Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 27 Mar 2020 11:23:28 -0700
From: Leonid Shamis <>
To: Rich Felker <>
Subject: Re: __pthread_mutex_unlock uninitialized value

Apologies. First post. I'll use the official repo from now on.

This was originally brought to my attention via static analysis:

warning: ‘old’ may be used uninitialized in this function
   __asm__ __volatile__("lock ; cmpxchg %3, %1" : "=a"(t), "=m"(*p) :
"a"(t), "r"(s) : "memory");

And in my reading, I thought the (type != PTHREAD_MUTEX_NORMAL) only
checked the bottom three bits.

Please disregard this email chain :)

On Fri, Mar 27, 2020 at 11:16 AM Rich Felker <> wrote:

> On Fri, Mar 27, 2020 at 10:52:58AM -0700, Leonid Shamis wrote:
> >
> BTW official git is here:
> > In the case where a mutex:
> >
> > an uninitialized value of 'old' is used to check whether to futex.
> Can you elaborate on this? In line 15, old is assigned; this applies
> to all mutex types except plain boring normal (without PI and without
> robust). The condition in line 33 can only be true if type is nonzero
> (not plain boring normal mutex) so I don't see any way it can be used
> uninitialized in line 34. Is your report based on your own reading or
> a static analysis tool?
> Rich

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.