zr364xx_start_readpipe() can fail but callers do not care about that.
This can result in various negative consequences. The patch adds missed
error handling.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/media/usb/zr364xx/zr364xx.c
inter. But
goku_probe() did not set this device yet. So, one can expect
various crashes. The patch moves setting the device just after
allocation of memory for it.
Found by Linux Driver Verification project (linuxtesting.org).
Reported-by: Pavel Andrianov
Signed-off-by: Evgeny Novikov
---
d
If rtl2832_sdr_probe() encounters an unsupported tuner it cleans up
everything and returns 0. This can result in various bad things later.
The patch sets the error code on the corresponding path.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
est regards,
Evgeny Novikov
.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/mtd/nand/raw/mtk_nand.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/mtd/nand/raw/mtk_nand.c b/drivers/mtd/nand/raw/mtk_nand.c
index ad1b55dab211..df98a2eec240
.
--
Best regards,
Evgeny Novikov
01.09.2020, 21:43, "Pavel Machek" :
> Hi!
>
>> [ Upstream commit 602649eadaa0c977e362e641f51ec306bc1d365d ]
>>
>> In case of errors vpif_probe_complete() releases memory for vpif_obj.sd
>> and unregisters the V4L
this is yet another potentially obsolete driver.
> You are really wasting your (and, fwiw, my) time.
Static analysis tools are not aware about obsolete drivers.
It would be great if there will be some formal way to filter them out.
Maybe some file will enumerate all obsolete drivers, or there wi
vf610_nfc_probe() does not invoke clk_disable_unprepare() on one error
handling path. The patch fixes that.
Found by Linux Driver Verification project (linuxtesting.org).
Fixes: 6f0ce4dfc5a3 ("mtd: rawnand: vf610: Avoid a potential NULL pointer
dereference")
Signed-off-by: Evge
u2fzero_probe() does not handle errors of u2fzero_fill_in_urb(). The
patch fixes that.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/hid/hid-u2fzero.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/hid
lvs_rh_probe() can return some nonnegative value from usb_control_msg()
when it is less than "USB_DT_HUB_NONVAR_SIZE + 2" that is considered as
a failure. Make lvs_rh_probe() return -EINVAL in this case.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evge
ddb_open() accesses iminor(inode) of the ddbs array that has 64 elements
at most. There will be a buffer overflow if iminor(inode) is greater
than 63.
Found by Linux Driver Verification project (linuxtesting.org).
04.08.2020, 17:33, "Guenter Roeck" :
> On 8/4/20 4:50 AM, Evgeny Novikov wrote:
>> sis5595_pci_probe() registers platform driver callbacks and just then
>> initializes global pointer variable s_bridge. sis5595_probe() may
>> dereference it before this happens
sis5595_pci_probe() registers platform driver callbacks and just then
initializes global pointer variable s_bridge. sis5595_probe() may
dereference it before this happens that can result in null pointer
dereference.
We can not swap registration of platform driver callbacks with
initialization of s
Hi Lad,
25.07.2020, 01:06, "Lad, Prabhakar" :
> Hi Evgeny,
>
> On Fri, Jul 24, 2020 at 9:00 PM Evgeny Novikov wrote:
>> Hi Lad,
>>
>> Yet again I can not demonstrate you a nice error trace corresponding to the
>> bug fixed by the patch. Ind
Hi Markus,
It seems that Lad Prabhakar detected a critical issue introduced by the patch
instead of a minor bug fixed by it. So, we should take care of this first, but
I will address your notes as well.
--
Evgeny Novikov
Linux Verification Center, ISP RAS
http://linuxtesting.org
23.07.2020
fix the patch appropriately since likely it just replaces one (very
rare) bug with another one (on a typical execution path).
--
Evgeny Novikov
Linux Verification Center, ISP RAS
http://linuxtesting.org
24.07.2020, 17:17, "Lad, Prabhakar" :
> Hi Evgeny,
>
> Thank you for th
Driver Verification project (linuxtesting.org).
Co-Developed-by: Anton Vasilyev
Signed-off-by: Evgeny Novikov
Signed-off-by: Anton Vasilyev
---
drivers/media/platform/qcom/camss/camss.c | 30 --
1 file changed, 20 insertions(+), 10 deletions(-)
diff --git a/drivers
: Evgeny Novikov
---
drivers/media/platform/davinci/vpif_capture.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/media/platform/davinci/vpif_capture.c
b/drivers/media/platform/davinci/vpif_capture.c
index d9ec439faefa..72a0e94e2e21 100644
--- a/drivers/media/platform/davinci
23.07.2020, 04:00, "Alan Stern" :
> On Wed, Jul 22, 2020 at 10:56:09PM +0300, Evgeny Novikov wrote:
>> Hi Alan,
>>
>> I have neither an appropriate hardware nor an experience to deal with
>> issues that you mentioned. Our framework does not allow to dete
one fixed by the
patch.
--
Evgeny Novikov
Linux Verification Center, ISP RAS
http://linuxtesting.org
22.07.2020, 17:17, "Alan Stern" :
> On Tue, Jul 21, 2020 at 11:15:58PM +0300, Evgeny Novikov wrote:
>> Driver does not release memory for device on error handling paths i
Driver does not release memory for device on error handling paths in
net2280_probe() when gadget_release() is not registered yet.
The patch fixes the bug like in other similar drivers.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/usb
Hi Lad,
I will try to answer your question below.
17.07.2020, 12:55, "Lad, Prabhakar" :
> HI Evgeny,
>
> Thank you for the patch.
>
> On Tue, Jul 14, 2020 at 6:20 PM Evgeny Novikov wrote:
>> isif_probe() invokes iounmap() on error handling paths, but it does not
Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
net2272_rdk1_probe() skips "i == 1" (BAR1) during allocation of
resources. The patch does this on error hanling paths as well.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/usb/gadget/udc/net2272.c | 2 ++
1 file changed, 2
Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/media/platform/davinci/isif.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/media/platform/davinci/isif.c
b/drivers/media/platform/davinci/isif.c
index c98edb67cfb2
smtcfb_pci_probe() does not handle ioremap() errors for case 0x720. The
patch fixes that exactly like for case 0x710/2.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/video/fbdev/sm712fb.c | 8
1 file changed, 8 insertions
If platform_driver_register() fails within vpss_init() resources are not
cleaned up. The patch fixes this issue by introducing the corresponding
error handling.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/media/platform/davinci
If smtcfb_pci_probe() does not detect a valid chip it cleans up
everything and returns 0. This can result in various bad things later.
The patch sets the error code on the corresponding path.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
ver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/hwmon/aspeed-pwm-tacho.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/hwmon/aspeed-pwm-tacho.c b/drivers/hwmon/aspeed-pwm-tacho.c
index 33fb54845bf6..3d8239fd66ed 100644
--- a/drivers/hwmon/aspeed-
handling paths.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/video/fbdev/da8xx-fb.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/video/fbdev/da8xx-fb.c b/drivers/video/fbdev/da8xx-fb.c
index
edb() as well. We can not go to label err_init_hw since
neo_scan_monitor() can fail during memory allocation. So, the patch frees
the memory directly for case 0x03.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/video/fbdev/neofb.c | 1 +
gr_ep_init() does not assign the allocated request anywhere if allocation
of memory for the buffer fails. This is a memory leak fixed by the given
patch.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/usb/gadget/udc/gr_udc.c | 7
rtsx_probe() allocates host, but does not free it on error handling
paths. The patch adds missed scsi_host_put().
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/staging/rts5208/rtsx.c | 1 +
1 file changed, 1 insertion(+)
diff --git a
).
Signed-off-by: Evgeny Novikov
---
drivers/staging/kpc2000/kpc_dma/kpc_dma_driver.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/staging/kpc2000/kpc_dma/kpc_dma_driver.c
b/drivers/staging/kpc2000/kpc_dma/kpc_dma_driver.c
index c3b30551e0ca..624d47bae4d1 100644
--- a/drivers/staging
nfo() can fail during memory
allocation as well. So, the patch free allocated memory on the error
handling path in savage_init_fb_info() itself.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/video/fbdev/savage/savagefb_driver.c | 2 ++
1 f
project (linuxtesting.org).
Signed-off-by: Evgeny Novikov
---
drivers/media/rc/rc-main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/media/rc/rc-main.c b/drivers/media/rc/rc-main.c
index d7064d664d52..7b53066d9d07 100644
--- a/drivers/media/rc/rc-main.c
+++ b
36 matches
Mail list logo