On Tuesday, August 24, 2021 1:07:46 PM CEST Pavel Skripkin wrote:
>
> Btw, not related to your patch, but I start think, that this check:
>
>
> if (!pIo_buf) {
> DBG_88E("[%s] pIo_buf == NULL\n", __func__);
> status = -ENOMEM;
> goto release_mutex;
> }
>
> Should be wrapped as
>
> if (WARN_ON(unlikely(!pIo_buf)) {
> ...
> }
>
> Since usb_vendor_req_buf is initialized in ->probe() and I can't see
> possible calltrace, which can cause zeroing this pointer.
I see that usb_vendor_req_buf is initialized in rtw_init_intf_priv(). It depends on a
kzalloc() success on allocating memory. Obviously it could fail to allocate. If it fails,
rtw_init_intf_priv() returns _FAIL to its caller(s) (whichever they are - I didn't go too
deep in understanding the possible calls chains).
What does really matter is that dvobjpriv->usb_vendor_req_buf _could_ _indeed_ _be_
in an _un-initialized_ _status_ when it is assigned to pIo_buf.
> Something _completely_ wrong is going on if usb_vendor_req_buf is NULL,
> and we should complain loud about it. What do you think?
That "if (!pIo_buf)" in usbctrl_vendorreq() manages a possible but remote (I guess)
un-initialization by releasing a mutex and returning -ENOMEM.
I think that technically speaking it would suffice if callers read and manage properly
the -ENOMEM returned by usbctrl_vendorreq().
Said that, I have no sufficient experience to say if exiting and returning -ENOMEM would
suffice to not make happen "_something _completely_ wrong_" or if a WARN_ON is required.
I'm sorry for not being able to go beyond the confirmation that indeed dvobjpriv->usb_vendor_req
could be un-initialized.
Regards,
Fabio
> With regards,
> Pavel Skripkin
>
