The initio_msgin() calls initio_msgin_accept(), initio_msgin_reject()
and initio_msgin_extend(), but does not check if they are succeed.
It is not consistent with the other code of the driver.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 72d39fea9017 ("[SCSI] initio: Convert into a real Linux driver and update to modern style")
Signed-off-by: Semyon Verchenko <semverchenko@xxxxxxxxxxxx>
Signed-off-by: Alexey Khoroshilov <khoroshilov@xxxxxxxxx>
---
drivers/scsi/initio.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/drivers/scsi/initio.c b/drivers/scsi/initio.c
index 375261d67619..ee451aa34143 100644
--- a/drivers/scsi/initio.c
+++ b/drivers/scsi/initio.c
@@ -2065,7 +2065,8 @@ static int initio_msgin(struct initio_host * host)
case SAVE_POINTERS:
case RESTORE_POINTERS:
case NOP:
- initio_msgin_accept(host);
+ if (initio_msgin_accept(host) == -1)
+ return -1;
break;
case MESSAGE_REJECT: /* Clear ATN first */
outb((inb(host->addr + TUL_SSignal) & (TSC_SET_ACK | 7)),
@@ -2074,20 +2075,24 @@ static int initio_msgin(struct initio_host * host)
if ((active_tc->flags & (TCF_SYNC_DONE | TCF_NO_SYNC_NEGO)) == 0) /* do sync nego */
outb(((inb(host->addr + TUL_SSignal) & (TSC_SET_ACK | 7)) | TSC_SET_ATN),
host->addr + TUL_SSignal);
- initio_msgin_accept(host);
+ if (initio_msgin_accept(host) == -1)
+ return -1;
break;
case EXTENDED_MESSAGE: /* extended msg */
- initio_msgin_extend(host);
+ if (initio_msgin_extend(host) == -1)
+ return -1;
break;
case IGNORE_WIDE_RESIDUE:
- initio_msgin_accept(host);
+ if (initio_msgin_accept(host) == -1)
+ return -1;
break;
case COMMAND_COMPLETE:
outb(TSC_FLUSH_FIFO, host->addr + TUL_SCtrl0);
outb(TSC_MSG_ACCEPT, host->addr + TUL_SCmd);
return initio_wait_done_disc(host);
default:
- initio_msgout_reject(host);
+ if (initio_msgout_reject(host) == -1)
+ return -1;
break;
}
if (host->phase != MSG_IN)
--
2.7.4
