On 22/02/17 11:00, Joerg Roedel wrote: > Hi Dan, > > thanks for the report! There are more bogus things going on here. > > On Wed, Feb 15, 2017 at 11:36:48AM +0300, Dan Carpenter wrote: >> The patch 9648cbc9625b: "iommu/arm-smmu: Make use of the >> iommu_register interface" from Feb 1, 2017, leads to the following >> Smatch complaint: >> >> drivers/iommu/arm-smmu-v3.c:1810 arm_smmu_remove_device() >> warn: variable dereferenced before check 'master' (see line 1809) >> >> drivers/iommu/arm-smmu-v3.c >> 1808 master = fwspec->iommu_priv; >> 1809 smmu = master->smmu; >> ^^^^^^^^^^^^ >> New dereference. >> >> 1810 if (master && master->ste.valid) >> ^^^^^^ >> Old code checked for NULL. >> >> 1811 arm_smmu_detach_dev(dev); >> 1812 iommu_group_remove_device(dev); > > So the master pointer comes from fwspec->iommu_priv, and master is freed > later in the function. But I can't find where the fwspec->iommu_priv > pointer is cleared. To me it looks like this breaks when a device is > removed and the added again.
The pointer isn't cleared because the whole fwspec is freed on the very next line. Robin. > > Robin, Will, can you have a look please? > > > Thanks, > > Joerg > _______________________________________________ iommu mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/iommu
