On Wed, 27 Aug 2025 14:39:01 GMT, Matthias Baesken <mbaes...@openjdk.org> wrote:
>> When using gcc static analyzer (-fanalyzer) with gcc 13.2 the following >> issue is reported : >> >> /jdk/src/jdk.management/linux/native/libmanagement_ext/UnixOperatingSystem.c: >> In function 'get_jvmticks': >> /jdk/src/jdk.management/linux/native/libmanagement_ext/UnixOperatingSystem.c:208:24: >> warning: use of uninitialized value 'systemTicks' [CWE-457] >> [-Wanalyzer-use-of-uninitialized-value] >> 208 | pticks->usedKernel = systemTicks; >> >> >> vsscanf usually/normally reads the systemTicks info from /proc file system. >> see >> https://github.com/openjdk/jdk/blob/45726a1f8b8f76586037867a32b82f8ab9b96937/src/jdk.management/linux/native/libmanagement_ext/UnixOperatingSystem.c#L163 >> but we never check that the *exact* number of params is read with vsscanf : >> n = vsscanf(tmp, fmt, args); >> So potentially we could get a non complete info without systemTicks and the >> call would still succeed. > > Matthias Baesken has updated the pull request incrementally with one > additional commit since the last revision: > > init vars so that gcc static analyzer is happy too Assigning zero to values we are about to set with vsscanf, or are going to ignore, is being added here to keep the analyzer happy. I think we should not do this, and leave the initialization to scanf. (Unless there is some case where it creates a problem.) The extra initialization looks harmless, and while not hugely wasteful, if we do this one, then it starts a long path of adding extra initialization as we have various other examples. "src/hotspot/os/linux/os_perf_linux.cpp" as discussed has the same. Back in "src/jdk.management/linux/native/libmanagement_ext/UnixOperatingSystem.c" get_totalticks: 87 static int get_totalticks(int which, ticks *pticks) { ... 89 uint64_t userTicks, niceTicks, systemTicks, idleTicks; 90 uint64_t iowTicks = 0, irqTicks = 0, sirqTicks= 0; ... 97 n = fscanf(fh, "cpu " DEC_64 " " DEC_64 " " DEC_64 " " DEC_64 " " DEC_64 " " 98 DEC_64 " " DEC_64, 99 &userTicks, &niceTicks, &systemTicks, &idleTicks, 100 &iowTicks, &irqTicks, &sirqTicks); This one does not initialize userTicks and 3 others, but does initialize iowTicks and others. We check fscanf result < 4 to mean an error, it failed to read the essential values (that we don't manually initialize). Other examples include src/java.base/unix/native/jspawnhelper/jspawnhelper.c where local int variables are initialized only by a call to scanf, or otherwise ignored. (There are examples where we do initialize such a local int, but that doesn't mean it's necessary.) I'd recommend we don't start initializing things that we can see are either initialized slightly later, or are ignored. ------------- PR Comment: https://git.openjdk.org/jdk/pull/26962#issuecomment-3236525852
