[jgunthorpe:vfio_ccw 7/12] drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)

From: Dan Carpenter
Date: Wed Sep 15 2021 - 03:59:03 EST

Next message: Peter Rosin: "Re: [PATCH v2 19/29] ABI: sysfs-class-mux: use wildcards on What definitions"
Previous message: Nicolas.Ferre: "Re: [PATCH 1/3] net: macb: add description for SRTSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

tree: https://github.com/jgunthorpe/linux vfio_ccw
head: d0d01fdc87368c19ee6cac8e7ab2c0ef7ab33efb
commit: c7863bcc74538df3d39bd9407ae77f6ef778f7b3 [7/12] vfio/mdev: Add mdev available instance checking to the core
config: x86_64-randconfig-m001-20210914 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

smatch warnings:
drivers/vfio/mdev/mdev_core.c:319 mdev_device_create() warn: variable dereferenced before check 'drv' (see line 272)

vim +/drv +319 drivers/vfio/mdev/mdev_core.c

417fd5bf242d76 Jason Gunthorpe 2021-04-06 255 int mdev_device_create(struct mdev_type *type, const guid_t *uuid)
7b96953bc640b6 Kirti Wankhede 2016-11-17 256 {
7b96953bc640b6 Kirti Wankhede 2016-11-17 257 int ret;
002fe996f67f4f Alex Williamson 2018-05-15 258 struct mdev_device *mdev, *tmp;
a9f8111d0b5f44 Jason Gunthorpe 2021-04-06 259 struct mdev_parent *parent = type->parent;
88a21f265ce50a Jason Gunthorpe 2021-06-17 260 struct mdev_driver *drv = parent->ops->device_driver;
7b96953bc640b6 Kirti Wankhede 2016-11-17 261
002fe996f67f4f Alex Williamson 2018-05-15 262 mutex_lock(&mdev_list_lock);
7b96953bc640b6 Kirti Wankhede 2016-11-17 263
7b96953bc640b6 Kirti Wankhede 2016-11-17 264 /* Check for duplicate */
002fe996f67f4f Alex Williamson 2018-05-15 265 list_for_each_entry(tmp, &mdev_list, next) {
278bca7f318e6a Andy Shevchenko 2019-01-10 266 if (guid_equal(&tmp->uuid, uuid)) {
002fe996f67f4f Alex Williamson 2018-05-15 267 mutex_unlock(&mdev_list_lock);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 268 return -EEXIST;
002fe996f67f4f Alex Williamson 2018-05-15 269 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 270 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 271
c7863bcc74538d Jason Gunthorpe 2021-09-07 @272 if (drv->get_available) {
^^^^^^^^^^^^^^^^^^
Dereference

c7863bcc74538d Jason Gunthorpe 2021-09-07 273 if (!type->available) {
c7863bcc74538d Jason Gunthorpe 2021-09-07 274 mutex_unlock(&mdev_list_lock);
c7863bcc74538d Jason Gunthorpe 2021-09-07 275 return -EUSERS;
c7863bcc74538d Jason Gunthorpe 2021-09-07 276 }
c7863bcc74538d Jason Gunthorpe 2021-09-07 277 type->available--;
c7863bcc74538d Jason Gunthorpe 2021-09-07 278 }
c7863bcc74538d Jason Gunthorpe 2021-09-07 279
7b96953bc640b6 Kirti Wankhede 2016-11-17 280 mdev = kzalloc(sizeof(*mdev), GFP_KERNEL);
7b96953bc640b6 Kirti Wankhede 2016-11-17 281 if (!mdev) {
002fe996f67f4f Alex Williamson 2018-05-15 282 mutex_unlock(&mdev_list_lock);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 283 return -ENOMEM;
7b96953bc640b6 Kirti Wankhede 2016-11-17 284 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 285
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 286 device_initialize(&mdev->dev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 287 mdev->dev.parent = parent->dev;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 288 mdev->dev.bus = &mdev_bus_type;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 289 mdev->dev.release = mdev_device_release;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 290 mdev->dev.groups = parent->ops->mdev_attr_groups;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 291 mdev->type = type;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 292 /* Pairs with the put in mdev_device_release() */
fbea43239074e1 Jason Gunthorpe 2021-04-06 293 kobject_get(&type->kobj);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 294
278bca7f318e6a Andy Shevchenko 2019-01-10 295 guid_copy(&mdev->uuid, uuid);
002fe996f67f4f Alex Williamson 2018-05-15 296 list_add(&mdev->next, &mdev_list);
002fe996f67f4f Alex Williamson 2018-05-15 297 mutex_unlock(&mdev_list_lock);
002fe996f67f4f Alex Williamson 2018-05-15 298
18d731242d5c67 Jason Gunthorpe 2021-04-06 299 ret = dev_set_name(&mdev->dev, "%pUl", uuid);
18d731242d5c67 Jason Gunthorpe 2021-04-06 300 if (ret)
18d731242d5c67 Jason Gunthorpe 2021-04-06 301 goto out_put_device;
7b96953bc640b6 Kirti Wankhede 2016-11-17 302
5715c4dd66a315 Parav Pandit 2019-06-06 303 /* Check if parent unregistration has started */
5715c4dd66a315 Parav Pandit 2019-06-06 304 if (!down_read_trylock(&parent->unreg_sem)) {
5715c4dd66a315 Parav Pandit 2019-06-06 305 ret = -ENODEV;
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 306 goto out_put_device;
5715c4dd66a315 Parav Pandit 2019-06-06 307 }
5715c4dd66a315 Parav Pandit 2019-06-06 308
88a21f265ce50a Jason Gunthorpe 2021-06-17 309 if (parent->ops->create) {
c2ef2f50ad0ccf Jason Gunthorpe 2021-04-06 310 ret = parent->ops->create(mdev);
522ecce08ab20b Parav Pandit 2019-06-06 311 if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 312 goto out_unlock;
88a21f265ce50a Jason Gunthorpe 2021-06-17 313 }
7b96953bc640b6 Kirti Wankhede 2016-11-17 314
522ecce08ab20b Parav Pandit 2019-06-06 315 ret = device_add(&mdev->dev);
7b96953bc640b6 Kirti Wankhede 2016-11-17 316 if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 317 goto out_remove;
7b96953bc640b6 Kirti Wankhede 2016-11-17 318
88a21f265ce50a Jason Gunthorpe 2021-06-17 @319 if (!drv)
^^^^
Check for NULL too late. Probably move it forward.

88a21f265ce50a Jason Gunthorpe 2021-06-17 320 drv = &vfio_mdev_driver;
88a21f265ce50a Jason Gunthorpe 2021-06-17 321 ret = device_driver_attach(&drv->driver, &mdev->dev);
88a21f265ce50a Jason Gunthorpe 2021-06-17 322 if (ret)
88a21f265ce50a Jason Gunthorpe 2021-06-17 323 goto out_del;
88a21f265ce50a Jason Gunthorpe 2021-06-17 324
417fd5bf242d76 Jason Gunthorpe 2021-04-06 325 ret = mdev_create_sysfs_files(mdev);
522ecce08ab20b Parav Pandit 2019-06-06 326 if (ret)
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 327 goto out_del;
7b96953bc640b6 Kirti Wankhede 2016-11-17 328
002fe996f67f4f Alex Williamson 2018-05-15 329 mdev->active = true;
7b96953bc640b6 Kirti Wankhede 2016-11-17 330 dev_dbg(&mdev->dev, "MDEV: created\n");
5715c4dd66a315 Parav Pandit 2019-06-06 331 up_read(&parent->unreg_sem);
7b96953bc640b6 Kirti Wankhede 2016-11-17 332
002fe996f67f4f Alex Williamson 2018-05-15 333 return 0;
7b96953bc640b6 Kirti Wankhede 2016-11-17 334
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 335 out_del:
522ecce08ab20b Parav Pandit 2019-06-06 336 device_del(&mdev->dev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 337 out_remove:
88a21f265ce50a Jason Gunthorpe 2021-06-17 338 if (parent->ops->remove)
522ecce08ab20b Parav Pandit 2019-06-06 339 parent->ops->remove(mdev);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 340 out_unlock:
5715c4dd66a315 Parav Pandit 2019-06-06 341 up_read(&parent->unreg_sem);
fbd0e2b0c3d0b2 Jason Gunthorpe 2021-04-06 342 out_put_device:
522ecce08ab20b Parav Pandit 2019-06-06 343 put_device(&mdev->dev);
7b96953bc640b6 Kirti Wankhede 2016-11-17 344 return ret;
7b96953bc640b6 Kirti Wankhede 2016-11-17 345 }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx

Next message: Peter Rosin: "Re: [PATCH v2 19/29] ABI: sysfs-class-mux: use wildcards on What definitions"
Previous message: Nicolas.Ferre: "Re: [PATCH 1/3] net: macb: add description for SRTSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]