lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YVHILl7E5RI3ohyX@chrisdown.name>
Date:   Mon, 27 Sep 2021 14:33:34 +0100
From:   Chris Down <chris@...isdown.name>
To:     Arnd Bergmann <arnd@...nel.org>
Cc:     Petr Mladek <pmladek@...e.com>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Andy Shevchenko <andy.shevchenko@...il.com>,
        Jessica Yu <jeyu@...nel.org>, Arnd Bergmann <arnd@...db.de>,
        Steven Rostedt <rostedt@...dmis.org>,
        John Ogness <john.ogness@...utronix.de>,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        YueHaibing <yuehaibing@...wei.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        llvm@...ts.linux.dev
Subject: Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning

Arnd Bergmann writes:
>On Mon, Sep 27, 2021 at 3:20 PM Chris Down <chris@...isdown.name> wrote:
>>
>> Hi Arnd,
>>
>> Arnd Bergmann writes:
>> >From: Arnd Bergmann <arnd@...db.de>
>> >
>> >clang notices that the pi_get_entry() function would use
>> >uninitialized data if it was called with a non-NULL module
>> >pointer on a kernel that does not support modules:
>>
>> On a !CONFIG_MODULES kernel, we _never_ pass a non-NULL module pointer. This
>> isn't just convention: we don't even have `struct module` fully fleshed out, so
>> it technically cannot be so.
>
>Yes, I understand that part, hence the "if it was called" rather then
>"when it is called".

But there's no "if", it's simply not possible.

>> >kernel/printk/index.c:32:6: error: variable 'nr_entries' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized]
>> >        if (!mod) {
>> >            ^~~~
>> >kernel/printk/index.c:38:13: note: uninitialized use occurs here
>> >        if (pos >= nr_entries)
>> >                   ^~~~~~~~~~
>> >kernel/printk/index.c:32:2: note: remove the 'if' if its condition is always true
>> >        if (!mod) {
>> >
>> >Rework the condition to make it clear to the compiler that we are always
>> >in the second case. Unfortunately the #ifdef is still required as the
>> >definition of 'struct module' is hidden when modules are disabled.
>>
>> Having IS_ENABLED and then an #ifdef seems to hurt code readability to me.
>>
>> >Fixes: 337015573718 ("printk: Userspace format indexing support")
>>
>> Does this really fix anything, or just clang's ignorance? If the latter, clang
>> needs to be smarter here: as far as I can see there are no occasions where
>> there's even any opportunity for a non-NULL pointer to come in on a
>> !CONFIG_MODULES kernel, since `struct module` isn't even complete.
>
>I don't see how you would expect clang to understand that part. It does
>not do cross-function analysis for the purpose of diagnostic output, and
>even if it did, then this caller
>
>static void *pi_next(struct seq_file *s, void *v, loff_t *pos)
>{
>        const struct module *mod = s->file->f_inode->i_private;
>        struct pi_entry *entry = pi_get_entry(mod, *pos);
>...
>}
>
>has no indication that "s->file->f_inode->i_private" is guaranteed to
>be a NULL pointer.

Sure, but it seems unnecessary to me to gum up the code because of clang's 
inability to understand that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ