usb: storage: suspicious code

From: Gustavo A. R. Silva
Date: Wed Feb 15 2017 - 00:07:19 EST

Next message: Selvin Xavier: "Re: linux-next: build failure after merge of the rdma tree"
Previous message: Sergey Senozhatsky: "Re: Regression in next with use printk_safe buffers in printk"
Next in thread: Oliver Neukum: "Re: [usb-storage] usb: storage: suspicious code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I ran into the following piece of code at drivers/usb/storage/jumpshot.c:305 (linux-next), and it seems a little bit suspicious:

// read the result. apparently the bulk write can complete
// before the jumpshot drive is finished writing. so we loop
// here until we get a good return code
waitcount = 0;
do {
result = jumpshot_get_status(us);
if (result != USB_STOR_TRANSPORT_GOOD) {
// I have not experimented to find the smallest value.
//
msleep(50);
}
} while ((result != USB_STOR_TRANSPORT_GOOD) && (waitcount < 10));

if (result != USB_STOR_TRANSPORT_GOOD)
usb_stor_dbg(us, "Gah! Waitcount = 10. Bad write!?\n");

Variable 'waitcount' is never updated inside the do-while loop. So, either it isn't needed at all or line 316 should be modified (++waitcount < 10)

In case 'waitcount' isn't needed, lines 318 and 319 should be removed.

Can someone help me to clarify this so I can write a patch to fix this code?

Thank you
--
Gustavo A. R. Silva

Next message: Selvin Xavier: "Re: linux-next: build failure after merge of the rdma tree"
Previous message: Sergey Senozhatsky: "Re: Regression in next with use printk_safe buffers in printk"
Next in thread: Oliver Neukum: "Re: [usb-storage] usb: storage: suspicious code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]