Re: drivers/infiniband/hw/cxgb3/iwch_provider.c: uninitializedvariable used
From: Steve Wise
Date: Mon Mar 19 2007 - 10:05:49 EST
Thanks Adrian,
I'll address this...
Steve.
On Mon, 2007-03-19 at 10:26 +0100, Adrian Bunk wrote:
> The Coverity checker spotted that "npages" will be used uninitialized in
> the following code if !(mr_rereg_mask & IB_MR_REREG_TRANS):
>
> <-- snip -->
>
> ...
> static int iwch_reregister_phys_mem(struct ib_mr *mr,
> int mr_rereg_mask,
> struct ib_pd *pd,
> struct ib_phys_buf *buffer_list,
> int num_phys_buf,
> int acc, u64 * iova_start)
> {
>
> struct iwch_mr mh, *mhp;
> struct iwch_pd *php;
> struct iwch_dev *rhp;
> __be64 *page_list = NULL;
> int shift = 0;
> u64 total_size;
> int npages;
> int ret;
>
> PDBG("%s ib_mr %p ib_pd %p\n", __FUNCTION__, mr, pd);
>
> /* There can be no memory windows */
> if (atomic_read(&mr->usecnt))
> return -EINVAL;
>
> mhp = to_iwch_mr(mr);
> rhp = mhp->rhp;
> php = to_iwch_pd(mr->pd);
>
> /* make sure we are on the same adapter */
> if (rhp != php->rhp)
> return -EINVAL;
>
> memcpy(&mh, mhp, sizeof *mhp);
>
> if (mr_rereg_mask & IB_MR_REREG_PD)
> php = to_iwch_pd(pd);
> if (mr_rereg_mask & IB_MR_REREG_ACCESS)
> mh.attr.perms = iwch_ib_to_tpt_access(acc);
> if (mr_rereg_mask & IB_MR_REREG_TRANS)
> ret = build_phys_page_list(buffer_list, num_phys_buf,
> iova_start,
> &total_size, &npages,
> &shift, &page_list);
>
> ret = iwch_reregister_mem(rhp, php, &mh, shift, page_list, npages);
> ...
>
> <-- snip -->
>
> Looking at the code, it also seems some orignally planned error handling
> code for the build_phys_page_list() call was forgotten ("ret" is never
> checked before it's overwritten again).
>
> cu
> Adrian
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/