Hello Ralf Baechle,
The patch bb9b813bb665: "[MIPS] Sibyte: Fix ZBbus profiler" from Mar
9, 2007, leads to the following static checker warning:
arch/mips/sibyte/common/sb_tbprof.c:480 sbprof_tb_read()
warn: maybe return -EFAULT instead of the bytes remaining?
arch/mips/sibyte/common/sb_tbprof.c
452 static ssize_t sbprof_tb_read(struct file *filp, char *buf,
453 size_t size, loff_t *offp)
454 {
455 int cur_sample, sample_off, cur_count, sample_left;
456 char *src;
457 int count = 0;
458 char *dest = buf;
459 long cur_off = *offp;
460
461 if (!access_ok(VERIFY_WRITE, buf, size))
462 return -EFAULT;
463
464 mutex_lock(&sbp.lock);
465
466 count = 0;
467 cur_sample = cur_off / TB_SAMPLE_SIZE;
468 sample_off = cur_off % TB_SAMPLE_SIZE;
469 sample_left = TB_SAMPLE_SIZE - sample_off;
470
471 while (size && (cur_sample < sbp.next_tb_sample)) {
472 int err;
473
474 cur_count = size < sample_left ? size : sample_left;
475 src = (char *)(((long)sbp.sbprof_tbbuf[cur_sample])+sample_off);
476 err = __copy_to_user(dest, src, cur_count);
477 if (err) {
478 *offp = cur_off + cur_count - err;
479 mutex_unlock(&sbp.lock);
480 return err;
This doesn't look right. __copy_to_user() returns the number of bytes
remaining to be copied so I think we should return either -EFAULT or
"count + cur_count - err".
481 }
482 pr_debug(DEVNAME ": read from sample %d, %d bytes\n",
483 cur_sample, cur_count);
484 size -= cur_count;
485 sample_left -= cur_count;
486 if (!sample_left) {
487 cur_sample++;
488 sample_off = 0;
489 sample_left = TB_SAMPLE_SIZE;
490 } else {
491 sample_off += cur_count;
492 }
493 cur_off += cur_count;
494 dest += cur_count;
495 count += cur_count;
496 }
497 *offp = cur_off;
498 mutex_unlock(&sbp.lock);
499
500 return count;
501 }
regards,
dan carpenter
