drivers/scsi/smartpqi/smartpqi_init.c:2070 pqi_update_scsi_devices() error: we previously assumed 'physdev_list' could be null (see line 2006)

From: kernel test robot
Date: Thu Aug 13 2020 - 23:12:01 EST


tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: dddcbc139e96bd18d8c65ef7b7e440f0d32457c2
commit: 5e6a9760f7da4dd86cca43ac6423695d6cb0dff4 scsi: smartpqi: add module param for exposure order
date: 12 months ago
config: ia64-randconfig-m031-20200811 (attached as .config)
compiler: ia64-linux-gcc (GCC) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>

New smatch warnings:
drivers/scsi/smartpqi/smartpqi_init.c:2070 pqi_update_scsi_devices() error: we previously assumed 'physdev_list' could be null (see line 2006)

Old smatch warnings:
drivers/scsi/smartpqi/smartpqi_init.c:2077 pqi_update_scsi_devices() error: we previously assumed 'logdev_list' could be null (see line 2013)
drivers/scsi/smartpqi/smartpqi_init.c:2134 pqi_update_scsi_devices() warn: inconsistent indenting
drivers/scsi/smartpqi/smartpqi_init.c:6995 pqi_ctrl_init() warn: impossible condition '(ctrl_info->max_outstanding_requests > (~0)) => (0-u32max > u32max)'

vim +/physdev_list +2070 drivers/scsi/smartpqi/smartpqi_init.c

1977
1978 static int pqi_update_scsi_devices(struct pqi_ctrl_info *ctrl_info)
1979 {
1980 int i;
1981 int rc;
1982 LIST_HEAD(new_device_list_head);
1983 struct report_phys_lun_extended *physdev_list = NULL;
1984 struct report_log_lun_extended *logdev_list = NULL;
1985 struct report_phys_lun_extended_entry *phys_lun_ext_entry;
1986 struct report_log_lun_extended_entry *log_lun_ext_entry;
1987 struct bmic_identify_physical_device *id_phys = NULL;
1988 u32 num_physicals;
1989 u32 num_logicals;
1990 struct pqi_scsi_dev **new_device_list = NULL;
1991 struct pqi_scsi_dev *device;
1992 struct pqi_scsi_dev *next;
1993 unsigned int num_new_devices;
1994 unsigned int num_valid_devices;
1995 bool is_physical_device;
1996 u8 *scsi3addr;
1997 unsigned int physical_index;
1998 unsigned int logical_index;
1999 static char *out_of_memory_msg =
2000 "failed to allocate memory, device discovery stopped";
2001
2002 rc = pqi_get_device_lists(ctrl_info, &physdev_list, &logdev_list);
2003 if (rc)
2004 goto out;
2005
> 2006 if (physdev_list)
2007 num_physicals =
2008 get_unaligned_be32(&physdev_list->header.list_length)
2009 / sizeof(physdev_list->lun_entries[0]);
2010 else
2011 num_physicals = 0;
2012
2013 if (logdev_list)
2014 num_logicals =
2015 get_unaligned_be32(&logdev_list->header.list_length)
2016 / sizeof(logdev_list->lun_entries[0]);
2017 else
2018 num_logicals = 0;
2019
2020 if (num_physicals) {
2021 /*
2022 * We need this buffer for calls to pqi_get_physical_disk_info()
2023 * below. We allocate it here instead of inside
2024 * pqi_get_physical_disk_info() because it's a fairly large
2025 * buffer.
2026 */
2027 id_phys = kmalloc(sizeof(*id_phys), GFP_KERNEL);
2028 if (!id_phys) {
2029 dev_warn(&ctrl_info->pci_dev->dev, "%s\n",
2030 out_of_memory_msg);
2031 rc = -ENOMEM;
2032 goto out;
2033 }
2034 }
2035
2036 num_new_devices = num_physicals + num_logicals;
2037
2038 new_device_list = kmalloc_array(num_new_devices,
2039 sizeof(*new_device_list),
2040 GFP_KERNEL);
2041 if (!new_device_list) {
2042 dev_warn(&ctrl_info->pci_dev->dev, "%s\n", out_of_memory_msg);
2043 rc = -ENOMEM;
2044 goto out;
2045 }
2046
2047 for (i = 0; i < num_new_devices; i++) {
2048 device = kzalloc(sizeof(*device), GFP_KERNEL);
2049 if (!device) {
2050 dev_warn(&ctrl_info->pci_dev->dev, "%s\n",
2051 out_of_memory_msg);
2052 rc = -ENOMEM;
2053 goto out;
2054 }
2055 list_add_tail(&device->new_device_list_entry,
2056 &new_device_list_head);
2057 }
2058
2059 device = NULL;
2060 num_valid_devices = 0;
2061 physical_index = 0;
2062 logical_index = 0;
2063
2064 for (i = 0; i < num_new_devices; i++) {
2065
2066 if ((!pqi_expose_ld_first && i < num_physicals) ||
2067 (pqi_expose_ld_first && i >= num_logicals)) {
2068 is_physical_device = true;
2069 phys_lun_ext_entry =
> 2070 &physdev_list->lun_entries[physical_index++];
2071 log_lun_ext_entry = NULL;
2072 scsi3addr = phys_lun_ext_entry->lunid;
2073 } else {
2074 is_physical_device = false;
2075 phys_lun_ext_entry = NULL;
2076 log_lun_ext_entry =
2077 &logdev_list->lun_entries[logical_index++];
2078 scsi3addr = log_lun_ext_entry->lunid;
2079 }
2080
2081 if (is_physical_device && pqi_skip_device(scsi3addr))
2082 continue;
2083
2084 if (device)
2085 device = list_next_entry(device, new_device_list_entry);
2086 else
2087 device = list_first_entry(&new_device_list_head,
2088 struct pqi_scsi_dev, new_device_list_entry);
2089
2090 memcpy(device->scsi3addr, scsi3addr, sizeof(device->scsi3addr));
2091 device->is_physical_device = is_physical_device;
2092 if (is_physical_device) {
2093 if (phys_lun_ext_entry->device_type ==
2094 SA_EXPANDER_SMP_DEVICE)
2095 device->is_expander_smp_device = true;
2096 } else {
2097 device->is_external_raid_device =
2098 pqi_is_external_raid_addr(scsi3addr);
2099 }
2100
2101 /* Gather information about the device. */
2102 rc = pqi_get_device_info(ctrl_info, device);
2103 if (rc == -ENOMEM) {
2104 dev_warn(&ctrl_info->pci_dev->dev, "%s\n",
2105 out_of_memory_msg);
2106 goto out;
2107 }
2108 if (rc) {
2109 if (device->is_physical_device)
2110 dev_warn(&ctrl_info->pci_dev->dev,
2111 "obtaining device info failed, skipping physical device %016llx\n",
2112 get_unaligned_be64(
2113 &phys_lun_ext_entry->wwid));
2114 else
2115 dev_warn(&ctrl_info->pci_dev->dev,
2116 "obtaining device info failed, skipping logical device %08x%08x\n",
2117 *((u32 *)&device->scsi3addr),
2118 *((u32 *)&device->scsi3addr[4]));
2119 rc = 0;
2120 continue;
2121 }
2122
2123 if (!pqi_is_supported_device(device))
2124 continue;
2125
2126 pqi_assign_bus_target_lun(device);
2127
2128 if (device->is_physical_device) {
2129 device->wwid = phys_lun_ext_entry->wwid;
2130 if ((phys_lun_ext_entry->device_flags &
2131 REPORT_PHYS_LUN_DEV_FLAG_AIO_ENABLED) &&
2132 phys_lun_ext_entry->aio_handle) {
2133 device->aio_enabled = true;
2134 device->aio_handle =
2135 phys_lun_ext_entry->aio_handle;
2136 }
2137 if (device->devtype == TYPE_DISK ||
2138 device->devtype == TYPE_ZBC) {
2139 pqi_get_physical_disk_info(ctrl_info,
2140 device, id_phys);
2141 }
2142 } else {
2143 memcpy(device->volume_id, log_lun_ext_entry->volume_id,
2144 sizeof(device->volume_id));
2145 }
2146
2147 if (pqi_is_device_with_sas_address(device))
2148 device->sas_address = get_unaligned_be64(&device->wwid);
2149
2150 new_device_list[num_valid_devices++] = device;
2151 }
2152
2153 pqi_update_device_list(ctrl_info, new_device_list, num_valid_devices);
2154
2155 out:
2156 list_for_each_entry_safe(device, next, &new_device_list_head,
2157 new_device_list_entry) {
2158 if (device->keep_device)
2159 continue;
2160 list_del(&device->new_device_list_entry);
2161 pqi_free_device(device);
2162 }
2163
2164 kfree(new_device_list);
2165 kfree(physdev_list);
2166 kfree(logdev_list);
2167 kfree(id_phys);
2168
2169 return rc;
2170 }
2171

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx

Attachment: .config.gz
Description: application/gzip