Hello Andrew Worsley,
This is a semi-automatic email about new static checker warnings.
The patch b1ffb4c851f1: "USB: Fix Corruption issue in USB ftdi driver
ftdi_sio.c" from Nov 18, 2011, leads to the following Smatch
complaint:
drivers/usb/serial/ftdi_sio.c +2182 ftdi_set_termios()
warn: variable dereferenced before check 'old_termios' (see line 2109)
drivers/usb/serial/ftdi_sio.c
2108 && old_termios->c_ispeed == termios->c_ispeed
^^^^^^^^^^^^^^^^^^^^^
New dereferences.
2109 && old_termios->c_ospeed == termios->c_ospeed)
2110 goto no_c_cflag_changes;
2111
2112 /* NOTE These routines can get interrupted by
2113 ftdi_sio_read_bulk_callback - need to examine what this means -
2114 don't see any problems yet */
2115
2116 if ((old_termios->c_cflag & (CSIZE|PARODD|PARENB|CMSPAR|CSTOPB)) ==
2117 (termios->c_cflag & (CSIZE|PARODD|PARENB|CMSPAR|CSTOPB)))
2118 goto no_data_parity_stop_changes;
2119
2120 /* Set number of data bits, parity, stop bits */
2121
2122 urb_value = 0;
2123 urb_value |= (cflag & CSTOPB ? FTDI_SIO_SET_DATA_STOP_BITS_2 :
2124 FTDI_SIO_SET_DATA_STOP_BITS_1);
2125 if (cflag & PARENB) {
2126 if (cflag & CMSPAR)
2127 urb_value |= cflag & PARODD ?
2128 FTDI_SIO_SET_DATA_PARITY_MARK :
2129 FTDI_SIO_SET_DATA_PARITY_SPACE;
2130 else
2131 urb_value |= cflag & PARODD ?
2132 FTDI_SIO_SET_DATA_PARITY_ODD :
2133 FTDI_SIO_SET_DATA_PARITY_EVEN;
2134 } else {
2135 urb_value |= FTDI_SIO_SET_DATA_PARITY_NONE;
2136 }
2137 if (cflag & CSIZE) {
2138 switch (cflag & CSIZE) {
2139 case CS7: urb_value |= 7; dbg("Setting CS7"); break;
2140 case CS8: urb_value |= 8; dbg("Setting CS8"); break;
2141 default:
2142 dev_err(&port->dev, "CSIZE was set but not CS7-CS8\n");
2143 }
2144 }
2145
2146 /* This is needed by the break command since it uses the same command
2147 - but is or'ed with this value */
2148 priv->last_set_data_urb_value = urb_value;
2149
2150 if (usb_control_msg(dev, usb_sndctrlpipe(dev, 0),
2151 FTDI_SIO_SET_DATA_REQUEST,
2152 FTDI_SIO_SET_DATA_REQUEST_TYPE,
2153 urb_value , priv->interface,
2154 NULL, 0, WDR_SHORT_TIMEOUT) < 0) {
2155 dev_err(&port->dev, "%s FAILED to set "
2156 "databits/stopbits/parity\n", __func__);
2157 }
2158
2159 /* Now do the baudrate */
2160 no_data_parity_stop_changes:
2161 if ((cflag & CBAUD) == B0) {
2162 /* Disable flow control */
2163 if (usb_control_msg(dev, usb_sndctrlpipe(dev, 0),
2164 FTDI_SIO_SET_FLOW_CTRL_REQUEST,
2165 FTDI_SIO_SET_FLOW_CTRL_REQUEST_TYPE,
2166 0, priv->interface,
2167 NULL, 0, WDR_TIMEOUT) < 0) {
2168 dev_err(&port->dev,
2169 "%s error from disable flowcontrol urb\n",
2170 __func__);
2171 }
2172 /* Drop RTS and DTR */
2173 clear_mctrl(port, TIOCM_DTR | TIOCM_RTS);
2174 } else {
2175 /* set the baudrate determined before */
2176 mutex_lock(&priv->cfg_lock);
2177 if (change_speed(tty, port))
2178 dev_err(&port->dev, "%s urb failed to set baudrate\n",
2179 __func__);
2180 mutex_unlock(&priv->cfg_lock);
2181 /* Ensure RTS and DTR are raised when baudrate changed from 0 */
2182 if (!old_termios || (old_termios->c_cflag & CBAUD) == B0)
^^^^^^^^^^^
Old check.
2183 set_mctrl(port, TIOCM_DTR | TIOCM_RTS);
2184 }
I looked through the callers and one concern I had was that
uart_resume_port() seems to set old_termios as NULL in a couple
places.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
