Re: [PATCH v4 44/45] mm: fs: initialize fsdata passed to write_begin/write_end interface

From: Alexander Potapenko
Date: Thu Aug 25 2022 - 11:40:08 EST

Next message: Richard Fitzgerald: "Re: [PATCH 3/3] soundwire: bus: Fix lost UNATTACH when re-enumerating"
Previous message: Nathan Chancellor: "Re: [Intel-gfx] [PATCH v1] drm/i915: fix null pointer dereference"
Next in thread: Linus Torvalds: "Re: [PATCH v4 44/45] mm: fs: initialize fsdata passed to write_begin/write_end interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 4, 2022 at 10:07 PM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote:
>
> On Fri, Jul 01, 2022 at 04:23:09PM +0200, Alexander Potapenko wrote:
> > Functions implementing the a_ops->write_end() interface accept the
> > `void *fsdata` parameter that is supposed to be initialized by the
> > corresponding a_ops->write_begin() (which accepts `void **fsdata`).
> >
> > However not all a_ops->write_begin() implementations initialize `fsdata`
> > unconditionally, so it may get passed uninitialized to a_ops->write_end(),
> > resulting in undefined behavior.
>
> ... wait, passing an uninitialised variable to a function *which doesn't
> actually use it* is now UB? What genius came up with that rule? What
> purpose does it serve?
>

Hi Matthew,

There is a discussion at [1], with Segher pointing out a reason for
this rule [2] and Linus requesting that we should be warning about the
cases where uninitialized variables are passed by value.

Right now there are only a handful cases in the kernel where such
passing is performed (we just need one more patch in addition to this
one for KMSAN to boot cleanly). So we are in a good position to start
enforcing this rule, unless there's a reason not to.

I am not sure standard compliance alone is a convincing argument, but
from KMSAN standpoint, performing parameter check at callsites
noticeably eases handling of values passed between instrumented and
non-instrumented code. This lets us avoid some low-level hacks around
instrumentation_begin()/instrumentation_end() (some context available
at [4]).

Let me know what you think,
Alex

[1] - https://lore.kernel.org/lkml/CAFKCwrjBjHMquj-adTf0_1QLYq3Et=gJ0rq6HS-qrAEmVA7Ujw@xxxxxxxxxxxxxx/T/
[2] - https://lore.kernel.org/lkml/20220615164655.GC25951@xxxxxxxxxxxxxxxxx/
[3] - https://lore.kernel.org/lkml/CAHk-=whjz3wO8zD+itoerphWem+JZz4uS3myf6u1Wd6epGRgmQ@xxxxxxxxxxxxxx/
[4] https://lore.kernel.org/lkml/20220426164315.625149-29-glider@xxxxxxxxxx/

Next message: Richard Fitzgerald: "Re: [PATCH 3/3] soundwire: bus: Fix lost UNATTACH when re-enumerating"
Previous message: Nathan Chancellor: "Re: [Intel-gfx] [PATCH v1] drm/i915: fix null pointer dereference"
Next in thread: Linus Torvalds: "Re: [PATCH v4 44/45] mm: fs: initialize fsdata passed to write_begin/write_end interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]