From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EBB6C47088 for ; Mon, 7 Feb 2022 14:46:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239356AbiBGOqN (ORCPT ); Mon, 7 Feb 2022 09:46:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45336 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1441833AbiBGOdP (ORCPT ); Mon, 7 Feb 2022 09:33:15 -0500 Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D1DDCC0401C1; Mon, 7 Feb 2022 06:33:14 -0800 (PST) Received: by mail-lf1-x129.google.com with SMTP id o12so27167615lfg.12; Mon, 07 Feb 2022 06:33:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=KnaNqe0F/0qK8+8Ot3QUBi9cDcEuhiBIvkTGowrpFEs=; b=Pp2Y1sdYIzC+VATQtqdX6bmOnoUIS7hr/RcEeZ0+AeYoQ9S2gTYb4ZXM8iclajmCME 0r0rXd28riCvI5VWZp41PbGv+sS0prg0MIzKJmnh7kEgQPqdKrmr3ePDYkMigzlPJ5VF f5k+/0q0SLCpknP08JXKP1wBTTZ/6iGnMPcvyjBXw3ChCzm7NSnfPc4s8RBtoLcbidlu xN/6xfJQflvLWhelC7wQqRJWBO3jCZrxfDWJqp1PAv6Y7wCV2OG0ziCRvbUoNTX9l+xa JiF9oXLlfG4DO6CMxkHt4bL6nA51343foGp0u7Ud8bouZ4Pc+DglhhdNTFpuMhQOtG/Q nz5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=KnaNqe0F/0qK8+8Ot3QUBi9cDcEuhiBIvkTGowrpFEs=; b=4HYnGeW7nN9hjpa5FQg/qqfSXfhZHJMIdUxNdZAnN1NxURK++anjEqlZT35VOmH1Ix P24aG6aK5rI02XBdhEkTnlMhxTHkYu+ikVXMQfZL5sf6CJX44Url6FoJBMwg1rDvLrk4 TgLLEW1fZLluOPiVYVk4lv0SBRdcDxHF256FZeKmSiKhhYVKYIO85UKD90HtmzvSc64t 6JE3slFithlflK99hV0QuU4Wa9L2sFnKmhULg/lTcab+M1SfRRwlRBQTFZS4pfI2KNGV suJ+cey7GLzh4qghJo3mn2/5VfE6VEyQW6lu25HJuIMMjq3U9oOvErCgmltwloheIflu 8wAg== X-Gm-Message-State: AOAM533NtAdSnUjaKWH8MqUhvJBg4SE9XELBloNhzWvr+njkxyfDKyre baaj/Jj/xaR9irWgy26MSlDRoYuD647ba4mbrXc= X-Google-Smtp-Source: ABdhPJzqYRh55B1K0DlHc0a9idH2yG3fhQdcqL0ycqGvzogj798XtyNELAgH38g/ltV5HyyUsCGJjzLFNXsYU4UEipQ= X-Received: by 2002:a05:6512:1151:: with SMTP id m17mr8599456lfg.610.1644244393124; Mon, 07 Feb 2022 06:33:13 -0800 (PST) MIME-Version: 1.0 References: <20220207114315.555413-1-ammarfaizi2@gnuweeb.org> <91e8ca64-0670-d998-73d8-f75ec5264cb0@kernel.dk> <20220207142046.GP1978@kadam> In-Reply-To: <20220207142046.GP1978@kadam> From: Alviro Iskandar Setiawan Date: Mon, 7 Feb 2022 21:33:02 +0700 Message-ID: Subject: Re: [PATCH io_uring-5.17] io_uring: Fix build error potential reading uninitialized value To: Dan Carpenter Cc: Jens Axboe , Ammar Faizi , "GNU/Weeb Mailing List" , io-uring Mailing list , Tea Inside Mailing List , Linux Kernel Mailing List , kernel test robot , "Chen, Rong A" , Pavel Begunkov Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: io-uring@vger.kernel.org On Mon, Feb 7, 2022 at 9:21 PM Dan Carpenter wro= te: > On Mon, Feb 07, 2022 at 06:45:57AM -0700, Jens Axboe wrote: > > On 2/7/22 4:43 AM, Ammar Faizi wrote: > > > From: Alviro Iskandar Setiawan > > > > > > In io_recv() if import_single_range() fails, the @flags variable is > > > uninitialized, then it will goto out_free. > > > > > > After the goto, the compiler doesn't know that (ret < min_ret) is > > > always true, so it thinks the "if ((flags & MSG_WAITALL) ..." path > > > could be taken. > > > > > > The complaint comes from gcc-9 (Debian 9.3.0-22) 9.3.0: > > > ``` > > > fs/io_uring.c:5238 io_recvfrom() error: uninitialized symbol 'flags= ' > > > ``` > > > Fix this by bypassing the @ret and @flags check when > > > import_single_range() fails. > > > > The compiler should be able to deduce this, and I guess newer compilers > > do which is why we haven't seen this warning before. The compiler can't deduce this because the import_single_range() is located in a different translation unit (different C file), so it can't prove that (ret < min_ret) is always true as it can't see the function definition (in reality, it is always true because it only returns either 0 or -EFAULT). > > No, we disabled GCC's uninitialized variable checking a couple years > back. Linus got sick of the false positives. You can still see it if > you enable W=3D2 > > fs/io_uring.c: In function =E2=80=98io_recv=E2=80=99: > fs/io_uring.c:5252:20: warning: =E2=80=98flags=E2=80=99 may be used unini= tialized in this function [-Wmaybe-uninitialized] > } else if ((flags & MSG_WAITALL) && (msg.msg_flags & (MSG_TRUNC | MSG_C= TRUNC))) { > ~~~~~~~^~~~~~~~~~~~~~ > > If you introduce an uninitialized variable bug then likelyhood is the > kbuild-bot will send you a Clang warning or a Smatch warning or both. > I don't think anyone looks at GCC W=3D2 warnings. > This warning is valid, and the compiler should really warn that. But again, in reality, this is still a false-positive warning, because that "else if" will never be taken from the "goto out_free" path. -- Viro