| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 Mar 2016 16:03:20 +0100
From: Tomas Henzl <thenzl@...hat.com>
To: Arnd Bergmann <arnd@...db.de>, qla2xxx-upstream@...gic.com,
"James E.J. Bottomley" <jejb@...ux.vnet.ibm.com>,
"Martin K. Petersen" <martin.petersen@...cle.com>
Cc: Nicholas Bellinger <nab@...ux-iscsi.org>,
Himanshu Madhani <himanshu.madhani@...gic.com>,
Quinn Tran <quinn.tran@...gic.com>,
Alexei Potashnik <alexei@...estorage.com>,
Bart Van Assche <bart.vanassche@...disk.com>,
Swapnil Nagle <swapnil.nagle@...estorage.com>,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] qla2xxx: avoid maybe_uninitialized warning
On 15.3.2016 22:40, Arnd Bergmann wrote:
> The qlt_check_reserve_free_req() function produces an incorrect warning
> when CONFIG_PROFILE_ANNOTATED_BRANCHES is set:
>
> drivers/scsi/qla2xxx/qla_target.c: In function 'qlt_check_reserve_free_req':
> drivers/scsi/qla2xxx/qla_target.c:1887:3: error: 'cnt_in' may be used uninitialized in this function [-Werror=maybe-uninitialized]
> ql_dbg(ql_dbg_io, vha, 0x305a,
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "qla_target(%d): There is no room in the request ring: vha->req->ring_index=%d, vha->req->cnt=%d, req_cnt=%d Req-out=%d Req-in=%d Req-Length=%d\n",
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> vha->vp_idx, vha->req->ring_index,
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> vha->req->cnt, req_cnt, cnt, cnt_in, vha->req->length);
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/scsi/qla2xxx/qla_target.c:1887:3: error: 'cnt' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>
> The problem is that gcc fails to track the state of the condition across
> an annotated branch.
>
> This slightly rearranges the code to move the second if() block
> into the first one, to avoid the warning while retaining the
> behavior of the code.
When the first 'if' is true the vha->req->ring_index gets a new value
assigned - so it could be possible that the second 'if' wont be true any more.
The code should not be merged into that single 'if', or am I missing something?
tomash
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> drivers/scsi/qla2xxx/qla_target.c | 16 +++++++++-------
> 1 file changed, 9 insertions(+), 7 deletions(-)
>
> diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
> index 985231900aca..8a44d1541eb4 100644
> --- a/drivers/scsi/qla2xxx/qla_target.c
> +++ b/drivers/scsi/qla2xxx/qla_target.c
> @@ -1881,15 +1881,17 @@ static int qlt_check_reserve_free_req(struct scsi_qla_host *vha,
> else
> vha->req->cnt = vha->req->length -
> (vha->req->ring_index - cnt);
> - }
>
> - if (unlikely(vha->req->cnt < (req_cnt + 2))) {
> - ql_dbg(ql_dbg_io, vha, 0x305a,
> - "qla_target(%d): There is no room in the request ring: vha->req->ring_index=%d, vha->req->cnt=%d, req_cnt=%d Req-out=%d Req-in=%d Req-Length=%d\n",
> - vha->vp_idx, vha->req->ring_index,
> - vha->req->cnt, req_cnt, cnt, cnt_in, vha->req->length);
> - return -EAGAIN;
> + if (unlikely(vha->req->cnt < (req_cnt + 2))) {
> + ql_dbg(ql_dbg_io, vha, 0x305a,
> + "qla_target(%d): There is no room in the request ring: vha->req->ring_index=%d, vha->req->cnt=%d, req_cnt=%d Req-out=%d Req-in=%d Req-Length=%d\n",
> + vha->vp_idx, vha->req->ring_index,
> + vha->req->cnt, req_cnt, cnt, cnt_in,
> + vha->req->length);
> + return -EAGAIN;
> + }
> }
> +
> vha->req->cnt -= req_cnt;
>
> return 0;
Powered by blists - more mailing lists