Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753494AbdHRN5K (ORCPT ); Fri, 18 Aug 2017 09:57:10 -0400 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:55284 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752647AbdHRNPn (ORCPT ); Fri, 18 Aug 2017 09:15:43 -0400 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit MIME-Version: 1.0 From: Ben Hutchings To: linux-kernel@vger.kernel.org, stable@vger.kernel.org CC: akpm@linux-foundation.org, "Dan Carpenter" , "Bjorn Helgaas" Date: Fri, 18 Aug 2017 14:13:20 +0100 Message-ID: X-Mailer: LinuxStableQueue (scripts by bwh) Subject: [PATCH 3.16 025/134] PCI: dwc: Fix uninitialized variable in dw_handle_msi_irq() In-Reply-To: X-SA-Exim-Connect-IP: 82.70.136.246 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1558 Lines: 47 3.16.47-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Dan Carpenter commit 1b497e6493c49bbb55c89f53562f7f853495e90d upstream. The bug is that "val" is unsigned long but we only initialize 32 bits of it. Then we test "if (val)" and that might be true not because we set the bits but because some were never initialized. Fixes: f342d940ee0e ("PCI: exynos: Add support for MSI") Signed-off-by: Dan Carpenter Signed-off-by: Bjorn Helgaas [bwh: Backported to 3.16: adjust filename, context] Signed-off-by: Ben Hutchings --- drivers/pci/host/pcie-designware.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/drivers/pci/host/pcie-designware.c +++ b/drivers/pci/host/pcie-designware.c @@ -158,19 +158,20 @@ static struct irq_chip dw_msi_irq_chip = /* MSI int handler */ irqreturn_t dw_handle_msi_irq(struct pcie_port *pp) { - unsigned long val; + u32 val; int i, pos, irq; irqreturn_t ret = IRQ_NONE; for (i = 0; i < MAX_MSI_CTRLS; i++) { dw_pcie_rd_own_conf(pp, PCIE_MSI_INTR0_STATUS + i * 12, 4, - (u32 *)&val); + &val); if (!val) continue; ret = IRQ_HANDLED; pos = 0; - while ((pos = find_next_bit(&val, 32, pos)) != 32) { + while ((pos = find_next_bit((unsigned long *) &val, 32, + pos)) != 32) { irq = irq_find_mapping(pp->irq_domain, i * 32 + pos); dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_STATUS + i * 12, 4, 1 << pos);