[net-next] net: tipc: avoid possible garbage value

Message ID	20240912110119.2025503-1-suhui@nfschina.com (mailing list archive)
State	Superseded
Delegated to:	Netdev Maintainers
Headers	show Received: from mail.nfschina.com (unknown [42.101.60.213]) by smtp.subspace.kernel.org (Postfix) with SMTP id 4526F19C54C; Thu, 12 Sep 2024 11:01:40 +0000 (UTC) From: Su Hui <suhui@nfschina.com> To: jmaloy@redhat.com, ying.xue@windriver.com, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com Cc: Su Hui <suhui@nfschina.com>, tuong.t.lien@dektech.com.au, netdev@vger.kernel.org, tipc-discussion@lists.sourceforge.net, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, kernel-janitors@vger.kernel.org Subject: [PATCH net-next] net: tipc: avoid possible garbage value Date: Thu, 12 Sep 2024 19:01:20 +0800 Message-Id: <20240912110119.2025503-1-suhui@nfschina.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[net-next] net: tipc: avoid possible garbage value \| expand [net-next] net: tipc: avoid possible garbage value

Context	Check	Description
netdev/series_format	success	Single patches do not need cover letters
netdev/tree_selection	success	Clearly marked for net-next
netdev/ynl	success	Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 16 this patch: 16
netdev/build_tools	success	No tools touched, skip
netdev/cc_maintainers	success	CCed 13 of 13 maintainers
netdev/build_clang	success	Errors and warnings before: 16 this patch: 16
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	Fixes tag looks correct
netdev/build_allmodconfig_warn	success	Errors and warnings before: 16 this patch: 16
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0
netdev/contest	success	net-next-2024-09-12--15-00 (tests: 764)

Su Hui Sept. 12, 2024, 11:01 a.m. UTC

Clang static checker (scan-build) warning:
net/tipc/bcast.c:305:4:
The expression is an uninitialized value. The computed value will also
be garbage [core.uninitialized.Assign]
  305 |                         (*cong_link_cnt)++;
      |                         ^~~~~~~~~~~~~~~~~~

tipc_rcast_xmit() will increase cong_link_cnt's value, but cong_link_cnt
is uninitialized. Although it won't really cause a problem, it's better
to fix it.

Fixes: dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing")
Signed-off-by: Su Hui <suhui@nfschina.com>
---
 net/tipc/bcast.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Justin Stitt Sept. 12, 2024, 9:38 p.m. UTC | #1

Hi,

On Thu, Sep 12, 2024 at 4:01 AM Su Hui <suhui@nfschina.com> wrote:
>
> Clang static checker (scan-build) warning:
> net/tipc/bcast.c:305:4:
> The expression is an uninitialized value. The computed value will also
> be garbage [core.uninitialized.Assign]
>   305 |                         (*cong_link_cnt)++;
>       |                         ^~~~~~~~~~~~~~~~~~
>
> tipc_rcast_xmit() will increase cong_link_cnt's value, but cong_link_cnt
> is uninitialized. Although it won't really cause a problem, it's better
> to fix it.

Agreed.

Reviewed-by: Justin Stitt <justinstitt@google.com>
>
> Fixes: dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing")
> Signed-off-by: Su Hui <suhui@nfschina.com>
> ---
>  net/tipc/bcast.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/tipc/bcast.c b/net/tipc/bcast.c
> index 593846d25214..a3699be6a634 100644
> --- a/net/tipc/bcast.c
> +++ b/net/tipc/bcast.c
> @@ -321,7 +321,7 @@ static int tipc_mcast_send_sync(struct net *net, struct sk_buff *skb,
>         struct tipc_msg *hdr, *_hdr;
>         struct sk_buff_head tmpq;
>         struct sk_buff *_skb;
> -       u16 cong_link_cnt;
> +       u16 cong_link_cnt = 0;
>         int rc = 0;
>
>         /* Is a cluster supporting with new capabilities ? */
> --
> 2.30.2
>

Thanks
Justin

Simon Horman Sept. 14, 2024, 9:42 a.m. UTC | #2

On Thu, Sep 12, 2024 at 07:01:20PM +0800, Su Hui wrote:
> Clang static checker (scan-build) warning:
> net/tipc/bcast.c:305:4:
> The expression is an uninitialized value. The computed value will also
> be garbage [core.uninitialized.Assign]
>   305 |                         (*cong_link_cnt)++;
>       |                         ^~~~~~~~~~~~~~~~~~
> 
> tipc_rcast_xmit() will increase cong_link_cnt's value, but cong_link_cnt
> is uninitialized. Although it won't really cause a problem, it's better
> to fix it.
> 
> Fixes: dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing")
> Signed-off-by: Su Hui <suhui@nfschina.com>

Hi Su Hui,

This looks like a bug fix. If so it should be targeted at net rather than
net-next. If not, the Fixes tag should be dropped, and the commit can be
referenced in the patch description with some other text around:

commit dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing")

> ---
>  net/tipc/bcast.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/tipc/bcast.c b/net/tipc/bcast.c
> index 593846d25214..a3699be6a634 100644
> --- a/net/tipc/bcast.c
> +++ b/net/tipc/bcast.c
> @@ -321,7 +321,7 @@ static int tipc_mcast_send_sync(struct net *net, struct sk_buff *skb,
>  	struct tipc_msg *hdr, *_hdr;
>  	struct sk_buff_head tmpq;
>  	struct sk_buff *_skb;
> -	u16 cong_link_cnt;
> +	u16 cong_link_cnt = 0;
>  	int rc = 0;

I think we should preserve reverse xmas tree order - longest like to
shortest - for these local variable declarations.

>  
>  	/* Is a cluster supporting with new capabilities ? */
> -- 
> 2.30.2
> 
>

Dan Carpenter Sept. 14, 2024, 10:05 a.m. UTC | #3

On Sat, Sep 14, 2024 at 10:42:44AM +0100, Simon Horman wrote:
> On Thu, Sep 12, 2024 at 07:01:20PM +0800, Su Hui wrote:
> > Clang static checker (scan-build) warning:
> > net/tipc/bcast.c:305:4:
> > The expression is an uninitialized value. The computed value will also
> > be garbage [core.uninitialized.Assign]
> >   305 |                         (*cong_link_cnt)++;
> >       |                         ^~~~~~~~~~~~~~~~~~
> > 
> > tipc_rcast_xmit() will increase cong_link_cnt's value, but cong_link_cnt
> > is uninitialized. Although it won't really cause a problem, it's better
> > to fix it.
> > 
> > Fixes: dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing")
> > Signed-off-by: Su Hui <suhui@nfschina.com>
> 
> Hi Su Hui,
> 
> This looks like a bug fix. If so it should be targeted at net rather than
> net-next. If not, the Fixes tag should be dropped, and the commit can be
> referenced in the patch description with some other text around:
> 


It's one of those borderline things.  As the commit message says it doesn't
really cause a problem because cong_link_cnt is never used.  I guess if you had
UBSan turned on it would generate a runtime warning.  Still it also doesn't seem
intentional so I would probably count it as a bugfix and target net like you
suggest.

regards,
dan carpenter

Su Hui Sept. 14, 2024, 10:11 a.m. UTC | #4

On 2024/9/14 18:05, Dan Carpenter wrote:

> On Sat, Sep 14, 2024 at 10:42:44AM +0100, Simon Horman wrote:
>> On Thu, Sep 12, 2024 at 07:01:20PM +0800, Su Hui wrote:
>>> Clang static checker (scan-build) warning:
>>> net/tipc/bcast.c:305:4:
>>> The expression is an uninitialized value. The computed value will also
>>> be garbage [core.uninitialized.Assign]
>>>    305 |                         (*cong_link_cnt)++;
>>>        |                         ^~~~~~~~~~~~~~~~~~
>>>
>>> tipc_rcast_xmit() will increase cong_link_cnt's value, but cong_link_cnt
>>> is uninitialized. Although it won't really cause a problem, it's better
>>> to fix it.
>>>
>>> Fixes: dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing")
>>> Signed-off-by: Su Hui <suhui@nfschina.com>
>> Hi Su Hui,
>>
>> This looks like a bug fix. If so it should be targeted at net rather than
>> net-next. If not, the Fixes tag should be dropped, and the commit can be
>> referenced in the patch description with some other text around:
>>
>
> It's one of those borderline things.  As the commit message says it doesn't
> really cause a problem because cong_link_cnt is never used.  I guess if you had
> UBSan turned on it would generate a runtime warning.  Still it also doesn't seem
> intentional so I would probably count it as a bugfix and target net like you
> suggest.
Got it. I will send a v2 patch to net and  keeping reverse xmas tree order.
Thanks for the suggestions:).

Su Hui

[net-next] net: tipc: avoid possible garbage value

Checks

Commit Message

Comments

Patch