lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 10 Oct 2022 10:29:32 -0700
From:   Guru Das Srinagesh <quic_gurus@...cinc.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
CC:     Tom Rix <trix@...hat.com>, Nathan Chancellor <nathan@...nel.org>,
        "Elliot Berman" <quic_eberman@...cinc.com>, <llvm@...ts.linux.dev>,
        <linux-kernel@...r.kernel.org>, <matt@...econstruct.com.au>,
        David Howells <dhowells@...hat.com>,
        Lukas Bulwahn <lukas.bulwahn@...il.com>,
        <jackm@....mellanox.co.il>
Subject: Re: [PATCH 2/2] scripts/clang-tools: Remove
 core.uninitialized.Assign check

On Oct 10 2022 10:22, Nick Desaulniers wrote:
> On Wed, Oct 5, 2022 at 8:24 PM Guru Das Srinagesh
> <quic_gurus@...cinc.com> wrote:
> >
> > Remove this check as it leads to false positives in some cases (not all):
> >
> > warning: Assigned value is garbage or undefined
> > [clang-analyzer-core.uninitialized.Assign]
> >       list_for_each_entry_safe(page, tmp_page, &pages, lru)
> >       ^
> 
> I don't think we want to disable this.  Tom and others have fixed bugs
> from this report. See also:
> commit d1bd5fa07667 ("lib: remove back_str initialization")
> commit 33b5bc9e7033 ("octeontx2-af: initialize action variable")
> commit 8d783197f06d ("mctp: Fix warnings reported by clang-analyzer")
> commit eed1a5c74216 ("drm/amdgpu: check return status before using
> stable_pstate")
> commit 3da4b7403db8 ("ALSA: usb-audio: initialize variables that could
> ignore errors")
> commit 38ac2f038666 ("iio: chemical: sunrise_co2: set val parameter
> only on success")
> commit afe6949862f7 ("afs: check function return")
> commit d108370c644b ("apparmor: fix error check")
> commit d52e419ac8b5 ("rxrpc: Fix handling of an unsupported token type
> in rxrpc_read()")
> commit 6a6516c024bb ("USB: storage: avoid use of uninitialized values
> in error path")
> commit f71e41e23e12 ("iio:imu:st_lsm6dsx: check
> st_lsm6dsx_shub_read_output return")
> commit 3a61cdf43e67 ("hwrng: intel - cleanup initialization")
> commit 094dd0d73062 ("rndis_wlan: tighten check of rndis_query_oid return")
> commit e3914ed6cf44 ("ieee802154/adf7242: check status of adf7242_read_reg")
> commit c2a3d4b4cac1 ("net/mlx4_en: Cleanups suggested by clang static checker")

Thanks for the list of these commits. Will review the relevant portion of my
code to address this report.

Thank you.

Guru Das.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ