Re: [2/2,v3] myri10ge: avoid uninitialized variable use

Next message: Stanislav Kinsburskii: "Re: [PATCH v0 15/15] mshv: Populate mmio mappings for PCI passthru"
Previous message: Andy Shevchenko: "Re: [PATCH v5 next 6/7] iio: sca3000: stop interrupts via devm_add_action_or_reset()"
In reply to: Jakub Kicinski: "Re: [2/2,v3] myri10ge: avoid uninitialized variable use"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Arnd Bergmann

Date: Thu Feb 05 2026 - 11:31:03 EST

On Thu, Feb 5, 2026, at 05:57, Jakub Kicinski wrote:
>> @@ -2238,6 +2250,8 @@ static int myri10ge_get_txrx(struct myri10ge_priv *mgp, int slice)
>> status = 0;
>> if (slice == 0 || (mgp->dev->real_num_tx_queues > 1)) {
>> cmd.data0 = slice;
>> + cmd.data1 = 0;
>> + cmd.data2 = 0;
>> status = myri10ge_send_cmd(mgp, MXGEFW_CMD_GET_SEND_OFFSET,
>> &cmd, 0);
>> ss->tx.lanai = (struct mcp_kreq_ether_send __iomem *)
>> (mgp->sram + cmd.data0);
>> }
>> cmd.data0 = slice;
>> status |= myri10ge_send_cmd(mgp, MXGEFW_CMD_GET_SMALL_RX_OFFSET,
>> &cmd, 0);
>
> The initialization of cmd.data1 and cmd.data2 is inside the conditional
> block. When slice > 0 and real_num_tx_queues <= 1, does the subsequent
> myri10ge_send_cmd() call for MXGEFW_CMD_GET_SMALL_RX_OFFSET use
> uninitialized data1/data2 values?
>
> Simon Horman pointed this out in his review of v2:
> https://lore.kernel.org/all/20250622162715.GA297140@xxxxxxxxxxxxxxxx/
>
> He provided a diff showing that the second cmd.data0 = slice assignment
> also needs cmd.data1 and cmd.data2 initialization. This feedback does
> not appear to have been addressed in v3.

Indeed, I thought I had addressed this, but somehow ended up
rebasing to an older version of my original patch. Sent v4 now.

Arnd