Date: Fri, 27 Mar 2020 11:23:28 -0700 From: Leonid Shamis <leonid.shamis@...il.com> To: Rich Felker <dalias@...c.org> Cc: musl@...ts.openwall.com Subject: Re: __pthread_mutex_unlock uninitialized value Apologies. First post. I'll use the official repo from now on. This was originally brought to my attention via static analysis: warning: ‘old’ may be used uninitialized in this function [-Wmaybe-uninitialized] __asm__ __volatile__("lock ; cmpxchg %3, %1" : "=a"(t), "=m"(*p) : "a"(t), "r"(s) : "memory"); ^~~~~~~ And in my reading, I thought the (type != PTHREAD_MUTEX_NORMAL) only checked the bottom three bits. Please disregard this email chain :) On Fri, Mar 27, 2020 at 11:16 AM Rich Felker <dalias@...c.org> wrote: > On Fri, Mar 27, 2020 at 10:52:58AM -0700, Leonid Shamis wrote: > > > https://github.com/bminor/musl/blob/54ca677983d47529bab8752315ac1a2b49888870/src/thread/pthread_mutex_unlock.c#L34 > > BTW official git is here: > > > https://git.musl-libc.org/cgit/musl/tree/src/thread/pthread_mutex_unlock.c?id=v1.2.0 > > > In the case where a mutex: > > is one of PTHREAD_MUTEX_ERRORCHECK or PTHREAD_MUTEX_RECURSIVE > > and PTHREAD_PRIO_INHERIT > > > > an uninitialized value of 'old' is used to check whether to futex. > > Can you elaborate on this? In line 15, old is assigned; this applies > to all mutex types except plain boring normal (without PI and without > robust). The condition in line 33 can only be true if type is nonzero > (not plain boring normal mutex) so I don't see any way it can be used > uninitialized in line 34. Is your report based on your own reading or > a static analysis tool? > > Rich > Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.