From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Ian Campbell <ian.campbell@citrix.com>, Wei Liu <wei.liu2@citrix.com>
Cc: xen-devel@lists.xenproject.org,
Roger Pau Monne <royger@FreeBSD.org>,
Ian Jackson <ian.jackson@eu.citrix.com>
Subject: Re: [PATCH] libxc: fix uninitialised usage of rc in meminit_hvm
Date: Wed, 3 Feb 2016 11:44:14 +0100 [thread overview]
Message-ID: <56B1D9FE.8090708@citrix.com> (raw)
In-Reply-To: <1454495454.25207.47.camel@citrix.com>
El 3/2/16 a les 11:30, Ian Campbell ha escrit:
> On Tue, 2016-02-02 at 12:37 +0000, Wei Liu wrote:
>> On Tue, Feb 02, 2016 at 12:33:20PM +0100, Roger Pau Monne wrote:
>>> From: Roger Pau Monne <royger@FreeBSD.org>
>>>
>>> Due to the HVMlite changes there's a chance that the value in rc is
>>> checked
>>> without being initialised. Fix this by initialising it to 0.
>>>
>>> Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
>>> Reported-by: Olaf Hering <olaf@aepfle.de>
>>
>> Acked-by: Wei Liu <wei.liu2@citrix.com>
>
> This is CID 1351229, I think?
Looks like, according the the description below.
>
> ** CID 1351229: Uninitialized variables (UNINIT)
>> /tools/libxc/xc_dom_x86.c: 1443 in meminit_hvm()
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1351229: Uninitialized variables (UNINIT)
>> /tools/libxc/xc_dom_x86.c: 1443 in meminit_hvm()
>> 1437 cur_pages = 0xc0;
>> 1438 stat_normal_pages += 0xc0;
>> 1439 }
>> 1440 else
>> 1441 cur_pages = vmemranges[vmemid].start >> PAGE_SHIFT;
>> 1442
>>>>> CID 1351229: Uninitialized variables (UNINIT)
>>>>> Using uninitialized value "rc".
>> 1443 while ( (rc == 0) && (end_pages > cur_pages) )
>> 1444 {
>> 1445 /* Clip count to maximum 1GB extent. */
>> 1446 unsigned long count = end_pages - cur_pages;
>> 1447 unsigned long max_pages = SUPERPAGE_1GB_NR_PFNS;
>> 1448
>
> Note that this while loop ends with:
> if ( rc != 0 )
> break;
> and there are no continue statements.
>
> Therefore I wonder if we would be better off removing the rc == 0 part of
> the loop condition?
We could, but I think we would still have the same issue with the "if (
rc != 0 )" at the end of the loop, AFAICT rc is never unconditionally
set inside of the loop itself, so gcc and coverity would still complain
about uninitialized usage.
> The issue with this patch is the usual one that it will hide other
> unintentional uses of rc before it is set to a good value.
>
> This issue was exposed by a prior "rc = xc_domain_populate_physmap_exact"
> becoming conditional on device_model. What is also concerning is the lack
> of error checking on that call -- is it really ok to just barrel on under
> these circumstance?
Hm, I guess we then rely on the rc == 0 at the start of the while loop
in order to bail out. IMHO the logic in this function is overly complicated.
Roger.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-02-03 10:44 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-07 16:48 [PATCH v10 0/9] Introduce HVM without dm and new boot ABI Roger Pau Monne
2015-12-07 16:48 ` [PATCH v10 1/9] xen/x86: set the vPMU interface based on the presence of a lapic Roger Pau Monne
2015-12-07 17:04 ` Jan Beulich
2015-12-09 10:18 ` Roger Pau Monné
2015-12-11 7:52 ` Tian, Kevin
2015-12-11 7:51 ` Tian, Kevin
2015-12-11 9:15 ` Jan Beulich
2015-12-11 9:31 ` Roger Pau Monné
2015-12-11 10:17 ` [PATCH v11 1/09] " Roger Pau Monne
2015-12-15 7:39 ` Tian, Kevin
2015-12-07 16:48 ` [PATCH v10 2/9] xen/x86: allow disabling all emulated devices inside of Xen Roger Pau Monne
2015-12-07 16:48 ` [PATCH v10 3/9] libxc: allow creating domains without emulated devices Roger Pau Monne
2016-02-01 7:17 ` Olaf Hering
2016-02-02 11:33 ` [PATCH] libxc: fix uninitialised usage of rc in meminit_hvm Roger Pau Monne
2016-02-02 12:37 ` Wei Liu
2016-02-03 10:30 ` Ian Campbell
2016-02-03 10:42 ` Wei Liu
2016-02-03 10:44 ` Roger Pau Monné [this message]
2016-02-03 10:54 ` Ian Campbell
2016-02-03 13:21 ` [PATCH v2] " Roger Pau Monne
2016-02-04 16:20 ` Ian Campbell
2015-12-07 16:48 ` [PATCH v10 4/9] x86/hvm: loosen up the ASSERT in hvm_cr4_guest_reserved_bits and hvm_efer_valid Roger Pau Monne
2015-12-07 16:56 ` Andrew Cooper
2015-12-08 8:28 ` Jan Beulich
2015-12-08 11:37 ` Andrew Cooper
2015-12-08 12:54 ` Jan Beulich
2015-12-08 14:43 ` Andrew Cooper
2015-12-09 8:25 ` Jan Beulich
2015-12-07 16:48 ` [PATCH v10 5/9] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs Roger Pau Monne
2015-12-08 17:08 ` Ian Campbell
2015-12-10 16:53 ` Jan Beulich
2015-12-10 17:18 ` Roger Pau Monné
2015-12-10 17:23 ` Jan Beulich
2015-12-07 16:48 ` [PATCH v10 6/9] libxc/xen: introduce a start info structure for HVMlite guests Roger Pau Monne
2015-12-07 16:48 ` [PATCH v10 7/9] libxc: switch xc_dom_elfloader to be used with HVMlite domains Roger Pau Monne
2015-12-07 16:48 ` [PATCH v10 8/9] libxl: allow the creation of HVM domains without a device model Roger Pau Monne
2015-12-07 16:48 ` [PATCH v10 9/9] libxl: add support for migrating HVM guests " Roger Pau Monne
2015-12-15 13:21 ` [PATCH v10 0/9] Introduce HVM without dm and new boot ABI Jan Beulich
2015-12-15 15:08 ` Ian Campbell
2015-12-15 15:11 ` Ian Campbell
2015-12-15 15:52 ` Roger Pau Monné
2015-12-15 15:58 ` Ian Campbell
2015-12-15 16:16 ` Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56B1D9FE.8090708@citrix.com \
--to=roger.pau@citrix.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=royger@FreeBSD.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.