From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexei Starovoitov Subject: Re: [PATCH bpf-next] bpf: arm64: fix uninitialized variable Date: Mon, 18 Dec 2017 10:36:47 -0800 Message-ID: <68b024dd-4113-8c8a-a606-7b4b0206973d@fb.com> References: <20171218180944.3145591-1-ast@kernel.org> <801f283e-293b-251d-1e81-3c08094e1d94@iogearbox.net> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit Cc: Arnd Bergmann , , To: Daniel Borkmann , Alexei Starovoitov , "David S . Miller" Return-path: Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:58180 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932865AbdLRShU (ORCPT ); Mon, 18 Dec 2017 13:37:20 -0500 In-Reply-To: <801f283e-293b-251d-1e81-3c08094e1d94@iogearbox.net> Sender: netdev-owner@vger.kernel.org List-ID: On 12/18/17 10:19 AM, Daniel Borkmann wrote: > On 12/18/2017 07:09 PM, Alexei Starovoitov wrote: >> From: Alexei Starovoitov >> >> fix the following issue: >> arch/arm64/net/bpf_jit_comp.c: In function 'bpf_int_jit_compile': >> arch/arm64/net/bpf_jit_comp.c:982:18: error: 'image_size' may be used >> uninitialized in this function [-Werror=maybe-uninitialized] >> >> Fixes: db496944fdaa ("bpf: arm64: add JIT support for multi-function programs") >> Reported-by: Arnd Bergmann >> Signed-off-by: Alexei Starovoitov >> --- >> arch/arm64/net/bpf_jit_comp.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c >> index 396490cf7316..acaa935ed977 100644 >> --- a/arch/arm64/net/bpf_jit_comp.c >> +++ b/arch/arm64/net/bpf_jit_comp.c >> @@ -897,6 +897,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) >> image_ptr = jit_data->image; >> header = jit_data->header; >> extra_pass = true; >> + image_size = sizeof(u32) * ctx.idx; >> goto skip_init_ctx; >> } >> memset(&ctx, 0, sizeof(ctx)); >> > > I don't really mind, but it feels more complex than it needs to be > imho, since in the initial pass you fetch 'image_size' in fake pass > from ctx.idx, then we set ctx.idx to 0 again, do another pass and > use the cached ctx.idx from that second pass instead of the first > one where we set 'image_size' originally, so we definitely need to > take that into consideration in future reviews at least. not sure what you mean. This check: ctx.idx != jit_data->ctx.idx matters the most. After first alloc the 'image_size' variable used for dumping only. That's why the JITing itself worked fine. We could have removed it since it's computable from idx, but imo it's fine this way.