Re: [PATCH] powerpc: Avoid clang uninitialized warning in __get_user_size_allowed

From: Christophe Leroy
Date: Tue Apr 27 2021 - 01:05:22 EST

Le 26/04/2021 à 22:35, Nathan Chancellor a écrit :
Commit 9975f852ce1b ("powerpc/uaccess: Remove calls to __get_user_bad()
and __put_user_bad()") switch to BUILD_BUG() in the default case, which
leaves x uninitialized. This will not be an issue because the build will
be broken in that case but clang does static analysis before it realizes
the default case will be done so it warns about x being uninitialized
(trimmed for brevity):

In file included from mm/mprotect.c:13:
In file included from ./include/linux/hugetlb.h:28:
In file included from ./include/linux/mempolicy.h:16:
./include/linux/pagemap.h:772:16: warning: variable '__gu_val' is used
uninitialized whenever switch default is taken [-Wsometimes-uninitialized]
if (unlikely(__get_user(c, uaddr) != 0))
./arch/powerpc/include/asm/uaccess.h:266:2: note: expanded from macro '__get_user'
__get_user_size_allowed(__gu_val, __gu_addr, __gu_size, __gu_err); \
./arch/powerpc/include/asm/uaccess.h:235:2: note: expanded from macro
default: BUILD_BUG(); \

Commit 5cd29b1fd3e8 ("powerpc/uaccess: Use asm goto for get_user when
compiler supports it") added an initialization for x because of the same
reason. Do the same thing here so there is no warning across all
versions of clang.

Ah yes, I tested with Clang 11 which has CONFIG_CC_HAS_ASM_GOTO_OUTPUT, that's the reason why I hit that warning only in the CONFIG_CC_HAS_ASM_GOTO_OUTPUT branch.

But regardless, is that normal that Clang warns that on a never taken branch ? That's puzzling.

Signed-off-by: Nathan Chancellor <nathan@xxxxxxxxxx>

Acked-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx>

arch/powerpc/include/asm/uaccess.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h
index a4e791bcd3fe..a09e4240c5b1 100644
--- a/arch/powerpc/include/asm/uaccess.h
+++ b/arch/powerpc/include/asm/uaccess.h
@@ -232,7 +232,7 @@ do { \
case 2: __get_user_asm(x, (u16 __user *)ptr, retval, "lhz"); break; \
case 4: __get_user_asm(x, (u32 __user *)ptr, retval, "lwz"); break; \
case 8: __get_user_asm2(x, (u64 __user *)ptr, retval); break; \
- default: BUILD_BUG(); \
+ default: x = 0; BUILD_BUG(); \
} \
} while (0)

base-commit: ee6b25fa7c037e42cc5f3b5c024b2a779edab6dd