Re: [patch V2 28/38] posix-cpu-timers: Restructure expiry array
From: Thomas Gleixner
Date: Mon Aug 26 2019 - 14:16:09 EST
On Mon, 26 Aug 2019, Frederic Weisbecker wrote:
> On Wed, Aug 21, 2019 at 09:09:15PM +0200, Thomas Gleixner wrote:
> > /**
> > - * task_cputimers_expired - Compare two task_cputime entities.
> > + * task_cputimers_expired - Check whether posix CPU timers are expired
> > *
> > * @samples: Array of current samples for the CPUCLOCK clocks
> > - * @expiries: Array of expiry values for the CPUCLOCK clocks
> > + * @pct: Pointer to a posix_cputimers container
> > *
> > - * Returns true if any mmember of @samples is greater than the corresponding
> > - * member of @expiries if that member is non zero. False otherwise
> > + * Returns true if any member of @samples is greater than the corresponding
> > + * member of @pct->bases[CLK].nextevt. False otherwise
> > */
> > -static inline bool task_cputimers_expired(const u64 *sample, const u64 *expiries)
> > +static inline bool
> > +task_cputimers_expired(const u64 *sample, struct posix_cputimers *pct)
> > {
> > int i;
> >
> > for (i = 0; i < CPUCLOCK_MAX; i++) {
> > - if (expiries[i] && sample[i] >= expiries[i])
> > + if (sample[i] >= pct->bases[i].nextevt)
>
> You may have false positive here if you don't check if pct->bases[i].nextevt
> is 0. Probably no big deal by the end of the series since you change that 0
> for KTIME_MAX later but right now it might hurt bisection with performance
> issues (locking sighand at every tick...).
Hrm. That should have stayed until the patch which removes that 0 state
> [...]
>
> > @@ -1176,7 +1182,7 @@ void run_posix_cpu_timers(void)
> > void set_process_cpu_timer(struct task_struct *tsk, unsigned int clkid,
> > u64 *newval, u64 *oldval)
> > {
> > - u64 now, *expiry = tsk->signal->posix_cputimers.expiries + clkid;
> > + u64 now, *nextevt = &tsk->signal->posix_cputimers.bases[clkid].nextevt;
>
> You're dereferencing the pointer before checking clkid sanity below.
Urgh. Yes.
Thanks,
tglx