[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Uninitialized variables in hvm_event_breakpoint (Re: New Defects reported by Coverity Scan for XenProject)

  • To: Corneliu ZUZU <czuzu@xxxxxxxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>
  • From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
  • Date: Thu, 18 Feb 2016 12:17:39 +0200
  • Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxx>
  • Comment: DomainKeys? See http://domainkeys.sourceforge.net/
  • Delivery-date: Thu, 18 Feb 2016 10:16:43 +0000
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bitdefender.com; b=U/xC7oh0NFh95NUM1N84zSN1U0j1pGJQKS8lIler5MTzHQQoxe0dR6hnHXNqhT98yNpoEK1sPLlr4ktpkKwjo1R3bnIZJb0a2Dnzx2yIXqj3ApEU5mrMqoev+PZBhBB3iK7lbbxe9HgtDl6s7n1v4lcgGg4x8bwngAeVHfXl2bybiYh9yQxUmrSEBXHM0n0rZpse4jK0WgY9FKCMbBPrpFoUjsGWnL/43vSuWnE6A3UeYZC1e0vZxy5briOBcftGtHdmzaxcj24YjSYPsuV0f0Cmxhv6Vtfn79ykrEPr7/hN8L24ovEy8ta2eXk7ARTRwiuxrPHGGsaMcKhH3Y1qzQ==; h=Received:Received:Received:Received:Received:Subject:To:References:Cc:From:Message-ID:Date:User-Agent:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-BitDefender-Scanner:X-BitDefender-Spam:X-BitDefender-SpamStamp:X-BitDefender-CF-Stamp;
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>
On 02/18/2016 12:13 PM, Corneliu ZUZU wrote:
> On 2/18/2016 12:01 PM, Ian Campbell wrote:
>> On Wed, 2016-02-17 at 16:02 -0800, scan-admin@xxxxxxxxxxxx wrote:
>>> Hi,
>>>
>>> Please find the latest report on new defect(s) introduced to XenProject
>>> found with Coverity Scan.
>>>
>>> 1 new defect(s) introduced to XenProject found with Coverity Scan.
>>> 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the
>>> recent build analyzed by Coverity Scan.
>>>
>>> New defect(s) Reported-by: Coverity Scan
>>> Showing 1 of 1 defect(s)
>>>
>>>
>>> ** CID 1353192:  Uninitialized variables  (UNINIT)
>>> /xen/arch/x86/hvm/event.c: 176 in hvm_event_breakpoint()
>> This appears to have been introduced by:
>>      commit
>>      557c7873f35aa39bd84977b28948457b1b342f92
>>      Author: Corneliu ZUZU <czuzu@bitdef
>>      ender.com>
>>      Date:   Mon Feb 15 14:14:16 2016 +0100
>>
>>          x86: merge 2 hvm_event_... functions into 1
>>                   This patch merges almost identical functions
>> hvm_event_int3 and
>>          hvm_event_single_step into a single function called
>> hvm_event_breakpoint.
>>          Also fixes event.c file header comment in the process.
>>                   Signed-off-by: Corneliu ZUZU <   
>> czuzu@xxxxxxxxxxxxxxx    >
>>          Acked-by: Razvan Cojocaru <    rcojocaru@xxxxxxxxxxxxxxx    >
>>          Acked-by: Jan Beulich <    jbeulich@xxxxxxxx    >
>>
>>
>> hvm_event_breakpoint calls hvm_event_traps(&req) and if sync is true that
>> ors some bits into req->flags which was never initialised.
>>
>>>
>>> _________________________________________________________________________
>>>
>>> _______________________________
>>> *** CID 1353192:  Uninitialized variables  (UNINIT)
>>> /xen/arch/x86/hvm/event.c: 176 in hvm_event_breakpoint()
>>> 170
>>> 171     int hvm_event_breakpoint(unsigned long rip,
>>> 172                              enum hvm_event_breakpoint_type type)
>>> 173     {
>>> 174         struct vcpu *curr = current;
>>> 175         struct arch_domain *ad = &curr->domain->arch;
>>>>>>      CID 1353192:  Uninitialized variables  (UNINIT)
>>>>>>      Declaring variable "req" without initializer.
>>> 176         vm_event_request_t req;
>>> 177
>>> 178         switch ( type )
>>> 179         {
>>> 180         case HVM_EVENT_SOFTWARE_BREAKPOINT:
>>> 181             if ( !ad->monitor.software_breakpoint_enabled )
>>>
>>>
>>> _________________________________________________________________________
>>>
>>> _______________________________
>>> To view the defects in Coverity Scan visit,
>>> https://scan.coverity.com/pro
>>> jects/xenproject?tab=overview
>>>
>>> To manage Coverity Scan email notifications for
>>> "ian.campbell@xxxxxxxxxx", click
>>> https://scan.coverity.com/subscriptions/
>>> edit?email=ian.campbell%40citrix.com&token=1ce0fc428b9f94f66fd8d1ecf6cbb7
>>>
>>> 6a
>>>
> 
> Sorry, my bad, I didn't know struct-initialization using labels sets all
> the other fields to zero.
> Shall I submit a fix for this issue?

Right, req->flags. Good catch. Yes, please do, req = {}; should do.


Thanks,
Razvan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.