On "missed ABBA deadlock" abba.result is read, but not initialized
in all situations.
Detected by CoverityScan, CID#1402035 ("Uninitialized scalar variable")
Signed-off-by: Robert Foss <[email protected]>
---
kernel/locking/test-ww_mutex.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/locking/test-ww_mutex.c b/kernel/locking/test-ww_mutex.c
index 6b7abb334ca6..beb76693ccfa 100644
--- a/kernel/locking/test-ww_mutex.c
+++ b/kernel/locking/test-ww_mutex.c
@@ -196,7 +196,7 @@ static void test_abba_work(struct work_struct *work)
static int test_abba(bool resolve)
{
- struct test_abba abba;
+ struct test_abba abba = { 0 };
struct ww_acquire_ctx ctx;
int err, ret;
--
2.11.0.453.g787f75f05
On Tue, Mar 14, 2017 at 03:44:02PM -0400, Robert Foss wrote:
> On "missed ABBA deadlock" abba.result is read, but not initialized
> in all situations.
>
> Detected by CoverityScan, CID#1402035 ("Uninitialized scalar variable")
It's unconditionally set by the worker, and only accessed by the parent
after the flush_work() barrier.
-Chris
--
Chris Wilson, Intel Open Source Technology Centre
Hi Robert,
[auto build test WARNING on tip/locking/core]
[also build test WARNING on v4.11-rc2 next-20170310]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Robert-Foss/locking-ww_mutex-Prevent-read-of-uninitialized-memory/20170317-085627
config: x86_64-randconfig-i0-201711 (attached as .config)
compiler: gcc-4.9 (Debian 4.9.4-2) 4.9.4
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All warnings (new ones prefixed by >>):
kernel/locking/test-ww_mutex.c: In function 'test_abba':
>> kernel/locking/test-ww_mutex.c:199:9: warning: missing braces around initializer [-Wmissing-braces]
struct test_abba abba = { 0 };
^
kernel/locking/test-ww_mutex.c:199:9: warning: (near initialization for 'abba.work') [-Wmissing-braces]
vim +199 kernel/locking/test-ww_mutex.c
183 if (abba->resolve && err == -EDEADLK) {
184 ww_mutex_unlock(&abba->b_mutex);
185 ww_mutex_lock_slow(&abba->a_mutex, &ctx);
186 err = ww_mutex_lock(&abba->b_mutex, &ctx);
187 }
188
189 if (!err)
190 ww_mutex_unlock(&abba->a_mutex);
191 ww_mutex_unlock(&abba->b_mutex);
192 ww_acquire_fini(&ctx);
193
194 abba->result = err;
195 }
196
197 static int test_abba(bool resolve)
198 {
> 199 struct test_abba abba = { 0 };
200 struct ww_acquire_ctx ctx;
201 int err, ret;
202
203 ww_mutex_init(&abba.a_mutex, &ww_class);
204 ww_mutex_init(&abba.b_mutex, &ww_class);
205 INIT_WORK_ONSTACK(&abba.work, test_abba_work);
206 init_completion(&abba.a_ready);
207 init_completion(&abba.b_ready);
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation