lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 28 Mar 2007 23:59:07 +0200
From:	Dan Aloni <>
To:	Andrew Morton <>
Cc:	Jiri Kosina <>, Lee Revell <>,
	Toralf F?rster <>,,,
Subject: Re: fs/block_dev.c:953: warning: 'found' might be used uninitialized in this function

On Wed, Mar 28, 2007 at 01:14:54PM -0700, Andrew Morton wrote:
> On Wed, 28 Mar 2007 19:23:32 +0200 (CEST)
> Jiri Kosina <> wrote:
> > blockdev: bd_claim_by_kobject() could check value of unititalized pointer
> > @@ -950,7 +950,7 @@ static int bd_claim_by_kobject(struct block_device *bdev, void *holder,
> >  				struct kobject *kobj)
> >  {
> >  	int res;
> > -	struct bd_holder *bo, *found;
> > +	struct bd_holder *bo, *found = NULL;
> that generates extra code and people get upset.

I, for one, not upset. On the contrary.

IMHO gcc should be smart enough to optimize that code properly with that 
"= NULL" added. 

BTW with gcc 4.1.2 on x86_64 that warning doesn't get emitted, and it 
generates the same exact code with or without " = NULL". One could aruge,
if people are upset about more code being generated because they use an 
older stable branch of gcc, it's _their_ problem.

> 	struct bd_holder *found;
> 	squash_bogus_uninit_warning(found);	/* useful comment goes here */
> which is also unpleasant, but not as unpleasant as a screenful of warnings
> which hide real problems, IMO.

If there was such 'squash_bogus_uninit_warning' macro exist and in use,
then this could have been a possible scenario:

  A) There's some 200-lines long function.
  B) It has a squash_bogus_uninit_warning() somewhere in the beginning.
  C) Someone commits a patch that uses an uninitialized variable on _some_
     cases and it doesn't generate a warning.
  D) You get an 'heisenbug', since that pointer might point to something
     that is dereferencable without a fault, etc.

I think that warnings of these kind (assuming that they are not generated
as a result of deficiencies in the latest stable version of gcc) exist
for a damn good reason - the code should be fixed and that warning 
shouldn't be bypassed in semi-nasty ways.

Dan Aloni
da-x (at), dan (at)
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists