lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <56E975B8.6040807@redhat.com>
Date:	Wed, 16 Mar 2016 16:03:20 +0100
From:	Tomas Henzl <thenzl@...hat.com>
To:	Arnd Bergmann <arnd@...db.de>, qla2xxx-upstream@...gic.com,
	"James E.J. Bottomley" <jejb@...ux.vnet.ibm.com>,
	"Martin K. Petersen" <martin.petersen@...cle.com>
Cc:	Nicholas Bellinger <nab@...ux-iscsi.org>,
	Himanshu Madhani <himanshu.madhani@...gic.com>,
	Quinn Tran <quinn.tran@...gic.com>,
	Alexei Potashnik <alexei@...estorage.com>,
	Bart Van Assche <bart.vanassche@...disk.com>,
	Swapnil Nagle <swapnil.nagle@...estorage.com>,
	linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] qla2xxx: avoid maybe_uninitialized warning

On 15.3.2016 22:40, Arnd Bergmann wrote:
> The qlt_check_reserve_free_req() function produces an incorrect warning
> when CONFIG_PROFILE_ANNOTATED_BRANCHES is set:
>
> drivers/scsi/qla2xxx/qla_target.c: In function 'qlt_check_reserve_free_req':
> drivers/scsi/qla2xxx/qla_target.c:1887:3: error: 'cnt_in' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>    ql_dbg(ql_dbg_io, vha, 0x305a,
>    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        "qla_target(%d): There is no room in the request ring: vha->req->ring_index=%d, vha->req->cnt=%d, req_cnt=%d Req-out=%d Req-in=%d Req-Length=%d\n",
>        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        vha->vp_idx, vha->req->ring_index,
>        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        vha->req->cnt, req_cnt, cnt, cnt_in, vha->req->length);
>        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/scsi/qla2xxx/qla_target.c:1887:3: error: 'cnt' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>
> The problem is that gcc fails to track the state of the condition across
> an annotated branch.
>
> This slightly rearranges the code to move the second if() block
> into the first one, to avoid the warning while retaining the
> behavior of the code.

When the first 'if' is true the vha->req->ring_index gets a new value 
assigned - so it could be possible that the second 'if' wont be true any more.
The code should not be merged into that single 'if', or am I missing something?

tomash

>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
>  drivers/scsi/qla2xxx/qla_target.c | 16 +++++++++-------
>  1 file changed, 9 insertions(+), 7 deletions(-)
>
> diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
> index 985231900aca..8a44d1541eb4 100644
> --- a/drivers/scsi/qla2xxx/qla_target.c
> +++ b/drivers/scsi/qla2xxx/qla_target.c
> @@ -1881,15 +1881,17 @@ static int qlt_check_reserve_free_req(struct scsi_qla_host *vha,
>  		else
>  			vha->req->cnt = vha->req->length -
>  			    (vha->req->ring_index - cnt);
> -	}
>  
> -	if (unlikely(vha->req->cnt < (req_cnt + 2))) {
> -		ql_dbg(ql_dbg_io, vha, 0x305a,
> -		    "qla_target(%d): There is no room in the request ring: vha->req->ring_index=%d, vha->req->cnt=%d, req_cnt=%d Req-out=%d Req-in=%d Req-Length=%d\n",
> -		    vha->vp_idx, vha->req->ring_index,
> -		    vha->req->cnt, req_cnt, cnt, cnt_in, vha->req->length);
> -		return -EAGAIN;
> +		if (unlikely(vha->req->cnt < (req_cnt + 2))) {
> +			ql_dbg(ql_dbg_io, vha, 0x305a,
> +			    "qla_target(%d): There is no room in the request ring: vha->req->ring_index=%d, vha->req->cnt=%d, req_cnt=%d Req-out=%d Req-in=%d Req-Length=%d\n",
> +			    vha->vp_idx, vha->req->ring_index,
> +			    vha->req->cnt, req_cnt, cnt, cnt_in,
> +			    vha->req->length);
> +			return -EAGAIN;
> +		}
>  	}
> +
>  	vha->req->cnt -= req_cnt;
>  
>  	return 0;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ