* [akpm-mm:mm-new 203/214] mm/mremap.c:1829 remap_move() error: uninitialized symbol 'last_end'.
@ 2025-07-14 19:35 Dan Carpenter
2025-07-15 3:52 ` Lorenzo Stoakes
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2025-07-14 19:35 UTC (permalink / raw)
To: oe-kbuild, Lorenzo Stoakes
Cc: lkp, oe-kbuild-all, Andrew Morton, Linux Memory Management List
tree: https://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git mm-new
head: 9911a6d0676c211ea4df7eb8fe82ee6a0bb64fb4
commit: f1d4bfd28bb6e2e82f5fc58c7a0e17b7e15bba29 [203/214] mm/mremap: permit mremap() move of multiple VMAs
config: x86_64-randconfig-161-20250711 (https://download.01.org/0day-ci/archive/20250712/202507120401.DCzwzjow-lkp@intel.com/config)
compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
| Closes: https://lore.kernel.org/r/202507120401.DCzwzjow-lkp@intel.com/
smatch warnings:
mm/mremap.c:1829 remap_move() error: uninitialized symbol 'last_end'.
vim +/last_end +1829 mm/mremap.c
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1785 static unsigned long remap_move(struct vma_remap_struct *vrm)
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1786 {
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1787 struct vm_area_struct *vma;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1788 unsigned long start = vrm->addr;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1789 unsigned long end = vrm->addr + vrm->old_len;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1790 unsigned long new_addr = vrm->new_addr;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1791 unsigned long prev_addr = start;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1792 VMA_ITERATOR(vmi, current->mm, start);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1793 unsigned long res = -EFAULT;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1794 unsigned long last_end;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1795
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1796 /*
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1797 * When moving VMAs we allow for batched moves across multiple VMAs,
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1798 * with all VMAs in the input range [addr, addr + old_len) being moved
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1799 * (and split as necessary).
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1800 */
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1801 for_each_vma_range(vmi, vma, end) {
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1802 /* Account for start, end not aligned with VMA start, end. */
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1803 unsigned long addr = max(vma->vm_start, start);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1804 unsigned long len = min(end, vma->vm_end) - addr;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1805 unsigned long offset, res_vma;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1806
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1807 /* Merged with self, move on. */
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1808 if (vrm->multi_vma && prev_addr == addr)
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1809 continue;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1810
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1811 /*
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1812 * To sensibly move multiple VMAs, accounting for the fact that
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1813 * get_unmapped_area() may align even MAP_FIXED moves, we simply
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1814 * attempt to move such that the gaps between source VMAs remain
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1815 * consistent in destination VMAs, e.g.:
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1816 *
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1817 * X Y X Y
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1818 * <---> <-> <---> <->
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1819 * |-------| |-----| |-----| |-------| |-----| |-----|
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1820 * | A | | B | | C | ---> | A' | | B' | | C' |
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1821 * |-------| |-----| |-----| |-------| |-----| |-----|
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1822 * new_addr
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1823 *
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1824 * Now, new_addr may be altered even with MREMAP_FIXED set, due
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1825 * to e.g. alignment changes from get_unmapped_area().
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1826 *
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1827 * So we map B' at A'->vm_end + X, and C' at B'->vm_end + Y.
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1828 */
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 @1829 offset = vrm->multi_vma ? vma->vm_start - last_end : 0;
^^^^^^^^
The "last_end" variable is set on the next line. I don't know the
starting value of vrm->multi_vma so it's possible that this is a false
positive but it seems like a legit issue at first glance.
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1830 last_end = vma->vm_end;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1831
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1832 vrm->vma = vma;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1833 vrm->addr = addr;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1834 vrm->new_addr = new_addr + offset;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1835 vrm->old_len = vrm->new_len = len;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1836
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1837 res_vma = check_prep_vma(vrm);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1838 if (!res_vma)
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1839 res_vma = mremap_to(vrm);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1840 if (IS_ERR_VALUE(res_vma))
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1841 return res_vma;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1842
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1843 /* mmap lock is only dropped on shrink. */
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1844 VM_WARN_ON_ONCE(!vrm->mmap_locked);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1845 /* This is a move, no expand should occur. */
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1846 VM_WARN_ON_ONCE(vrm->populate_expand);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1847
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1848 if (!vrm->multi_vma)
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1849 res = res_vma;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1850
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1851 if (vrm->vmi_needs_reset) {
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1852 vma_iter_reset(&vmi);
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1853 vrm->vmi_needs_reset = false;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1854 }
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1855 vrm->multi_vma = true;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1856 prev_addr = addr;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1857 new_addr = res_vma + vrm->new_len;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1858 }
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1859
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1860 return res;
f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1861 }
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [akpm-mm:mm-new 203/214] mm/mremap.c:1829 remap_move() error: uninitialized symbol 'last_end'.
2025-07-14 19:35 [akpm-mm:mm-new 203/214] mm/mremap.c:1829 remap_move() error: uninitialized symbol 'last_end' Dan Carpenter
@ 2025-07-15 3:52 ` Lorenzo Stoakes
0 siblings, 0 replies; 2+ messages in thread
From: Lorenzo Stoakes @ 2025-07-15 3:52 UTC (permalink / raw)
To: Dan Carpenter
Cc: oe-kbuild, lkp, oe-kbuild-all, Andrew Morton,
Linux Memory Management List
On Mon, Jul 14, 2025 at 10:35:12PM +0300, Dan Carpenter wrote:
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1785 static unsigned long remap_move(struct vma_remap_struct *vrm)
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1786 {
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1787 struct vm_area_struct *vma;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1788 unsigned long start = vrm->addr;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1789 unsigned long end = vrm->addr + vrm->old_len;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1790 unsigned long new_addr = vrm->new_addr;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1791 unsigned long prev_addr = start;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1792 VMA_ITERATOR(vmi, current->mm, start);
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1793 unsigned long res = -EFAULT;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1794 unsigned long last_end;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1795
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1796 /*
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1797 * When moving VMAs we allow for batched moves across multiple VMAs,
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1798 * with all VMAs in the input range [addr, addr + old_len) being moved
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1799 * (and split as necessary).
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1800 */
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1801 for_each_vma_range(vmi, vma, end) {
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1802 /* Account for start, end not aligned with VMA start, end. */
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1803 unsigned long addr = max(vma->vm_start, start);
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1804 unsigned long len = min(end, vma->vm_end) - addr;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1805 unsigned long offset, res_vma;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1806
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1807 /* Merged with self, move on. */
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1808 if (vrm->multi_vma && prev_addr == addr)
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1809 continue;
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1810
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1811 /*
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1812 * To sensibly move multiple VMAs, accounting for the fact that
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1813 * get_unmapped_area() may align even MAP_FIXED moves, we simply
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1814 * attempt to move such that the gaps between source VMAs remain
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1815 * consistent in destination VMAs, e.g.:
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1816 *
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1817 * X Y X Y
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1818 * <---> <-> <---> <->
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1819 * |-------| |-----| |-----| |-------| |-----| |-----|
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1820 * | A | | B | | C | ---> | A' | | B' | | C' |
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1821 * |-------| |-----| |-----| |-------| |-----| |-----|
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1822 * new_addr
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1823 *
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1824 * Now, new_addr may be altered even with MREMAP_FIXED set, due
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1825 * to e.g. alignment changes from get_unmapped_area().
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1826 *
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1827 * So we map B' at A'->vm_end + X, and C' at B'->vm_end + Y.
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 1828 */
> f1d4bfd28bb6e2 Lorenzo Stoakes 2025-07-10 @1829 offset = vrm->multi_vma ? vma->vm_start - last_end : 0;
> ^^^^^^^^
> The "last_end" variable is set on the next line. I don't know the
> starting value of vrm->multi_vma so it's possible that this is a false
> positive but it seems like a legit issue at first glance.
It's a false positive.
vrm->multi_vma starts off false, and is only set to true at a point last_end is
assigned to.
The new version of this series which presumably hasn't wound its way to -next
yet uses a local variable instead of vrm->multi_vma which makes this clearer.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-07-15 3:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-14 19:35 [akpm-mm:mm-new 203/214] mm/mremap.c:1829 remap_move() error: uninitialized symbol 'last_end' Dan Carpenter
2025-07-15 3:52 ` Lorenzo Stoakes
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).