File: asm-x86-linux-wfx_get_ps_timeout-reduced.c

package info (click to toggle)
gcc-arm-none-eabi 15%3A14.2.rel1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,099,328 kB
  • sloc: cpp: 3,627,108; ansic: 2,571,498; ada: 834,230; f90: 235,082; makefile: 79,231; asm: 74,984; xml: 51,692; exp: 39,736; sh: 33,298; objc: 15,629; python: 15,069; fortran: 14,429; pascal: 7,003; awk: 5,070; perl: 3,106; ml: 285; lisp: 253; lex: 204; haskell: 135
file content (77 lines) | stat: -rw-r--r-- 1,955 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
/* { dg-do compile { target x86_64-*-* } } */
/* { dg-require-effective-target lp64 } */

/* Reproducer for false positive from -Wanalyzer-null-dereference seen
   in Linux kernel (drivers/staging/wfx/sta.c; GPL-2.0) due to
   the analyzer not grokking that array_index_mask_nospec is
   effectively pure, and thus not realizing that array_index_no_spec
   is also pure, leading to wdev_to_wvif not being treated as pure,
   and thus able to return non-NULL and then NULL.  */

typedef unsigned char u8;
#define NULL ((void *)0)

/* Types.  */

struct ieee80211_vif {
  int placeholder;
  /* snip */
  u8 drv_priv[];
};

struct wfx_dev {
  /* snip */
  struct ieee80211_vif *vif[2];
  /* snip */
};

struct wfx_vif {
  struct wfx_dev *wdev;
  struct ieee80211_vif *vif;
  /* snip */
};

/* Copied from arch/x86/include/asm/barrier.h */

static inline unsigned long array_index_mask_nospec(unsigned long index,
		unsigned long size)
{
	unsigned long mask;

	asm volatile ("cmp %1,%2; sbb %0,%0;"
			:"=r" (mask)
			:"g"(size),"r" (index)
			:"cc");
	return mask;
}

/* Simplified from include/linux/kernel.h */
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))

/* Simplified from include/linux/nospec.h */

#define array_index_nospec(index, size)					\
({									\
	typeof(index) _i = (index);					\
	typeof(size) _s = (size);					\
	unsigned long _mask = array_index_mask_nospec(_i, _s);		\
	/* snip */							\
	(typeof(_i)) (_i & _mask);					\
})

/* Simplified from drivers/staging/wfx/wfx.h */

static inline struct wfx_vif *wdev_to_wvif(struct wfx_dev *wdev, int vif_id) {
  vif_id = array_index_nospec(vif_id, ARRAY_SIZE(wdev->vif));
  if (!wdev->vif[vif_id]) {
    return NULL;
  }
  return (struct wfx_vif *)wdev->vif[vif_id]->drv_priv;
}

struct ieee80211_vif *test (struct wfx_vif *wvif) {
  if (wdev_to_wvif(wvif->wdev, 1))
    return wdev_to_wvif(wvif->wdev, 1)->vif; /* { dg-bogus "dereference of NULL" } */
  else
    return NULL;
}