From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org> To: Nikita Pettik <korablev@tarantool.org> Cc: tarantool-patches@dev.tarantool.org Subject: Re: [Tarantool-patches] [PATCH] vinyl: fix passing uninitialized parameter to vy_page_find_key() Date: Wed, 17 Jun 2020 23:56:40 +0200 [thread overview] Message-ID: <1e383509-9e5e-03ea-b138-ef0ffc8c4b08@tarantool.org> (raw) In-Reply-To: <20200616232142.GB9358@tarantool.org> >> On 15/06/2020 20:42, Nikita Pettik wrote: >>> vy_page_find_key() assumes that equal_key parameter is initialized since >>> it is used unconditionally. There are several places where >>> vy_page_find_key() is called: >>> >>> - vy_slice_stream_search() calls vy_page_find_key(); >>> - vy_run_iterator_read() calls vy_run_iterator_load_page(), >>> which in turn calls vy_page_find_key(); >>> - vy_run_iterator_search() also calls vy_run_iterator_load_page(). >>> >>> First two fixes are obvious - lifespan of parameter passed to >>> *_find_key() is clear and restricted by caller. In the last case >>> firstly vy_page_find_key() is called, but equal_key output value is not >>> used. Then it is re-assigned with task->equal_found which is the result >>> of another on vy_page_find_key() invocation in vy_page_read_cb. So it is >>> safe to initialize equal_found parameter with 'false' value as well. >> >> You said that in the last case vy_page_find_key() is called first, but >> I don't see where. vy_run_iterator_search() does not call vy_page_find_key(). > > vy_run_iterator_search() > --> vy_run_iterator_load_page() > --> 1021 vy_page_find_key() > --> 1051 task->equal_found = false; > --> 1056 *equal_found = task->equal_found; But I see, that the variable is used, if vy_page_find_key() is called. Consider this path: vy_run_iterator_search() vy_run_iterator_load_page(&equal_in_page) vy_page_find_key(&equal_in_page) *equal_key = equal_in_page; equal_in_page after all becomes output value of vy_run_iterator_search(). If you still think it should be false, then probably we need to make the initialization inside vy_run_iterator_load_page(). Anyway in both invocations a caller now need to set it to false. Perhaps even vy_page_find_key() could do that. Why is it needed not to reset it to false on each vy_page_find_key() call? > Also see b907231713a75d716793505ad727ecea9415d774 > Analogue of equal_key was equal_in_page which was 'false' by default. > It's pretty sad that tests do not cover this path. Could you please > file an issue to provide proper test? I'll try to come up with test some day. I think we can just keep this issue open, but still push this commit as 'Part of'. To fix the builds. Because a new issue anyway would be exactly the same + a comment saying "need to test". The commit LGTM, if "Closes" -> "Part of".
next prev parent reply other threads:[~2020-06-17 21:56 UTC|newest] Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-06-15 18:42 Nikita Pettik 2020-06-16 23:10 ` Vladislav Shpilevoy 2020-06-16 23:21 ` Nikita Pettik 2020-06-17 21:56 ` Vladislav Shpilevoy [this message] 2020-06-22 0:02 ` Nikita Pettik 2020-06-22 22:54 ` Vladislav Shpilevoy 2020-06-23 0:08 ` Nikita Pettik
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1e383509-9e5e-03ea-b138-ef0ffc8c4b08@tarantool.org \ --to=v.shpilevoy@tarantool.org \ --cc=korablev@tarantool.org \ --cc=tarantool-patches@dev.tarantool.org \ --subject='Re: [Tarantool-patches] [PATCH] vinyl: fix passing uninitialized parameter to vy_page_find_key()' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox