From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
To: Felix Fietkau <nbd@nbd.name>,
Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>,
Kalle Valo <kvalo@codeaurora.org>,
"David S. Miller" <davem@davemloft.net>,
Matthias Brugger <matthias.bgg@gmail.com>
Cc: "Gustavo A. R. Silva" <gustavo@embeddedor.com>,
netdev@vger.kernel.org, linux-wireless@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-mediatek@lists.infradead.org,
linux-arm-kernel@lists.infradead.org
Subject: [mt76/mt7603/mac] Question about missing variable assignment
Date: Sat, 2 Mar 2019 15:10:46 -0600 [thread overview]
Message-ID: <20190302211046.GA20268@embeddedor.com> (raw)
Hi all,
The following piece of code in drivers/net/wireless/mediatek/mt76/mt7603/mac.c
is missing a variable assignment before line 1058. Notice that there
is a potential execution path in which variable *i* is compared against
magic number 15 at line 1075 without being initialized previously
(this was reported by Coverity):
1055 out:
1056 final_rate_flags = info->status.rates[final_idx].flags;
1057
1058 switch (FIELD_GET(MT_TX_RATE_MODE, final_rate)) {
1059 case MT_PHY_TYPE_CCK:
1060 cck = true;
1061 /* fall through */
1062 case MT_PHY_TYPE_OFDM:
1063 if (dev->mt76.chandef.chan->band == NL80211_BAND_5GHZ)
1064 sband = &dev->mt76.sband_5g.sband;
1065 else
1066 sband = &dev->mt76.sband_2g.sband;
1067 final_rate &= GENMASK(5, 0);
1068 final_rate = mt7603_get_rate(dev, sband, final_rate, cck);
1069 final_rate_flags = 0;
1070 break;
1071 case MT_PHY_TYPE_HT_GF:
1072 case MT_PHY_TYPE_HT:
1073 final_rate_flags |= IEEE80211_TX_RC_MCS;
1074 final_rate &= GENMASK(5, 0);
1075 if (i > 15)
1076 return false;
1077 break;
1078 default:
1079 return false;
1080 }
My guess is that such missing assignment should be something similar
to the one at line 566:
i = FIELD_GET(MT_RXV1_TX_RATE, rxdg0);
but I'm not sure what the proper arguments for macro FIELD_GET should
be.
This code was introduced by commit c8846e1015022d2531ac4c895783e400b3e5babe
What do you think?
Thanks
--
Gustavo
WARNING: multiple messages have this Message-ID (diff)
From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
To: Felix Fietkau <nbd@nbd.name>,
Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>,
Kalle Valo <kvalo@codeaurora.org>,
"David S. Miller" <davem@davemloft.net>,
Matthias Brugger <matthias.bgg@gmail.com>
Cc: linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org, linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>
Subject: [mt76/mt7603/mac] Question about missing variable assignment
Date: Sat, 2 Mar 2019 15:10:46 -0600 [thread overview]
Message-ID: <20190302211046.GA20268@embeddedor.com> (raw)
Hi all,
The following piece of code in drivers/net/wireless/mediatek/mt76/mt7603/mac.c
is missing a variable assignment before line 1058. Notice that there
is a potential execution path in which variable *i* is compared against
magic number 15 at line 1075 without being initialized previously
(this was reported by Coverity):
1055 out:
1056 final_rate_flags = info->status.rates[final_idx].flags;
1057
1058 switch (FIELD_GET(MT_TX_RATE_MODE, final_rate)) {
1059 case MT_PHY_TYPE_CCK:
1060 cck = true;
1061 /* fall through */
1062 case MT_PHY_TYPE_OFDM:
1063 if (dev->mt76.chandef.chan->band == NL80211_BAND_5GHZ)
1064 sband = &dev->mt76.sband_5g.sband;
1065 else
1066 sband = &dev->mt76.sband_2g.sband;
1067 final_rate &= GENMASK(5, 0);
1068 final_rate = mt7603_get_rate(dev, sband, final_rate, cck);
1069 final_rate_flags = 0;
1070 break;
1071 case MT_PHY_TYPE_HT_GF:
1072 case MT_PHY_TYPE_HT:
1073 final_rate_flags |= IEEE80211_TX_RC_MCS;
1074 final_rate &= GENMASK(5, 0);
1075 if (i > 15)
1076 return false;
1077 break;
1078 default:
1079 return false;
1080 }
My guess is that such missing assignment should be something similar
to the one at line 566:
i = FIELD_GET(MT_RXV1_TX_RATE, rxdg0);
but I'm not sure what the proper arguments for macro FIELD_GET should
be.
This code was introduced by commit c8846e1015022d2531ac4c895783e400b3e5babe
What do you think?
Thanks
--
Gustavo
WARNING: multiple messages have this Message-ID (diff)
From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
To: Felix Fietkau <nbd@nbd.name>,
Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>,
Kalle Valo <kvalo@codeaurora.org>,
"David S. Miller" <davem@davemloft.net>,
Matthias Brugger <matthias.bgg@gmail.com>
Cc: "Gustavo A. R. Silva" <gustavo@embeddedor.com>,
netdev@vger.kernel.org, linux-wireless@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-mediatek@lists.infradead.org,
linux-arm-kernel@lists.infradead.org
Subject: [mt76/mt7603/mac] Question about missing variable assignment
Date: Sat, 2 Mar 2019 15:10:46 -0600 [thread overview]
Message-ID: <20190302211046.GA20268@embeddedor.com> (raw)
Hi all,
The following piece of code in drivers/net/wireless/mediatek/mt76/mt7603/mac.c
is missing a variable assignment before line 1058. Notice that there
is a potential execution path in which variable *i* is compared against
magic number 15 at line 1075 without being initialized previously
(this was reported by Coverity):
1055 out:
1056 final_rate_flags = info->status.rates[final_idx].flags;
1057
1058 switch (FIELD_GET(MT_TX_RATE_MODE, final_rate)) {
1059 case MT_PHY_TYPE_CCK:
1060 cck = true;
1061 /* fall through */
1062 case MT_PHY_TYPE_OFDM:
1063 if (dev->mt76.chandef.chan->band == NL80211_BAND_5GHZ)
1064 sband = &dev->mt76.sband_5g.sband;
1065 else
1066 sband = &dev->mt76.sband_2g.sband;
1067 final_rate &= GENMASK(5, 0);
1068 final_rate = mt7603_get_rate(dev, sband, final_rate, cck);
1069 final_rate_flags = 0;
1070 break;
1071 case MT_PHY_TYPE_HT_GF:
1072 case MT_PHY_TYPE_HT:
1073 final_rate_flags |= IEEE80211_TX_RC_MCS;
1074 final_rate &= GENMASK(5, 0);
1075 if (i > 15)
1076 return false;
1077 break;
1078 default:
1079 return false;
1080 }
My guess is that such missing assignment should be something similar
to the one at line 566:
i = FIELD_GET(MT_RXV1_TX_RATE, rxdg0);
but I'm not sure what the proper arguments for macro FIELD_GET should
be.
This code was introduced by commit c8846e1015022d2531ac4c895783e400b3e5babe
What do you think?
Thanks
--
Gustavo
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next reply other threads:[~2019-03-02 21:10 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-02 21:10 Gustavo A. R. Silva [this message]
2019-03-02 21:10 ` [mt76/mt7603/mac] Question about missing variable assignment Gustavo A. R. Silva
2019-03-02 21:10 ` Gustavo A. R. Silva
2019-03-03 10:05 ` Felix Fietkau
2019-03-03 10:05 ` Felix Fietkau
[not found] ` <827d2ee6-04de-f4f9-15b4-40dac90bda9c-Vt+b4OUoWG0@public.gmane.org>
2019-03-03 15:06 ` Gustavo A. R. Silva
2019-03-03 15:06 ` Gustavo A. R. Silva
2019-03-03 15:06 ` Gustavo A. R. Silva
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190302211046.GA20268@embeddedor.com \
--to=gustavo@embeddedor.com \
--cc=davem@davemloft.net \
--cc=kvalo@codeaurora.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-wireless@vger.kernel.org \
--cc=lorenzo.bianconi83@gmail.com \
--cc=matthias.bgg@gmail.com \
--cc=nbd@nbd.name \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.