drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1056 vchiq_get_user_ptr() error: uninitialized symbol 'ptr'.

[Dan Carpenter]

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   3644e2d2dda78e21edd8f5415b6d7ab03f5f54f3
commit: 4184da4f316a549ae732d91088571fef46a2f58d staging: vchiq: fix __user annotations
config: microblaze-randconfig-m031-20201219 (attached as .config)
compiler: microblaze-linux-gcc (GCC) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

New smatch warnings:
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1056 vchiq_get_user_ptr() error: uninitialized symbol 'ptr'.

Old smatch warnings:
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:476 vchiq_blocking_bulk_transfer() warn: returning -1 instead of -ENOMEM is sloppy
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 3 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 7 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 8 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:606 service_callback() warn: argument 9 to %lx specifier is cast from pointer
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1001 vchiq_irq_queue_bulk_tx_rx() error: uninitialized symbol 'userdata'.
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c:1890 vchiq_release() warn: argument 3 to %lx specifier is cast from pointer

vim +/ptr +1056 drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c

5d240a54be7e592 Arnd Bergmann 2020-09-18  1044  static inline int vchiq_get_user_ptr(void __user **buf, void __user *ubuf, int index)
5d240a54be7e592 Arnd Bergmann 2020-09-18  1045  {
5d240a54be7e592 Arnd Bergmann 2020-09-18  1046  	int ret;
5d240a54be7e592 Arnd Bergmann 2020-09-18  1047  
5d240a54be7e592 Arnd Bergmann 2020-09-18  1048  	if (in_compat_syscall()) {
4184da4f316a549 Arnd Bergmann 2020-09-25  1049  		compat_uptr_t ptr32;
5d240a54be7e592 Arnd Bergmann 2020-09-18  1050  		compat_uptr_t __user *uptr = ubuf;
4184da4f316a549 Arnd Bergmann 2020-09-25  1051  		ret = get_user(ptr32, uptr + index);
5d240a54be7e592 Arnd Bergmann 2020-09-18  1052  		*buf = compat_ptr(ptr32);
5d240a54be7e592 Arnd Bergmann 2020-09-18  1053  	} else {
4184da4f316a549 Arnd Bergmann 2020-09-25  1054  		uintptr_t ptr, __user *uptr = ubuf;
4184da4f316a549 Arnd Bergmann 2020-09-25  1055  		ret = get_user(ptr, uptr + index);
4184da4f316a549 Arnd Bergmann 2020-09-25 @1056  		*buf = (void __user *)ptr;

If get_user() fails then this is uninitialized.  This will trigger a
runtime error if the UBSan uninitialized behavior tool is enabled.

5d240a54be7e592 Arnd Bergmann 2020-09-18  1057  	}
4184da4f316a549 Arnd Bergmann 2020-09-25  1058  
5d240a54be7e592 Arnd Bergmann 2020-09-18  1059  	return ret;
5d240a54be7e592 Arnd Bergmann 2020-09-18  1060  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx

Attachment: .config.gz
Description: application/gzip