Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning

From: Chris Down
Date: Mon Sep 27 2021 - 09:33:39 EST

Next message: Miroslav Benes: "Re: [PATCH] module: fix clang CFI with MODULE_UNLOAD=n"
Previous message: kernel test robot: "drivers/net/ethernet/smsc/smc91x.c:634:23: warning: variable 'flags' set but not used"
In reply to: Arnd Bergmann: "Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning"
Next in thread: Chris Down: "Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Arnd Bergmann writes:

On Mon, Sep 27, 2021 at 3:20 PM Chris Down <chris@xxxxxxxxxxxxxx> wrote:

Hi Arnd,

Arnd Bergmann writes:
>From: Arnd Bergmann <arnd@xxxxxxxx>
>
>clang notices that the pi_get_entry() function would use
>uninitialized data if it was called with a non-NULL module
>pointer on a kernel that does not support modules:

On a !CONFIG_MODULES kernel, we _never_ pass a non-NULL module pointer. This
isn't just convention: we don't even have `struct module` fully fleshed out, so
it technically cannot be so.

Yes, I understand that part, hence the "if it was called" rather then
"when it is called".

But there's no "if", it's simply not possible.

>kernel/printk/index.c:32:6: error: variable 'nr_entries' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized]
> if (!mod) {
> ^~~~
>kernel/printk/index.c:38:13: note: uninitialized use occurs here
> if (pos >= nr_entries)
> ^~~~~~~~~~
>kernel/printk/index.c:32:2: note: remove the 'if' if its condition is always true
> if (!mod) {
>
>Rework the condition to make it clear to the compiler that we are always
>in the second case. Unfortunately the #ifdef is still required as the
>definition of 'struct module' is hidden when modules are disabled.

Having IS_ENABLED and then an #ifdef seems to hurt code readability to me.

>Fixes: 337015573718 ("printk: Userspace format indexing support")

Does this really fix anything, or just clang's ignorance? If the latter, clang
needs to be smarter here: as far as I can see there are no occasions where
there's even any opportunity for a non-NULL pointer to come in on a
!CONFIG_MODULES kernel, since `struct module` isn't even complete.

I don't see how you would expect clang to understand that part. It does
not do cross-function analysis for the purpose of diagnostic output, and
even if it did, then this caller

static void *pi_next(struct seq_file *s, void *v, loff_t *pos)
{
const struct module *mod = s->file->f_inode->i_private;
struct pi_entry *entry = pi_get_entry(mod, *pos);
...
}

has no indication that "s->file->f_inode->i_private" is guaranteed to
be a NULL pointer.

Sure, but it seems unnecessary to me to gum up the code because of clang's inability to understand that.

Next message: Miroslav Benes: "Re: [PATCH] module: fix clang CFI with MODULE_UNLOAD=n"
Previous message: kernel test robot: "drivers/net/ethernet/smsc/smc91x.c:634:23: warning: variable 'flags' set but not used"
In reply to: Arnd Bergmann: "Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning"
Next in thread: Chris Down: "Re: [PATCH] printk: avoid -Wsometimes-uninitialized warning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]