From: Dan Carpenter <dan.carpenter@oracle.com>
To: asml.silence@gmail.com
Cc: io-uring@vger.kernel.org
Subject: [bug report] io_uring: return iovec from __io_import_iovec
Date: Mon, 8 Nov 2021 16:49:37 +0300 [thread overview]
Message-ID: <20211108134937.GA2863@kili> (raw)
Hello Pavel Begunkov,
The patch caa8fe6e86fd: "io_uring: return iovec from
__io_import_iovec" from Oct 15, 2021, leads to the following Smatch
static checker warning:
fs/io_uring.c:3218 __io_import_iovec()
warn: passing zero to 'ERR_PTR'
fs/io_uring.c
3178 static struct iovec *__io_import_iovec(int rw, struct io_kiocb *req,
3179 struct io_rw_state *s,
3180 unsigned int issue_flags)
3181 {
3182 struct iov_iter *iter = &s->iter;
3183 u8 opcode = req->opcode;
3184 struct iovec *iovec;
3185 void __user *buf;
3186 size_t sqe_len;
3187 ssize_t ret;
3188
3189 BUILD_BUG_ON(ERR_PTR(0) != NULL);
This is super paranoid. :P
3190
3191 if (opcode == IORING_OP_READ_FIXED || opcode == IORING_OP_WRITE_FIXED)
3192 return ERR_PTR(io_import_fixed(req, rw, iter));
3193
3194 /* buffer index only valid with fixed read/write, or buffer select */
3195 if (unlikely(req->buf_index && !(req->flags & REQ_F_BUFFER_SELECT)))
3196 return ERR_PTR(-EINVAL);
3197
3198 buf = u64_to_user_ptr(req->rw.addr);
3199 sqe_len = req->rw.len;
3200
3201 if (opcode == IORING_OP_READ || opcode == IORING_OP_WRITE) {
3202 if (req->flags & REQ_F_BUFFER_SELECT) {
3203 buf = io_rw_buffer_select(req, &sqe_len, issue_flags);
3204 if (IS_ERR(buf))
3205 return ERR_CAST(buf);
3206 req->rw.len = sqe_len;
3207 }
3208
3209 ret = import_single_range(rw, buf, sqe_len, s->fast_iov, iter);
3210 return ERR_PTR(ret);
This return and
3211 }
3212
3213 iovec = s->fast_iov;
3214 if (req->flags & REQ_F_BUFFER_SELECT) {
3215 ret = io_iov_buffer_select(req, iovec, issue_flags);
3216 if (!ret)
3217 iov_iter_init(iter, rw, iovec, 1, iovec->iov_len);
--> 3218 return ERR_PTR(ret);
this return return NULL on success and it's intentional, but there is
no documentation so you have to fall back to `git log -p` to understand
what's going on... :/
3219 }
3220
3221 ret = __import_iovec(rw, buf, sqe_len, UIO_FASTIOV, &iovec, iter,
3222 req->ctx->compat);
3223 if (unlikely(ret < 0))
3224 return ERR_PTR(ret);
3225 return iovec;
3226 }
regards,
dan carpenter
next reply other threads:[~2021-11-08 13:49 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-08 13:49 Dan Carpenter [this message]
2021-11-08 15:19 ` [bug report] io_uring: return iovec from __io_import_iovec Pavel Begunkov
2021-11-08 15:30 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211108134937.GA2863@kili \
--to=dan.carpenter@oracle.com \
--cc=asml.silence@gmail.com \
--cc=io-uring@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.