* [PATCH] lightnvm: Fix uninitialized return value in nvm_get_chunk_meta()
@ 2018-10-28 16:07 ` Geert Uytterhoeven
0 siblings, 0 replies; 4+ messages in thread
From: Geert Uytterhoeven @ 2018-10-28 16:07 UTC (permalink / raw)
To: Matias Bjorling, Keith Busch, Jens Axboe, Christoph Hellwig,
Sagi Grimberg
Cc: Arnd Bergmann, linux-block, linux-nvme, linux-kernel, Geert Uytterhoeven
With gcc 4.1:
drivers/lightnvm/core.c: In function ‘nvm_get_bb_meta’:
drivers/lightnvm/core.c:977: warning: ‘ret’ may be used uninitialized in this function
and
drivers/nvme/host/lightnvm.c: In function ‘nvme_nvm_get_chk_meta’:
drivers/nvme/host/lightnvm.c:580: warning: ‘ret’ may be used uninitialized in this function
Indeed, if (for the former) the number of channels or LUNs is zero, or
(for both) the passed number of chunks is zero, ret will be returned
uninitialized.
Fix this by preinitializing ret to zero.
Fixes: aff3fb18f957de93 ("lightnvm: move bad block and chunk state logic to core")
Fixes: a294c199455187d1 ("lightnvm: implement get log report chunk helpers")
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
---
I don't know if this can happen in practice, but given this is core
functionality that can be called from other files, or even from other
modules, I think it's better to be safe than sorry.
The latter seems to be a pre-existing issue since v4.17.
I didn't notice it before, due to the dependency of NVM on PCI (my gcc
4.1 targets m68k, i.e. no PCI).
---
drivers/lightnvm/core.c | 2 +-
drivers/nvme/host/lightnvm.c | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c
index efb976a863d2295a..73ab3cf2686804ba 100644
--- a/drivers/lightnvm/core.c
+++ b/drivers/lightnvm/core.c
@@ -974,7 +974,7 @@ static int nvm_get_bb_meta(struct nvm_dev *dev, sector_t slba,
struct ppa_addr ppa;
u8 *blks;
int ch, lun, nr_blks;
- int ret;
+ int ret = 0;
ppa.ppa = slba;
ppa = dev_to_generic_addr(dev, ppa);
diff --git a/drivers/nvme/host/lightnvm.c b/drivers/nvme/host/lightnvm.c
index a4f3b263cd6c60ee..d64805dc8efbaa02 100644
--- a/drivers/nvme/host/lightnvm.c
+++ b/drivers/nvme/host/lightnvm.c
@@ -577,7 +577,8 @@ static int nvme_nvm_get_chk_meta(struct nvm_dev *ndev,
struct ppa_addr ppa;
size_t left = nchks * sizeof(struct nvme_nvm_chk_meta);
size_t log_pos, offset, len;
- int ret, i, max_len;
+ int i, max_len;
+ int ret = 0;
/*
* limit requests to maximum 256K to avoid issuing arbitrary large
--
2.17.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH] lightnvm: Fix uninitialized return value in nvm_get_chunk_meta()
@ 2018-10-28 16:07 ` Geert Uytterhoeven
0 siblings, 0 replies; 4+ messages in thread
From: Geert Uytterhoeven @ 2018-10-28 16:07 UTC (permalink / raw)
With gcc 4.1:
drivers/lightnvm/core.c: In function ?nvm_get_bb_meta?:
drivers/lightnvm/core.c:977: warning: ?ret? may be used uninitialized in this function
and
drivers/nvme/host/lightnvm.c: In function ?nvme_nvm_get_chk_meta?:
drivers/nvme/host/lightnvm.c:580: warning: ?ret? may be used uninitialized in this function
Indeed, if (for the former) the number of channels or LUNs is zero, or
(for both) the passed number of chunks is zero, ret will be returned
uninitialized.
Fix this by preinitializing ret to zero.
Fixes: aff3fb18f957de93 ("lightnvm: move bad block and chunk state logic to core")
Fixes: a294c199455187d1 ("lightnvm: implement get log report chunk helpers")
Signed-off-by: Geert Uytterhoeven <geert at linux-m68k.org>
---
I don't know if this can happen in practice, but given this is core
functionality that can be called from other files, or even from other
modules, I think it's better to be safe than sorry.
The latter seems to be a pre-existing issue since v4.17.
I didn't notice it before, due to the dependency of NVM on PCI (my gcc
4.1 targets m68k, i.e. no PCI).
---
drivers/lightnvm/core.c | 2 +-
drivers/nvme/host/lightnvm.c | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c
index efb976a863d2295a..73ab3cf2686804ba 100644
--- a/drivers/lightnvm/core.c
+++ b/drivers/lightnvm/core.c
@@ -974,7 +974,7 @@ static int nvm_get_bb_meta(struct nvm_dev *dev, sector_t slba,
struct ppa_addr ppa;
u8 *blks;
int ch, lun, nr_blks;
- int ret;
+ int ret = 0;
ppa.ppa = slba;
ppa = dev_to_generic_addr(dev, ppa);
diff --git a/drivers/nvme/host/lightnvm.c b/drivers/nvme/host/lightnvm.c
index a4f3b263cd6c60ee..d64805dc8efbaa02 100644
--- a/drivers/nvme/host/lightnvm.c
+++ b/drivers/nvme/host/lightnvm.c
@@ -577,7 +577,8 @@ static int nvme_nvm_get_chk_meta(struct nvm_dev *ndev,
struct ppa_addr ppa;
size_t left = nchks * sizeof(struct nvme_nvm_chk_meta);
size_t log_pos, offset, len;
- int ret, i, max_len;
+ int i, max_len;
+ int ret = 0;
/*
* limit requests to maximum 256K to avoid issuing arbitrary large
--
2.17.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] lightnvm: Fix uninitialized return value in nvm_get_chunk_meta()
2018-10-28 16:07 ` Geert Uytterhoeven
@ 2018-10-28 18:38 ` Matias Bjørling
-1 siblings, 0 replies; 4+ messages in thread
From: Matias Bjørling @ 2018-10-28 18:38 UTC (permalink / raw)
To: geert, keith.busch, axboe, hch, sagi
Cc: arnd, linux-block, linux-nvme, linux-kernel
On 10/28/2018 05:07 PM, Geert Uytterhoeven wrote:
> With gcc 4.1:
>
> drivers/lightnvm/core.c: In function ‘nvm_get_bb_meta’:
> drivers/lightnvm/core.c:977: warning: ‘ret’ may be used uninitialized in this function
>
> and
>
> drivers/nvme/host/lightnvm.c: In function ‘nvme_nvm_get_chk_meta’:
> drivers/nvme/host/lightnvm.c:580: warning: ‘ret’ may be used uninitialized in this function
>
> Indeed, if (for the former) the number of channels or LUNs is zero, or
> (for both) the passed number of chunks is zero, ret will be returned
> uninitialized.
>
> Fix this by preinitializing ret to zero.
>
> Fixes: aff3fb18f957de93 ("lightnvm: move bad block and chunk state logic to core")
> Fixes: a294c199455187d1 ("lightnvm: implement get log report chunk helpers")
> Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
> ---
> I don't know if this can happen in practice, but given this is core
> functionality that can be called from other files, or even from other
> modules, I think it's better to be safe than sorry.
>
> The latter seems to be a pre-existing issue since v4.17.
> I didn't notice it before, due to the dependency of NVM on PCI (my gcc
> 4.1 targets m68k, i.e. no PCI).
> ---
> drivers/lightnvm/core.c | 2 +-
> drivers/nvme/host/lightnvm.c | 3 ++-
> 2 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c
> index efb976a863d2295a..73ab3cf2686804ba 100644
> --- a/drivers/lightnvm/core.c
> +++ b/drivers/lightnvm/core.c
> @@ -974,7 +974,7 @@ static int nvm_get_bb_meta(struct nvm_dev *dev, sector_t slba,
> struct ppa_addr ppa;
> u8 *blks;
> int ch, lun, nr_blks;
> - int ret;
> + int ret = 0;
>
> ppa.ppa = slba;
> ppa = dev_to_generic_addr(dev, ppa);
> diff --git a/drivers/nvme/host/lightnvm.c b/drivers/nvme/host/lightnvm.c
> index a4f3b263cd6c60ee..d64805dc8efbaa02 100644
> --- a/drivers/nvme/host/lightnvm.c
> +++ b/drivers/nvme/host/lightnvm.c
> @@ -577,7 +577,8 @@ static int nvme_nvm_get_chk_meta(struct nvm_dev *ndev,
> struct ppa_addr ppa;
> size_t left = nchks * sizeof(struct nvme_nvm_chk_meta);
> size_t log_pos, offset, len;
> - int ret, i, max_len;
> + int i, max_len;
> + int ret = 0;
>
> /*
> * limit requests to maximum 256K to avoid issuing arbitrary large
>
Thanks Geert. Applied for 4.21/5.1.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH] lightnvm: Fix uninitialized return value in nvm_get_chunk_meta()
@ 2018-10-28 18:38 ` Matias Bjørling
0 siblings, 0 replies; 4+ messages in thread
From: Matias Bjørling @ 2018-10-28 18:38 UTC (permalink / raw)
On 10/28/2018 05:07 PM, Geert Uytterhoeven wrote:
> With gcc 4.1:
>
> drivers/lightnvm/core.c: In function ?nvm_get_bb_meta?:
> drivers/lightnvm/core.c:977: warning: ?ret? may be used uninitialized in this function
>
> and
>
> drivers/nvme/host/lightnvm.c: In function ?nvme_nvm_get_chk_meta?:
> drivers/nvme/host/lightnvm.c:580: warning: ?ret? may be used uninitialized in this function
>
> Indeed, if (for the former) the number of channels or LUNs is zero, or
> (for both) the passed number of chunks is zero, ret will be returned
> uninitialized.
>
> Fix this by preinitializing ret to zero.
>
> Fixes: aff3fb18f957de93 ("lightnvm: move bad block and chunk state logic to core")
> Fixes: a294c199455187d1 ("lightnvm: implement get log report chunk helpers")
> Signed-off-by: Geert Uytterhoeven <geert at linux-m68k.org>
> ---
> I don't know if this can happen in practice, but given this is core
> functionality that can be called from other files, or even from other
> modules, I think it's better to be safe than sorry.
>
> The latter seems to be a pre-existing issue since v4.17.
> I didn't notice it before, due to the dependency of NVM on PCI (my gcc
> 4.1 targets m68k, i.e. no PCI).
> ---
> drivers/lightnvm/core.c | 2 +-
> drivers/nvme/host/lightnvm.c | 3 ++-
> 2 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c
> index efb976a863d2295a..73ab3cf2686804ba 100644
> --- a/drivers/lightnvm/core.c
> +++ b/drivers/lightnvm/core.c
> @@ -974,7 +974,7 @@ static int nvm_get_bb_meta(struct nvm_dev *dev, sector_t slba,
> struct ppa_addr ppa;
> u8 *blks;
> int ch, lun, nr_blks;
> - int ret;
> + int ret = 0;
>
> ppa.ppa = slba;
> ppa = dev_to_generic_addr(dev, ppa);
> diff --git a/drivers/nvme/host/lightnvm.c b/drivers/nvme/host/lightnvm.c
> index a4f3b263cd6c60ee..d64805dc8efbaa02 100644
> --- a/drivers/nvme/host/lightnvm.c
> +++ b/drivers/nvme/host/lightnvm.c
> @@ -577,7 +577,8 @@ static int nvme_nvm_get_chk_meta(struct nvm_dev *ndev,
> struct ppa_addr ppa;
> size_t left = nchks * sizeof(struct nvme_nvm_chk_meta);
> size_t log_pos, offset, len;
> - int ret, i, max_len;
> + int i, max_len;
> + int ret = 0;
>
> /*
> * limit requests to maximum 256K to avoid issuing arbitrary large
>
Thanks Geert. Applied for 4.21/5.1.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-10-29 3:23 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-28 16:07 [PATCH] lightnvm: Fix uninitialized return value in nvm_get_chunk_meta() Geert Uytterhoeven
2018-10-28 16:07 ` Geert Uytterhoeven
2018-10-28 18:38 ` Matias Bjørling
2018-10-28 18:38 ` Matias Bjørling
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.