[PATCH] hw/vfio-user: fix use of uninitialized variable

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] hw/vfio-user: fix use of uninitialized variable
@ 2025-07-08 15:49 John Levon
  2025-07-09  9:34 ` Mark Cave-Ayland
  2025-07-15  5:52 ` Cédric Le Goater
  0 siblings, 2 replies; 3+ messages in thread
From: John Levon @ 2025-07-08 15:49 UTC (permalink / raw)
  To: qemu-devel; +Cc: John Levon, Thanos Makatos, Cédric Le Goater

Coverity reported:

CID 1611805:         Uninitialized variables

in vfio_user_dma_map(). This can occur in the happy path when
->async_ops was not set; as this doesn't typically happen, it wasn't
caught during testing.

Align both map and unmap implementations to initialize ret the same way
to resolve this.

Reported-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: John Levon <john.levon@nutanix.com>
---
 hw/vfio-user/container.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/hw/vfio-user/container.c b/hw/vfio-user/container.c
index d318e6a339..d589dd90f5 100644
--- a/hw/vfio-user/container.c
+++ b/hw/vfio-user/container.c
@@ -64,8 +64,6 @@ static int vfio_user_dma_unmap(const VFIOContainerBase *bcontainer,
                               0, &local_err)) {
             error_report_err(local_err);
             ret = -EFAULT;
-        } else {
-            ret = 0;
         }
     } else {
         if (!vfio_user_send_wait(container->proxy, &msgp->hdr, NULL,
@@ -92,7 +90,7 @@ static int vfio_user_dma_map(const VFIOContainerBase *bcontainer, hwaddr iova,
                                                 bcontainer);
     int fd = memory_region_get_fd(mrp);
     Error *local_err = NULL;
-    int ret;
+    int ret = 0;
 
     VFIOUserFDs *fds = NULL;
     VFIOUserDMAMap *msgp = g_malloc0(sizeof(*msgp));
@@ -135,8 +133,6 @@ static int vfio_user_dma_map(const VFIOContainerBase *bcontainer, hwaddr iova,
                               0, &local_err)) {
             error_report_err(local_err);
             ret = -EFAULT;
-        } else {
-            ret = 0;
         }
     } else {
         VFIOUserFDs local_fds = { 1, 0, &fd };
-- 
2.43.0



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] hw/vfio-user: fix use of uninitialized variable
  2025-07-08 15:49 [PATCH] hw/vfio-user: fix use of uninitialized variable John Levon
@ 2025-07-09  9:34 ` Mark Cave-Ayland
  2025-07-15  5:52 ` Cédric Le Goater
  1 sibling, 0 replies; 3+ messages in thread
From: Mark Cave-Ayland @ 2025-07-09  9:34 UTC (permalink / raw)
  To: John Levon, qemu-devel; +Cc: Thanos Makatos, Cédric Le Goater

On 08/07/2025 16:49, John Levon wrote:

> Coverity reported:
> 
> CID 1611805:         Uninitialized variables
> 
> in vfio_user_dma_map(). This can occur in the happy path when
> ->async_ops was not set; as this doesn't typically happen, it wasn't
> caught during testing.
> 
> Align both map and unmap implementations to initialize ret the same way
> to resolve this.
> 
> Reported-by: Cédric Le Goater <clg@redhat.com>
> Signed-off-by: John Levon <john.levon@nutanix.com>
> ---
>   hw/vfio-user/container.c | 6 +-----
>   1 file changed, 1 insertion(+), 5 deletions(-)
> 
> diff --git a/hw/vfio-user/container.c b/hw/vfio-user/container.c
> index d318e6a339..d589dd90f5 100644
> --- a/hw/vfio-user/container.c
> +++ b/hw/vfio-user/container.c
> @@ -64,8 +64,6 @@ static int vfio_user_dma_unmap(const VFIOContainerBase *bcontainer,
>                                 0, &local_err)) {
>               error_report_err(local_err);
>               ret = -EFAULT;
> -        } else {
> -            ret = 0;
>           }
>       } else {
>           if (!vfio_user_send_wait(container->proxy, &msgp->hdr, NULL,
> @@ -92,7 +90,7 @@ static int vfio_user_dma_map(const VFIOContainerBase *bcontainer, hwaddr iova,
>                                                   bcontainer);
>       int fd = memory_region_get_fd(mrp);
>       Error *local_err = NULL;
> -    int ret;
> +    int ret = 0;
>   
>       VFIOUserFDs *fds = NULL;
>       VFIOUserDMAMap *msgp = g_malloc0(sizeof(*msgp));
> @@ -135,8 +133,6 @@ static int vfio_user_dma_map(const VFIOContainerBase *bcontainer, hwaddr iova,
>                                 0, &local_err)) {
>               error_report_err(local_err);
>               ret = -EFAULT;
> -        } else {
> -            ret = 0;
>           }
>       } else {
>           VFIOUserFDs local_fds = { 1, 0, &fd };

Reviewed-by: Mark Cave-Ayland <mark.caveayland@nutanix.com>


ATB,

Mark.



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] hw/vfio-user: fix use of uninitialized variable
  2025-07-08 15:49 [PATCH] hw/vfio-user: fix use of uninitialized variable John Levon
  2025-07-09  9:34 ` Mark Cave-Ayland
@ 2025-07-15  5:52 ` Cédric Le Goater
  1 sibling, 0 replies; 3+ messages in thread
From: Cédric Le Goater @ 2025-07-15  5:52 UTC (permalink / raw)
  To: John Levon, qemu-devel; +Cc: Thanos Makatos

On 7/8/25 17:49, John Levon wrote:
> Coverity reported:
> 
> CID 1611805:         Uninitialized variables
> 
> in vfio_user_dma_map(). This can occur in the happy path when
> ->async_ops was not set; as this doesn't typically happen, it wasn't
> caught during testing.
> 
> Align both map and unmap implementations to initialize ret the same way
> to resolve this.

This is not a strict rule, but a trailer like the one below is
usually added for Coverity fixes :

   Resolves: Coverity CID 1611805

In case you resend, please do so.


> Reported-by: Cédric Le Goater <clg@redhat.com>
> Signed-off-by: John Levon <john.levon@nutanix.com>


Reviewed-by: Cédric Le Goater <clg@redhat.com>

Thanks,

C.


> ---
>   hw/vfio-user/container.c | 6 +-----
>   1 file changed, 1 insertion(+), 5 deletions(-)
> 
> diff --git a/hw/vfio-user/container.c b/hw/vfio-user/container.c
> index d318e6a339..d589dd90f5 100644
> --- a/hw/vfio-user/container.c
> +++ b/hw/vfio-user/container.c
> @@ -64,8 +64,6 @@ static int vfio_user_dma_unmap(const VFIOContainerBase *bcontainer,
>                                 0, &local_err)) {
>               error_report_err(local_err);
>               ret = -EFAULT;
> -        } else {
> -            ret = 0;
>           }
>       } else {
>           if (!vfio_user_send_wait(container->proxy, &msgp->hdr, NULL,
> @@ -92,7 +90,7 @@ static int vfio_user_dma_map(const VFIOContainerBase *bcontainer, hwaddr iova,
>                                                   bcontainer);
>       int fd = memory_region_get_fd(mrp);
>       Error *local_err = NULL;
> -    int ret;
> +    int ret = 0;
>   
>       VFIOUserFDs *fds = NULL;
>       VFIOUserDMAMap *msgp = g_malloc0(sizeof(*msgp));
> @@ -135,8 +133,6 @@ static int vfio_user_dma_map(const VFIOContainerBase *bcontainer, hwaddr iova,
>                                 0, &local_err)) {
>               error_report_err(local_err);
>               ret = -EFAULT;
> -        } else {
> -            ret = 0;
>           }
>       } else {
>           VFIOUserFDs local_fds = { 1, 0, &fd };



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-07-15  5:53 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-08 15:49 [PATCH] hw/vfio-user: fix use of uninitialized variable John Levon
2025-07-09  9:34 ` Mark Cave-Ayland
2025-07-15  5:52 ` Cédric Le Goater

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).