From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-lf1-f74.google.com (mail-lf1-f74.google.com [209.85.167.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7396E3EB81C
	for <linux-kernel@vger.kernel.org>; Wed, 22 Apr 2026 12:53:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.74
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1776862387; cv=none; b=ATJkSuLpbpwllA02njO6AazL/Y2wVvTiFbGovAna5VBjKHKCRIML0szz8qiY+LZW1GgOd90DU+Kcjmre2kkEiIANXCo2zeOIBSyCGviVxuB9WY0JJve84rBmQLYGIQMmJvQMeq0TwdbgAs3pfO+G4UdCc8R71qnIzb0yyWHskIo=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1776862387; c=relaxed/simple;
	bh=QAAgnvfLbTV6G0iAqivzRyaYcmJU3GauLQB6j2OtGP0=;
	h=Date:Mime-Version:Message-ID:Subject:From:To:Cc:Content-Type; b=j1itep2gR4PTe/xPuQ7o6TaK30aHlaIZYG6Hc0QRubWOpuzojbPy9TXwvGQwnGOu5I6YKwVnAhXDMr+jLNA46lGmPcjv+sZMT0OiDxUu1P2x7aLvwQhsbHl5k4vG3xxekSxaibM0nIOZsZsCxHY4SE+jro4uKgxHuvPwX6zRoVg=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--elver.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ZK4IAOQ0; arc=none smtp.client-ip=209.85.167.74
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--elver.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ZK4IAOQ0"
Received: by mail-lf1-f74.google.com with SMTP id 2adb3069b0e04-59e0abad4fbso4036206e87.2
        for <linux-kernel@vger.kernel.org>; Wed, 22 Apr 2026 05:53:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1776862383; x=1777467183; darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject
         :date:message-id:reply-to;
        bh=MdhQDbuZOn7nYwA+SaJFoaYJOBAzIjygrJRHtHY3+8M=;
        b=ZK4IAOQ0Y22K3S8kH5T0keTSDpgfq8FhXVU2B3SJzBHZpl8d6MKdxLqhc3UkRpOljL
         /44jJqFN9GW4u9xM2vbCd9l3K/LXt72F8rY3tzEwyjRGiByMcKO867XwfHFBz5YfxvaA
         lgzqbDBOH90sK2CibEJLiQnqZl6bqGKX9xH9s+05v8bZ5IdMLz+40yrZHNDzn5woDCAe
         SgHa9+lVc++zkwS6RfdWtZ/gD+o8UYZKigO4pZhWcUhncShzbrlrfhEiDbl0mz0tDE3j
         YJpeOjas3IhvCcamn56k3Okp6+006oqYOx0FdJzLdBL9Vvb6907NgiVnD3euCJAXATNE
         VZpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1776862383; x=1777467183;
        h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=MdhQDbuZOn7nYwA+SaJFoaYJOBAzIjygrJRHtHY3+8M=;
        b=i/0U7Fh7WzK5LLSb54euTZYE8UzkVQxHk8/Y9lIqmRDS5iS713tJ1K4wnAgiTH4KEh
         41KZhGjLMeZ38Je/W6zVW+5ghwFrEaoa8hs0PIxItwZVn3clMBu36K71HVEJ1u0WnLF1
         gsE0thr7A0jO1xlsE0j3yvTKI3efsziZX0iNiMOxgzStaY3LlvfEW+8kEXn73GAmOU9X
         A8W4zDQUhcNEgotDLLeM4mE7KVcgbdBbYCM+msDtUmu0RZwWZnM88smS6qqwn8ipyI1N
         TARUk4iBUwFYRd8/+NcLPpLuvfnZcTwr0f/y80+QLiYXYPnr3rjbnSzOhguyuxaTYfi2
         XrrA==
X-Forwarded-Encrypted: i=1; AFNElJ8ZZbDt869DPaUkx0vRfnVaPIIv6FNEPCexaOtPEdjSo7/h3j/wIJaZnmgvc14ABFm0p1Hyczt0rY8K4wE=@vger.kernel.org
X-Gm-Message-State: AOJu0Yyrs7XwK3vIdiNMrG6HU10KZDS8IwzseM7iHyOxPZKfo+l7ZtHw
	ccq4Ycr1fCp4Y1DTEnXrxeRxQ9zJBC/Rfjt44iTuTG69sRn3yRRHwnACXRKY32ok8A2JZ9hADqp
	QxQ==
X-Received: from lfbdx3.prod.google.com ([2002:a05:6512:2c03:b0:5a2:c607:5cb8])
 (user=elver job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6512:1394:b0:5a3:fcba:559d
 with SMTP id 2adb3069b0e04-5a4172f6304mr8316156e87.20.1776862381896; Wed, 22
 Apr 2026 05:53:01 -0700 (PDT)
Date: Wed, 22 Apr 2026 14:52:28 +0200
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
X-Mailer: git-send-email 2.54.0.rc2.533.g4f5dca5207-goog
Message-ID: <20260422125256.87513-1-elver@google.com>
Subject: [PATCH v2] kcsan: Silence -Wmaybe-uninitialized when calling __kcsan_check_access()
From: Marco Elver <elver@google.com>
To: elver@google.com
Cc: kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, 
	Arnd Bergmann <arnd@arndb.de>, Dmitry Vyukov <dvyukov@google.com>
Content-Type: text/plain; charset="UTF-8"

Some subsystems enable -Wmaybe-uninitialized [1], which can trigger
false positives when KCSAN is enabled. Specifically, passing an
uninitialized variable to functions that instrument accesses (e.g.,
copy_from_user()) results in calls to __kcsan_check_access().

Because __kcsan_check_access() takes a `const volatile void *ptr`, GCC
infers that the function may only read the memory location, and thus
warns if the passed variable is uninitialized.

However, KCSAN is a dynamic analysis tool for data race detection; while
it does read the memory location to detect concurrent modifications, the
"initialized'ness" of the memory location is irrelevant for its analysis.

Use absolute_pointer() in __kcsan_check_write(), kcsan_check_write(),
and kcsan_check_atomic_write() to hide the pointer from the compiler,
preventing it from concluding that the pointer passed points to
uninitialized memory.

This fixes warnings like:

|   CC      fs/ntfs3/file.o
| In file included from include/asm-generic/rwonce.h:27,
|                  from arch/arm64/include/asm/rwonce.h:81,
|                  from include/linux/compiler.h:369,
|                  from include/linux/array_size.h:5,
|                  from include/linux/kernel.h:16,
|                  from include/linux/backing-dev.h:12,
|                  from fs/ntfs3/file.c:10:
| In function 'instrument_copy_from_user_before',
|     inlined from '_inline_copy_from_user' at include/linux/uaccess.h:184:2,
|     inlined from 'copy_from_user' at include/linux/uaccess.h:221:9,
|     inlined from 'ntfs_ioctl_fitrim' at fs/ntfs3/file.c:77:6,
|     inlined from 'ntfs_ioctl' at fs/ntfs3/file.c:164:10:
| include/linux/kcsan-checks.h:220:28: error: 'range' may be used uninitialized [-Werror=maybe-uninitialized]
|   220 | #define kcsan_check_access __kcsan_check_access
|       |                            ^
| include/linux/kcsan-checks.h:311:9: note: in expansion of macro 'kcsan_check_access'
|   311 |         kcsan_check_access(ptr, size, KCSAN_ACCESS_WRITE)
|       |         ^~~~~~~~~~~~~~~~~~
| include/linux/instrumented.h:147:9: note: in expansion of macro 'kcsan_check_write'
|   147 |         kcsan_check_write(to, n);
|       |         ^~~~~~~~~~~~~~~~~
| include/linux/kcsan-checks.h: In function 'ntfs_ioctl':
| include/linux/kcsan-checks.h:37:6: note: by argument 1 of type 'const volatile void *' to '__kcsan_check_access' declared here
|    37 | void __kcsan_check_access(const volatile void *ptr, size_t size, int type);
|       |      ^~~~~~~~~~~~~~~~~~~~
| fs/ntfs3/file.c:65:29: note: 'range' declared here
|    65 |         struct fstrim_range range;
|       |                             ^~~~~

Link: https://lore.kernel.org/all/5da10cca-875b-418d-b54e-6be3ea32c266@app.fastmail.com/ [1]
Reported-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Marco Elver <elver@google.com>
---
v2:
* Switch from __attribute__((access)) to absolute_pointer() to silence
  the warnings instead of introducing new ones.
---
 include/linux/kcsan-checks.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/linux/kcsan-checks.h b/include/linux/kcsan-checks.h
index 92f3843d9ebb..e135dacaa90f 100644
--- a/include/linux/kcsan-checks.h
+++ b/include/linux/kcsan-checks.h
@@ -282,7 +282,7 @@ static inline void __kcsan_disable_current(void) { }
  * @size: size of access
  */
 #define __kcsan_check_write(ptr, size)                                         \
-	__kcsan_check_access(ptr, size, KCSAN_ACCESS_WRITE)
+	__kcsan_check_access(absolute_pointer(ptr), size, KCSAN_ACCESS_WRITE)
 
 /**
  * __kcsan_check_read_write - check regular read-write access for races
@@ -308,7 +308,7 @@ static inline void __kcsan_disable_current(void) { }
  * @size: size of access
  */
 #define kcsan_check_write(ptr, size)                                           \
-	kcsan_check_access(ptr, size, KCSAN_ACCESS_WRITE)
+	kcsan_check_access(absolute_pointer(ptr), size, KCSAN_ACCESS_WRITE)
 
 /**
  * kcsan_check_read_write - check regular read-write access for races
@@ -331,7 +331,7 @@ static inline void __kcsan_disable_current(void) { }
 #define kcsan_check_atomic_read(ptr, size)                                     \
 	kcsan_check_access(ptr, size, KCSAN_ACCESS_ATOMIC)
 #define kcsan_check_atomic_write(ptr, size)                                    \
-	kcsan_check_access(ptr, size, KCSAN_ACCESS_ATOMIC | KCSAN_ACCESS_WRITE)
+	kcsan_check_access(absolute_pointer(ptr), size, KCSAN_ACCESS_ATOMIC | KCSAN_ACCESS_WRITE)
 #define kcsan_check_atomic_read_write(ptr, size)                               \
 	kcsan_check_access(ptr, size, KCSAN_ACCESS_ATOMIC | KCSAN_ACCESS_WRITE | KCSAN_ACCESS_COMPOUND)
 #endif
-- 
2.54.0.rc2.533.g4f5dca5207-goog