Bug 110901 - mesa-19.1.0/src/util/futex.h:82: use of out of scope variable ?
Summary: mesa-19.1.0/src/util/futex.h:82: use of out of scope variable ?
Status: RESOLVED FIXED
Alias: None
Product: Mesa
Classification: Unclassified
Component: Mesa core (show other bugs)
Version: 19.1
Hardware: Other All
: medium normal
Assignee: mesa-dev
QA Contact: mesa-dev
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-12 08:50 UTC by dcb314
Modified: 2019-06-12 21:53 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dcb314 2019-06-12 08:50:43 UTC
mesa-19.1.0/src/util/futex.h:82] -> [mesa-19.1.0/src/util/futex.h:76] -> [mesa-19.1.0/src/util/futex.h:85]: (error) Using pointer to local variable 'tmo' that is out of scope.

Source code is

   if (timeout != NULL) {
      const struct _umtx_time tmo = {
         ._timeout = *timeout,
         ._flags = UMTX_ABSTIME,
         ._clockid = CLOCK_MONOTONIC
      };
      uaddr = (void *)(uintptr_t)sizeof(tmo);
      uaddr2 = (void *)&tmo;
   }

   return _umtx_op(addr, UMTX_OP_WAIT_UINT, (uint32_t)value, uaddr, uaddr2) == -1 ? errno : 0;
Comment 1 Eric Engestrom 2019-06-12 16:35:45 UTC
Indeed, that's a dangling pointer to data that should not exist anymore, good catch!

I just posted an MR with a fix, can you compile-test it for me? I don't have a FreeBSD machine available.
https://gitlab.freedesktop.org/mesa/mesa/merge_requests/1086

How did you find this btw? The error message doesn't look familiar to me and looking it up doesn't return many results.
I'd love to be able to find these myself :)
Comment 2 Eric Engestrom 2019-06-12 18:10:28 UTC
Fixed by:

commit 9996ddbb27c9eb39cd234a4abce6c3742572c770
Author: Eric Engestrom <eric.engestrom@intel.com>
Date:   Wed Jun 12 17:23:27 2019 +0100

    util/futex: fix dangling pointer use


I'm still curious how you found this though ;)
Comment 3 dcb314 2019-06-12 21:53:06 UTC
I found this by using a static analysis tool called cppcheck.

I strongly recommend it for all C and C++ code.

Not everything it mentions is worth fixing, but it does
a deeper code analysis than almost all compilers.

I have no FreeBSD machine here either.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.