| Message ID | 20180822145149.4697-1-bharat@chelsio.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Jason Gunthorpe |
| Headers | show |
| Series | iw_cxgb4: fix uninitialized variable plen | expand |
On Wed, Aug 22, 2018 at 08:21:49PM +0530, Potnuri Bharat Teja wrote: > Fixes the following smatch warning and few more possible cases: > The patch 94245f4ad9e1: "iw_cxgb4: Support FW write completion WR" > from Aug 2, 2018, leads to the following static checker warning: > > drivers/infiniband/hw/cxgb4/qp.c:651 build_rdma_write_cmpl() > error: uninitialized symbol 'plen'. So the first one I look at sure actually looks like a bug.. build_isgl((__be64 *)sq->queue, (__be64 *)&sq->queue[sq->size], wcwr->u.isgl_src, wr->sg_list, wr->num_sge, &plen); size = sizeof(*wcwr) + sizeof(struct fw_ri_isgl) + wr->num_sge * sizeof(struct fw_ri_sge); wcwr->plen = cpu_to_be32(plen); And build_isgl: static int build_isgl(__be64 *queue_start, __be64 *queue_end, struct fw_ri_isgl *isglp, struct ib_sge *sg_list, int num_sge, u32 *plenp) { int i; u32 plen = 0; __be64 *flitp; if ((__be64 *)isglp == queue_end) isglp = (struct fw_ri_isgl *)queue_start; flitp = (__be64 *)isglp->sge; for (i = 0; i < num_sge; i++) { if ((plen + sg_list[i].length) < plen) return -EMSGSIZE; So yes, plen is uninited because the error check for build_isgl was skipped. If error checking is skippable I suggest you init plen in build_isgl instead of sprinkling =0's all over the place. Jason
diff --git a/drivers/infiniband/hw/cxgb4/qp.c b/drivers/infiniband/hw/cxgb4/qp.c index b3203afa3b1d..c625d94db038 100644 --- a/drivers/infiniband/hw/cxgb4/qp.c +++ b/drivers/infiniband/hw/cxgb4/qp.c @@ -487,7 +487,7 @@ static int build_isgl(__be64 *queue_start, __be64 *queue_end, static int build_rdma_send(struct t4_sq *sq, union t4_wr *wqe, const struct ib_send_wr *wr, u8 *len16) { - u32 plen; + u32 plen = 0; int size; int ret; @@ -519,7 +519,6 @@ static int build_rdma_send(struct t4_sq *sq, union t4_wr *wqe, wqe->send.r3 = 0; wqe->send.r4 = 0; - plen = 0; if (wr->num_sge) { if (wr->send_flags & IB_SEND_INLINE) { ret = build_immd(sq, wqe->send.u.immd_src, wr, @@ -554,7 +553,7 @@ static int build_rdma_send(struct t4_sq *sq, union t4_wr *wqe, static int build_rdma_write(struct t4_sq *sq, union t4_wr *wqe, const struct ib_send_wr *wr, u8 *len16) { - u32 plen; + u32 plen = 0; int size; int ret; @@ -615,7 +614,7 @@ static void build_rdma_write_cmpl(struct t4_sq *sq, struct fw_ri_rdma_write_cmpl_wr *wcwr, const struct ib_send_wr *wr, u8 *len16) { - u32 plen; + u32 plen = 0; int size; /*
Fixes the following smatch warning and few more possible cases: The patch 94245f4ad9e1: "iw_cxgb4: Support FW write completion WR" from Aug 2, 2018, leads to the following static checker warning: drivers/infiniband/hw/cxgb4/qp.c:651 build_rdma_write_cmpl() error: uninitialized symbol 'plen'. Fixes: 94245f4ad9e ("iw_cxgb4: Support FW write completion WR") Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Potnuri Bharat Teja <bharat@chelsio.com> --- drivers/infiniband/hw/cxgb4/qp.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)