在 2019/7/27 17:30, Wang Xiayang 写道: > Coccinelle reports a path that the array "data" is never initialized. > The path skips the checks in the conditional branches when either > of callback functions, read_wave_vgprs and read_wave_sgprs, is not > registered. Later, the uninitialized "data" array is read > in the while-loop below and passed to put_user(). > > Fix the path by allocating the array with kcalloc(). > > The patch is simplier than adding a fall-back branch that explicitly > calls memset(data, 0, ...). Also it does not need the multiplication > 1024*sizeof(*data) as the size parameter for memset() though there is > no risk of integer overflow. > > Signed-off-by: Wang Xiayang <xywang.sjtu@xxxxxxxxxxx> Reviewed-by: Chunming Zhou <david1.zhou@xxxxxxx> -David > --- > drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c > index 6d54decef7f8..5652cc72ed3a 100644 > --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c > +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c > @@ -707,7 +707,7 @@ static ssize_t amdgpu_debugfs_gpr_read(struct file *f, char __user *buf, > thread = (*pos & GENMASK_ULL(59, 52)) >> 52; > bank = (*pos & GENMASK_ULL(61, 60)) >> 60; > > - data = kmalloc_array(1024, sizeof(*data), GFP_KERNEL); > + data = kcalloc(1024, sizeof(*data), GFP_KERNEL); > if (!data) > return -ENOMEM; > _______________________________________________ amd-gfx mailing list amd-gfx@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/amd-gfx
