From: Alejandro Colomar <alx@kernel.org>
To: Alexander Atanasov <alex@zazolabs.com>
Cc: Shuah Khan <shuah@kernel.org>,
Christian Brauner <brauner@kernel.org>,
Jeff Layton <jlayton@kernel.org>,
Guenter Roeck <linux@roeck-us.net>,
Michael Kerrisk <mtk.manpages@gmail.com>,
Clint George <clintbgeorge@gmail.com>,
Ranganath V N <vnranganath.20@gmail.com>,
linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
libc-alpha@sourceware.org
Subject: Re: [PATCH] selftests/filesystems: follow std execveat argument convention in anon_inode_no_exec
Date: Tue, 20 Jan 2026 13:43:43 +0100 [thread overview]
Message-ID: <aW93WqpBspTwFiAC@devuan> (raw)
In-Reply-To: <20260120111008.442109-1-alex@zazolabs.com>
[-- Attachment #1: Type: text/plain, Size: 3580 bytes --]
[CC += libc-alpha]
Hi Alexander,
On Tue, Jan 20, 2026 at 11:10:07AM +0000, Alexander Atanasov wrote:
> While compiling filesystem selftests there is a warning:
> anon_inode_test.c:45:37: warning: null passed to a callee that
> requires a non-null argument [-Wnonnull]
> 45 | ASSERT_LT(execveat(fd_context, "", NULL, NULL, AT_EMPTY_PATH), 0);
>
> Kernel code is okay to be passed NULL for argv, in which
> case it generates argv by itself inside do_execveat_common.
> Man page of execvat lists both argv and envp as _Nullable.
Yup; the manual page uses that to document that Linux accepts NULL.
> But system's unistd.h says different:
> extern int execveat (int __fd, const char *__path, char *const __argv[],
> char *const __envp[], int __flags)
> __THROW __nonnull ((2, 3));
Hmmmm, this would trigger UB for user-space users relying on the fact
that Linux accepts NULL. Maybe when compiled for Linux, the glibc
headers should remove the [[gnu::nonnull()]] attribute here.
Have a lovely day!
Alex
> (checked ubuntu 24.04 and fedora 43)
>
> Which is the reason for the compiler warning.
>
> Fix the warning by passing a proper argv array.
>
> Fixes: f8ca403ae77cb ("selftests/filesystems: add exec() test for anonymous inodes")
> Cc: Christian Brauner <brauner@kernel.org>
> Cc: Guenter Roeck <linux@roeck-us.net>
> Cc: Michael Kerrisk <mtk.manpages@gmail.com>
> Cc: Alejandro Colomar <alx.manpages@gmail.com>
> Cc: Clint George <clintbgeorge@gmail.com>
> Cc: Ranganath V N <vnranganath.20@gmail.com>
> Signed-off-by: Alexander Atanasov <alex@zazolabs.com>
> ---
> tools/testing/selftests/filesystems/anon_inode_test.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> Quote from execv's man referenced from execveat's:
> On Linux, argv and envp can be specified as NULL.
> In both cases, this has the same effect as specifying the argument as a pointer
> to a list containing a single null pointer.
> ***Do not take advantage of this nonstandard and nonportable misfeature!***
>
> Listed as possible to pass NULL, then a big fat warning in the man page
> and a header that acctually marks this as invalid usage.
> I failed to find the origin of the above contradiction.
> It looks like POSIX/GNU/Linux missalignment.
> I am putting this here for the record. So may be someone could step in
> and make it right.
>
> I've Cc-ed people who made fixes but they are just compile fixes, no
> explanation of why the warning exists and in most of them the array is not a proper
> argv.
>
> diff --git a/tools/testing/selftests/filesystems/anon_inode_test.c b/tools/testing/selftests/filesystems/anon_inode_test.c
> index 94c6c81c2301..191549a4304d 100644
> --- a/tools/testing/selftests/filesystems/anon_inode_test.c
> +++ b/tools/testing/selftests/filesystems/anon_inode_test.c
> @@ -4,6 +4,7 @@
>
> #include <fcntl.h>
> #include <stdio.h>
> +#include <unistd.h>
> #include <sys/stat.h>
>
> #include "kselftest_harness.h"
> @@ -37,12 +38,13 @@ TEST(anon_inode_no_chmod)
>
> TEST(anon_inode_no_exec)
> {
> + char *const argv[] = { "", NULL };
> int fd_context;
>
> fd_context = sys_fsopen("tmpfs", 0);
> ASSERT_GE(fd_context, 0);
>
> - ASSERT_LT(execveat(fd_context, "", NULL, NULL, AT_EMPTY_PATH), 0);
> + ASSERT_LT(execveat(fd_context, "", argv, NULL, AT_EMPTY_PATH), 0);
> ASSERT_EQ(errno, EACCES);
>
> EXPECT_EQ(close(fd_context), 0);
> --
> 2.43.0
>
--
<https://www.alejandro-colomar.es>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
prev parent reply other threads:[~2026-01-20 12:43 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-20 11:10 [PATCH] selftests/filesystems: follow std execveat argument convention in anon_inode_no_exec Alexander Atanasov
2026-01-20 12:43 ` Alejandro Colomar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aW93WqpBspTwFiAC@devuan \
--to=alx@kernel.org \
--cc=alex@zazolabs.com \
--cc=brauner@kernel.org \
--cc=clintbgeorge@gmail.com \
--cc=jlayton@kernel.org \
--cc=libc-alpha@sourceware.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux@roeck-us.net \
--cc=mtk.manpages@gmail.com \
--cc=shuah@kernel.org \
--cc=vnranganath.20@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.