In do_bootm_states when doing BOOTM_STATE_LOADOS we use load_end
uninitialized and Coverity notes this now. This however leads down
another interesting path. We pass this pointer to bootm_load_os and
that in turn uses this uninitialized value immediately to calculate the
flush length, and is wrong. We do not know what load_end will be until
after bootm_decomp_image is called, so we must only set flush_len after
that. All of this also makes it clear that the only reason we pass a
pointer for load_end to bootm_load_os is so that we can call lmb_reserve
on success. Rather than initialize load_end to 0 in do_bootm_states we
can just call lmb_reserve ourself.
Reported-by: Coverity (CID: 175572)
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
cc95535867