| Message ID | 20190617131210.2190280-1-arnd@arndb.de |
|---|---|
| State | New |
| Headers | show |
| Series | lib: test_meminit: fix -Wmaybe-uninitialized false positive | expand |
On Mon, Jun 17, 2019 at 3:12 PM Arnd Bergmann <arnd@arndb.de> wrote: > > The conditional logic is too complicated for the compiler to > fully comprehend: > > lib/test_meminit.c: In function 'test_meminit_init': > lib/test_meminit.c:236:5: error: 'buf_copy' may be used uninitialized in this function [-Werror=maybe-uninitialized] > kfree(buf_copy); > ^~~~~~~~~~~~~~~ > lib/test_meminit.c:201:14: note: 'buf_copy' was declared here > > Simplify it by splitting out the non-rcu section. > > Fixes: af734ee6ec85 ("lib: introduce test_meminit module") > Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Alexander Potapenko <glider@google.com> > --- > lib/test_meminit.c | 50 ++++++++++++++++++++++++---------------------- > 1 file changed, 26 insertions(+), 24 deletions(-) > > diff --git a/lib/test_meminit.c b/lib/test_meminit.c > index ed7efec1387b..7ae2183ff1f4 100644 > --- a/lib/test_meminit.c > +++ b/lib/test_meminit.c > @@ -208,35 +208,37 @@ static int __init do_kmem_cache_size(size_t size, bool want_ctor, > /* Check that buf is zeroed, if it must be. */ > fail = check_buf(buf, size, want_ctor, want_rcu, want_zero); > fill_with_garbage_skip(buf, size, want_ctor ? CTOR_BYTES : 0); > + > + if (!want_rcu) { > + kmem_cache_free(c, buf); > + continue; > + } > + > /* > * If this is an RCU cache, use a critical section to ensure we > * can touch objects after they're freed. > */ > - if (want_rcu) { > - rcu_read_lock(); > - /* > - * Copy the buffer to check that it's not wiped on > - * free(). > - */ > - buf_copy = kmalloc(size, GFP_KERNEL); > - if (buf_copy) > - memcpy(buf_copy, buf, size); > - } > - kmem_cache_free(c, buf); > - if (want_rcu) { > - /* > - * Check that |buf| is intact after kmem_cache_free(). > - * |want_zero| is false, because we wrote garbage to > - * the buffer already. > - */ > - fail |= check_buf(buf, size, want_ctor, want_rcu, > - false); > - if (buf_copy) { > - fail |= (bool)memcmp(buf, buf_copy, size); > - kfree(buf_copy); > - } > - rcu_read_unlock(); > + rcu_read_lock(); > + /* > + * Copy the buffer to check that it's not wiped on > + * free(). > + */ > + buf_copy = kmalloc(size, GFP_KERNEL); > + if (buf_copy) > + memcpy(buf_copy, buf, size); > + > + /* > + * Check that |buf| is intact after kmem_cache_free(). > + * |want_zero| is false, because we wrote garbage to > + * the buffer already. > + */ > + fail |= check_buf(buf, size, want_ctor, want_rcu, > + false); > + if (buf_copy) { > + fail |= (bool)memcmp(buf, buf_copy, size); > + kfree(buf_copy); > } > + rcu_read_unlock(); > } > kmem_cache_destroy(c); > > -- > 2.20.0 > -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
diff --git a/lib/test_meminit.c b/lib/test_meminit.c index ed7efec1387b..7ae2183ff1f4 100644 --- a/lib/test_meminit.c +++ b/lib/test_meminit.c @@ -208,35 +208,37 @@ static int __init do_kmem_cache_size(size_t size, bool want_ctor, /* Check that buf is zeroed, if it must be. */ fail = check_buf(buf, size, want_ctor, want_rcu, want_zero); fill_with_garbage_skip(buf, size, want_ctor ? CTOR_BYTES : 0); + + if (!want_rcu) { + kmem_cache_free(c, buf); + continue; + } + /* * If this is an RCU cache, use a critical section to ensure we * can touch objects after they're freed. */ - if (want_rcu) { - rcu_read_lock(); - /* - * Copy the buffer to check that it's not wiped on - * free(). - */ - buf_copy = kmalloc(size, GFP_KERNEL); - if (buf_copy) - memcpy(buf_copy, buf, size); - } - kmem_cache_free(c, buf); - if (want_rcu) { - /* - * Check that |buf| is intact after kmem_cache_free(). - * |want_zero| is false, because we wrote garbage to - * the buffer already. - */ - fail |= check_buf(buf, size, want_ctor, want_rcu, - false); - if (buf_copy) { - fail |= (bool)memcmp(buf, buf_copy, size); - kfree(buf_copy); - } - rcu_read_unlock(); + rcu_read_lock(); + /* + * Copy the buffer to check that it's not wiped on + * free(). + */ + buf_copy = kmalloc(size, GFP_KERNEL); + if (buf_copy) + memcpy(buf_copy, buf, size); + + /* + * Check that |buf| is intact after kmem_cache_free(). + * |want_zero| is false, because we wrote garbage to + * the buffer already. + */ + fail |= check_buf(buf, size, want_ctor, want_rcu, + false); + if (buf_copy) { + fail |= (bool)memcmp(buf, buf_copy, size); + kfree(buf_copy); } + rcu_read_unlock(); } kmem_cache_destroy(c);
The conditional logic is too complicated for the compiler to fully comprehend: lib/test_meminit.c: In function 'test_meminit_init': lib/test_meminit.c:236:5: error: 'buf_copy' may be used uninitialized in this function [-Werror=maybe-uninitialized] kfree(buf_copy); ^~~~~~~~~~~~~~~ lib/test_meminit.c:201:14: note: 'buf_copy' was declared here Simplify it by splitting out the non-rcu section. Fixes: af734ee6ec85 ("lib: introduce test_meminit module") Signed-off-by: Arnd Bergmann <arnd@arndb.de> --- lib/test_meminit.c | 50 ++++++++++++++++++++++++---------------------- 1 file changed, 26 insertions(+), 24 deletions(-) -- 2.20.0