Hi,
Static analysis on linux-next using Coverity has detected an issue in
the following commit:
commit 6256e668b7af9d81472e03c6a171630c08f8858a
Author: Masami Hiramatsu <mhira...@kernel.org>
Date: Wed Mar 3 00:25:46 2021 +0900
x86/kprobes: Use int3 instead of debug trap for single-step
The analysis is as follows:
160 switch (opcode & 0xf0) {
161 case 0x60:
162 /* can't boost "bound" */
163 return (opcode != 0x62);
164 case 0x70:
165 return 0; /* can't boost conditional jump */
166 case 0x90:
167 return opcode != 0x9a; /* can't boost call far */
168 case 0xc0:
169 /* can't boost software-interruptions */
170 return (0xc1 < opcode && opcode < 0xcc) || opcode ==
0xcf;
171 case 0xd0:
172 /* can boost AA* and XLAT */
173 return (opcode == 0xd4 || opcode == 0xd5 || opcode ==
0xd7);
174 case 0xe0:
175 /* can boost in/out and absolute jmps */
176 return ((opcode & 0x04) || opcode == 0xea);
177 case 0xf0:
178 /* clear and set flags are boostable */
179 return (opcode == 0xf5 || (0xf7 < opcode && opcode <
0xfe));
dead_error_condition: The switch governing value opcode & 0xf0 cannot
be 255.
undefined (#1 of 1): Logically dead code (DEADCODE)
dead_error_begin: Execution cannot reach this statement: case 255:
180 case 0xff:
181 /* indirect jmp is boostable */
182 return X86_MODRM_REG(insn->modrm.bytes[0]) == 4;
the case 0xff statement can never be reached because the switch
statement is acting on opcode & 0xf0.
Colin
