From: kernel test robot <lkp@intel.com>
To: Ilya Leoshkevich <iii@linux.ibm.com>
Cc: oe-kbuild-all@lists.linux.dev, linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Linux Memory Management List <linux-mm@kvack.org>,
Alexander Potapenko <glider@google.com>
Subject: mm/kmsan/hooks.c:269:14: sparse: sparse: cast removes address space '__user' of expression
Date: Wed, 29 Jan 2025 03:42:10 +0800 [thread overview]
Message-ID: <202501290356.mlGVL2QZ-lkp@intel.com> (raw)
Hi Ilya,
First bad commit (maybe != root cause):
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: e2ee2e9b159094527ae7ad78058b1316f62fc5b7
commit: 3a8f6f3b469b4075919a3613e182f9a70df92d46 kmsan: enable on s390
date: 7 months ago
config: s390-randconfig-r132-20250126 (https://download.01.org/0day-ci/archive/20250129/202501290356.mlGVL2QZ-lkp@intel.com/config)
compiler: clang version 18.1.8 (https://github.com/llvm/llvm-project 3b5b5c1ec4a3095ab096dd780e84d7ab81f3d7ff)
reproduce: (https://download.01.org/0day-ci/archive/20250129/202501290356.mlGVL2QZ-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202501290356.mlGVL2QZ-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
>> mm/kmsan/hooks.c:269:14: sparse: sparse: cast removes address space '__user' of expression
mm/kmsan/hooks.c:271:75: sparse: sparse: incorrect type in argument 3 (different address spaces) @@ expected void const *user_addr @@ got void [noderef] __user *to @@
mm/kmsan/hooks.c:271:75: sparse: expected void const *user_addr
mm/kmsan/hooks.c:271:75: sparse: got void [noderef] __user *to
mm/kmsan/hooks.c:280:50: sparse: sparse: cast removes address space '__user' of expression
mm/kmsan/hooks.c:306:59: sparse: sparse: Using plain integer as NULL pointer
mm/kmsan/hooks.c:319:79: sparse: sparse: Using plain integer as NULL pointer
mm/kmsan/hooks.c:325:79: sparse: sparse: Using plain integer as NULL pointer
mm/kmsan/hooks.c:421:78: sparse: sparse: Using plain integer as NULL pointer
vim +/__user +269 mm/kmsan/hooks.c
b073d7f8aee4eb Alexander Potapenko 2022-09-15 247
75cf0290271bf6 Alexander Potapenko 2022-09-15 248 void kmsan_copy_to_user(void __user *to, const void *from, size_t to_copy,
75cf0290271bf6 Alexander Potapenko 2022-09-15 249 size_t left)
75cf0290271bf6 Alexander Potapenko 2022-09-15 250 {
75cf0290271bf6 Alexander Potapenko 2022-09-15 251 unsigned long ua_flags;
75cf0290271bf6 Alexander Potapenko 2022-09-15 252
75cf0290271bf6 Alexander Potapenko 2022-09-15 253 if (!kmsan_enabled || kmsan_in_runtime())
75cf0290271bf6 Alexander Potapenko 2022-09-15 254 return;
75cf0290271bf6 Alexander Potapenko 2022-09-15 255 /*
75cf0290271bf6 Alexander Potapenko 2022-09-15 256 * At this point we've copied the memory already. It's hard to check it
75cf0290271bf6 Alexander Potapenko 2022-09-15 257 * before copying, as the size of actually copied buffer is unknown.
75cf0290271bf6 Alexander Potapenko 2022-09-15 258 */
75cf0290271bf6 Alexander Potapenko 2022-09-15 259
75cf0290271bf6 Alexander Potapenko 2022-09-15 260 /* copy_to_user() may copy zero bytes. No need to check. */
75cf0290271bf6 Alexander Potapenko 2022-09-15 261 if (!to_copy)
75cf0290271bf6 Alexander Potapenko 2022-09-15 262 return;
75cf0290271bf6 Alexander Potapenko 2022-09-15 263 /* Or maybe copy_to_user() failed to copy anything. */
75cf0290271bf6 Alexander Potapenko 2022-09-15 264 if (to_copy <= left)
75cf0290271bf6 Alexander Potapenko 2022-09-15 265 return;
75cf0290271bf6 Alexander Potapenko 2022-09-15 266
75cf0290271bf6 Alexander Potapenko 2022-09-15 267 ua_flags = user_access_save();
f926e9326f3a79 Ilya Leoshkevich 2024-06-21 268 if (!IS_ENABLED(CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE) ||
f926e9326f3a79 Ilya Leoshkevich 2024-06-21 @269 (u64)to < TASK_SIZE) {
75cf0290271bf6 Alexander Potapenko 2022-09-15 270 /* This is a user memory access, check it. */
75cf0290271bf6 Alexander Potapenko 2022-09-15 271 kmsan_internal_check_memory((void *)from, to_copy - left, to,
75cf0290271bf6 Alexander Potapenko 2022-09-15 272 REASON_COPY_TO_USER);
75cf0290271bf6 Alexander Potapenko 2022-09-15 273 } else {
75cf0290271bf6 Alexander Potapenko 2022-09-15 274 /* Otherwise this is a kernel memory access. This happens when a
75cf0290271bf6 Alexander Potapenko 2022-09-15 275 * compat syscall passes an argument allocated on the kernel
75cf0290271bf6 Alexander Potapenko 2022-09-15 276 * stack to a real syscall.
75cf0290271bf6 Alexander Potapenko 2022-09-15 277 * Don't check anything, just copy the shadow of the copied
75cf0290271bf6 Alexander Potapenko 2022-09-15 278 * bytes.
75cf0290271bf6 Alexander Potapenko 2022-09-15 279 */
75cf0290271bf6 Alexander Potapenko 2022-09-15 280 kmsan_internal_memmove_metadata((void *)to, (void *)from,
75cf0290271bf6 Alexander Potapenko 2022-09-15 281 to_copy - left);
75cf0290271bf6 Alexander Potapenko 2022-09-15 282 }
75cf0290271bf6 Alexander Potapenko 2022-09-15 283 user_access_restore(ua_flags);
75cf0290271bf6 Alexander Potapenko 2022-09-15 284 }
75cf0290271bf6 Alexander Potapenko 2022-09-15 285 EXPORT_SYMBOL(kmsan_copy_to_user);
75cf0290271bf6 Alexander Potapenko 2022-09-15 286
:::::: The code at line 269 was first introduced by commit
:::::: f926e9326f3a79f7e01ac790e2361f44d8ca8320 kmsan: fix kmsan_copy_to_user() on arches with overlapping address spaces
:::::: TO: Ilya Leoshkevich <iii@linux.ibm.com>
:::::: CC: Andrew Morton <akpm@linux-foundation.org>
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
next reply other threads:[~2025-01-28 19:42 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-28 19:42 kernel test robot [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-07-30 2:01 mm/kmsan/hooks.c:269:14: sparse: sparse: cast removes address space '__user' of expression kernel test robot
2025-06-13 4:28 kernel test robot
2025-06-15 8:11 ` David Laight
2025-04-22 8:15 kernel test robot
2025-03-02 23:47 kernel test robot
2024-12-12 11:02 kernel test robot
2024-11-01 4:56 kernel test robot
2024-09-22 11:36 kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202501290356.mlGVL2QZ-lkp@intel.com \
--to=lkp@intel.com \
--cc=akpm@linux-foundation.org \
--cc=glider@google.com \
--cc=iii@linux.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=oe-kbuild-all@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.