All of lore.kernel.org
 help / color / mirror / Atom feed
* staging: most: warning: ‘mbo’ may be used uninitialized in this function
@ 2016-03-18 12:41 Geert Uytterhoeven
  2016-03-18 13:02 ` Dan Carpenter
  2016-03-18 15:57 ` Andrey Shvetsov
  0 siblings, 2 replies; 3+ messages in thread
From: Geert Uytterhoeven @ 2016-03-18 12:41 UTC (permalink / raw)
  To: Christian Gromm, Greg KH; +Cc: driverdevel, Linux Kernel Mailing List

On Fri, Mar 18, 2016 at 6:42 AM, Linux Kernel Mailing List
<linux-kernel@vger.kernel.org> wrote:
> Web:        https://git.kernel.org/torvalds/c/f45b0fba43f415f69982df743dfa9b5d1b57785e
> Commit:     f45b0fba43f415f69982df743dfa9b5d1b57785e
> Parent:     b3c9f3c56c41cbebe7804b48ba8e6e484509c2c0
> Refname:    refs/heads/master
> Author:     Christian Gromm <christian.gromm@microchip.com>
> AuthorDate: Tue Dec 22 10:53:06 2015 +0100
> Committer:  Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> CommitDate: Sun Feb 7 17:34:58 2016 -0800
>
>     staging: most: remove stacked_mbo
>
>     This patch makes use of kfifo_peek and kfifo_skip, which renders the
>     variable stacked_mbo useless. It is therefore removed.
>
>     Signed-off-by: Christian Gromm <christian.gromm@microchip.com>
>     Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> ---
>  drivers/staging/most/aim-cdev/cdev.c | 16 +++-------------
>  1 file changed, 3 insertions(+), 13 deletions(-)
>
> diff --git a/drivers/staging/most/aim-cdev/cdev.c b/drivers/staging/most/aim-cdev/cdev.c
> index d9c3f56..0ee2f08 100644
> --- a/drivers/staging/most/aim-cdev/cdev.c
> +++ b/drivers/staging/most/aim-cdev/cdev.c

> @@ -249,11 +246,7 @@ aim_read(struct file *filp, char __user *buf, size_t count, loff_t *offset)
>         struct aim_channel *c = filp->private_data;
>
>         mutex_lock(&c->io_mutex);
> -       if (c->stacked_mbo) {
> -               mbo = c->stacked_mbo;
> -               goto start_copy;
> -       }
> -       while ((!kfifo_out(&c->fifo, &mbo, 1)) && (c->dev)) {
> +       while (c->dev && !kfifo_peek(&c->fifo, &mbo)) {

drivers/staging/most/aim-cdev/cdev.c:241: warning: ‘mbo’ may be used
uninitialized in this function

>From looking at the code, it's not obvious to me if this is a false
positive or not.
Can it happen that mbo is not initialized fully, e.g. if less than sizeof(mbo)
bytes have been read from the kfifo?

Other callers initialize the pointer to NULL, and check the returned length.

>                 mutex_unlock(&c->io_mutex);
>                 if (filp->f_flags & O_NONBLOCK)
>                         return -EAGAIN;

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: staging: most: warning: ‘mbo’ may be used uninitialized in this function
  2016-03-18 12:41 staging: most: warning: ‘mbo’ may be used uninitialized in this function Geert Uytterhoeven
@ 2016-03-18 13:02 ` Dan Carpenter
  2016-03-18 15:57 ` Andrey Shvetsov
  1 sibling, 0 replies; 3+ messages in thread
From: Dan Carpenter @ 2016-03-18 13:02 UTC (permalink / raw)
  To: Geert Uytterhoeven
  Cc: Christian Gromm, Greg KH, driverdevel, Linux Kernel Mailing List

On Fri, Mar 18, 2016 at 01:41:19PM +0100, Geert Uytterhoeven wrote:
> > @@ -249,11 +246,7 @@ aim_read(struct file *filp, char __user *buf, size_t count, loff_t *offset)
> >         struct aim_channel *c = filp->private_data;
> >
> >         mutex_lock(&c->io_mutex);
> > -       if (c->stacked_mbo) {
> > -               mbo = c->stacked_mbo;
> > -               goto start_copy;
> > -       }
> > -       while ((!kfifo_out(&c->fifo, &mbo, 1)) && (c->dev)) {
> > +       while (c->dev && !kfifo_peek(&c->fifo, &mbo)) {
> 
> drivers/staging/most/aim-cdev/cdev.c:241: warning: ‘mbo’ may be used
> uninitialized in this function
> 
> From looking at the code, it's not obvious to me if this is a false
> positive or not.
> Can it happen that mbo is not initialized fully, e.g. if less than sizeof(mbo)
> bytes have been read from the kfifo?
> 
> Other callers initialize the pointer to NULL, and check the returned length.
> 

It looks like a false positive to me.

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: staging: most: warning: ‘mbo’ may be used uninitialized in this function
  2016-03-18 12:41 staging: most: warning: ‘mbo’ may be used uninitialized in this function Geert Uytterhoeven
  2016-03-18 13:02 ` Dan Carpenter
@ 2016-03-18 15:57 ` Andrey Shvetsov
  1 sibling, 0 replies; 3+ messages in thread
From: Andrey Shvetsov @ 2016-03-18 15:57 UTC (permalink / raw)
  To: Geert Uytterhoeven
  Cc: Christian Gromm, Greg KH, driverdevel, Linux Kernel Mailing List

On Fri, Mar 18, 2016 at 01:41:19PM +0100, Geert Uytterhoeven wrote:
> On Fri, Mar 18, 2016 at 6:42 AM, Linux Kernel Mailing List
> <linux-kernel@vger.kernel.org> wrote:
> > Web:        https://git.kernel.org/torvalds/c/f45b0fba43f415f69982df743dfa9b5d1b57785e
> > Commit:     f45b0fba43f415f69982df743dfa9b5d1b57785e
> > Parent:     b3c9f3c56c41cbebe7804b48ba8e6e484509c2c0
> > Refname:    refs/heads/master
> > Author:     Christian Gromm <christian.gromm@microchip.com>
> > AuthorDate: Tue Dec 22 10:53:06 2015 +0100
> > Committer:  Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > CommitDate: Sun Feb 7 17:34:58 2016 -0800
> >
> >     staging: most: remove stacked_mbo
> >
> >     This patch makes use of kfifo_peek and kfifo_skip, which renders the
> >     variable stacked_mbo useless. It is therefore removed.
> >
> >     Signed-off-by: Christian Gromm <christian.gromm@microchip.com>
> >     Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > ---
> >  drivers/staging/most/aim-cdev/cdev.c | 16 +++-------------
> >  1 file changed, 3 insertions(+), 13 deletions(-)
> >
> > diff --git a/drivers/staging/most/aim-cdev/cdev.c b/drivers/staging/most/aim-cdev/cdev.c
> > index d9c3f56..0ee2f08 100644
> > --- a/drivers/staging/most/aim-cdev/cdev.c
> > +++ b/drivers/staging/most/aim-cdev/cdev.c
> 
> > @@ -249,11 +246,7 @@ aim_read(struct file *filp, char __user *buf, size_t count, loff_t *offset)
> >         struct aim_channel *c = filp->private_data;
> >
> >         mutex_lock(&c->io_mutex);
> > -       if (c->stacked_mbo) {
> > -               mbo = c->stacked_mbo;
> > -               goto start_copy;
> > -       }
> > -       while ((!kfifo_out(&c->fifo, &mbo, 1)) && (c->dev)) {
> > +       while (c->dev && !kfifo_peek(&c->fifo, &mbo)) {
> 
> drivers/staging/most/aim-cdev/cdev.c:241: warning: ‘mbo’ may be used
> uninitialized in this function
> 
> From looking at the code, it's not obvious to me if this is a false
> positive or not.
> Can it happen that mbo is not initialized fully, e.g. if less than sizeof(mbo)
> bytes have been read from the kfifo?
> 
mbo is not touched by the kfifo_peek in the case where (c->dev == NULL),
but since we protect the c->dev by the io_mutex it remains NULL until
the check after the while loop where we quit.

Looks like the analyzer suspects that c->dev may be changed to a valid
pointer before the second check.

So, it is false positive, but it is worth to initialize the mbo with the
NULL to get rid of the warning.

regards
andy

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-03-18 15:57 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-18 12:41 staging: most: warning: ‘mbo’ may be used uninitialized in this function Geert Uytterhoeven
2016-03-18 13:02 ` Dan Carpenter
2016-03-18 15:57 ` Andrey Shvetsov

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.