| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jun 2019 15:11:57 +0200
From: Arnd Bergmann <arnd@...db.de>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Arnd Bergmann <arnd@...db.de>,
Alexander Potapenko <glider@...gle.com>,
Kees Cook <keescook@...omium.org>,
Christoph Lameter <cl@...ux.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Kostya Serebryany <kcc@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Sandeep Patil <sspatil@...roid.com>,
Laura Abbott <labbott@...hat.com>,
Jann Horn <jannh@...gle.com>, Marco Elver <elver@...gle.com>,
Stephen Rothwell <sfr@...b.auug.org.au>,
linux-kernel@...r.kernel.org
Subject: [PATCH] lib: test_meminit: fix -Wmaybe-uninitialized false positive
The conditional logic is too complicated for the compiler to
fully comprehend:
lib/test_meminit.c: In function 'test_meminit_init':
lib/test_meminit.c:236:5: error: 'buf_copy' may be used uninitialized in this function [-Werror=maybe-uninitialized]
kfree(buf_copy);
^~~~~~~~~~~~~~~
lib/test_meminit.c:201:14: note: 'buf_copy' was declared here
Simplify it by splitting out the non-rcu section.
Fixes: af734ee6ec85 ("lib: introduce test_meminit module")
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
lib/test_meminit.c | 50 ++++++++++++++++++++++++----------------------
1 file changed, 26 insertions(+), 24 deletions(-)
diff --git a/lib/test_meminit.c b/lib/test_meminit.c
index ed7efec1387b..7ae2183ff1f4 100644
--- a/lib/test_meminit.c
+++ b/lib/test_meminit.c
@@ -208,35 +208,37 @@ static int __init do_kmem_cache_size(size_t size, bool want_ctor,
/* Check that buf is zeroed, if it must be. */
fail = check_buf(buf, size, want_ctor, want_rcu, want_zero);
fill_with_garbage_skip(buf, size, want_ctor ? CTOR_BYTES : 0);
+
+ if (!want_rcu) {
+ kmem_cache_free(c, buf);
+ continue;
+ }
+
/*
* If this is an RCU cache, use a critical section to ensure we
* can touch objects after they're freed.
*/
- if (want_rcu) {
- rcu_read_lock();
- /*
- * Copy the buffer to check that it's not wiped on
- * free().
- */
- buf_copy = kmalloc(size, GFP_KERNEL);
- if (buf_copy)
- memcpy(buf_copy, buf, size);
- }
- kmem_cache_free(c, buf);
- if (want_rcu) {
- /*
- * Check that |buf| is intact after kmem_cache_free().
- * |want_zero| is false, because we wrote garbage to
- * the buffer already.
- */
- fail |= check_buf(buf, size, want_ctor, want_rcu,
- false);
- if (buf_copy) {
- fail |= (bool)memcmp(buf, buf_copy, size);
- kfree(buf_copy);
- }
- rcu_read_unlock();
+ rcu_read_lock();
+ /*
+ * Copy the buffer to check that it's not wiped on
+ * free().
+ */
+ buf_copy = kmalloc(size, GFP_KERNEL);
+ if (buf_copy)
+ memcpy(buf_copy, buf, size);
+
+ /*
+ * Check that |buf| is intact after kmem_cache_free().
+ * |want_zero| is false, because we wrote garbage to
+ * the buffer already.
+ */
+ fail |= check_buf(buf, size, want_ctor, want_rcu,
+ false);
+ if (buf_copy) {
+ fail |= (bool)memcmp(buf, buf_copy, size);
+ kfree(buf_copy);
}
+ rcu_read_unlock();
}
kmem_cache_destroy(c);
--
2.20.0
Powered by blists - more mailing lists