Re: drivers/irqchip/irq-apple-aic.c:941 aic_of_ic_init() error: uninitialized symbol 'off'.

[Marc Zyngier]

On Mon, 06 Jun 2022 12:08:03 +0100,
Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> 
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> head:   8ab2afa23bd197df47819a87f0265c0ac95c5b6a
> commit: dc97fd6fec009957e81026055fc99a03877ff3b8 irqchip/apple-aic: Dynamically compute register offsets
> config: arm64-randconfig-m031-20220530 (https://download.01.org/0day-ci/archive/20220601/202206010439.LRgjym7t-lkp@xxxxxxxxx/config)
> compiler: aarch64-linux-gcc (GCC) 11.3.0
> 
> If you fix the issue, kindly add following tag where applicable
> Reported-by: kernel test robot <lkp@xxxxxxxxx>
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> 
> New smatch warnings:
> drivers/irqchip/irq-apple-aic.c:941 aic_of_ic_init() error: uninitialized symbol 'off'.
> 
> vim +/off +941 drivers/irqchip/irq-apple-aic.c
> 
> 76cde26394114f Hector Martin 2021-01-21   900  static int __init aic_of_ic_init(struct device_node *node, struct device_node *parent)
> 76cde26394114f Hector Martin 2021-01-21   901  {
> 76cde26394114f Hector Martin 2021-01-21   902  	int i;
> dc97fd6fec0099 Hector Martin 2022-03-10   903  	u32 off;
> 76cde26394114f Hector Martin 2021-01-21   904  	void __iomem *regs;
> 76cde26394114f Hector Martin 2021-01-21   905  	struct aic_irq_chip *irqc;
> 2cf68211664acd Hector Martin 2022-03-10   906  	const struct of_device_id *match;
> 76cde26394114f Hector Martin 2021-01-21   907  
> 76cde26394114f Hector Martin 2021-01-21   908  	regs = of_iomap(node, 0);
> 76cde26394114f Hector Martin 2021-01-21   909  	if (WARN_ON(!regs))
> 76cde26394114f Hector Martin 2021-01-21   910  		return -EIO;
> 76cde26394114f Hector Martin 2021-01-21   911  
> 76cde26394114f Hector Martin 2021-01-21   912  	irqc = kzalloc(sizeof(*irqc), GFP_KERNEL);
> 76cde26394114f Hector Martin 2021-01-21   913  	if (!irqc)
> 76cde26394114f Hector Martin 2021-01-21   914  		return -ENOMEM;
> 76cde26394114f Hector Martin 2021-01-21   915  
> 76cde26394114f Hector Martin 2021-01-21   916  	irqc->base = regs;
> 76cde26394114f Hector Martin 2021-01-21   917  
> 2cf68211664acd Hector Martin 2022-03-10   918  	match = of_match_node(aic_info_match, node);
> 2cf68211664acd Hector Martin 2022-03-10   919  	if (!match)
> 2cf68211664acd Hector Martin 2022-03-10   920  		return -ENODEV;
> 2cf68211664acd Hector Martin 2022-03-10   921  
> 2cf68211664acd Hector Martin 2022-03-10   922  	irqc->info = *(struct aic_info *)match->data;
> 2cf68211664acd Hector Martin 2022-03-10   923  
> 2cf68211664acd Hector Martin 2022-03-10   924  	aic_irqc = irqc;
> 2cf68211664acd Hector Martin 2022-03-10   925  
> dc97fd6fec0099 Hector Martin 2022-03-10   926  	switch (irqc->info.version) {
> dc97fd6fec0099 Hector Martin 2022-03-10   927  	case 1: {
> dc97fd6fec0099 Hector Martin 2022-03-10   928  		u32 info;
> dc97fd6fec0099 Hector Martin 2022-03-10   929  
> 76cde26394114f Hector Martin 2021-01-21   930  		info = aic_ic_read(irqc, AIC_INFO);
> 7c841f5f6fa3f9 Hector Martin 2022-03-10   931  		irqc->nr_irq = FIELD_GET(AIC_INFO_NR_IRQ, info);
> dc97fd6fec0099 Hector Martin 2022-03-10   932  		irqc->max_irq = AIC_MAX_IRQ;
> dc97fd6fec0099 Hector Martin 2022-03-10   933  
> dc97fd6fec0099 Hector Martin 2022-03-10   934  		off = irqc->info.target_cpu;
> dc97fd6fec0099 Hector Martin 2022-03-10   935  		off += sizeof(u32) * irqc->max_irq; /* TARGET_CPU */
> dc97fd6fec0099 Hector Martin 2022-03-10   936  
> dc97fd6fec0099 Hector Martin 2022-03-10   937  		break;
> 
> "off" uninitialized if irqc->info.version != 1.

Which is pretty much impossible by construction, as as of this
particular commit, all the possible implementations have version == 1.

Subsequent patches do add cases where version == 2, and that gets
covered too.

So unless I'm missing something obvious, there is no bug here.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.