lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAK8P3a3_0njnrTokeXmOuZ1vA00Nk9pqbxsOZw+6QcCL-Ng=xg@mail.gmail.com>
Date:   Mon, 27 Sep 2021 15:28:23 +0200
From:   Arnd Bergmann <arnd@...nel.org>
To:     Chris Down <chris@...isdown.name>
Cc:     Petr Mladek <pmladek@...e.com>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Andy Shevchenko <andy.shevchenko@...il.com>,
        Jessica Yu <jeyu@...nel.org>, Arnd Bergmann <arnd@...db.de>,
        Steven Rostedt <rostedt@...dmis.org>,
        John Ogness <john.ogness@...utronix.de>,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        YueHaibing <yuehaibing@...wei.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        llvm@...ts.linux.dev
Subject: Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning

On Mon, Sep 27, 2021 at 3:20 PM Chris Down <chris@...isdown.name> wrote:
>
> Hi Arnd,
>
> Arnd Bergmann writes:
> >From: Arnd Bergmann <arnd@...db.de>
> >
> >clang notices that the pi_get_entry() function would use
> >uninitialized data if it was called with a non-NULL module
> >pointer on a kernel that does not support modules:
>
> On a !CONFIG_MODULES kernel, we _never_ pass a non-NULL module pointer. This
> isn't just convention: we don't even have `struct module` fully fleshed out, so
> it technically cannot be so.

Yes, I understand that part, hence the "if it was called" rather then
"when it is called".

> >kernel/printk/index.c:32:6: error: variable 'nr_entries' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized]
> >        if (!mod) {
> >            ^~~~
> >kernel/printk/index.c:38:13: note: uninitialized use occurs here
> >        if (pos >= nr_entries)
> >                   ^~~~~~~~~~
> >kernel/printk/index.c:32:2: note: remove the 'if' if its condition is always true
> >        if (!mod) {
> >
> >Rework the condition to make it clear to the compiler that we are always
> >in the second case. Unfortunately the #ifdef is still required as the
> >definition of 'struct module' is hidden when modules are disabled.
>
> Having IS_ENABLED and then an #ifdef seems to hurt code readability to me.
>
> >Fixes: 337015573718 ("printk: Userspace format indexing support")
>
> Does this really fix anything, or just clang's ignorance? If the latter, clang
> needs to be smarter here: as far as I can see there are no occasions where
> there's even any opportunity for a non-NULL pointer to come in on a
> !CONFIG_MODULES kernel, since `struct module` isn't even complete.

I don't see how you would expect clang to understand that part. It does
not do cross-function analysis for the purpose of diagnostic output, and
even if it did, then this caller

static void *pi_next(struct seq_file *s, void *v, loff_t *pos)
{
        const struct module *mod = s->file->f_inode->i_private;
        struct pi_entry *entry = pi_get_entry(mod, *pos);
...
}

has no indication that "s->file->f_inode->i_private" is guaranteed to
be a NULL pointer.

         Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ