drivers/hid/usbhid/hid-pidff.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-)
As reported by MPDarkGuy on discord, NULL pointer dereferences were
happening because not all the conditional effects bits were cleared.
Properly clear all conditional effect bits from ffbit
Fixes: 7f3d7bc0df4b ("HID: pidff: Better quirk assigment when searching for fields")
Cc: <stable@vger.kernel.org> # 6.18.x
Signed-off-by: Tomasz Pakuła <tomasz.pakula.oficjalny@gmail.com>
---
Urgent for 6.19 rc period
V1 -> V2: Simplify by using bitwise or operator
drivers/hid/usbhid/hid-pidff.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/drivers/hid/usbhid/hid-pidff.c b/drivers/hid/usbhid/hid-pidff.c
index a4e700b40ba9..792992c69837 100644
--- a/drivers/hid/usbhid/hid-pidff.c
+++ b/drivers/hid/usbhid/hid-pidff.c
@@ -1452,9 +1452,10 @@ static int pidff_init_fields(struct pidff_device *pidff, struct input_dev *dev)
hid_warn(pidff->hid, "unknown ramp effect layout\n");
if (PIDFF_FIND_FIELDS(set_condition, PID_SET_CONDITION, 1)) {
- if (test_and_clear_bit(FF_SPRING, dev->ffbit) ||
- test_and_clear_bit(FF_DAMPER, dev->ffbit) ||
- test_and_clear_bit(FF_FRICTION, dev->ffbit) ||
+ /* Bitwise to ensure all the bits will be cleared */
+ if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
+ test_and_clear_bit(FF_DAMPER, dev->ffbit) |
+ test_and_clear_bit(FF_FRICTION, dev->ffbit) |
test_and_clear_bit(FF_INERTIA, dev->ffbit))
hid_warn(pidff->hid, "unknown condition effect layout\n");
}
--
2.52.0
Hi Tomasz,
kernel test robot noticed the following build warnings:
[auto build test WARNING on hid/for-next]
[also build test WARNING on linus/master v6.19-rc8 next-20260204]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Tomasz-Paku-a/HID-pidff-Fix-condition-effect-bit-clearing/20260204-213418
base: https://git.kernel.org/pub/scm/linux/kernel/git/hid/hid.git for-next
patch link: https://lore.kernel.org/r/20260204133138.475880-1-tomasz.pakula.oficjalny%40gmail.com
patch subject: [PATCH v2] HID: pidff: Fix condition effect bit clearing
config: x86_64-rhel-9.4-rust (https://download.01.org/0day-ci/archive/20260205/202602050440.e5LEMod6-lkp@intel.com/config)
compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261)
rustc: rustc 1.88.0 (6b00bc388 2025-06-23)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260205/202602050440.e5LEMod6-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202602050440.e5LEMod6-lkp@intel.com/
All warnings (new ones prefixed by >>):
>> drivers/hid/usbhid/hid-pidff.c:1456:7: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
1456 | if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1457 | test_and_clear_bit(FF_DAMPER, dev->ffbit) |
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1458 | test_and_clear_bit(FF_FRICTION, dev->ffbit) |
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ||
1459 | test_and_clear_bit(FF_INERTIA, dev->ffbit))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/hid/usbhid/hid-pidff.c:1456:7: note: cast one or both operands to int to silence this warning
>> drivers/hid/usbhid/hid-pidff.c:1456:7: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
1456 | if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1457 | test_and_clear_bit(FF_DAMPER, dev->ffbit) |
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ||
1458 | test_and_clear_bit(FF_FRICTION, dev->ffbit) |
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/hid/usbhid/hid-pidff.c:1456:7: note: cast one or both operands to int to silence this warning
>> drivers/hid/usbhid/hid-pidff.c:1456:7: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
1456 | if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ||
1457 | test_and_clear_bit(FF_DAMPER, dev->ffbit) |
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/hid/usbhid/hid-pidff.c:1456:7: note: cast one or both operands to int to silence this warning
3 warnings generated.
vim +1456 drivers/hid/usbhid/hid-pidff.c
1398
1399 #define PIDFF_FIND_FIELDS(name, report, strict) \
1400 pidff_find_fields(pidff->name, pidff_ ## name, \
1401 pidff->reports[report], \
1402 ARRAY_SIZE(pidff_ ## name), strict, &pidff->quirks)
1403
1404 /*
1405 * Fill and check the pidff_usages
1406 */
1407 static int pidff_init_fields(struct pidff_device *pidff, struct input_dev *dev)
1408 {
1409 if (PIDFF_FIND_FIELDS(set_effect, PID_SET_EFFECT, 1)) {
1410 hid_err(pidff->hid, "unknown set_effect report layout\n");
1411 return -ENODEV;
1412 }
1413
1414 PIDFF_FIND_FIELDS(block_load, PID_BLOCK_LOAD, 0);
1415 if (!pidff->block_load[PID_EFFECT_BLOCK_INDEX].value) {
1416 hid_err(pidff->hid, "unknown pid_block_load report layout\n");
1417 return -ENODEV;
1418 }
1419
1420 if (PIDFF_FIND_FIELDS(effect_operation, PID_EFFECT_OPERATION, 1)) {
1421 hid_err(pidff->hid, "unknown effect_operation report layout\n");
1422 return -ENODEV;
1423 }
1424
1425 if (PIDFF_FIND_FIELDS(block_free, PID_BLOCK_FREE, 1)) {
1426 hid_err(pidff->hid, "unknown pid_block_free report layout\n");
1427 return -ENODEV;
1428 }
1429
1430 if (pidff_find_special_fields(pidff) || pidff_find_effects(pidff, dev))
1431 return -ENODEV;
1432
1433 if (PIDFF_FIND_FIELDS(set_envelope, PID_SET_ENVELOPE, 1)) {
1434 if (test_and_clear_bit(FF_CONSTANT, dev->ffbit))
1435 hid_warn(pidff->hid,
1436 "has constant effect but no envelope\n");
1437 if (test_and_clear_bit(FF_RAMP, dev->ffbit))
1438 hid_warn(pidff->hid,
1439 "has ramp effect but no envelope\n");
1440
1441 if (test_and_clear_bit(FF_PERIODIC, dev->ffbit))
1442 hid_warn(pidff->hid,
1443 "has periodic effect but no envelope\n");
1444 }
1445
1446 if (PIDFF_FIND_FIELDS(set_constant, PID_SET_CONSTANT, 1) &&
1447 test_and_clear_bit(FF_CONSTANT, dev->ffbit))
1448 hid_warn(pidff->hid, "unknown constant effect layout\n");
1449
1450 if (PIDFF_FIND_FIELDS(set_ramp, PID_SET_RAMP, 1) &&
1451 test_and_clear_bit(FF_RAMP, dev->ffbit))
1452 hid_warn(pidff->hid, "unknown ramp effect layout\n");
1453
1454 if (PIDFF_FIND_FIELDS(set_condition, PID_SET_CONDITION, 1)) {
1455 /* Bitwise to ensure all the bits will be cleared */
> 1456 if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
1457 test_and_clear_bit(FF_DAMPER, dev->ffbit) |
1458 test_and_clear_bit(FF_FRICTION, dev->ffbit) |
1459 test_and_clear_bit(FF_INERTIA, dev->ffbit))
1460 hid_warn(pidff->hid, "unknown condition effect layout\n");
1461 }
1462
1463 if (PIDFF_FIND_FIELDS(set_periodic, PID_SET_PERIODIC, 1) &&
1464 test_and_clear_bit(FF_PERIODIC, dev->ffbit))
1465 hid_warn(pidff->hid, "unknown periodic effect layout\n");
1466
1467 PIDFF_FIND_FIELDS(pool, PID_POOL, 0);
1468
1469 if (!PIDFF_FIND_FIELDS(device_gain, PID_DEVICE_GAIN, 1))
1470 set_bit(FF_GAIN, dev->ffbit);
1471
1472 return 0;
1473 }
1474
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
On Thu, Feb 05, 2026 at 05:07:56AM +0800, kernel test robot wrote:
> Hi Tomasz,
>
> kernel test robot noticed the following build warnings:
>
> [auto build test WARNING on hid/for-next]
> [also build test WARNING on linus/master v6.19-rc8 next-20260204]
> [If your patch is applied to the wrong git tree, kindly drop us a note.
> And when submitting patch, we suggest to use '--base' as documented in
> https://git-scm.com/docs/git-format-patch#_base_tree_information]
>
> url: https://github.com/intel-lab-lkp/linux/commits/Tomasz-Paku-a/HID-pidff-Fix-condition-effect-bit-clearing/20260204-213418
> base: https://git.kernel.org/pub/scm/linux/kernel/git/hid/hid.git for-next
> patch link: https://lore.kernel.org/r/20260204133138.475880-1-tomasz.pakula.oficjalny%40gmail.com
> patch subject: [PATCH v2] HID: pidff: Fix condition effect bit clearing
> config: x86_64-rhel-9.4-rust (https://download.01.org/0day-ci/archive/20260205/202602050440.e5LEMod6-lkp@intel.com/config)
> compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261)
> rustc: rustc 1.88.0 (6b00bc388 2025-06-23)
> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260205/202602050440.e5LEMod6-lkp@intel.com/reproduce)
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@intel.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202602050440.e5LEMod6-lkp@intel.com/
>
> All warnings (new ones prefixed by >>):
>
> >> drivers/hid/usbhid/hid-pidff.c:1456:7: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
> 1456 | if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1457 | test_and_clear_bit(FF_DAMPER, dev->ffbit) |
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1458 | test_and_clear_bit(FF_FRICTION, dev->ffbit) |
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | ||
> 1459 | test_and_clear_bit(FF_INERTIA, dev->ffbit))
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/hid/usbhid/hid-pidff.c:1456:7: note: cast one or both operands to int to silence this warning
> >> drivers/hid/usbhid/hid-pidff.c:1456:7: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
> 1456 | if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1457 | test_and_clear_bit(FF_DAMPER, dev->ffbit) |
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | ||
> 1458 | test_and_clear_bit(FF_FRICTION, dev->ffbit) |
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/hid/usbhid/hid-pidff.c:1456:7: note: cast one or both operands to int to silence this warning
> >> drivers/hid/usbhid/hid-pidff.c:1456:7: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
> 1456 | if (test_and_clear_bit(FF_SPRING, dev->ffbit) |
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | ||
> 1457 | test_and_clear_bit(FF_DAMPER, dev->ffbit) |
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/hid/usbhid/hid-pidff.c:1456:7: note: cast one or both operands to int to silence this warning
> 3 warnings generated.
As the use of the bitwise operation is intentional here per the comment,
I think going back to v1 to avoid introducing this warning would be
better than casting one of these operands to int to silence it with the
v2 structuring of the code. v1 matches what I have done elsewhere in the
kernel to make it obvious that each function should be called (without a
comment):
2e70570656ad ("drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk()")
a02dcde595f7 ("Input: touchscreen - avoid bitwise vs logical OR warning")
Cheers,
Nathan
© 2016 - 2026 Red Hat, Inc.