-
-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initialize struct epoll_event to all zeros #14353
Closed
Closed
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, why would this be any different then literally the same initialization a few lines down?
Also, epoll_ctl() doesn't really care about the padding. Isn't this something to fix in valgrind?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also, we generally use the GNU C extension that allows us to write
= {}
rather than= {0}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
valgrind is actually right, because in the epoll_ctl syscall, it uses
copy_from_user
to copy the whole struct into kernel space, and thus the uninitialized bytes are leaked into kernel.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but that's pretty much OK, no? its pading, so noone should care. And the kernel is more privileged anyway, so you can't really say "leak into". If we'd leak the padding into less privileged stuff this would be a problem, but the other direction?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, I could update the code to use
= {}
I agree it's not really a bug, especially if GCC is doing right we do not need this change after all.
But isn't it better to fix such uninitialized bytes when valgrind helps to identify the issue? (if we accept that GCC is not going to fix it soon, the bug was opened in 2016)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that this is the biggest issue. Because of some accident of implementation, one initialization has a different effect than the other one. We shouldn't base our work-around something so flimsy.
I'd rather see the declaration moved down to the point of initialization and the cast removed:
Would this help with your issue?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope, the problem is actually in GCC with bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
It does not matter if we write
or
In both cases, GCC generates uninitialized data if the struct has padding bytes.
Example on coliru: http://coliru.stacked-crooked.com/a/a9a907bda006d9cd
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but shouldn't valgrind be fixed to not complain about non-initialized padding to be passed to kernel apis where it's known-safe?
I mean, i can see why complaining about that in write() makes sense, but i fail to see what could be wrong here with epoll. valrgind is just generating incorrect warnings.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree that it's valid code and it should not cause anything wrong at runtime.
But I also appreciate Valgrind telling that there are non-initialized bytes that are accessed, which potentially may cause issues.
So I think manually initializing the padding to 0 is an acceptable workaround.