scsi: ufs: core: Fix a possible use before initialization case

In ufshcd_exec_dev_cmd(), if error happens before lrpb is initialized, then
we should bail out instead of letting trace record the error.

Link: https://lore.kernel.org/r/1623227044-22635-1-git-send-email-cang@codeaurora.org
Fixes: a45f937110fa ("scsi: ufs: Optimize host lock on transfer requests send/compl paths")
Reported-by: kernel test robot <lkp@intel.com>
Reviewed-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Can Guo <cang@codeaurora.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
index fe1b5f4..25fe18a 100644 (file)
--- a/drivers/scsi/ufs/ufshcd.c
+++ b/drivers/scsi/ufs/ufshcd.c
@@ -2980,7 +2980,7 @@ static int ufshcd_exec_dev_cmd(struct ufs_hba *hba,
        WARN_ON(lrbp->cmd);
        err = ufshcd_compose_dev_cmd(hba, lrbp, cmd_type, tag);
        if (unlikely(err))
-               goto out_put_tag;
+               goto out;
 
        hba->dev_cmd.complete = &wait;
 
@@ -2990,11 +2990,10 @@ static int ufshcd_exec_dev_cmd(struct ufs_hba *hba,
 
        ufshcd_send_command(hba, tag);
        err = ufshcd_wait_for_dev_cmd(hba, lrbp, timeout);
-out:
        ufshcd_add_query_upiu_trace(hba, err ? UFS_QUERY_ERR : UFS_QUERY_COMP,
                                    (struct utp_upiu_req *)lrbp->ucd_rsp_ptr);
 
-out_put_tag:
+out:
        blk_put_request(req);
 out_unlock:
        up_read(&hba->clk_scaling_lock);