LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
@ 2021-08-20 11:17 Lukas Bulwahn
  2021-08-30 23:29 ` Thomas Gleixner
  0 siblings, 1 reply; 4+ messages in thread
From: Lukas Bulwahn @ 2021-08-20 11:17 UTC (permalink / raw)
  To: Thomas Gleixner, Ingo Molnar; +Cc: Peter Zijlstra, LKML, Sudip Mukherjee

Dear Thomas,

in commit dc7109aaa233 ("futex: Validate waiter correctly in
futex_proxy_trylock_atomic()") visible on next-20210819, you add:

+    /*
+     * Ensure that this is a waiter sitting in futex_wait_requeue_pi()
+     * and waiting on the 'waitqueue' futex which is always !PI.
+     */
+    if (!top_waiter->rt_waiter || top_waiter->pi_state)
+        ret = -EINVAL;

However, ret is unconditionally reassigned later and erases any
intended effect of this assignment. This is making that assignment
above a Dead Store, which clang-analyzer correctly warns about and
which motivates me to write you an email.

Did you intend to return -EINVAL here? So:

+       if (!top_waiter->rt_waiter || top_waiter->pi_state)
+               return -EINVAL;



Best regards,

Lukas

Static analysis tools are as foolish as they are... but every dog has its day...

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
  2021-08-20 11:17 Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()") Lukas Bulwahn
@ 2021-08-30 23:29 ` Thomas Gleixner
  2021-09-01 18:28   ` André Almeida
  0 siblings, 1 reply; 4+ messages in thread
From: Thomas Gleixner @ 2021-08-30 23:29 UTC (permalink / raw)
  To: Lukas Bulwahn, Ingo Molnar; +Cc: Peter Zijlstra, LKML, Sudip Mukherjee

Lukas,

On Fri, Aug 20 2021 at 13:17, Lukas Bulwahn wrote:
> in commit dc7109aaa233 ("futex: Validate waiter correctly in
> futex_proxy_trylock_atomic()") visible on next-20210819, you add:
>
> +    /*
> +     * Ensure that this is a waiter sitting in futex_wait_requeue_pi()
> +     * and waiting on the 'waitqueue' futex which is always !PI.
> +     */
> +    if (!top_waiter->rt_waiter || top_waiter->pi_state)
> +        ret = -EINVAL;
>
> However, ret is unconditionally reassigned later and erases any
> intended effect of this assignment. This is making that assignment
> above a Dead Store, which clang-analyzer correctly warns about and
> which motivates me to write you an email.
>
> Did you intend to return -EINVAL here? So:
>
> +       if (!top_waiter->rt_waiter || top_waiter->pi_state)
> +               return -EINVAL;

Duh, yes.

> Static analysis tools are as foolish as they are... but every dog has its day...

IOW: Even a blind hen sometimes finds a grain of corn :)

Care to send a patch?

Thanks,

        tglx

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
  2021-08-30 23:29 ` Thomas Gleixner
@ 2021-09-01 18:28   ` André Almeida
  2021-09-01 19:19     ` Thomas Gleixner
  0 siblings, 1 reply; 4+ messages in thread
From: André Almeida @ 2021-09-01 18:28 UTC (permalink / raw)
  To: Thomas Gleixner, Lukas Bulwahn, Ingo Molnar
  Cc: Peter Zijlstra, LKML, Sudip Mukherjee, Colin King

Thomas,

Às 20:29 de 30/08/21, Thomas Gleixner escreveu:
> Lukas,
> 
> On Fri, Aug 20 2021 at 13:17, Lukas Bulwahn wrote:
>> Did you intend to return -EINVAL here? So:
>>
>> +       if (!top_waiter->rt_waiter || top_waiter->pi_state)
>> +               return -EINVAL;
> 
> Duh, yes.
> 
>> Static analysis tools are as foolish as they are... but every dog has its day...
> 
> IOW: Even a blind hen sometimes finds a grain of corn :)
> 
> Care to send a patch?
> 

A patch was already proposed with this fix:
https://lore.kernel.org/lkml/20210818131840.34262-1-colin.king@canonical.com/

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()")
  2021-09-01 18:28   ` André Almeida
@ 2021-09-01 19:19     ` Thomas Gleixner
  0 siblings, 0 replies; 4+ messages in thread
From: Thomas Gleixner @ 2021-09-01 19:19 UTC (permalink / raw)
  To: André Almeida, Lukas Bulwahn, Ingo Molnar
  Cc: Peter Zijlstra, LKML, Sudip Mukherjee, Colin King

André!

On Wed, Sep 01 2021 at 15:28, André Almeida wrote:
> Às 20:29 de 30/08/21, Thomas Gleixner escreveu:
>> Care to send a patch?
>> 
>
> A patch was already proposed with this fix:
> https://lore.kernel.org/lkml/20210818131840.34262-1-colin.king@canonical.com/

Thanks for the pointer. This fell through the cracks for unknown reasons.


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-09-01 19:19 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-20 11:17 Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()") Lukas Bulwahn
2021-08-30 23:29 ` Thomas Gleixner
2021-09-01 18:28   ` André Almeida
2021-09-01 19:19     ` Thomas Gleixner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).