tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: fb893de323e2d39f7a1f6df425703a2edbdf56ea commit: af0de1303c4e8f44fadd7b4c593f09f22324b04f usb: hso: obey DMA rules in tiocmget date: 10 months ago config: ia64-randconfig-m031-20200811 (attached as .config) compiler: ia64-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> New smatch warnings: drivers/net/usb/hso.c:2626 hso_create_bulk_serial_device() warn: variable dereferenced before check 'serial->tiocmget' (see line 2620) Old smatch warnings: drivers/net/usb/hso.c:1400 hso_serial_set_termios() error: we previously assumed 'old' could be null (see line 1391) vim +2626 drivers/net/usb/hso.c 2595 2596 /* Creates a bulk AT channel */ 2597 static struct hso_device *hso_create_bulk_serial_device( 2598 struct usb_interface *interface, int port) 2599 { 2600 struct hso_device *hso_dev; 2601 struct hso_serial *serial; 2602 int num_urbs; 2603 struct hso_tiocmget *tiocmget; 2604 2605 hso_dev = hso_create_device(interface, port); 2606 if (!hso_dev) 2607 return NULL; 2608 2609 serial = kzalloc(sizeof(*serial), GFP_KERNEL); 2610 if (!serial) 2611 goto exit; 2612 2613 serial->parent = hso_dev; 2614 hso_dev->port_data.dev_serial = serial; 2615 2616 if ((port & HSO_PORT_MASK) == HSO_PORT_MODEM) { 2617 num_urbs = 2; 2618 serial->tiocmget = kzalloc(sizeof(struct hso_tiocmget), 2619 GFP_KERNEL); > 2620 serial->tiocmget->serial_state_notification 2621 = kzalloc(sizeof(struct hso_serial_state_notification), 2622 GFP_KERNEL); 2623 /* it isn't going to break our heart if serial->tiocmget 2624 * allocation fails don't bother checking this. 2625 */ > 2626 if (serial->tiocmget && > serial->tiocmget->serial_state_notification) { 2627 tiocmget = serial->tiocmget; 2628 tiocmget->endp = hso_get_ep(interface, 2629 USB_ENDPOINT_XFER_INT, 2630 USB_DIR_IN); 2631 if (!tiocmget->endp) { 2632 dev_err(&interface->dev, "Failed to find INT IN ep\n"); 2633 goto exit; 2634 } 2635 2636 tiocmget->urb = usb_alloc_urb(0, GFP_KERNEL); 2637 if (tiocmget->urb) { 2638 mutex_init(&tiocmget->mutex); 2639 init_waitqueue_head(&tiocmget->waitq); 2640 } else 2641 hso_free_tiomget(serial); 2642 } 2643 } 2644 else 2645 num_urbs = 1; 2646 2647 if (hso_serial_common_create(serial, num_urbs, BULK_URB_RX_SIZE, 2648 BULK_URB_TX_SIZE)) 2649 goto exit; 2650 2651 serial->in_endp = hso_get_ep(interface, USB_ENDPOINT_XFER_BULK, 2652 USB_DIR_IN); 2653 if (!serial->in_endp) { 2654 dev_err(&interface->dev, "Failed to find BULK IN ep\n"); 2655 goto exit2; 2656 } 2657 2658 if (! 2659 (serial->out_endp = 2660 hso_get_ep(interface, USB_ENDPOINT_XFER_BULK, USB_DIR_OUT))) { 2661 dev_err(&interface->dev, "Failed to find BULK IN ep\n"); 2662 goto exit2; 2663 } 2664 2665 serial->write_data = hso_std_serial_write_data; 2666 2667 /* and record this serial */ 2668 set_serial_by_index(serial->minor, serial); 2669 2670 /* setup the proc dirs and files if needed */ 2671 hso_log_port(hso_dev); 2672 2673 /* done, return it */ 2674 return hso_dev; 2675 2676 exit2: 2677 hso_serial_tty_unregister(serial); 2678 hso_serial_common_free(serial); 2679 exit: 2680 hso_free_tiomget(serial); 2681 kfree(serial); 2682 kfree(hso_dev); 2683 return NULL; 2684 } 2685 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
