthorpe 2021-04-06 255 int mdev_device_create(struct mdev_type *type, const guid_t *uuid)
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 256 {
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 257 int ret;
> 002fe996f67f4f Alex Williamson 2018-05-15 258 struct mdev_device *mdev, *tmp;
> a9f8111d0b5f44 Jason Gunthorpe 2021-04-06 259 struct mdev_parent *parent = type->parent;
> 88a21f265ce50a Jason Gunthorpe 2021-06-17 260 struct mdev_driver *drv = parent->ops->device_driver;
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 261
> 002fe996f67f4f Alex Williamson 2018-05-15 262 mutex_lock(&mdev_list_lock);
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 263
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 264 /* Check for duplicate */
> 002fe996f67f4f Alex Williamson 2018-05-15 265 list_for_each_entry(tmp, &mdev_list, next) {
> 278bca7f318e6a Andy Shevchenko 2019-01-10 266 if (guid_equal(&tmp->uuid, uuid)) {
> 002fe996f67f4f Alex Williamson 2018-05-15 267 mutex_unlock(&mdev_list_lock);
> fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 268 return -EEXIST;
> 002fe996f67f4f Alex Williamson 2018-05-15 269 }
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 270 }
> 7b96953bc640b6 Kirti Wankhede 2016-11-17 271
> c7863bcc74538d Jason Gunthorpe 2021-09-07 @272 if (drv->get_available) {
> ^^^^^^^^^^^^^^^^^^
> Dereference
woops, got it, thanks Dan
Jason
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-09-15 16:29 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-15 7:58 [jgunthorpe:vfio_ccw 7/12] drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272) Dan Carpenter
2021-09-15 16:29 ` Jason Gunthorpe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).