diff mbox series

net: ena: initialize dim_sample

Message ID 20230108143843.2987732-1-trix@redhat.com (mailing list archive)
State Changes Requested
Delegated to: Netdev Maintainers
Headers show
Series net: ena: initialize dim_sample | expand

Checks

Context Check Description
netdev/tree_selection success Guessed tree name to be net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/subject_prefix warning Target tree name not specified in the subject
netdev/cover_letter success Single patches do not need cover letters
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/cc_maintainers success CCed 14 of 14 maintainers
netdev/build_clang success Errors and warnings before: 2 this patch: 2
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Tom Rix Jan. 8, 2023, 2:38 p.m. UTC
clang static analysis reports this problem
drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning: Passed-by-value struct
  argument contains uninitialized data (e.g., field: 'comp_ctr') [core.CallAndMessage]
        net_dim(&ena_napi->dim, dim_sample);
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

net_dim can call dim_calc_stats() which uses the comp_ctr element,
so it must be initialized.

Fixes: 282faf61a053 ("net: ena: switch to dim algorithm for rx adaptive interrupt moderation")
Signed-off-by: Tom Rix <trix@redhat.com>
---
 drivers/net/ethernet/amazon/ena/ena_netdev.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Eric Dumazet Jan. 9, 2023, 10:34 a.m. UTC | #1
On Sun, Jan 8, 2023 at 3:38 PM Tom Rix <trix@redhat.com> wrote:
>
> clang static analysis reports this problem
> drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning: Passed-by-value struct
>   argument contains uninitialized data (e.g., field: 'comp_ctr') [core.CallAndMessage]
>         net_dim(&ena_napi->dim, dim_sample);
>         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> net_dim can call dim_calc_stats() which uses the comp_ctr element,
> so it must be initialized.

This seems to be a dim_update_sample() problem really, when comp_ctr
has been added...

Your patch works, but we could avoid pre-initializing dim_sample in all callers,
then re-writing all but one field...

diff --git a/include/linux/dim.h b/include/linux/dim.h
index 6c5733981563eadf5f06c59c5dc97df961692b02..4604ced4517268ef8912cd8053ac8f4d2630f977
100644
--- a/include/linux/dim.h
+++ b/include/linux/dim.h
@@ -254,6 +254,7 @@ dim_update_sample(u16 event_ctr, u64 packets, u64
bytes, struct dim_sample *s)
        s->pkt_ctr   = packets;
        s->byte_ctr  = bytes;
        s->event_ctr = event_ctr;
+       s->comp_ctr  = 0;
 }

 /**
Jiri Pirko Jan. 10, 2023, 4:44 p.m. UTC | #2
Sun, Jan 08, 2023 at 03:38:43PM CET, trix@redhat.com wrote:
>clang static analysis reports this problem
>drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning: Passed-by-value struct
>  argument contains uninitialized data (e.g., field: 'comp_ctr') [core.CallAndMessage]
>        net_dim(&ena_napi->dim, dim_sample);
>        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>net_dim can call dim_calc_stats() which uses the comp_ctr element,
>so it must be initialized.
>
>Fixes: 282faf61a053 ("net: ena: switch to dim algorithm for rx adaptive interrupt moderation")
>Signed-off-by: Tom Rix <trix@redhat.com>

Reviewed-by: Jiri Pirko <jiri@nvidia.com>
Shay Agroskin Jan. 10, 2023, 4:58 p.m. UTC | #3
Eric Dumazet <edumazet@google.com> writes:

> On Sun, Jan 8, 2023 at 3:38 PM Tom Rix <trix@redhat.com> wrote:
>>
>> clang static analysis reports this problem
>> drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning: 
>> Passed-by-value struct
>>   argument contains uninitialized data (e.g., field: 
>>   'comp_ctr') [core.CallAndMessage]
>>         net_dim(&ena_napi->dim, dim_sample);
>>         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> net_dim can call dim_calc_stats() which uses the comp_ctr 
>> element,
>> so it must be initialized.
>
> This seems to be a dim_update_sample() problem really, when 
> comp_ctr
> has been added...
>
> Your patch works, but we could avoid pre-initializing dim_sample 
> in all callers,
> then re-writing all but one field...
>
> diff --git a/include/linux/dim.h b/include/linux/dim.h
> index 
> 6c5733981563eadf5f06c59c5dc97df961692b02..4604ced4517268ef8912cd8053ac8f4d2630f977
> 100644
> --- a/include/linux/dim.h
> +++ b/include/linux/dim.h
> @@ -254,6 +254,7 @@ dim_update_sample(u16 event_ctr, u64 
> packets, u64
> bytes, struct dim_sample *s)
>         s->pkt_ctr   = packets;
>         s->byte_ctr  = bytes;
>         s->event_ctr = event_ctr;
> +       s->comp_ctr  = 0;
>  }
>
>  /**

Hi,

I'd rather go with Eric's solution to this issue than zero the 
whole struct in ENA

Thanks,
Shay
Tom Rix Jan. 10, 2023, 5:17 p.m. UTC | #4
On 1/10/23 8:58 AM, Shay Agroskin wrote:
>
> Eric Dumazet <edumazet@google.com> writes:
>
>> On Sun, Jan 8, 2023 at 3:38 PM Tom Rix <trix@redhat.com> wrote:
>>>
>>> clang static analysis reports this problem
>>> drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning: 
>>> Passed-by-value struct
>>>   argument contains uninitialized data (e.g., field: 'comp_ctr') 
>>> [core.CallAndMessage]
>>>         net_dim(&ena_napi->dim, dim_sample);
>>>         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> net_dim can call dim_calc_stats() which uses the comp_ctr element,
>>> so it must be initialized.
>>
>> This seems to be a dim_update_sample() problem really, when comp_ctr
>> has been added...
>>
>> Your patch works, but we could avoid pre-initializing dim_sample in 
>> all callers,
>> then re-writing all but one field...
>>
>> diff --git a/include/linux/dim.h b/include/linux/dim.h
>> index 
>> 6c5733981563eadf5f06c59c5dc97df961692b02..4604ced4517268ef8912cd8053ac8f4d2630f977
>> 100644
>> --- a/include/linux/dim.h
>> +++ b/include/linux/dim.h
>> @@ -254,6 +254,7 @@ dim_update_sample(u16 event_ctr, u64 packets, u64
>> bytes, struct dim_sample *s)
>>         s->pkt_ctr   = packets;
>>         s->byte_ctr  = bytes;
>>         s->event_ctr = event_ctr;
>> +       s->comp_ctr  = 0;
>>  }
>>
>>  /**
>
> Hi,
>
> I'd rather go with Eric's solution to this issue than zero the whole 
> struct in ENA

Please look at the other callers of dim_update_sample.  The common 
pattern is to initialize the struct.

This alternative will work, but the pattern of initializing the struct 
the other (~20) callers should be refactored.

Tom

>
> Thanks,
> Shay
>
Shay Agroskin Jan. 11, 2023, 8:46 a.m. UTC | #5
Tom Rix <trix@redhat.com> writes:

> On 1/10/23 8:58 AM, Shay Agroskin wrote:
>>
>> Eric Dumazet <edumazet@google.com> writes:
>>
>>> On Sun, Jan 8, 2023 at 3:38 PM Tom Rix <trix@redhat.com> 
>>> wrote:
>>>>
>>>> clang static analysis reports this problem
>>>> drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning:
>>>> Passed-by-value struct
>>>>   argument contains uninitialized data (e.g., field: 
>>>> 'comp_ctr')
>>>> [core.CallAndMessage]
>>>>         net_dim(&ena_napi->dim, dim_sample);
>>>>         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>>
>>>> net_dim can call dim_calc_stats() which uses the comp_ctr 
>>>> element,
>>>> so it must be initialized.
>>>
>>> This seems to be a dim_update_sample() problem really, when 
>>> comp_ctr
>>> has been added...
>>>
>>> Your patch works, but we could avoid pre-initializing 
>>> dim_sample in
>>> all callers,
>>> then re-writing all but one field...
>>>
>>> diff --git a/include/linux/dim.h b/include/linux/dim.h
>>> index
>>> 6c5733981563eadf5f06c59c5dc97df961692b02..4604ced4517268ef8912cd8053ac8f4d2630f977
>>> 100644
>>> --- a/include/linux/dim.h
>>> +++ b/include/linux/dim.h
>>> @@ -254,6 +254,7 @@ dim_update_sample(u16 event_ctr, u64 
>>> packets, u64
>>> bytes, struct dim_sample *s)
>>>         s->pkt_ctr   = packets;
>>>         s->byte_ctr  = bytes;
>>>         s->event_ctr = event_ctr;
>>> +       s->comp_ctr  = 0;
>>>  }
>>>
>>>  /**
>>
>> Hi,
>>
>> I'd rather go with Eric's solution to this issue than zero the 
>> whole
>> struct in ENA
>
> Please look at the other callers of dim_update_sample.  The 
> common
> pattern is to initialize the struct.
>
> This alternative will work, but the pattern of initializing the 
> struct
> the other (~20) callers should be refactored.
>
> Tom
>

While Eric's patch might be bigger if you also remove the 
pre-initialization in the other drivers, the Linux code itself 
would be smaller (granted not significantly) and
it make less room for pitfalls in adding DIM support in other 
drivers.

Is there a good argument against using Eric's patch other than 
'the other patch would be bigger' ?

Shay

>>
>> Thanks,
>> Shay
>>
Tom Rix Jan. 11, 2023, 2:29 p.m. UTC | #6
On 1/11/23 12:46 AM, Shay Agroskin wrote:
>
> Tom Rix <trix@redhat.com> writes:
>
>> On 1/10/23 8:58 AM, Shay Agroskin wrote:
>>>
>>> Eric Dumazet <edumazet@google.com> writes:
>>>
>>>> On Sun, Jan 8, 2023 at 3:38 PM Tom Rix <trix@redhat.com> wrote:
>>>>>
>>>>> clang static analysis reports this problem
>>>>> drivers/net/ethernet/amazon/ena/ena_netdev.c:1821:2: warning:
>>>>> Passed-by-value struct
>>>>>   argument contains uninitialized data (e.g., field: 'comp_ctr')
>>>>> [core.CallAndMessage]
>>>>>         net_dim(&ena_napi->dim, dim_sample);
>>>>>         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>>>
>>>>> net_dim can call dim_calc_stats() which uses the comp_ctr element,
>>>>> so it must be initialized.
>>>>
>>>> This seems to be a dim_update_sample() problem really, when comp_ctr
>>>> has been added...
>>>>
>>>> Your patch works, but we could avoid pre-initializing dim_sample in
>>>> all callers,
>>>> then re-writing all but one field...
>>>>
>>>> diff --git a/include/linux/dim.h b/include/linux/dim.h
>>>> index
>>>> 6c5733981563eadf5f06c59c5dc97df961692b02..4604ced4517268ef8912cd8053ac8f4d2630f977 
>>>>
>>>> 100644
>>>> --- a/include/linux/dim.h
>>>> +++ b/include/linux/dim.h
>>>> @@ -254,6 +254,7 @@ dim_update_sample(u16 event_ctr, u64 packets, u64
>>>> bytes, struct dim_sample *s)
>>>>         s->pkt_ctr   = packets;
>>>>         s->byte_ctr  = bytes;
>>>>         s->event_ctr = event_ctr;
>>>> +       s->comp_ctr  = 0;
>>>>  }
>>>>
>>>>  /**
>>>
>>> Hi,
>>>
>>> I'd rather go with Eric's solution to this issue than zero the whole
>>> struct in ENA
>>
>> Please look at the other callers of dim_update_sample.  The common
>> pattern is to initialize the struct.
>>
>> This alternative will work, but the pattern of initializing the struct
>> the other (~20) callers should be refactored.
>>
>> Tom
>>
>
> While Eric's patch might be bigger if you also remove the 
> pre-initialization in the other drivers, the Linux code itself would 
> be smaller (granted not significantly) and
> it make less room for pitfalls in adding DIM support in other drivers.
>
> Is there a good argument against using Eric's patch other than 'the 
> other patch would be bigger' ?

No, I think it a better approach and if Eric can take it forward that 
would be great.

However when you start refactoring, it may grow larger than the single fix.

For instance, passing the structure by value could be changed to passing 
by reference.

Tom

>
> Shay
>
>>>
>>> Thanks,
>>> Shay
>>>
>
diff mbox series

Patch

diff --git a/drivers/net/ethernet/amazon/ena/ena_netdev.c b/drivers/net/ethernet/amazon/ena/ena_netdev.c
index e8ad5ea31aff..938184465eae 100644
--- a/drivers/net/ethernet/amazon/ena/ena_netdev.c
+++ b/drivers/net/ethernet/amazon/ena/ena_netdev.c
@@ -1805,7 +1805,7 @@  static void ena_dim_work(struct work_struct *w)
 
 static void ena_adjust_adaptive_rx_intr_moderation(struct ena_napi *ena_napi)
 {
-	struct dim_sample dim_sample;
+	struct dim_sample dim_sample = {};
 	struct ena_ring *rx_ring = ena_napi->rx_ring;
 
 	if (!rx_ring->per_napi_packets)