lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 17 May 2021 06:17:47 -0700
From:   Tom Rix <trix@...hat.com>
To:     Dennis Zhou <dennis@...nel.org>
Cc:     tj@...nel.org, cl@...ux.com, akpm@...ux-foundation.org,
        linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] percpu: initialize best_upa variable


On 5/16/21 7:05 PM, Dennis Zhou wrote:
> Hello,
>
> On Sat, May 15, 2021 at 11:08:17AM -0700, trix@...hat.com wrote:
>> From: Tom Rix <trix@...hat.com>
>>
>> Static analysis reports this problem
>> percpu.c:2945:6: warning: Assigned value is garbage or undefined
>>          upa = best_upa;
>>              ^ ~~~~~~~~
>> best_upa may not be set, so initialize it.
>>
>> Signed-off-by: Tom Rix <trix@...hat.com>
>> ---
>>   mm/percpu.c | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/mm/percpu.c b/mm/percpu.c
>> index a257c3efdf18b..6578b706fae81 100644
>> --- a/mm/percpu.c
>> +++ b/mm/percpu.c
>> @@ -2916,6 +2916,7 @@ static struct pcpu_alloc_info * __init __flatten pcpu_build_alloc_info(
>>   	 * Related to atom_size, which could be much larger than the unit_size.
>>   	 */
>>   	last_allocs = INT_MAX;
>> +	best_upa = max_upa;
>>   	for (upa = max_upa; upa; upa--) {
>>   		int allocs = 0, wasted = 0;
>>   
>> -- 
>> 2.26.3
>>
> I think the proper fix would be:
>
> best_upa = 0;

I was looking for initializing with something that would work.

> for (...) { }
> BUG_ON(!best_upa);
WARN_ON instead?
> upa = best_upa;
>
> If you're fine with this I'll make the changes and apply it to
> for-5.13-fixes.
>
> Can you also tell me what static analysis tool produced this? I'm just a
> little curious because this code hasn't changed in several years so I'd
> have expected some static analyzer to have caught this by now.

Clang 10

Tom

>
> Thanks,
> Dennis
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ