[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Uninitialized variables in hvm_event_breakpoint (Re: New Defects reported by Coverity Scan for XenProject)


  • To: Ian Campbell <ian.campbell@xxxxxxxxxx>, Corneliu ZUZU <czuzu@xxxxxxxxxxxxxxx>
  • From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
  • Date: Thu, 18 Feb 2016 12:13:15 +0200
  • Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxx>
  • Comment: DomainKeys? See http://domainkeys.sourceforge.net/
  • Delivery-date: Thu, 18 Feb 2016 10:12:28 +0000
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bitdefender.com; b=PmLZBqQ0SSNFRZ1K6Xq1B0KwAntLb04fwYOb+XYBa0U+MLpI2YDhl2zyEmXVz9ACYaX8QRvANDEgWhqOxn2hdWj6sR5IYN7LUuOeiXxpWfvKzzDLCDG7dVhx/GAmJZlpbeddojMByOq/xBfz/6TL/xLZ0uaVVpTIX+u25PMUuuk1yNz9FowSDUovEAJc6OLilR35o5mXVnSL9LfyvzFGa81OGee7EVkkrF2JnwK0n5giJ3nz728etAk1/7O7i3fCvRVZaYqK6tYTyGr+18cwZe16WB+jij10HMbWlxwSoK8cBE1s3/83+21VEg7+qimNCD1Nfxt0FsPKxWT9IWmqBA==; h=Received:Received:Received:Received:Received:Subject:To:References:Cc:From:Message-ID:Date:User-Agent:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-BitDefender-Scanner:X-BitDefender-Spam:X-BitDefender-SpamStamp:X-BitDefender-CF-Stamp;
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 02/18/2016 12:01 PM, Ian Campbell wrote:
> On Wed, 2016-02-17 at 16:02 -0800, scan-admin@xxxxxxxxxxxx wrote:
>> Hi,
>>
>> Please find the latest report on new defect(s) introduced to XenProject
>> found with Coverity Scan.
>>
>> 1 new defect(s) introduced to XenProject found with Coverity Scan.
>> 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the
>> recent build analyzed by Coverity Scan.
>>
>> New defect(s) Reported-by: Coverity Scan
>> Showing 1 of 1 defect(s)
>>
>>
>> ** CID 1353192:  Uninitialized variables  (UNINIT)
>> /xen/arch/x86/hvm/event.c: 176 in hvm_event_breakpoint()
> 
> This appears to have been introduced by: 
>     commit
>     557c7873f35aa39bd84977b28948457b1b342f92
>     Author: Corneliu ZUZU <czuzu@bitdef
>     ender.com>
>     Date:   Mon Feb 15 14:14:16 2016 +0100
> 
>         x86: merge 2 hvm_event_... functions into 1
>         
>         This patch merges almost identical functions hvm_event_int3 and
>         hvm_event_single_step into a single function called 
> hvm_event_breakpoint.
>         Also fixes event.c file header comment in the process.
>         
>         Signed-off-by: Corneliu ZUZU <    czuzu@xxxxxxxxxxxxxxx    >
>         Acked-by: Razvan Cojocaru <    rcojocaru@xxxxxxxxxxxxxxx    >
>         Acked-by: Jan Beulich <    jbeulich@xxxxxxxx    >
> 
> 
> hvm_event_breakpoint calls hvm_event_traps(&req) and if sync is true that
> ors some bits into req->flags which was never initialised.
> 
>>
>>
>> _________________________________________________________________________
>> _______________________________
>> *** CID 1353192:  Uninitialized variables  (UNINIT)
>> /xen/arch/x86/hvm/event.c: 176 in hvm_event_breakpoint()
>> 170     
>> 171     int hvm_event_breakpoint(unsigned long rip,
>> 172                              enum hvm_event_breakpoint_type type)
>> 173     {
>> 174         struct vcpu *curr = current;
>> 175         struct arch_domain *ad = &curr->domain->arch;
>>>>>     CID 1353192:  Uninitialized variables  (UNINIT)
>>>>>     Declaring variable "req" without initializer.
>> 176         vm_event_request_t req;
>> 177     
>> 178         switch ( type )
>> 179         {
>> 180         case HVM_EVENT_SOFTWARE_BREAKPOINT:
>> 181             if ( !ad->monitor.software_breakpoint_enabled )

But the structure is being initialized in both cases
(HVM_EVENT_SOFTWARE_BREAKPOINT and HVM_EVENT_SINGLESTEP_BREAKPOINT), and
the default case returns, so it's not possible to get to the
hvm_event_traps(&req) call with an uninitialized req. Am I missing
something?


Thanks,
Razvan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.