[bug report] usb: cdnsp: Fixes issue with redundant Status Stage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Pawel Laszczak,

The patch 5bc38d33a5a1: "usb: cdnsp: Fixes issue with redundant
Status Stage" from Mar 7, 2023, leads to the following Smatch static
checker warning:

	drivers/usb/cdns3/cdnsp-ep0.c:470 cdnsp_setup_analyze()
	error: uninitialized symbol 'len'.

drivers/usb/cdns3/cdnsp-ep0.c
    414 void cdnsp_setup_analyze(struct cdnsp_device *pdev)
    415 {
    416         struct usb_ctrlrequest *ctrl = &pdev->setup;
    417         int ret = 0;
    418         u16 len;
    419 
    420         trace_cdnsp_ctrl_req(ctrl);
    421 
    422         if (!pdev->gadget_driver)
    423                 goto out;

ret is zero.  len is uninitialized.

    424 
    425         if (pdev->gadget.state == USB_STATE_NOTATTACHED) {
    426                 dev_err(pdev->dev, "ERR: Setup detected in unattached state\n");
    427                 ret = -EINVAL;
    428                 goto out;
    429         }
    430 
    431         /* Restore the ep0 to Stopped/Running state. */
    432         if (pdev->eps[0].ep_state & EP_HALTED) {
    433                 trace_cdnsp_ep0_halted("Restore to normal state");
    434                 cdnsp_halt_endpoint(pdev, &pdev->eps[0], 0);
    435         }
    436 
    437         /*
    438          * Finishing previous SETUP transfer by removing request from
    439          * list and informing upper layer
    440          */
    441         if (!list_empty(&pdev->eps[0].pending_list)) {
    442                 struct cdnsp_request        *req;
    443 
    444                 trace_cdnsp_ep0_request("Remove previous");
    445                 req = next_request(&pdev->eps[0].pending_list);
    446                 cdnsp_ep_dequeue(&pdev->eps[0], req);
    447         }
    448 
    449         len = le16_to_cpu(ctrl->wLength);
    450         if (!len) {
    451                 pdev->three_stage_setup = false;
    452                 pdev->ep0_expect_in = false;
    453         } else {
    454                 pdev->three_stage_setup = true;
    455                 pdev->ep0_expect_in = !!(ctrl->bRequestType & USB_DIR_IN);
    456         }
    457 
    458         if ((ctrl->bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD)
    459                 ret = cdnsp_ep0_std_request(pdev, ctrl);
    460         else
    461                 ret = cdnsp_ep0_delegate_req(pdev, ctrl);
    462 
    463         if (ret == USB_GADGET_DELAYED_STATUS) {
    464                 trace_cdnsp_ep0_status_stage("delayed");
    465                 return;
    466         }
    467 out:
    468         if (ret < 0)
    469                 cdnsp_ep0_stall(pdev);
--> 470         else if (!len && pdev->ep0_stage != CDNSP_STATUS_STAGE)
                         ^^^^
Uninitialized.

    471                 cdnsp_status_stage(pdev);
    472 }

regards,
dan carpenter
[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux