From: kernel test robot <lkp@intel.com>
To: "Christophe Leroy (CS GROUP)" <chleroy@kernel.org>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
Linus Torvalds <torvalds@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
David Laight <david.laight.linux@gmail.com>
Cc: oe-kbuild-all@lists.linux.dev,
LKML <linux-kernel@vger.kernel.org>,
"Christophe Leroy (CS GROUP)" <chleroy@kernel.org>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] fs: Replace user_access_{begin/end} by scoped user access
Date: Wed, 11 Mar 2026 08:27:24 +0800 [thread overview]
Message-ID: <202603110842.VJ27Z6FK-lkp@intel.com> (raw)
In-Reply-To: <5021aa325554b3d2437341514ab0a2977e158274.1773153431.git.chleroy@kernel.org>
Hi Christophe,
kernel test robot noticed the following build errors:
[auto build test ERROR on brauner-vfs/vfs.all]
[also build test ERROR on linus/master v7.0-rc3 next-20260310]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Christophe-Leroy-CS-GROUP/fs-Replace-user_access_-begin-end-by-scoped-user-access/20260310-230227
base: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git vfs.all
patch link: https://lore.kernel.org/r/5021aa325554b3d2437341514ab0a2977e158274.1773153431.git.chleroy%40kernel.org
patch subject: [PATCH] fs: Replace user_access_{begin/end} by scoped user access
config: x86_64-randconfig-161-20260311 (https://download.01.org/0day-ci/archive/20260311/202603110842.VJ27Z6FK-lkp@intel.com/config)
compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261)
smatch: v0.5.0-9004-gb810ac53
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260311/202603110842.VJ27Z6FK-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202603110842.VJ27Z6FK-lkp@intel.com/
All errors (new ones prefixed by >>):
>> fs/readdir.c:454:26: error: too few arguments provided to function-like macro invocation
454 | (unsigned long)dirent), efault) {
| ^
include/linux/uaccess.h:778:9: note: macro 'scoped_user_write_access_size' defined here
778 | #define scoped_user_write_access_size(udst, size, elbl) \
| ^
>> fs/readdir.c:452:2: error: use of undeclared identifier 'scoped_user_write_access_size'; did you mean '__scoped_user_write_access_end'?
452 | scoped_user_write_access_size(dirent,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| __scoped_user_write_access_end
include/linux/uaccess.h:658:29: note: '__scoped_user_write_access_end' declared here
658 | static __always_inline void __scoped_user_write_access_end(const void *p)
| ^
>> fs/readdir.c:454:35: error: expected ';' after expression
454 | (unsigned long)dirent), efault) {
| ^
| ;
>> fs/readdir.c:454:29: error: use of undeclared identifier 'efault'
454 | (unsigned long)dirent), efault) {
| ^
>> fs/readdir.c:454:35: error: expected expression
454 | (unsigned long)dirent), efault) {
| ^
>> fs/readdir.c:532:60: error: use of undeclared label 'efault'
532 | scoped_user_write_access_size(prev, reclen + prev_reclen, efault);
| ^
>> fs/readdir.c:540:2: error: unknown type name 'buf'
540 | buf->prev_reclen = reclen;
| ^
>> fs/readdir.c:540:5: error: expected identifier or '('
540 | buf->prev_reclen = reclen;
| ^
fs/readdir.c:541:2: error: unknown type name 'buf'
541 | buf->current_dir = (void __user *)dirent + reclen;
| ^
fs/readdir.c:541:5: error: expected identifier or '('
541 | buf->current_dir = (void __user *)dirent + reclen;
| ^
>> fs/readdir.c:542:2: error: unknown type name 'ctx'
542 | ctx->count -= reclen;
| ^
fs/readdir.c:542:5: error: expected identifier or '('
542 | ctx->count -= reclen;
| ^
fs/readdir.c:543:2: error: expected identifier or '('
543 | return true;
| ^
>> fs/readdir.c:544:1: error: type specifier missing, defaults to 'int'; ISO C99 and later do not support implicit int [-Wimplicit-int]
544 | efault:
| ^
| int
>> fs/readdir.c:544:7: error: expected ';' after top level declarator
544 | efault:
| ^
| ;
fs/readdir.c:545:2: error: unknown type name 'buf'
545 | buf->error = -EFAULT;
| ^
fs/readdir.c:545:5: error: expected identifier or '('
545 | buf->error = -EFAULT;
| ^
fs/readdir.c:546:2: error: expected identifier or '('
546 | return false;
| ^
>> fs/readdir.c:547:1: error: extraneous closing brace ('}')
547 | }
| ^
19 errors generated.
vim +454 fs/readdir.c
430
431 static bool compat_fillonedir(struct dir_context *ctx, const char *name,
432 int namlen, loff_t offset, u64 ino,
433 unsigned int d_type)
434 {
435 struct compat_readdir_callback *buf =
436 container_of(ctx, struct compat_readdir_callback, ctx);
437 struct compat_old_linux_dirent __user *dirent;
438 compat_ulong_t d_ino;
439
440 if (buf->result)
441 return false;
442 buf->result = verify_dirent_name(name, namlen);
443 if (buf->result)
444 return false;
445 d_ino = ino;
446 if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
447 buf->result = -EOVERFLOW;
448 return false;
449 }
450 buf->result++;
451 dirent = buf->dirent;
> 452 scoped_user_write_access_size(dirent,
453 (unsigned long)(dirent->d_name + namlen + 1) -
> 454 (unsigned long)dirent), efault) {
455 unsafe_put_user(d_ino, &dirent->d_ino, efault);
456 unsafe_put_user(offset, &dirent->d_offset, efault);
457 unsafe_put_user(namlen, &dirent->d_namlen, efault);
458 unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault);
459 }
460 return true;
461 efault:
462 buf->result = -EFAULT;
463 return false;
464 }
465
466 COMPAT_SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
467 struct compat_old_linux_dirent __user *, dirent, unsigned int, count)
468 {
469 int error;
470 CLASS(fd_pos, f)(fd);
471 struct compat_readdir_callback buf = {
472 .ctx.actor = compat_fillonedir,
473 .ctx.count = 1, /* Hint to fs: just one entry. */
474 .dirent = dirent
475 };
476
477 if (fd_empty(f))
478 return -EBADF;
479
480 error = iterate_dir(fd_file(f), &buf.ctx);
481 if (buf.result)
482 error = buf.result;
483
484 return error;
485 }
486
487 struct compat_linux_dirent {
488 compat_ulong_t d_ino;
489 compat_ulong_t d_off;
490 unsigned short d_reclen;
491 char d_name[];
492 };
493
494 struct compat_getdents_callback {
495 struct dir_context ctx;
496 struct compat_linux_dirent __user *current_dir;
497 int prev_reclen;
498 int error;
499 };
500
501 static bool compat_filldir(struct dir_context *ctx, const char *name, int namlen,
502 loff_t offset, u64 ino, unsigned int d_type)
503 {
504 struct compat_linux_dirent __user *dirent, *prev;
505 struct compat_getdents_callback *buf =
506 container_of(ctx, struct compat_getdents_callback, ctx);
507 compat_ulong_t d_ino;
508 int reclen = ALIGN(offsetof(struct compat_linux_dirent, d_name) +
509 namlen + 2, sizeof(compat_long_t));
510 int prev_reclen;
511 unsigned int flags = d_type;
512
513 BUILD_BUG_ON(FILLDIR_FLAG_NOINTR & S_DT_MASK);
514 d_type &= S_DT_MASK;
515
516 buf->error = verify_dirent_name(name, namlen);
517 if (unlikely(buf->error))
518 return false;
519 buf->error = -EINVAL; /* only used if we fail.. */
520 if (reclen > ctx->count)
521 return false;
522 d_ino = ino;
523 if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
524 buf->error = -EOVERFLOW;
525 return false;
526 }
527 prev_reclen = buf->prev_reclen;
528 if (!(flags & FILLDIR_FLAG_NOINTR) && prev_reclen && signal_pending(current))
529 return false;
530 dirent = buf->current_dir;
531 prev = (void __user *) dirent - prev_reclen;
> 532 scoped_user_write_access_size(prev, reclen + prev_reclen, efault);
533 unsafe_put_user(offset, &prev->d_off, efault);
534 unsafe_put_user(d_ino, &dirent->d_ino, efault);
535 unsafe_put_user(reclen, &dirent->d_reclen, efault);
536 unsafe_put_user(d_type, (char __user *) dirent + reclen - 1, efault);
537 unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault);
538 }
539
> 540 buf->prev_reclen = reclen;
541 buf->current_dir = (void __user *)dirent + reclen;
> 542 ctx->count -= reclen;
543 return true;
> 544 efault:
545 buf->error = -EFAULT;
546 return false;
> 547 }
548
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
prev parent reply other threads:[~2026-03-11 0:28 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-10 14:40 [PATCH] fs: Replace user_access_{begin/end} by scoped user access Christophe Leroy (CS GROUP)
2026-03-10 22:10 ` kernel test robot
2026-03-10 23:01 ` kernel test robot
2026-03-11 0:27 ` kernel test robot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202603110842.VJ27Z6FK-lkp@intel.com \
--to=lkp@intel.com \
--cc=brauner@kernel.org \
--cc=chleroy@kernel.org \
--cc=david.laight.linux@gmail.com \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oe-kbuild-all@lists.linux.dev \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox