* re: soc: mediatek: SVS: introduce MTK SVS engine
@ 2022-06-22 12:02 Colin King (gmail)
2022-06-22 13:37 ` Matthias Brugger
0 siblings, 1 reply; 2+ messages in thread
From: Colin King (gmail) @ 2022-06-22 12:02 UTC (permalink / raw)
To: Roger Lu
Cc: AngeloGioacchino Del Regno, Kevin Hilman, Matthias Brugger,
linux-kernel@vger.kernel.org
Hi,
static analysis on linux-next with clang scan-build has detected a null
pointer dereference in the following commit:
commit 681a02e9500073cd8b9c25a04f06166254b5a879
Author: Roger Lu <roger.lu@mediatek.com>
Date: Mon May 16 08:43:07 2022 +0800
soc: mediatek: SVS: introduce MTK SVS engine
The issue is as follows:
static irqreturn_t svs_isr(int irq, void *data)
{
struct svs_platform *svsp = data;
struct svs_bank *svsb = NULL;
unsigned long flags;
u32 idx, int_sts, svs_en;
for (idx = 0; idx < svsp->bank_max; idx++) {
svsb = &svsp->banks[idx];
WARN(!svsb, "%s: svsb(%s) is null", __func__, svsb->name);
spin_lock_irqsave(&svs_lock, flags);
svsp->pbank = svsb;
If svsb is null, then the WARN message will dereference it when printing
svsb->name. Also, subsequent dereferences to sbsv will cause a null
pointer dereference, for example the svsp->pbank assignment.
Colin
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: soc: mediatek: SVS: introduce MTK SVS engine
2022-06-22 12:02 soc: mediatek: SVS: introduce MTK SVS engine Colin King (gmail)
@ 2022-06-22 13:37 ` Matthias Brugger
0 siblings, 0 replies; 2+ messages in thread
From: Matthias Brugger @ 2022-06-22 13:37 UTC (permalink / raw)
To: Colin King (gmail), Roger Lu
Cc: AngeloGioacchino Del Regno, Kevin Hilman,
linux-kernel@vger.kernel.org
Hi Colin,
On 22/06/2022 14:02, Colin King (gmail) wrote:
> Hi,
>
> static analysis on linux-next with clang scan-build has detected a null pointer
> dereference in the following commit:
>
> commit 681a02e9500073cd8b9c25a04f06166254b5a879
> Author: Roger Lu <roger.lu@mediatek.com>
> Date: Mon May 16 08:43:07 2022 +0800
>
> soc: mediatek: SVS: introduce MTK SVS engine
>
>
> The issue is as follows:
>
> static irqreturn_t svs_isr(int irq, void *data)
> {
> struct svs_platform *svsp = data;
> struct svs_bank *svsb = NULL;
> unsigned long flags;
> u32 idx, int_sts, svs_en;
>
> for (idx = 0; idx < svsp->bank_max; idx++) {
> svsb = &svsp->banks[idx];
> WARN(!svsb, "%s: svsb(%s) is null", __func__, svsb->name);
> spin_lock_irqsave(&svs_lock, flags);
> svsp->pbank = svsb;
>
>
> If svsb is null, then the WARN message will dereference it when printing
> svsb->name. Also, subsequent dereferences to sbsv will cause a null pointer
> dereference, for example the svsp->pbank assignment.
>
> Colin
The banks and bank_max are defined on a per SoC basis in the platform data [1].
The case that svsb is null would hint to a incorrect platform data. So I think
that there is no real issue we need to fix.
Regards,
Matthias
[1]
https://git.kernel.org/pub/scm/linux/kernel/git/matthias.bgg/linux.git/tree/drivers/soc/mediatek/mtk-svs.c?h=v5.19-next/soc#n2237
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-06-22 13:37 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-06-22 12:02 soc: mediatek: SVS: introduce MTK SVS engine Colin King (gmail)
2022-06-22 13:37 ` Matthias Brugger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox