From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: [driver-core:driver-core-next 1/3] fs/kernfs/dir.c:1331 __kernfs_remove() warn: variable dereferenced before check 'kn' (see line 1324)
Date: Mon, 29 Nov 2021 01:56:04 +0800 [thread overview]
Message-ID: <202111290125.Pssa2QMU-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 6911 bytes --]
CC: kbuild-all(a)lists.01.org
CC: devel(a)driverdev.osuosl.org
CC: linux-kernel(a)vger.kernel.org
TO: Minchan Kim <minchan@kernel.org>
CC: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core.git driver-core-next
head: 2043727c2882928a10161ddee52b196b7db402fd
commit: 393c3714081a53795bbff0e985d24146def6f57f [1/3] kernfs: switch global kernfs_rwsem lock to per-fs lock
:::::: branch date: 32 hours ago
:::::: commit date: 4 days ago
config: nios2-randconfig-m031-20211128 (https://download.01.org/0day-ci/archive/20211129/202111290125.Pssa2QMU-lkp(a)intel.com/config)
compiler: nios2-linux-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
fs/kernfs/dir.c:1331 __kernfs_remove() warn: variable dereferenced before check 'kn' (see line 1324)
Old smatch warnings:
arch/nios2/include/asm/thread_info.h:71 current_thread_info() error: uninitialized symbol 'sp'.
vim +/kn +1331 fs/kernfs/dir.c
d35258ef702cca Tejun Heo 2014-02-03 1319
988cd7afb3f375 Tejun Heo 2014-02-03 1320 static void __kernfs_remove(struct kernfs_node *kn)
fd7b9f7b9776b1 Tejun Heo 2013-11-28 1321 {
35beab0635f3cd Tejun Heo 2014-02-03 1322 struct kernfs_node *pos;
35beab0635f3cd Tejun Heo 2014-02-03 1323
393c3714081a53 Minchan Kim 2021-11-18 @1324 lockdep_assert_held_write(&kernfs_root(kn)->kernfs_rwsem);
fd7b9f7b9776b1 Tejun Heo 2013-11-28 1325
6b0afc2a21726b Tejun Heo 2014-02-03 1326 /*
6b0afc2a21726b Tejun Heo 2014-02-03 1327 * Short-circuit if non-root @kn has already finished removal.
6b0afc2a21726b Tejun Heo 2014-02-03 1328 * This is for kernfs_remove_self() which plays with active ref
6b0afc2a21726b Tejun Heo 2014-02-03 1329 * after removal.
6b0afc2a21726b Tejun Heo 2014-02-03 1330 */
6b0afc2a21726b Tejun Heo 2014-02-03 @1331 if (!kn || (kn->parent && RB_EMPTY_NODE(&kn->rb)))
ce9b499c9f58d7 Greg Kroah-Hartman 2014-01-13 1332 return;
ce9b499c9f58d7 Greg Kroah-Hartman 2014-01-13 1333
c637b8acbe079e Tejun Heo 2013-12-11 1334 pr_debug("kernfs %s: removing\n", kn->name);
fd7b9f7b9776b1 Tejun Heo 2013-11-28 1335
81c173cb5e87fb Tejun Heo 2014-02-03 1336 /* prevent any new usage under @kn by deactivating all nodes */
35beab0635f3cd Tejun Heo 2014-02-03 1337 pos = NULL;
35beab0635f3cd Tejun Heo 2014-02-03 1338 while ((pos = kernfs_next_descendant_post(pos, kn)))
81c173cb5e87fb Tejun Heo 2014-02-03 1339 if (kernfs_active(pos))
81c173cb5e87fb Tejun Heo 2014-02-03 1340 atomic_add(KN_DEACTIVATED_BIAS, &pos->active);
35beab0635f3cd Tejun Heo 2014-02-03 1341
35beab0635f3cd Tejun Heo 2014-02-03 1342 /* deactivate and unlink the subtree node-by-node */
fd7b9f7b9776b1 Tejun Heo 2013-11-28 1343 do {
35beab0635f3cd Tejun Heo 2014-02-03 1344 pos = kernfs_leftmost_descendant(kn);
35beab0635f3cd Tejun Heo 2014-02-03 1345
35beab0635f3cd Tejun Heo 2014-02-03 1346 /*
7ba0273b2f34a5 Ian Kent 2021-07-16 1347 * kernfs_drain() drops kernfs_rwsem temporarily and @pos's
81c173cb5e87fb Tejun Heo 2014-02-03 1348 * base ref could have been put by someone else by the time
81c173cb5e87fb Tejun Heo 2014-02-03 1349 * the function returns. Make sure it doesn't go away
81c173cb5e87fb Tejun Heo 2014-02-03 1350 * underneath us.
35beab0635f3cd Tejun Heo 2014-02-03 1351 */
35beab0635f3cd Tejun Heo 2014-02-03 1352 kernfs_get(pos);
35beab0635f3cd Tejun Heo 2014-02-03 1353
d35258ef702cca Tejun Heo 2014-02-03 1354 /*
d35258ef702cca Tejun Heo 2014-02-03 1355 * Drain iff @kn was activated. This avoids draining and
d35258ef702cca Tejun Heo 2014-02-03 1356 * its lockdep annotations for nodes which have never been
d35258ef702cca Tejun Heo 2014-02-03 1357 * activated and allows embedding kernfs_remove() in create
d35258ef702cca Tejun Heo 2014-02-03 1358 * error paths without worrying about draining.
d35258ef702cca Tejun Heo 2014-02-03 1359 */
d35258ef702cca Tejun Heo 2014-02-03 1360 if (kn->flags & KERNFS_ACTIVATED)
81c173cb5e87fb Tejun Heo 2014-02-03 1361 kernfs_drain(pos);
d35258ef702cca Tejun Heo 2014-02-03 1362 else
d35258ef702cca Tejun Heo 2014-02-03 1363 WARN_ON_ONCE(atomic_read(&kn->active) != KN_DEACTIVATED_BIAS);
35beab0635f3cd Tejun Heo 2014-02-03 1364
35beab0635f3cd Tejun Heo 2014-02-03 1365 /*
35beab0635f3cd Tejun Heo 2014-02-03 1366 * kernfs_unlink_sibling() succeeds once per node. Use it
35beab0635f3cd Tejun Heo 2014-02-03 1367 * to decide who's responsible for cleanups.
35beab0635f3cd Tejun Heo 2014-02-03 1368 */
35beab0635f3cd Tejun Heo 2014-02-03 1369 if (!pos->parent || kernfs_unlink_sibling(pos)) {
35beab0635f3cd Tejun Heo 2014-02-03 1370 struct kernfs_iattrs *ps_iattr =
35beab0635f3cd Tejun Heo 2014-02-03 1371 pos->parent ? pos->parent->iattr : NULL;
35beab0635f3cd Tejun Heo 2014-02-03 1372
35beab0635f3cd Tejun Heo 2014-02-03 1373 /* update timestamps on the parent */
35beab0635f3cd Tejun Heo 2014-02-03 1374 if (ps_iattr) {
05895219627c41 Ondrej Mosnacek 2019-02-22 1375 ktime_get_real_ts64(&ps_iattr->ia_ctime);
05895219627c41 Ondrej Mosnacek 2019-02-22 1376 ps_iattr->ia_mtime = ps_iattr->ia_ctime;
35beab0635f3cd Tejun Heo 2014-02-03 1377 }
35beab0635f3cd Tejun Heo 2014-02-03 1378
988cd7afb3f375 Tejun Heo 2014-02-03 1379 kernfs_put(pos);
35beab0635f3cd Tejun Heo 2014-02-03 1380 }
35beab0635f3cd Tejun Heo 2014-02-03 1381
35beab0635f3cd Tejun Heo 2014-02-03 1382 kernfs_put(pos);
35beab0635f3cd Tejun Heo 2014-02-03 1383 } while (pos != kn);
fd7b9f7b9776b1 Tejun Heo 2013-11-28 1384 }
fd7b9f7b9776b1 Tejun Heo 2013-11-28 1385
:::::: The code at line 1331 was first introduced by commit
:::::: 6b0afc2a21726b2d6b6aa441af40cafaf5405cc8 kernfs, sysfs, driver-core: implement kernfs_remove_self() and its wrappers
:::::: TO: Tejun Heo <tj@kernel.org>
:::::: CC: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
reply other threads:[~2021-11-28 17:56 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202111290125.Pssa2QMU-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.