[PATCH] selftest: Fix UB of getline due to missing var init

Linux-mm Archive on lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] selftest: Fix UB of getline due to missing var init
@ 2026-05-26 11:38 Chris Gellermann
  2026-05-26 12:19 ` David Hildenbrand (Arm)
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Chris Gellermann @ 2026-05-26 11:38 UTC (permalink / raw)
  To: brauner, shuah, akpm, david
  Cc: ljs, liam, vbabka, rppt, surenb, mhocko, linux-kernel,
	linux-kselftest, linux-mm, Chris Gellermann

Clone3_set_tid uses getline(&line, &len, f) in a loop to read the
child's process status. The code expects that getline allocates the
buffer for the line on the first loop iteration. For this, glibc[1]
requires char *line to be set to NULL:

> ssize_t getline(char **restrict lineptr, ...)
> If *lineptr is set to NULL before the call, then getline() will
> allocate a buffer for storing the line.

However, char *line is only declared, leading to an undefined
initialization value. Fix this by properly initializing it to NULL.

Same issue fixed in mlock-random-test.

[1] https://man7.org/linux/man-pages/man3/getline.3.html

Fixes: 41585bbeeef9 ("selftests: add tests for clone3() with *set_tid")
Fixes: 26b4224d9961 ("selftests: expanding more mlock selftest")
Signed-off-by: Chris Gellermann <christian.gellermann@codasip.com>
---
 tools/testing/selftests/clone3/clone3_set_tid.c | 2 +-
 tools/testing/selftests/mm/mlock-random-test.c  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/testing/selftests/clone3/clone3_set_tid.c b/tools/testing/selftests/clone3/clone3_set_tid.c
index 5c944aee6b41..485efa7c9eed 100644
--- a/tools/testing/selftests/clone3/clone3_set_tid.c
+++ b/tools/testing/selftests/clone3/clone3_set_tid.c
@@ -141,7 +141,7 @@ int main(int argc, char *argv[])
 {
 	FILE *f;
 	char buf;
-	char *line;
+	char *line = NULL;
 	int status;
 	int ret = -1;
 	size_t len = 0;
diff --git a/tools/testing/selftests/mm/mlock-random-test.c b/tools/testing/selftests/mm/mlock-random-test.c
index 9d349c151360..16294bc7dae6 100644
--- a/tools/testing/selftests/mm/mlock-random-test.c
+++ b/tools/testing/selftests/mm/mlock-random-test.c
@@ -84,7 +84,7 @@ int get_proc_locked_vm_size(void)
 int get_proc_page_size(unsigned long addr)
 {
 	FILE *smaps;
-	char *line;
+	char *line = NULL;
 	unsigned long mmupage_size = 0;
 	size_t size;
 
-- 
2.47.3



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] selftest: Fix UB of getline due to missing var init
  2026-05-26 11:38 [PATCH] selftest: Fix UB of getline due to missing var init Chris Gellermann
@ 2026-05-26 12:19 ` David Hildenbrand (Arm)
  2026-05-26 13:33 ` Lorenzo Stoakes
  2026-05-26 18:34 ` Andrew Morton
  2 siblings, 0 replies; 5+ messages in thread
From: David Hildenbrand (Arm) @ 2026-05-26 12:19 UTC (permalink / raw)
  To: Chris Gellermann, brauner, shuah, akpm
  Cc: ljs, liam, vbabka, rppt, surenb, mhocko, linux-kernel,
	linux-kselftest, linux-mm

On 5/26/26 13:38, Chris Gellermann wrote:
> Clone3_set_tid uses getline(&line, &len, f) in a loop to read the
> child's process status. The code expects that getline allocates the
> buffer for the line on the first loop iteration. For this, glibc[1]
> requires char *line to be set to NULL:
> 
>> ssize_t getline(char **restrict lineptr, ...)
>> If *lineptr is set to NULL before the call, then getline() will
>> allocate a buffer for storing the line.
> 
> However, char *line is only declared, leading to an undefined
> initialization value. Fix this by properly initializing it to NULL.
> 
> Same issue fixed in mlock-random-test.
> 
> [1] https://man7.org/linux/man-pages/man3/getline.3.html
> 
> Fixes: 41585bbeeef9 ("selftests: add tests for clone3() with *set_tid")
> Fixes: 26b4224d9961 ("selftests: expanding more mlock selftest")
> Signed-off-by: Chris Gellermann <christian.gellermann@codasip.com>
> ---

Acked-by: David Hildenbrand (arm) <david@kernel.org>

-- 
Cheers,

David


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] selftest: Fix UB of getline due to missing var init
  2026-05-26 11:38 [PATCH] selftest: Fix UB of getline due to missing var init Chris Gellermann
  2026-05-26 12:19 ` David Hildenbrand (Arm)
@ 2026-05-26 13:33 ` Lorenzo Stoakes
  2026-05-26 18:34 ` Andrew Morton
  2 siblings, 0 replies; 5+ messages in thread
From: Lorenzo Stoakes @ 2026-05-26 13:33 UTC (permalink / raw)
  To: Chris Gellermann
  Cc: brauner, shuah, akpm, david, liam, vbabka, rppt, surenb, mhocko,
	linux-kernel, linux-kselftest, linux-mm

On Tue, May 26, 2026 at 01:38:48PM +0200, Chris Gellermann wrote:
> Clone3_set_tid uses getline(&line, &len, f) in a loop to read the
> child's process status. The code expects that getline allocates the
> buffer for the line on the first loop iteration. For this, glibc[1]
> requires char *line to be set to NULL:
>
> > ssize_t getline(char **restrict lineptr, ...)
> > If *lineptr is set to NULL before the call, then getline() will
> > allocate a buffer for storing the line.
>
> However, char *line is only declared, leading to an undefined
> initialization value. Fix this by properly initializing it to NULL.
>
> Same issue fixed in mlock-random-test.
>
> [1] https://man7.org/linux/man-pages/man3/getline.3.html
>
> Fixes: 41585bbeeef9 ("selftests: add tests for clone3() with *set_tid")
> Fixes: 26b4224d9961 ("selftests: expanding more mlock selftest")

You'll need separate commits for each I think? That'd at least make life
easier. You can send them as a series.

> Signed-off-by: Chris Gellermann <christian.gellermann@codasip.com>

> ---
>  tools/testing/selftests/clone3/clone3_set_tid.c | 2 +-
>  tools/testing/selftests/mm/mlock-random-test.c  | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tools/testing/selftests/clone3/clone3_set_tid.c b/tools/testing/selftests/clone3/clone3_set_tid.c
> index 5c944aee6b41..485efa7c9eed 100644
> --- a/tools/testing/selftests/clone3/clone3_set_tid.c
> +++ b/tools/testing/selftests/clone3/clone3_set_tid.c
> @@ -141,7 +141,7 @@ int main(int argc, char *argv[])
>  {
>  	FILE *f;
>  	char buf;
> -	char *line;
> +	char *line = NULL;

>  	int status;
>  	int ret = -1;
>  	size_t len = 0;
> diff --git a/tools/testing/selftests/mm/mlock-random-test.c b/tools/testing/selftests/mm/mlock-random-test.c
> index 9d349c151360..16294bc7dae6 100644
> --- a/tools/testing/selftests/mm/mlock-random-test.c
> +++ b/tools/testing/selftests/mm/mlock-random-test.c
> @@ -84,7 +84,7 @@ int get_proc_locked_vm_size(void)
>  int get_proc_page_size(unsigned long addr)
>  {
>  	FILE *smaps;
> -	char *line;
> +	char *line = NULL;

Strange this didn't result in noticeable bugs but maybe perceived as flakes
or such?

>  	unsigned long mmupage_size = 0;
>  	size_t size;
>
> --
> 2.47.3
>

Cheers, Lorenzo


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] selftest: Fix UB of getline due to missing var init
  2026-05-26 11:38 [PATCH] selftest: Fix UB of getline due to missing var init Chris Gellermann
  2026-05-26 12:19 ` David Hildenbrand (Arm)
  2026-05-26 13:33 ` Lorenzo Stoakes
@ 2026-05-26 18:34 ` Andrew Morton
  2026-05-27 16:23   ` Lorenzo Stoakes
  2 siblings, 1 reply; 5+ messages in thread
From: Andrew Morton @ 2026-05-26 18:34 UTC (permalink / raw)
  To: Chris Gellermann
  Cc: brauner, shuah, david, ljs, liam, vbabka, rppt, surenb, mhocko,
	linux-kernel, linux-kselftest, linux-mm

On Tue, 26 May 2026 13:38:48 +0200 Chris Gellermann <christian.gellermann@codasip.com> wrote:

> Subject: [PATCH] selftest: Fix UB of getline due to missing var init

hm, what's "UB".  Please expand the acronym.

> Clone3_set_tid uses getline(&line, &len, f) in a loop to read the
> child's process status. The code expects that getline allocates the
> buffer for the line on the first loop iteration. For this, glibc[1]
> requires char *line to be set to NULL:
> 
> > ssize_t getline(char **restrict lineptr, ...)
> > If *lineptr is set to NULL before the call, then getline() will
> > allocate a buffer for storing the line.
> 
> However, char *line is only declared, leading to an undefined
> initialization value. Fix this by properly initializing it to NULL.

Does the test crash?  If not, how come?  Luck?

> Same issue fixed in mlock-random-test.
> 
> [1] https://man7.org/linux/man-pages/man3/getline.3.html

The two affected files are testing significantly different parts of the
kernel.

> Fixes: 41585bbeeef9 ("selftests: add tests for clone3() with *set_tid")
> Fixes: 26b4224d9961 ("selftests: expanding more mlock selftest")

And these were separated by three years.

So can you please split this into a two-patch series?  And I suggest
you add "Cc: <stable@vger.kernel.org>" to each one.  Please retain David's
ack on both.

Thanks.


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] selftest: Fix UB of getline due to missing var init
  2026-05-26 18:34 ` Andrew Morton
@ 2026-05-27 16:23   ` Lorenzo Stoakes
  0 siblings, 0 replies; 5+ messages in thread
From: Lorenzo Stoakes @ 2026-05-27 16:23 UTC (permalink / raw)
  To: Chris Gellermann
  Cc: Andrew Morton, brauner, shuah, david, liam, vbabka, rppt, surenb,
	mhocko, linux-kernel, linux-kselftest, linux-mm

On Tue, May 26, 2026 at 11:34:09AM -0700, Andrew Morton wrote:
> On Tue, 26 May 2026 13:38:48 +0200 Chris Gellermann <christian.gellermann@codasip.com> wrote:
>
> > Subject: [PATCH] selftest: Fix UB of getline due to missing var init
>
> hm, what's "UB".  Please expand the acronym.
>
> > Clone3_set_tid uses getline(&line, &len, f) in a loop to read the
> > child's process status. The code expects that getline allocates the
> > buffer for the line on the first loop iteration. For this, glibc[1]
> > requires char *line to be set to NULL:
> >
> > > ssize_t getline(char **restrict lineptr, ...)
> > > If *lineptr is set to NULL before the call, then getline() will
> > > allocate a buffer for storing the line.
> >
> > However, char *line is only declared, leading to an undefined
> > initialization value. Fix this by properly initializing it to NULL.
>
> Does the test crash?  If not, how come?  Luck?
>
> > Same issue fixed in mlock-random-test.
> >
> > [1] https://man7.org/linux/man-pages/man3/getline.3.html
>
> The two affected files are testing significantly different parts of the
> kernel.
>
> > Fixes: 41585bbeeef9 ("selftests: add tests for clone3() with *set_tid")
> > Fixes: 26b4224d9961 ("selftests: expanding more mlock selftest")
>
> And these were separated by three years.
>
> So can you please split this into a two-patch series?  And I suggest
> you add "Cc: <stable@vger.kernel.org>" to each one.  Please retain David's
> ack on both.

Since this looks fine (I also wondered about the fixes too of course), feel free
to add my tag to this too:

Reviewed-by: Lorenzo Stoakes <ljs@kernel.org>

>
> Thanks.

Cheers, Lorenzo


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2026-05-27 16:23 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-26 11:38 [PATCH] selftest: Fix UB of getline due to missing var init Chris Gellermann
2026-05-26 12:19 ` David Hildenbrand (Arm)
2026-05-26 13:33 ` Lorenzo Stoakes
2026-05-26 18:34 ` Andrew Morton
2026-05-27 16:23   ` Lorenzo Stoakes

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox