From: Hongbo Li <lihongbo22@huawei.com>
To: Kent Overstreet <kent.overstreet@linux.dev>
Cc: <bfoster@redhat.com>, <linux-bcachefs@vger.kernel.org>
Subject: Re: [PATCH 1/2] bcachefs: eliminate the uninitialized compilation warning in bch2_reconstruct_snapshots
Date: Fri, 26 Apr 2024 09:31:51 +0800 [thread overview]
Message-ID: <3ae892c3-bcef-4302-96eb-9dbdbb8bb083@huawei.com> (raw)
In-Reply-To: <ydyguyfadhf3ui7zba25zu7zpocs5gjn44iprsq755uotwafz7@coc5mvcvjztr>
On 2024/4/26 1:08, Kent Overstreet wrote:
> On Thu, Apr 25, 2024 at 11:55:02AM +0800, Hongbo Li wrote:
>>
>>
>> On 2024/4/25 11:34, Kent Overstreet wrote:
>>> On Fri, Apr 19, 2024 at 03:48:50PM +0800, Hongbo Li wrote:
>>>> [BUG]
>>>> When compiling the bcachefs-tools, the following compilation warning
>>>> is reported:
>>>> libbcachefs/snapshot.c: In function ‘bch2_reconstruct_snapshots’:
>>>> libbcachefs/snapshot.c:915:19: warning: ‘tree_id’ may be used uninitialized in this function [-Wmaybe-uninitialized]
>>>> 915 | snapshot->v.tree = cpu_to_le32(tree_id);
>>>> libbcachefs/snapshot.c:903:6: note: ‘tree_id’ was declared here
>>>> 903 | u32 tree_id;
>>>> | ^~~~~~~
>>>>
>>>> [CAUSE]
>>>> This is a false alert, because @tree_id is changed in
>>>> bch2_snapshot_tree_create after it returns 0. And if this function
>>>> returns other value, @tree_id wouldn't be used. Thus there should
>>>> be nothing wrong in logical.
>>>>
>>>> [FIX]
>>>> Although the report itself is a false alert, we can still make it more
>>>> explicit by:
>>>> - check the input parameter 'u32 *tree_id' with WARN_ON_ONCE
>>>> - initialize @tree_id to U32_MAX
>>>> - add extra WARN_ON_ONCE to make sure @tree_id is updated
>>>>
>>>> Fixes: a292be3b68f3 ("bcachefs: Reconstruct missing snapshot nodes")
>>>> Signed-off-by: Hongbo Li <lihongbo22@huawei.com>
>>>> ---
>>>> fs/bcachefs/snapshot.c | 5 ++++-
>>>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/fs/bcachefs/snapshot.c b/fs/bcachefs/snapshot.c
>>>> index 0b26dee17a5a..cad3408903b2 100644
>>>> --- a/fs/bcachefs/snapshot.c
>>>> +++ b/fs/bcachefs/snapshot.c
>>>> @@ -78,6 +78,7 @@ __bch2_snapshot_tree_create(struct btree_trans *trans)
>>>> static int bch2_snapshot_tree_create(struct btree_trans *trans,
>>>> u32 root_id, u32 subvol_id, u32 *tree_id)
>>>> {
>>>> + WARN_ON_ONCE(!tree_id);
>>>
>>> There's no point checking for a null pointer like that; the oops from a
>>> null ptr deref gives us exactly the same information.
>>>
>>>> struct bkey_i_snapshot_tree *n_tree =
>>>> __bch2_snapshot_tree_create(trans);
>>>> @@ -900,7 +901,7 @@ static int check_snapshot_exists(struct btree_trans *trans, u32 id)
>>>> if (bch2_snapshot_equiv(c, id))
>>>> return 0;
>>>> - u32 tree_id;
>>>> + u32 tree_id = U32_MAX;
>>>
>>> Just initialize it to 0. 0 is an invalid tree ID, so it'll be caught by
>>> snapshot_tree_invalid() if it's not set.
>>>
>>>> int ret = bch2_snapshot_tree_create(trans, id, 0, &tree_id);
>>>> if (ret)
>>>> return ret;
>>>> @@ -910,6 +911,8 @@ static int check_snapshot_exists(struct btree_trans *trans, u32 id)
>>>> if (ret)
>>>> return ret;
>>>> + /* bch2_snapshot_tree_create returned 0, @tree_id must be updated. */
>>>> + WARN_ON_ONCE(tree_id == U32_MAX);
>>>
>>> Nix this as well.
>> This is to ensure that the tree_id is modified.
>
> It's still not a good assertion; it's checking something simple and
> purely local, and we've got other checks that will fire later - it's not
> guarding against undefined behaviour.
>
Thank you, I will revise the code based on your reviews.
next prev parent reply other threads:[~2024-04-26 1:32 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-19 7:48 [PATCH 0/2] eliminate the uninitialized compilation warning Hongbo Li
2024-04-19 7:48 ` [PATCH 1/2] bcachefs: eliminate the uninitialized compilation warning in bch2_reconstruct_snapshots Hongbo Li
2024-04-25 3:34 ` Kent Overstreet
2024-04-25 3:55 ` Hongbo Li
2024-04-25 17:08 ` Kent Overstreet
2024-04-26 1:31 ` Hongbo Li [this message]
2024-04-19 7:48 ` [PATCH 2/2] bcachefs: eliminate the uninitialized compilation warning in __do_six_trylock Hongbo Li
2024-04-25 3:39 ` Kent Overstreet
2024-04-24 1:14 ` [PATCH 0/2] eliminate the uninitialized compilation warning Hongbo Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3ae892c3-bcef-4302-96eb-9dbdbb8bb083@huawei.com \
--to=lihongbo22@huawei.com \
--cc=bfoster@redhat.com \
--cc=kent.overstreet@linux.dev \
--cc=linux-bcachefs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).