|
| From: | Laurent Vivier |
| Subject: | Re: [PATCH] vhost: svq: fix uninitialized variable |
| Date: | Fri, 17 Feb 2023 12:44:22 +0100 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.0 |
On 2/17/23 12:24, Eugenio Perez Martin wrote:
On Fri, Feb 17, 2023 at 11:42 AM Laurent Vivier <lvivier@redhat.com> wrote:The problem has been reported by gcc with CFLAGS=-O3: .../hw/virtio/vhost-shadow-virtqueue.c: In function ‘vhost_svq_poll’: .../hw/virtio/vhost-shadow-virtqueue.c:538:12: error: ‘len’ may be used uninitialized [-Werror=maybe-uninitialized] 538 | return len; | ^~~ vhost_svq_get_buf() returns NULL if SVQ is empty but doesn't set len to 0, and vhost_svq_poll() returns len without checking the return of vhost_svq_get_buf(). So if the SVQ is empty vhost_svq_poll() can return an random value.s/an random/a random/. I think this solves the same as https://www.mail-archive.com/qemu-devel@nongnu.org/msg939383.html ?
Yes, exactly. Thanks, Laurent
Thanks!Signed-off-by: Laurent Vivier <lvivier@redhat.com> --- hw/virtio/vhost-shadow-virtqueue.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c index 430729635815..31cf642db267 100644 --- a/hw/virtio/vhost-shadow-virtqueue.c +++ b/hw/virtio/vhost-shadow-virtqueue.c @@ -420,6 +420,7 @@ static VirtQueueElement *vhost_svq_get_buf(VhostShadowVirtqueue *svq, vring_used_elem_t used_elem; uint16_t last_used, last_used_chain, num; + *len = 0; if (!vhost_svq_more_used(svq)) { return NULL; } -- 2.39.1
| [Prev in Thread] | Current Thread | [Next in Thread] |