Hi Dan,
thanks for the report! There are more bogus things going on here.
On Wed, Feb 15, 2017 at 11:36:48AM +0300, Dan Carpenter wrote:
> The patch 9648cbc9625b: "iommu/arm-smmu: Make use of the
> iommu_register interface" from Feb 1, 2017, leads to the following
> Smatch complaint:
>
> drivers/iommu/arm-smmu-v3.c:1810 arm_smmu_remove_device()
> warn: variable dereferenced before check 'master' (see line 1809)
>
> drivers/iommu/arm-smmu-v3.c
> 1808 master = fwspec->iommu_priv;
> 1809 smmu = master->smmu;
> ^^^^^^^^^^^^
> New dereference.
>
> 1810 if (master && master->ste.valid)
> ^^^^^^
> Old code checked for NULL.
>
> 1811 arm_smmu_detach_dev(dev);
> 1812 iommu_group_remove_device(dev);
So the master pointer comes from fwspec->iommu_priv, and master is freed
later in the function. But I can't find where the fwspec->iommu_priv
pointer is cleared. To me it looks like this breaks when a device is
removed and the added again.
Robin, Will, can you have a look please?
Thanks,
Joerg
_______________________________________________
iommu mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/iommu
