From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org
Subject: [block:for-5.13/io_uring 143/149] fs/io_uring.c:8234 io_sqe_buffer_register() warn: this array is probably non-NULL. 'imu->bvec'
Date: Wed, 28 Apr 2021 13:52:00 +0300 [thread overview]
Message-ID: <20210428105200.GV1981@kadam> (raw)
[-- Attachment #1: Type: text/plain, Size: 7917 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git for-5.13/io_uring
head: a2a7cc32a5e8cd983912f25a242820107e5613dc
commit: 41edf1a5ec967bf4bddedb83c48e02dfea8315b4 [143/149] io_uring: keep table of pointers to ubufs
config: x86_64-randconfig-m031-20210425 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
fs/io_uring.c:8234 io_sqe_buffer_register() warn: this array is probably non-NULL. 'imu->bvec'
Old smatch warnings:
fs/io_uring.c:4639 io_recv() error: uninitialized symbol 'flags'.
fs/io_uring.c:4934 io_poll_double_wake() warn: variable dereferenced before check 'poll' (see line 4929)
vim +8234 fs/io_uring.c
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8205 static int io_sqe_buffer_register(struct io_ring_ctx *ctx, struct iovec *iov,
41edf1a5ec967b Pavel Begunkov 2021-04-25 8206 struct io_mapped_ubuf **pimu,
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8207 struct page **last_hpage)
edafccee56ff31 Jens Axboe 2019-01-09 8208 {
41edf1a5ec967b Pavel Begunkov 2021-04-25 8209 struct io_mapped_ubuf *imu = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8210 struct vm_area_struct **vmas = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8211 struct page **pages = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8212 unsigned long off, start, end, ubuf;
edafccee56ff31 Jens Axboe 2019-01-09 8213 size_t size;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8214 int ret, pret, nr_pages, i;
edafccee56ff31 Jens Axboe 2019-01-09 8215
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8216 ubuf = (unsigned long) iov->iov_base;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8217 end = (ubuf + iov->iov_len + PAGE_SIZE - 1) >> PAGE_SHIFT;
edafccee56ff31 Jens Axboe 2019-01-09 8218 start = ubuf >> PAGE_SHIFT;
edafccee56ff31 Jens Axboe 2019-01-09 8219 nr_pages = end - start;
edafccee56ff31 Jens Axboe 2019-01-09 8220
41edf1a5ec967b Pavel Begunkov 2021-04-25 8221 *pimu = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8222 ret = -ENOMEM;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8223
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8224 pages = kvmalloc_array(nr_pages, sizeof(struct page *), GFP_KERNEL);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8225 if (!pages)
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8226 goto done;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8227
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8228 vmas = kvmalloc_array(nr_pages, sizeof(struct vm_area_struct *),
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8229 GFP_KERNEL);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8230 if (!vmas)
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8231 goto done;
edafccee56ff31 Jens Axboe 2019-01-09 8232
41edf1a5ec967b Pavel Begunkov 2021-04-25 8233 imu = kvmalloc(struct_size(imu, bvec, nr_pages), GFP_KERNEL);
de2939388be564 Jens Axboe 2020-09-17 @8234 if (!imu->bvec)
This should be "if (!imu)"
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8235 goto done;
edafccee56ff31 Jens Axboe 2019-01-09 8236
edafccee56ff31 Jens Axboe 2019-01-09 8237 ret = 0;
d8ed45c5dcd455 Michel Lespinasse 2020-06-08 8238 mmap_read_lock(current->mm);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8239 pret = pin_user_pages(ubuf, nr_pages, FOLL_WRITE | FOLL_LONGTERM,
edafccee56ff31 Jens Axboe 2019-01-09 8240 pages, vmas);
edafccee56ff31 Jens Axboe 2019-01-09 8241 if (pret == nr_pages) {
edafccee56ff31 Jens Axboe 2019-01-09 8242 /* don't support file backed memory */
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8243 for (i = 0; i < nr_pages; i++) {
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8244 struct vm_area_struct *vma = vmas[i];
edafccee56ff31 Jens Axboe 2019-01-09 8245
edafccee56ff31 Jens Axboe 2019-01-09 8246 if (vma->vm_file &&
edafccee56ff31 Jens Axboe 2019-01-09 8247 !is_file_hugepages(vma->vm_file)) {
edafccee56ff31 Jens Axboe 2019-01-09 8248 ret = -EOPNOTSUPP;
edafccee56ff31 Jens Axboe 2019-01-09 8249 break;
edafccee56ff31 Jens Axboe 2019-01-09 8250 }
edafccee56ff31 Jens Axboe 2019-01-09 8251 }
edafccee56ff31 Jens Axboe 2019-01-09 8252 } else {
edafccee56ff31 Jens Axboe 2019-01-09 8253 ret = pret < 0 ? pret : -EFAULT;
edafccee56ff31 Jens Axboe 2019-01-09 8254 }
d8ed45c5dcd455 Michel Lespinasse 2020-06-08 8255 mmap_read_unlock(current->mm);
edafccee56ff31 Jens Axboe 2019-01-09 8256 if (ret) {
edafccee56ff31 Jens Axboe 2019-01-09 8257 /*
edafccee56ff31 Jens Axboe 2019-01-09 8258 * if we did partial map, or found file backed vmas,
edafccee56ff31 Jens Axboe 2019-01-09 8259 * release any pages we did get
edafccee56ff31 Jens Axboe 2019-01-09 8260 */
27c4d3a3252fa6 John Hubbard 2019-08-04 8261 if (pret > 0)
f1f6a7dd9b53aa John Hubbard 2020-01-30 8262 unpin_user_pages(pages, pret);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8263 goto done;
de2939388be564 Jens Axboe 2020-09-17 8264 }
de2939388be564 Jens Axboe 2020-09-17 8265
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8266 ret = io_buffer_account_pin(ctx, pages, pret, imu, last_hpage);
de2939388be564 Jens Axboe 2020-09-17 8267 if (ret) {
de2939388be564 Jens Axboe 2020-09-17 8268 unpin_user_pages(pages, pret);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8269 goto done;
edafccee56ff31 Jens Axboe 2019-01-09 8270 }
edafccee56ff31 Jens Axboe 2019-01-09 8271
edafccee56ff31 Jens Axboe 2019-01-09 8272 off = ubuf & ~PAGE_MASK;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8273 size = iov->iov_len;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8274 for (i = 0; i < nr_pages; i++) {
edafccee56ff31 Jens Axboe 2019-01-09 8275 size_t vec_len;
edafccee56ff31 Jens Axboe 2019-01-09 8276
edafccee56ff31 Jens Axboe 2019-01-09 8277 vec_len = min_t(size_t, size, PAGE_SIZE - off);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8278 imu->bvec[i].bv_page = pages[i];
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8279 imu->bvec[i].bv_len = vec_len;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8280 imu->bvec[i].bv_offset = off;
edafccee56ff31 Jens Axboe 2019-01-09 8281 off = 0;
edafccee56ff31 Jens Axboe 2019-01-09 8282 size -= vec_len;
edafccee56ff31 Jens Axboe 2019-01-09 8283 }
edafccee56ff31 Jens Axboe 2019-01-09 8284 /* store original address for later verification */
edafccee56ff31 Jens Axboe 2019-01-09 8285 imu->ubuf = ubuf;
4751f53d74a688 Pavel Begunkov 2021-04-01 8286 imu->ubuf_end = ubuf + iov->iov_len;
edafccee56ff31 Jens Axboe 2019-01-09 8287 imu->nr_bvecs = nr_pages;
41edf1a5ec967b Pavel Begunkov 2021-04-25 8288 *pimu = imu;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8289 ret = 0;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8290 done:
41edf1a5ec967b Pavel Begunkov 2021-04-25 8291 if (ret)
41edf1a5ec967b Pavel Begunkov 2021-04-25 8292 kvfree(imu);
d4ef647510b120 Mark Rutland 2019-05-01 8293 kvfree(pages);
d4ef647510b120 Mark Rutland 2019-05-01 8294 kvfree(vmas);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8295 return ret;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8296 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 36462 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild-all@lists.01.org
Subject: [block:for-5.13/io_uring 143/149] fs/io_uring.c:8234 io_sqe_buffer_register() warn: this array is probably non-NULL. 'imu->bvec'
Date: Wed, 28 Apr 2021 13:52:00 +0300 [thread overview]
Message-ID: <20210428105200.GV1981@kadam> (raw)
[-- Attachment #1: Type: text/plain, Size: 7917 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git for-5.13/io_uring
head: a2a7cc32a5e8cd983912f25a242820107e5613dc
commit: 41edf1a5ec967bf4bddedb83c48e02dfea8315b4 [143/149] io_uring: keep table of pointers to ubufs
config: x86_64-randconfig-m031-20210425 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
fs/io_uring.c:8234 io_sqe_buffer_register() warn: this array is probably non-NULL. 'imu->bvec'
Old smatch warnings:
fs/io_uring.c:4639 io_recv() error: uninitialized symbol 'flags'.
fs/io_uring.c:4934 io_poll_double_wake() warn: variable dereferenced before check 'poll' (see line 4929)
vim +8234 fs/io_uring.c
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8205 static int io_sqe_buffer_register(struct io_ring_ctx *ctx, struct iovec *iov,
41edf1a5ec967b Pavel Begunkov 2021-04-25 8206 struct io_mapped_ubuf **pimu,
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8207 struct page **last_hpage)
edafccee56ff31 Jens Axboe 2019-01-09 8208 {
41edf1a5ec967b Pavel Begunkov 2021-04-25 8209 struct io_mapped_ubuf *imu = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8210 struct vm_area_struct **vmas = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8211 struct page **pages = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8212 unsigned long off, start, end, ubuf;
edafccee56ff31 Jens Axboe 2019-01-09 8213 size_t size;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8214 int ret, pret, nr_pages, i;
edafccee56ff31 Jens Axboe 2019-01-09 8215
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8216 ubuf = (unsigned long) iov->iov_base;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8217 end = (ubuf + iov->iov_len + PAGE_SIZE - 1) >> PAGE_SHIFT;
edafccee56ff31 Jens Axboe 2019-01-09 8218 start = ubuf >> PAGE_SHIFT;
edafccee56ff31 Jens Axboe 2019-01-09 8219 nr_pages = end - start;
edafccee56ff31 Jens Axboe 2019-01-09 8220
41edf1a5ec967b Pavel Begunkov 2021-04-25 8221 *pimu = NULL;
edafccee56ff31 Jens Axboe 2019-01-09 8222 ret = -ENOMEM;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8223
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8224 pages = kvmalloc_array(nr_pages, sizeof(struct page *), GFP_KERNEL);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8225 if (!pages)
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8226 goto done;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8227
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8228 vmas = kvmalloc_array(nr_pages, sizeof(struct vm_area_struct *),
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8229 GFP_KERNEL);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8230 if (!vmas)
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8231 goto done;
edafccee56ff31 Jens Axboe 2019-01-09 8232
41edf1a5ec967b Pavel Begunkov 2021-04-25 8233 imu = kvmalloc(struct_size(imu, bvec, nr_pages), GFP_KERNEL);
de2939388be564 Jens Axboe 2020-09-17 @8234 if (!imu->bvec)
This should be "if (!imu)"
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8235 goto done;
edafccee56ff31 Jens Axboe 2019-01-09 8236
edafccee56ff31 Jens Axboe 2019-01-09 8237 ret = 0;
d8ed45c5dcd455 Michel Lespinasse 2020-06-08 8238 mmap_read_lock(current->mm);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8239 pret = pin_user_pages(ubuf, nr_pages, FOLL_WRITE | FOLL_LONGTERM,
edafccee56ff31 Jens Axboe 2019-01-09 8240 pages, vmas);
edafccee56ff31 Jens Axboe 2019-01-09 8241 if (pret == nr_pages) {
edafccee56ff31 Jens Axboe 2019-01-09 8242 /* don't support file backed memory */
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8243 for (i = 0; i < nr_pages; i++) {
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8244 struct vm_area_struct *vma = vmas[i];
edafccee56ff31 Jens Axboe 2019-01-09 8245
edafccee56ff31 Jens Axboe 2019-01-09 8246 if (vma->vm_file &&
edafccee56ff31 Jens Axboe 2019-01-09 8247 !is_file_hugepages(vma->vm_file)) {
edafccee56ff31 Jens Axboe 2019-01-09 8248 ret = -EOPNOTSUPP;
edafccee56ff31 Jens Axboe 2019-01-09 8249 break;
edafccee56ff31 Jens Axboe 2019-01-09 8250 }
edafccee56ff31 Jens Axboe 2019-01-09 8251 }
edafccee56ff31 Jens Axboe 2019-01-09 8252 } else {
edafccee56ff31 Jens Axboe 2019-01-09 8253 ret = pret < 0 ? pret : -EFAULT;
edafccee56ff31 Jens Axboe 2019-01-09 8254 }
d8ed45c5dcd455 Michel Lespinasse 2020-06-08 8255 mmap_read_unlock(current->mm);
edafccee56ff31 Jens Axboe 2019-01-09 8256 if (ret) {
edafccee56ff31 Jens Axboe 2019-01-09 8257 /*
edafccee56ff31 Jens Axboe 2019-01-09 8258 * if we did partial map, or found file backed vmas,
edafccee56ff31 Jens Axboe 2019-01-09 8259 * release any pages we did get
edafccee56ff31 Jens Axboe 2019-01-09 8260 */
27c4d3a3252fa6 John Hubbard 2019-08-04 8261 if (pret > 0)
f1f6a7dd9b53aa John Hubbard 2020-01-30 8262 unpin_user_pages(pages, pret);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8263 goto done;
de2939388be564 Jens Axboe 2020-09-17 8264 }
de2939388be564 Jens Axboe 2020-09-17 8265
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8266 ret = io_buffer_account_pin(ctx, pages, pret, imu, last_hpage);
de2939388be564 Jens Axboe 2020-09-17 8267 if (ret) {
de2939388be564 Jens Axboe 2020-09-17 8268 unpin_user_pages(pages, pret);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8269 goto done;
edafccee56ff31 Jens Axboe 2019-01-09 8270 }
edafccee56ff31 Jens Axboe 2019-01-09 8271
edafccee56ff31 Jens Axboe 2019-01-09 8272 off = ubuf & ~PAGE_MASK;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8273 size = iov->iov_len;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8274 for (i = 0; i < nr_pages; i++) {
edafccee56ff31 Jens Axboe 2019-01-09 8275 size_t vec_len;
edafccee56ff31 Jens Axboe 2019-01-09 8276
edafccee56ff31 Jens Axboe 2019-01-09 8277 vec_len = min_t(size_t, size, PAGE_SIZE - off);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8278 imu->bvec[i].bv_page = pages[i];
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8279 imu->bvec[i].bv_len = vec_len;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8280 imu->bvec[i].bv_offset = off;
edafccee56ff31 Jens Axboe 2019-01-09 8281 off = 0;
edafccee56ff31 Jens Axboe 2019-01-09 8282 size -= vec_len;
edafccee56ff31 Jens Axboe 2019-01-09 8283 }
edafccee56ff31 Jens Axboe 2019-01-09 8284 /* store original address for later verification */
edafccee56ff31 Jens Axboe 2019-01-09 8285 imu->ubuf = ubuf;
4751f53d74a688 Pavel Begunkov 2021-04-01 8286 imu->ubuf_end = ubuf + iov->iov_len;
edafccee56ff31 Jens Axboe 2019-01-09 8287 imu->nr_bvecs = nr_pages;
41edf1a5ec967b Pavel Begunkov 2021-04-25 8288 *pimu = imu;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8289 ret = 0;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8290 done:
41edf1a5ec967b Pavel Begunkov 2021-04-25 8291 if (ret)
41edf1a5ec967b Pavel Begunkov 2021-04-25 8292 kvfree(imu);
d4ef647510b120 Mark Rutland 2019-05-01 8293 kvfree(pages);
d4ef647510b120 Mark Rutland 2019-05-01 8294 kvfree(vmas);
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8295 return ret;
0a96bbe49994a4 Bijan Mottahedeh 2021-01-06 8296 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 36462 bytes --]
next reply other threads:[~2021-04-28 10:52 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-28 10:52 Dan Carpenter [this message]
2021-04-28 10:52 ` [block:for-5.13/io_uring 143/149] fs/io_uring.c:8234 io_sqe_buffer_register() warn: this array is probably non-NULL. 'imu->bvec' Dan Carpenter
2021-04-28 12:57 ` Pavel Begunkov
-- strict thread matches above, loose matches on Subject: below --
2021-04-25 22:26 kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210428105200.GV1981@kadam \
--to=dan.carpenter@oracle.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.