Re: [PATCH 3/4] staging: media: zoran: replace all pr_err() with zrdev_err()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Ian,

url:    https://github.com/intel-lab-lkp/linux/commits/Ian-Cowan/staging-media-zoran-add-zrdev_dbg-macros/20220425-092814
base:   https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git 1efba7ef1d7da5944493728c5375fef5b2130de4
config: i386-randconfig-m021-20220425 (https://download.01.org/0day-ci/archive/20220426/202204260911.PpSNCMg4-lkp@xxxxxxxxx/config)
compiler: gcc-11 (Debian 11.2.0-20) 11.2.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

smatch warnings:
drivers/staging/media/zoran/videocodec.c:55 videocodec_attach() warn: variable dereferenced before check 'master' (see line 50)
drivers/staging/media/zoran/videocodec.c:124 videocodec_detach() warn: variable dereferenced before check 'codec' (see line 120)
drivers/staging/media/zoran/videocodec.c:177 videocodec_register() warn: variable dereferenced before check 'codec' (see line 175)
drivers/staging/media/zoran/videocodec.c:210 videocodec_unregister() warn: variable dereferenced before check 'codec' (see line 208)

vim +/master +55 drivers/staging/media/zoran/videocodec.c

5e195bbddabdd9 Corentin Labbe 2020-09-25   47  struct videocodec *videocodec_attach(struct videocodec_master *master)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   48  {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   49  	struct codec_list *h = codeclist_top;
a0a095d4ab6241 Ian Cowan      2022-04-23  @50  	struct zoran *zr = videocodec_master_to_zoran(master);
                                                                                              ^^^^^^
Dereferenced inside function call.

61c3b19f7b9eb7 Corentin Labbe 2020-09-25   51  	struct attached_list *a, *ptr;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   52  	struct videocodec *codec;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   53  	int res;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   54  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  @55  	if (!master) {
                                                    ^^^^^^^
Checked too late.  The "master" pointer can't actually be NULL so just
delete this if statement.

a0a095d4ab6241 Ian Cowan      2022-04-23   56  		zrdev_err(zr, "%s: no data\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   57  		return NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   58  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   59  
a0a095d4ab6241 Ian Cowan      2022-04-23   60  	zrdev_dbg(zr, "%s: '%s', flags %lx, magic %lx\n", __func__,
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   61  		  master->name, master->flags, master->magic);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   62  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   63  	if (!h) {
a0a095d4ab6241 Ian Cowan      2022-04-23   64  		zrdev_err(zr, "%s: no device available\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   65  		return NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   66  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   67  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   68  	while (h) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   69  		// attach only if the slave has at least the flags
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   70  		// expected by the master
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   71  		if ((master->flags & h->codec->flags) == master->flags) {
5e195bbddabdd9 Corentin Labbe 2020-09-25   72  			dprintk(4, "%s: try '%s'\n", __func__, h->codec->name);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   73  
5e195bbddabdd9 Corentin Labbe 2020-09-25   74  			codec = kmemdup(h->codec, sizeof(struct videocodec), GFP_KERNEL);
5e195bbddabdd9 Corentin Labbe 2020-09-25   75  			if (!codec)
fe047de480ca23 Corentin Labbe 2021-12-14   76  				goto out_kfree;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   77  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   78  			res = strlen(codec->name);
5e195bbddabdd9 Corentin Labbe 2020-09-25   79  			snprintf(codec->name + res, sizeof(codec->name) - res, "[%d]", h->attached);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   80  			codec->master_data = master;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   81  			res = codec->setup(codec);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   82  			if (res == 0) {
5e195bbddabdd9 Corentin Labbe 2020-09-25   83  				dprintk(3, "%s: '%s'\n", __func__, codec->name);
5e195bbddabdd9 Corentin Labbe 2020-09-25   84  				ptr = kzalloc(sizeof(*ptr), GFP_KERNEL);
5e195bbddabdd9 Corentin Labbe 2020-09-25   85  				if (!ptr)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   86  					goto out_kfree;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   87  				ptr->codec = codec;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   88  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   89  				a = h->list;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   90  				if (!a) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   91  					h->list = ptr;
5e195bbddabdd9 Corentin Labbe 2020-09-25   92  					dprintk(4, "videocodec: first element\n");
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   93  				} else {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   94  					while (a->next)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   95  						a = a->next;	// find end
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   96  					a->next = ptr;
5e195bbddabdd9 Corentin Labbe 2020-09-25   97  					dprintk(4, "videocodec: in after '%s'\n", h->codec->name);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   98  				}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25   99  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  100  				h->attached += 1;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  101  				return codec;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  102  			} else {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  103  				kfree(codec);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  104  			}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  105  		}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  106  		h = h->next;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  107  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  108  
a0a095d4ab6241 Ian Cowan      2022-04-23  109  	zrdev_err(zr, "%s: no codec found!\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  110  	return NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  111  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  112   out_kfree:
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  113  	kfree(codec);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  114  	return NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  115  }
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  116  
5e195bbddabdd9 Corentin Labbe 2020-09-25  117  int videocodec_detach(struct videocodec *codec)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  118  {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  119  	struct codec_list *h = codeclist_top;
a0a095d4ab6241 Ian Cowan      2022-04-23 @120  	struct zoran *zr = videocodec_to_zoran(codec);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  121  	struct attached_list *a, *prev;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  122  	int res;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  123  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25 @124  	if (!codec) {

The "codec" variable can be NULL so this code can crash.  Move the
dereference after the check.

a0a095d4ab6241 Ian Cowan      2022-04-23  125  		zrdev_err(zr, "%s: no data\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  126  		return -EINVAL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  127  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  128  
5e195bbddabdd9 Corentin Labbe 2020-09-25  129  	dprintk(2, "%s: '%s', type: %x, flags %lx, magic %lx\n", __func__,
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  130  		codec->name, codec->type, codec->flags, codec->magic);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  131  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  132  	if (!h) {
a0a095d4ab6241 Ian Cowan      2022-04-23  133  		zrdev_err(zr, "%s: no device left...\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  134  		return -ENXIO;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  135  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  136  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  137  	while (h) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  138  		a = h->list;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  139  		prev = NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  140  		while (a) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  141  			if (codec == a->codec) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  142  				res = a->codec->unset(a->codec);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  143  				if (res >= 0) {
5e195bbddabdd9 Corentin Labbe 2020-09-25  144  					dprintk(3, "%s: '%s'\n", __func__, a->codec->name);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  145  					a->codec->master_data = NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  146  				} else {
a0a095d4ab6241 Ian Cowan      2022-04-23  147  					zrdev_err(zr, "%s: '%s'\n", __func__, a->codec->name);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  148  					a->codec->master_data = NULL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  149  				}
5e195bbddabdd9 Corentin Labbe 2020-09-25  150  				if (!prev) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  151  					h->list = a->next;
5e195bbddabdd9 Corentin Labbe 2020-09-25  152  					dprintk(4, "videocodec: delete first\n");
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  153  				} else {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  154  					prev->next = a->next;
5e195bbddabdd9 Corentin Labbe 2020-09-25  155  					dprintk(4, "videocodec: delete middle\n");
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  156  				}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  157  				kfree(a->codec);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  158  				kfree(a);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  159  				h->attached -= 1;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  160  				return 0;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  161  			}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  162  			prev = a;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  163  			a = a->next;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  164  		}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  165  		h = h->next;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  166  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  167  
a0a095d4ab6241 Ian Cowan      2022-04-23  168  	zrdev_err(zr, "%s: given codec not found!\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  169  	return -EINVAL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  170  }
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  171  
5e195bbddabdd9 Corentin Labbe 2020-09-25  172  int videocodec_register(const struct videocodec *codec)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  173  {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  174  	struct codec_list *ptr, *h = codeclist_top;
a0a095d4ab6241 Ian Cowan      2022-04-23 @175  	struct zoran *zr = videocodec_to_zoran((struct videocodec *)codec);
                                                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dereference

61c3b19f7b9eb7 Corentin Labbe 2020-09-25  176  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25 @177  	if (!codec) {

Check

a0a095d4ab6241 Ian Cowan      2022-04-23  178  		zrdev_err(zr, "%s: no data!\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  179  		return -EINVAL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  180  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  181  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  182  	dprintk(2,
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  183  		"videocodec: register '%s', type: %x, flags %lx, magic %lx\n",
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  184  		codec->name, codec->type, codec->flags, codec->magic);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  185  
5e195bbddabdd9 Corentin Labbe 2020-09-25  186  	ptr = kzalloc(sizeof(*ptr), GFP_KERNEL);
5e195bbddabdd9 Corentin Labbe 2020-09-25  187  	if (!ptr)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  188  		return -ENOMEM;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  189  	ptr->codec = codec;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  190  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  191  	if (!h) {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  192  		codeclist_top = ptr;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  193  		dprintk(4, "videocodec: hooked in as first element\n");
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  194  	} else {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  195  		while (h->next)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  196  			h = h->next;	// find the end
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  197  		h->next = ptr;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  198  		dprintk(4, "videocodec: hooked in after '%s'\n",
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  199  			h->codec->name);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  200  	}
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  201  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  202  	return 0;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  203  }
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  204  
5e195bbddabdd9 Corentin Labbe 2020-09-25  205  int videocodec_unregister(const struct videocodec *codec)
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  206  {
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  207  	struct codec_list *prev = NULL, *h = codeclist_top;
a0a095d4ab6241 Ian Cowan      2022-04-23 @208  	struct zoran *zr = videocodec_to_zoran((struct videocodec *)codec);
                                                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dereference

61c3b19f7b9eb7 Corentin Labbe 2020-09-25  209  
61c3b19f7b9eb7 Corentin Labbe 2020-09-25 @210  	if (!codec) {

Check

a0a095d4ab6241 Ian Cowan      2022-04-23  211  		zrdev_err(zr, "%s: no data!\n", __func__);
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  212  		return -EINVAL;
61c3b19f7b9eb7 Corentin Labbe 2020-09-25  213  	}

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp
[Index of Archives]     [Linux Input]     [Video for Linux]     [Gstreamer Embedded]     [Mplayer Users]     [Linux USB Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]

  Powered by Linux