[kbuild-all] [kbuild] drivers/usb/gadget/udc/fsl_udc_core.c:1055 fsl_ep_fifo_status() error: we previously assumed '_ep->desc' could be null (see line 1055)

Tuesday, 23 June 2020

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   625d3449788f85569096780592549d0340e9c0c7
commit: 75eaa498c99eebf9f9237656f69469e50197cc0b usb: gadget: Correct NULL pointer
checking in fsl gadget
config: arm64-randconfig-m031-20200622 (attached as .config)
compiler: aarch64-linux-gcc (GCC) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com&gt;
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com&gt;

New smatch warnings:
drivers/usb/gadget/udc/fsl_udc_core.c:1055 fsl_ep_fifo_status() error: we previously
assumed '_ep->desc' could be null (see line 1055)

#
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git remote update linus
git checkout 75eaa498c99eebf9f9237656f69469e50197cc0b
vim +1055 drivers/usb/gadget/udc/fsl_udc_core.c

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1047 
static int fsl_ep_fifo_status(struct usb_ep *_ep)
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1048 
{
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1049 
	struct fsl_ep *ep;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1050 
	struct fsl_udc *udc;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1051 
	int size = 0;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1052 
	u32 bitmask;
6414e94c203d92 drivers/usb/gadget/fsl_udc_core.c     Li Yang            2011-11-23  1053 
	struct ep_queue_head *qh;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1054 

75eaa498c99eeb drivers/usb/gadget/udc/fsl_udc_core.c Nikhil Badola      2019-10-21 @1055 
	if (!_ep || _ep->desc || !(_ep->desc->bEndpointAddress&0xF))

                 ^^^^^^^^^
Reversed NULL test.  This will always return -ENODEV.  (Or possibly
crash.  But I suspect it always returns -ENODEV instead of crashing).

The container_of() macro doesn't dereference anything, btw.  It just
does pointer math.  I think it would be cleaner to use ep_index() like
the original code did.  In other words, perhaps it would look best
written like this:

	ep = container_of(_ep, struct fsl_ep, ep);
	if (!_ep || !_ep->desc || ep_index(ep) == 0)

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1056 
		return -ENODEV;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1057 

75eaa498c99eeb drivers/usb/gadget/udc/fsl_udc_core.c Nikhil Badola      2019-10-21  1058 
	ep = container_of(_ep, struct fsl_ep, ep);
75eaa498c99eeb drivers/usb/gadget/udc/fsl_udc_core.c Nikhil Badola      2019-10-21  1059 

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1060 
	udc = (struct fsl_udc *)ep->udc;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1061 

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1062 
	if (!udc->driver || udc->gadget.speed == USB_SPEED_UNKNOWN)
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1063 
		return -ESHUTDOWN;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1064 

6414e94c203d92 drivers/usb/gadget/fsl_udc_core.c     Li Yang            2011-11-23  1065 
	qh = get_qh_by_ep(ep);
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1066 

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1067 
	bitmask = (ep_is_in(ep)) ? (1 << (ep_index(ep) + 16)) :
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1068 
	    (1 << (ep_index(ep)));
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1069 

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1070 
	if (fsl_readl(&dr_regs->endptstatus) & bitmask)
6414e94c203d92 drivers/usb/gadget/fsl_udc_core.c     Li Yang            2011-11-23  1071 
		size = (qh->size_ioc_int_sts & DTD_PACKET_SIZE)
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1072 
		    >> DTD_LENGTH_BIT_POS;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1073 

2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1074 
	pr_debug("%s %u\n", __func__, size);
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1075 
	return size;
2ea6698d7b9266 drivers/usb/gadget/fsl_udc_core.c     Anatolij Gustschin 2011-04-18  1076 
}

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

_______________________________________________
kbuild mailing list -- kbuild(a)lists.01.org
To unsubscribe send an email to kbuild-leave(a)lists.01.org

2022

2021

2020

2019

[kbuild-all] [kbuild] drivers/usb/gadget/udc/fsl_udc_core.c:1055 fsl_ep_fifo_status() error: we previously assumed '_ep->desc' could be null (see line 1055)