From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: Re: [PATCH v1 1/2] cpumask: Fix invalid uniprocessor mask assumption
Date: Sat, 04 Jun 2022 20:02:10 +0800 [thread overview]
Message-ID: <202206041950.Be4CObej-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 19666 bytes --]
::::::
:::::: Manual check reason: "low confidence static check warning: include/linux/cpumask.h:134:11: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]"
::::::
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
In-Reply-To: <017b97698ba58d33bf45d30317d5a73c5b93d2a0.1654201862.git.sander@svanheule.net>
References: <017b97698ba58d33bf45d30317d5a73c5b93d2a0.1654201862.git.sander@svanheule.net>
TO: Sander Vanheule <sander@svanheule.net>
TO: Peter Zijlstra <peterz@infradead.org>
TO: Yury Norov <yury.norov@gmail.com>
TO: Andrew Morton <akpm@linux-foundation.org>
CC: Linux Memory Management List <linux-mm@kvack.org>
TO: Valentin Schneider <vschneid@redhat.com>
TO: Thomas Gleixner <tglx@linutronix.de>
TO: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>
TO: Marco Elver <elver@google.com>
TO: Barry Song <song.bao.hua@hisilicon.com>
CC: linux-kernel(a)vger.kernel.org
CC: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
CC: Sander Vanheule <sander@svanheule.net>
Hi Sander,
I love your patch! Perhaps something to improve:
[auto build test WARNING on akpm-mm/mm-everything]
[also build test WARNING on linus/master v5.18 next-20220603]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/intel-lab-lkp/linux/commits/Sander-Vanheule/cpumask-Fix-invalid-uniprocessor-assumptions/20220603-050659
base: https://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git mm-everything
:::::: branch date: 2 days ago
:::::: commit date: 2 days ago
config: i386-randconfig-c001 (https://download.01.org/0day-ci/archive/20220604/202206041950.Be4CObej-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project b364c76683f8ef241025a9556300778c07b590c2)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/intel-lab-lkp/linux/commit/4bf6a27a30fc5847a5fc6e6dae56e5716c2625ad
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Sander-Vanheule/cpumask-Fix-invalid-uniprocessor-assumptions/20220603-050659
git checkout 4bf6a27a30fc5847a5fc6e6dae56e5716c2625ad
# save the config file
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386 clang-analyzer
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^
block/blk-mq.c:3012:17: note: Assuming the condition is false
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~
include/linux/compiler.h:58:52: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
block/blk-mq.c:3012:2: note: '?' condition is false
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
include/linux/compiler.h:56:28: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^
include/linux/compiler.h:58:31: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^
block/blk-mq.c:3012:6: note: Assuming field 'bio' is non-null
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~
include/linux/compiler.h:58:86: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
include/linux/compiler.h:69:3: note: expanded from macro '__trace_if_value'
(cond) ? \
^~~~
block/blk-mq.c:3012:6: note: Left side of '&&' is true
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
block/blk-mq.c:3012:17: note: Assuming the condition is true
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~
include/linux/compiler.h:58:86: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
include/linux/compiler.h:69:3: note: expanded from macro '__trace_if_value'
(cond) ? \
^~~~
block/blk-mq.c:3012:2: note: '?' condition is true
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
include/linux/compiler.h:56:28: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^
include/linux/compiler.h:58:69: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^
include/linux/compiler.h:69:2: note: expanded from macro '__trace_if_value'
(cond) ? \
^
block/blk-mq.c:3012:2: note: Taking true branch
if (rq->bio && blk_crypto_rq_bio_prep(rq, rq->bio, gfp_mask) < 0)
^
include/linux/compiler.h:56:23: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^
block/blk-mq.c:3013:3: note: Control jumps to line 3018
goto free_and_out;
^
block/blk-mq.c:3018:2: note: 1st function call argument is an uninitialized value
if (bio)
^
include/linux/compiler.h:56:28: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/compiler.h:58:31: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^ ~~~~
block/blk-mq.c:4234:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(new_tags, set->tags, cur_nr_hw_queues *
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
block/blk-mq.c:4234:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(new_tags, set->tags, cur_nr_hw_queues *
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
block/blk-mq.c:4344:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(set, 0, sizeof(*set));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
block/blk-mq.c:4344:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(set, 0, sizeof(*set));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
>> include/linux/cpumask.h:134:11: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
return !(*cpumask_bits(srcp1) & *cpumask_bits(srcp2) & 1);
^
block/blk-mq.c:3335:31: note: Assuming '____ptr' is null
struct blk_mq_hw_ctx *hctx = hlist_entry_safe(node,
^
include/linux/list.h:1029:5: note: expanded from macro 'hlist_entry_safe'
____ptr ? hlist_entry(____ptr, type, member) : NULL; \
^~~~~~~
block/blk-mq.c:3335:31: note: '?' condition is false
struct blk_mq_hw_ctx *hctx = hlist_entry_safe(node,
^
include/linux/list.h:1029:5: note: expanded from macro 'hlist_entry_safe'
____ptr ? hlist_entry(____ptr, type, member) : NULL; \
^
block/blk-mq.c:3338:6: note: Assuming the condition is false
if (!cpumask_test_cpu(cpu, hctx->cpumask) ||
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~
include/linux/compiler.h:58:52: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
block/blk-mq.c:3338:6: note: Left side of '||' is false
if (!cpumask_test_cpu(cpu, hctx->cpumask) ||
^
block/blk-mq.c:3339:7: note: Calling 'blk_mq_last_cpu_in_hctx'
!blk_mq_last_cpu_in_hctx(cpu, hctx))
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~
include/linux/compiler.h:58:52: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
block/blk-mq.c:3326:24: note: Passing null pointer value via 1st parameter 'srcp1'
if (cpumask_first_and(hctx->cpumask, cpu_online_mask) != cpu)
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
^~~~
include/linux/compiler.h:58:52: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
block/blk-mq.c:3326:6: note: Calling 'cpumask_first_and'
if (cpumask_first_and(hctx->cpumask, cpu_online_mask) != cpu)
^
include/linux/compiler.h:56:47: note: expanded from macro 'if'
#define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) )
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/compiler.h:58:52: note: expanded from macro '__trace_if_var'
#define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond))
^~~~
include/linux/cpumask.h:134:11: note: Dereference of null pointer
return !(*cpumask_bits(srcp1) & *cpumask_bits(srcp2) & 1);
^~~~~~~~~~~~~~~~~~~~
Suppressed 47 warnings (47 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
46 warnings generated.
drivers/nvme/host/multipath.c:40:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%s\n", nvme_iopolicy_names[iopolicy]);
^~~~~~~
drivers/nvme/host/multipath.c:40:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%s\n", nvme_iopolicy_names[iopolicy]);
^~~~~~~
drivers/nvme/host/multipath.c:498:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(head->disk->disk_name, "nvme%dn%d",
^~~~~~~
drivers/nvme/host/multipath.c:498:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(head->disk->disk_name, "nvme%dn%d",
^~~~~~~
Suppressed 44 warnings (44 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
65 warnings generated.
drivers/nvme/host/fabrics.c:70:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(host->nqn, NVMF_NQN_SIZE,
^~~~~~~~
drivers/nvme/host/fabrics.c:70:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(host->nqn, NVMF_NQN_SIZE,
^~~~~~~~
drivers/nvme/host/fabrics.c:388:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(data->subsysnqn, ctrl->opts->subsysnqn, NVMF_NQN_SIZE);
^~~~~~~
drivers/nvme/host/fabrics.c:388:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(data->subsysnqn, ctrl->opts->subsysnqn, NVMF_NQN_SIZE);
^~~~~~~
drivers/nvme/host/fabrics.c:389:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(data->hostnqn, ctrl->opts->host->nqn, NVMF_NQN_SIZE);
^~~~~~~
drivers/nvme/host/fabrics.c:389:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(data->hostnqn, ctrl->opts->host->nqn, NVMF_NQN_SIZE);
^~~~~~~
drivers/nvme/host/fabrics.c:449:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(data->subsysnqn, ctrl->opts->subsysnqn, NVMF_NQN_SIZE);
^~~~~~~
drivers/nvme/host/fabrics.c:449:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(data->subsysnqn, ctrl->opts->subsysnqn, NVMF_NQN_SIZE);
^~~~~~~
drivers/nvme/host/fabrics.c:450:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(data->hostnqn, ctrl->opts->host->nqn, NVMF_NQN_SIZE);
vim +134 include/linux/cpumask.h
9b51d9d866482a Yury Norov 2021-08-14 130
93ba139ba8190c Yury Norov 2021-08-14 131 static inline unsigned int cpumask_first_and(const struct cpumask *srcp1,
93ba139ba8190c Yury Norov 2021-08-14 132 const struct cpumask *srcp2)
93ba139ba8190c Yury Norov 2021-08-14 133 {
4bf6a27a30fc58 Sander Vanheule 2022-06-02 @134 return !(*cpumask_bits(srcp1) & *cpumask_bits(srcp2) & 1);
93ba139ba8190c Yury Norov 2021-08-14 135 }
93ba139ba8190c Yury Norov 2021-08-14 136
--
0-DAY CI Kernel Test Service
https://01.org/lkp
next reply other threads:[~2022-06-04 12:02 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-04 12:02 kernel test robot [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-06-03 5:35 [PATCH v1 1/2] cpumask: Fix invalid uniprocessor mask assumption kernel test robot
2022-06-02 21:04 [PATCH v1 0/2] cpumask: Fix invalid uniprocessor assumptions Sander Vanheule
2022-06-02 21:04 ` [PATCH v1 1/2] cpumask: Fix invalid uniprocessor mask assumption Sander Vanheule
2022-06-02 22:48 ` Yury Norov
2022-06-03 15:13 ` Sander Vanheule
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202206041950.Be4CObej-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.