Hi,
Static analysis with clang-scan has found a dereference of an
uninitialized pointer in drivers/scsi/hisi_sas/hisi_sas_main.c
introduced by the following recent commit:
commit 29e2bac87421c613782ccb510c76c5efbecac0cf
Author: Xiang Chen <chenxiang66@xxxxxxxxxxxxx>
Date: Mon Dec 20 19:21:28 2021 +0800
scsi: hisi_sas: Fix some issues related to asd_sas_port->phy_list
The issue is as follows:
static void hisi_sas_send_ata_reset_each_phy(struct hisi_hba *hisi_hba,
struct asd_sas_port *sas_port,
struct domain_device *device)
{
struct hisi_sas_tmf_task tmf_task = { .force_phy = 1 };
struct ata_port *ap = device->sata_dev.ap;
struct device *dev = hisi_hba->dev;
int s = sizeof(struct host_to_dev_fis);
int rc = TMF_RESP_FUNC_FAILED;
struct asd_sas_phy *sas_phy;
sas_phy is not initialized ^
struct ata_link *link;
u8 fis[20] = {0};
u32 state;
int i;
state = hisi_hba->hw->get_phys_state(hisi_hba);
for (i = 0; i < hisi_hba->n_phy; i++) {
if (!(state & BIT(sas_phy->id)))
continue;
sas_phy is being dereferenced
The commit referenced above removed the statement:
list_for_each_entry(sas_phy, &sas_port->phy_list, port_phy_el)
..that set sas_phy. Now we don't have this, so sas_phy is not initialized.
Colin
