Re: [PATCH] rcutorture: remove unneeded check

[Tom Rix]

On 10/10/20 10:57 AM, Paul E. McKenney wrote:
> On Fri, Oct 09, 2020 at 07:57:43PM -0700, Paul E. McKenney wrote:
>> On Fri, Oct 09, 2020 at 05:24:37PM -0700, Tom Rix wrote:
>>> On 10/9/20 4:50 PM, Paul E. McKenney wrote:
>>>> On Fri, Oct 09, 2020 at 02:18:41PM -0700, Tom Rix wrote:
>>>>> On 10/9/20 1:18 PM, Paul E. McKenney wrote:
>>>>>> On Fri, Oct 09, 2020 at 12:47:36PM -0700, trix@xxxxxxxxxx wrote:
>>>>>>> From: Tom Rix <trix@xxxxxxxxxx>
>>>>>>>
>>>>>>> clang static analysis reports this problem:
>>>>>>>
>>>>>>> rcutorture.c:1999:2: warning: Called function pointer
>>>>>>>   is null (null dereference)
>>>>>>>         cur_ops->sync(); /* Later readers see above write. */
>>>>>>>         ^~~~~~~~~~~~~~~
>>>>>>>
>>>>>>> This is a false positive triggered by an earlier, later ignored
>>>>>>> NULL check of sync() op.  By inspection of the rcu_torture_ops,
>>>>>>> the sync() op is never uninitialized.  So this earlier check is
>>>>>>> not needed.
>>>>>> You lost me on this one.  This check is at the very beginning of
>>>>>> rcu_torture_fwd_prog_nr().  Or are you saying that clang is seeing an
>>>>>> earlier check in one of rcu_torture_fwd_prog_nr()'s callers?  If so,
>>>>>> where exactly is this check?
>>>>>>
>>>>>> In any case, the check is needed because all three functions are invoked
>>>>>> if there is a self-propagating RCU callback that ensures that there is
>>>>>> always an RCU grace period outstanding.
>>>>>>
>>>>>> Ah.  Is clang doing local analysis and assuming that because there was
>>>>>> a NULL check earlier, then the pointer might be NULL later?  That does
>>>>>> not seem to me to be a sound check.
> In this case, the diagnostic was clearly pointing out a latent bug, so
> my bad.  So more of a code-review comment than a diagnostic.  Therefore,
> if clang really wants to be in the code-review space, I suggest that it
> more clearly explain its code-review feedback.  ;-)

Ok.

I have another a change in other area queued up.

I'll improve it's and future comments.

Tom

> 							Thanx, Paul
>
>>>>>> So please let me know exactly what is causing clang to emit this
>>>>>> diagnostic.  It might or might not be worth fixing this, but either way
>>>>>> I need to understand the situation so as to be able to understand the
>>>>>> set of feasible fixes.
>>>>>>
>>>>>> 						Thanx, Paul
>>>>> In rcu_prog_nr() there is check for for sync.
>>>>>
>>>>> if ( ... cur_op->sync ...
>>>>>
>>>>>    do something
>>>>>
>>>>> This flags in clang's static analyzer as 'could be null'
>>>>>
>>>>> later in the function, in a reachable block it is used
>>>>>
>>>>> cur_ops->sync()
>>>>>
>>>>> I agree this is not a good check that's why i said is was a false positive.
>>>>>
>>>>> However when looking closer at how cur_ops is set, it is never uninitialized.
>>>>>
>>>>> So the check is not needed.
>>>> OK, got it, and thank you for the explanation.
>>>>
>>>>> This is not a fix, the code works fine.  It is a small optimization.
>>>> Well, there really is a bug.  Yes, right now all ->sync pointers are
>>>> non-NULL, but they have not been in the past and might not be in the
>>>> future.  So if ->sync is NULL, rcu_torture_fwd_prog_nr() either should
>>>> not be called or it should return immediately without doing anything.
>>>>
>>>> My current thought is something like the (untested) patch below, of
>>>> course with your Reported-by.
>>>>
>>>> Thoughts?
>>> Yes that would be fine.
>>>
>>> In in review these other cases need to be been take care of.
>> I am having a difficult time interpreting this sentence, but will
>> optimistically assume that it means that you are good with this approach.
>> If my optimism is unwarranted, please let me know so I can fix whatever
>> might be broken.
>>
>>> Reported-by: Tom Rix <trix@xxxxxxxxxx>
>> How does the commit below look?
>>
>> 							Thanx, Paul
>>
>> ------------------------------------------------------------------------
>>
>> commit 75c79a5dd72c1bb59f6bd6c5ec36f3a6516795cd
>> Author: Paul E. McKenney <paulmck@xxxxxxxxxx>
>> Date:   Fri Oct 9 19:51:55 2020 -0700
>>
>>     rcutorture: Don't do need_resched() testing if ->sync is NULL
>>     
>>     If cur_ops->sync is NULL, rcu_torture_fwd_prog_nr() will nevertheless
>>     attempt to call through it.  This commit therefore flags cases where
>>     neither need_resched() nor call_rcu() forward-progress testing
>>     can be performed due to NULL function pointers, and also causes
>>     rcu_torture_fwd_prog_nr() to take an early exit if cur_ops->sync()
>>     is NULL.
>>     
>>     Reported-by: Tom Rix <trix@xxxxxxxxxx>
>>     Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxx>
>>
>> diff --git a/kernel/rcu/rcutorture.c b/kernel/rcu/rcutorture.c
>> index beba9e7..44749be 100644
>> --- a/kernel/rcu/rcutorture.c
>> +++ b/kernel/rcu/rcutorture.c
>> @@ -1989,7 +1989,9 @@ static void rcu_torture_fwd_prog_nr(struct rcu_fwd *rfp,
>>  	unsigned long stopat;
>>  	static DEFINE_TORTURE_RANDOM(trs);
>>  
>> -	if  (cur_ops->call && cur_ops->sync && cur_ops->cb_barrier) {
>> +	if (!cur_ops->sync) 
>> +		return; // Cannot do need_resched() forward progress testing without ->sync.
>> +	if (cur_ops->call && cur_ops->cb_barrier) {
>>  		init_rcu_head_on_stack(&fcs.rh);
>>  		selfpropcb = true;
>>  	}
>> @@ -2215,8 +2217,8 @@ static int __init rcu_torture_fwd_prog_init(void)
>>  
>>  	if (!fwd_progress)
>>  		return 0; /* Not requested, so don't do it. */
>> -	if (!cur_ops->stall_dur || cur_ops->stall_dur() <= 0 ||
>> -	    cur_ops == &rcu_busted_ops) {
>> +	if ((!cur_ops->sync && !cur_ops->call) ||
>> +	    !cur_ops->stall_dur || cur_ops->stall_dur() <= 0 || cur_ops == &rcu_busted_ops) {
>>  		VERBOSE_TOROUT_STRING("rcu_torture_fwd_prog_init: Disabled, unsupported by RCU flavor under test");
>>  		return 0;
>>  	}