[PATCH] staging: vchiq: silence an uninitialized variable warning
Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
without being initialized. Smatch is correct, however, in that
situation the "userdata" is not used so it doesn't cause a problem.
Passing an uninitialized variable will trigger a UBSan warning at
runtime so this warning is worth silencing by setting "userdata" to
NULL.
Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
Signed-off-by: Dan Carpenter
---
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
index 590415561b73..71b962777da5 100644
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
@@ -952,7 +952,7 @@ static int vchiq_irq_queue_bulk_tx_rx(struct vchiq_instance
*instance,
{
struct vchiq_service *service;
struct bulk_waiter_node *waiter = NULL;
- void *userdata;
+ void *userdata = NULL;
int status = 0;
int ret;
--
2.28.0
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Re: [PATCH] staging: vchiq: silence an uninitialized variable warning
On Wed, Sep 30, 2020 at 11:02 AM Dan Carpenter wrote:
>
> Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
> without being initialized. Smatch is correct, however, in that
> situation the "userdata" is not used so it doesn't cause a problem.
> Passing an uninitialized variable will trigger a UBSan warning at
> runtime so this warning is worth silencing by setting "userdata" to
> NULL.
>
> Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
> Signed-off-by: Dan Carpenter
The change looks fine, but I wonder if it's actually worse and the
uninitialized pointer can end up getting copied back to user space
in the completion.
In either case, thanks for the fix!
Acked-by: Arnd Bergmann
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Re: [PATCH] staging: vchiq: silence an uninitialized variable warning
On Wed, Sep 30, 2020 at 12:22:37PM +0200, Arnd Bergmann wrote:
> On Wed, Sep 30, 2020 at 11:02 AM Dan Carpenter
> wrote:
> >
> > Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
> > without being initialized. Smatch is correct, however, in that
> > situation the "userdata" is not used so it doesn't cause a problem.
> > Passing an uninitialized variable will trigger a UBSan warning at
> > runtime so this warning is worth silencing by setting "userdata" to
> > NULL.
> >
> > Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
> > Signed-off-by: Dan Carpenter
>
> The change looks fine, but I wonder if it's actually worse and the
> uninitialized pointer can end up getting copied back to user space
> in the completion.
Ah... Wow. You're right. I think I really need to resend this with a
more accurate commit message.
regards,
dan carpenter
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
[PATCH v2] staging: vchiq: Fix an uninitialized variable
Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
without being initialized. This leads to a potential information leak
later on.
Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
Signed-off-by: Dan Carpenter
Acked-by: Arnd Bergmann
---
v2: update commit message.
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
index 590415561b73..71b962777da5 100644
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
@@ -952,7 +952,7 @@ static int vchiq_irq_queue_bulk_tx_rx(struct vchiq_instance
*instance,
{
struct vchiq_service *service;
struct bulk_waiter_node *waiter = NULL;
- void *userdata;
+ void *userdata = NULL;
int status = 0;
int ret;
--
2.28.0
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
[PATCH] media: atomisp: fixes a breakage due to a cleanup patch
A temporary var needed for building with ISP2401 was removed
by accident on a cleanup patch.
Fix the breakage.
Fixes: 852a53a02cf0 ("media: atomisp: get rid of unused vars")
Signed-off-by: Mauro Carvalho Chehab
---
drivers/staging/media/atomisp/pci/sh_css.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/staging/media/atomisp/pci/sh_css.c
b/drivers/staging/media/atomisp/pci/sh_css.c
index e8c5caf3dfe6..8e4e82a97098 100644
--- a/drivers/staging/media/atomisp/pci/sh_css.c
+++ b/drivers/staging/media/atomisp/pci/sh_css.c
@@ -1365,7 +1365,6 @@ start_binary(struct ia_css_pipe *pipe,
{
assert(pipe);
/* Acceleration uses firmware, the binary thus can be NULL */
- /* assert(binary != NULL); */
if (binary)
sh_css_metrics_start_binary(&binary->metrics);
@@ -1381,7 +1380,7 @@ start_binary(struct ia_css_pipe *pipe,
#endif
#if !defined(ISP2401)
- if (stream->reconfigure_css_rx) {
+ if (pipe->stream->reconfigure_css_rx) {
ia_css_isys_rx_configure(&pipe->stream->csi_rx_config,
pipe->stream->config.mode);
stream->reconfigure_css_rx = false;
--
2.26.2
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
[PATCH v2] media: atomisp: fixes a breakage due to a cleanup patch
A temporary var needed for building with ISP2400 was removed
by accident on a cleanup patch.
Fix the breakage.
Fixes: 852a53a02cf0 ("media: atomisp: get rid of unused vars")
Signed-off-by: Mauro Carvalho Chehab
---
v2: fixed a typo at comment: ISP2401 -> ISP2400
drivers/staging/media/atomisp/pci/sh_css.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/staging/media/atomisp/pci/sh_css.c
b/drivers/staging/media/atomisp/pci/sh_css.c
index e8c5caf3dfe6..8e4e82a97098 100644
--- a/drivers/staging/media/atomisp/pci/sh_css.c
+++ b/drivers/staging/media/atomisp/pci/sh_css.c
@@ -1365,7 +1365,6 @@ start_binary(struct ia_css_pipe *pipe,
{
assert(pipe);
/* Acceleration uses firmware, the binary thus can be NULL */
- /* assert(binary != NULL); */
if (binary)
sh_css_metrics_start_binary(&binary->metrics);
@@ -1381,7 +1380,7 @@ start_binary(struct ia_css_pipe *pipe,
#endif
#if !defined(ISP2401)
- if (stream->reconfigure_css_rx) {
+ if (pipe->stream->reconfigure_css_rx) {
ia_css_isys_rx_configure(&pipe->stream->csi_rx_config,
pipe->stream->config.mode);
stream->reconfigure_css_rx = false;
--
2.26.2
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
