From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC75EC433EF for ; Mon, 4 Jul 2022 16:49:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233419AbiGDQtw (ORCPT ); Mon, 4 Jul 2022 12:49:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46988 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235015AbiGDQs7 (ORCPT ); Mon, 4 Jul 2022 12:48:59 -0400 Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3CB2410DB for ; Mon, 4 Jul 2022 09:48:22 -0700 (PDT) Received: by mail-yb1-xb32.google.com with SMTP id l144so5279586ybl.5 for ; Mon, 04 Jul 2022 09:48:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=L5bopA3LB1XHVOlLQfcH6XEn+sIBVPJTuLNRtswn9CI=; b=c/CZzhgWMX3bbr5O6IqvVMfoZnAyutFGHBtOJxvRVUCpPzJ6Vh/OEsX9ddjDryLKuA JXrDh2Q0dZwecqh0Bc1ZmIHbvHv5ZYlF/3Cy4pp59N/hZZc+g6AzKwqaEjKE9n+w0L4P SGtbVNdzX60In90tk3zR5kKxLS65szG0+ctLVOkHwz7kJpsy0qBpVQiDktlwX2NIU037 thbcpaGonmo+7T5qn/XqJZ7ApfK4ca3IKZojcWMlCA/qfHccaJFH1GvI7//8OsazLSHT DXnwVJ0N1MqLa9SonmmKK11lHhIqIejowfQl2WAJ84B2obL74Vlq/wGy/lbvhUw3aJva YrJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=L5bopA3LB1XHVOlLQfcH6XEn+sIBVPJTuLNRtswn9CI=; b=px/eCnE15smhYmWWnc3iC5RPFZFl6RzI6Z0oJP+jiIlwxbaC0ZTiImInEWQ7u6GJPP h7tQrgTyW22cZ3gg6pO/NxC1SvpuJuJ60M+zVH8ffIl4VKZTGbETbN4X8ZjdbBtUwOHU kewS8J3w6DHSCQMj7bFr+m0WSQVcTOnqimZzdx6jfXLnoVXjzwIvM9cRABA5jHFf5lSB NsizU2VsLH+ReBImtXNp1xdVtdftHvmagCFQTldt8cmJwc6/3D8C2OoqwzZ3SQ9GUoEr QkwOgFq6E5Zv9lCLfd0kXpl1Pl6w5gne23/Yf/kR4GBapwM0uEvC6wyDLwheqNl2UEpx TxjQ== X-Gm-Message-State: AJIora+E3hg9MhzWePMj+h/jBw/9bo9qmR4o/Klaz+svEeLHbBdzvUrj 8us2XD5JpN/JCBhj0Tgq19+q982GZMepLlX+8hfmTQ== X-Google-Smtp-Source: AGRyM1tLdo0rneMsHOCy50i0zEQc7jDRMizVYynxVyfcFXLv8SFU3m/8JPgrZi7jMpqg3yqU/ifuk0aRSs6UyJ9TJfg= X-Received: by 2002:a25:a345:0:b0:66c:c670:6d13 with SMTP id d63-20020a25a345000000b0066cc6706d13mr33311155ybi.307.1656953301274; Mon, 04 Jul 2022 09:48:21 -0700 (PDT) MIME-Version: 1.0 References: <20220701142310.2188015-1-glider@google.com> <20220701142310.2188015-44-glider@google.com> In-Reply-To: From: Alexander Potapenko Date: Mon, 4 Jul 2022 18:47:45 +0200 Message-ID: Subject: Re: [PATCH v4 43/45] namei: initialize parameters passed to step_into() To: Al Viro Cc: Linus Torvalds , Alexei Starovoitov , Andrew Morton , Andrey Konovalov , Andy Lutomirski , Arnd Bergmann , Borislav Petkov , Christoph Hellwig , Christoph Lameter , David Rientjes , Dmitry Vyukov , Eric Dumazet , Greg Kroah-Hartman , Herbert Xu , Ilya Leoshkevich , Ingo Molnar , Jens Axboe , Joonsoo Kim , Kees Cook , Marco Elver , Mark Rutland , Matthew Wilcox , "Michael S. Tsirkin" , Pekka Enberg , Peter Zijlstra , Petr Mladek , Steven Rostedt , Thomas Gleixner , Vasily Gorbik , Vegard Nossum , Vlastimil Babka , kasan-dev , Linux-MM , linux-arch , Linux Kernel Mailing List , Evgenii Stepanov , Nathan Chancellor , Nick Desaulniers , Segher Boessenkool , Vitaly Buka , linux-toolchains Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 4, 2022 at 6:00 PM Al Viro wrote: > > On Mon, Jul 04, 2022 at 02:44:00PM +0100, Al Viro wrote: > > On Mon, Jul 04, 2022 at 10:20:53AM +0200, Alexander Potapenko wrote: > > > > > What makes you think they are false positives? Is the scenario I > > > described above: > > > > > > """ > > > In particular, if the call to lookup_fast() in walk_component() > > > returns NULL, and lookup_slow() returns a valid dentry, then the > > > `seq` and `inode` will remain uninitialized until the call to > > > step_into() > > > """ > > > > > > impossible? > > > > Suppose step_into() has been called in non-RCU mode. The first > > thing it does is > > int err =3D handle_mounts(nd, dentry, &path, &seq); > > if (err < 0) > > return ERR_PTR(err); > > > > And handle_mounts() in non-RCU mode is > > path->mnt =3D nd->path.mnt; > > path->dentry =3D dentry; > > if (nd->flags & LOOKUP_RCU) { > > [unreachable code] > > } > > [code not touching seqp] > > if (unlikely(ret)) { > > [code not touching seqp] > > } else { > > *seqp =3D 0; /* out of RCU mode, so the value doesn't mat= ter */ > > } > > return ret; > > > > In other words, the value seq argument of step_into() used to have ends= up > > being never fetched and, in case step_into() gets past that if (err < 0= ) > > that value is replaced with zero before any further accesses. > > > > So it's a false positive; yes, strictly speaking compiler is allowd > > to do anything whatsoever if it manages to prove that the value is > > uninitialized. Realistically, though, especially since unsigned int > > is not allowed any trapping representations... > > FWIW, update (and yet untested) branch is in #work.namei. Compared to th= e > previous, we store sampled ->d_seq of the next dentry in nd->next_seq, > rather than bothering with local variables. AFAICS, it ends up with > better code that way. And both ->seq and ->next_seq are zeroed at the > moments when we switch to non-RCU mode (as well as non-RCU path_init()). > > IMO it looks saner that way. NOTE: it still needs to be tested and proba= bly > reordered and massaged; it's not for merge at the moment. Current cumula= tive > diff follows: I confirm all KMSAN reports are gone as a result of applying this patch. --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Liana Sebastian Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg