From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9791BCDB474 for ; Tue, 17 Oct 2023 14:26:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 09562900002; Tue, 17 Oct 2023 10:26:48 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 044C68D000C; Tue, 17 Oct 2023 10:26:48 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E7648900002; Tue, 17 Oct 2023 10:26:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id D582D8D000C for ; Tue, 17 Oct 2023 10:26:47 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 9F0161CB876 for ; Tue, 17 Oct 2023 14:26:47 +0000 (UTC) X-FDA: 81355179654.18.D4FC083 Received: from mail-wm1-f51.google.com (mail-wm1-f51.google.com [209.85.128.51]) by imf15.hostedemail.com (Postfix) with ESMTP id CAACAA002C for ; Tue, 17 Oct 2023 14:26:45 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b=NhPi4At0; dmarc=pass (policy=none) header.from=linaro.org; spf=pass (imf15.hostedemail.com: domain of dan.carpenter@linaro.org designates 209.85.128.51 as permitted sender) smtp.mailfrom=dan.carpenter@linaro.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1697552806; a=rsa-sha256; cv=none; b=aCbHI3H7hgEvP7fO7HIRwRtyzMPCnE/tcUvGPGnclkI7DLxafdWq6Lc1rQT6YF40641M3e rF/pe6/th23HyenePVNSRNhy6yf7SZugujXfGOQucJf0JQPYPLVy8Y17lDsAJkbznUlb03 /Z19lYgy/rgm4NOtCFFA2nQp97RS+S0= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b=NhPi4At0; dmarc=pass (policy=none) header.from=linaro.org; spf=pass (imf15.hostedemail.com: domain of dan.carpenter@linaro.org designates 209.85.128.51 as permitted sender) smtp.mailfrom=dan.carpenter@linaro.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697552806; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=mJE09Myjwgn14LfWOjq/jShnx1rrUt/BrGt0sKyb+3o=; b=cSISKjX2+LPcT3M8TSrtyl3oLuhw06pTTybuPCkuW/uMEl+YktLLF3vHbWWjvKZ+rmBkqU SVS+TR9nIj69tm2uLB0ZcoFTJvOyoQagzYViOESlRK+8SH0PWVPP6I/g2sc2OOdUeVC1d0 uicGcBB0h4NbwWurYn7LZ8OkxHZVS7E= Received: by mail-wm1-f51.google.com with SMTP id 5b1f17b1804b1-40684f53d11so63864985e9.1 for ; Tue, 17 Oct 2023 07:26:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1697552804; x=1698157604; darn=kvack.org; h=content-disposition:mime-version:message-id:subject:cc:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=mJE09Myjwgn14LfWOjq/jShnx1rrUt/BrGt0sKyb+3o=; b=NhPi4At0KNR06CvFvrDPCOWPKZr85YYzf61kVuWIvIFYtAAN4Y3BFhHh4rlDsfqMXf 71ITJVx2L6hT3nA/sYqBY8x7N/5pVpueqVC1R98ewMfDNP80cVh7dNbFWV+6QxbpaphH OrUgwSEFcbBWWyUGAzgQQ+nS6AhM8gTptcZBDQL9oAQ8oSDAgEUlHWTJae2ykQHTcT9A n3zmLG0cOGZ83SAe+W8g/HI+QDjD1kdrLxPE4cBH7AHJrQPtdJoIA47IXm/0tX7ClHbA rWkFb7Ik3C6tWcVU5U4kJ98m6CuWkq0e0PGFMBWnOzquyCMLcERgwfmLE/WokiIl20+f x7QA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697552804; x=1698157604; h=content-disposition:mime-version:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=mJE09Myjwgn14LfWOjq/jShnx1rrUt/BrGt0sKyb+3o=; b=IIG/qdHVYEdIAYPmNJNaoy74X8CMWCpnUfVYikWTf9XARwf0igoxStCHxrLmf9zH+F OI+xzx49HbNXfkHN+6U5QlJe8AXFimJzOJvy99N0f2UiqbtM/e48BdTZB0oeFjsqotQ9 7K1vBgbqH4mGBaFzN7rN3+YkgkLjNCMz0Msdlt753HPagjFxd5E8BkezT5yzbsTnrV2I fO2tebvZ6L2DupWp2byOT+OYQA+RCN5QVMWy9gH4XgEPod/O0mogDj2UeOYBnh215EUB uUCj5QHkSecOdjJnEC8jRqqkuR+DEBxu2LF3bWe8lPVVlw+IANPt//bbpCZd0du4WSam j6fg== X-Gm-Message-State: AOJu0YzbDedRN/F2dSmKEEEWkbMzuAdpVq6bZhQ4WXnQ/gZXp9l8MPQh ihoj790o01uvvVOUTMuZdqKaUw== X-Google-Smtp-Source: AGHT+IF0GLdjOsGO/vLeu8WUMiLKOKj5CwsCC7dwSj2juz49+jxE5vpaDAlhZS+tkZmC1sBDsI939g== X-Received: by 2002:a05:600c:4ec7:b0:408:3963:5be7 with SMTP id g7-20020a05600c4ec700b0040839635be7mr2119wmq.29.1697552804118; Tue, 17 Oct 2023 07:26:44 -0700 (PDT) Received: from localhost ([102.36.222.112]) by smtp.gmail.com with ESMTPSA id j6-20020a05600c488600b00405ee9dc69esm9834754wmp.18.2023.10.17.07.26.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Oct 2023 07:26:43 -0700 (PDT) Date: Tue, 17 Oct 2023 17:26:40 +0300 From: Dan Carpenter To: oe-kbuild@lists.linux.dev, Lorenzo Stoakes Cc: lkp@intel.com, oe-kbuild-all@lists.linux.dev, linux-kernel@vger.kernel.org, Andrew Morton , Linux Memory Management List , Baoquan He Subject: mm/vmalloc.c:3689 vread_iter() error: we previously assumed 'vm' could be null (see line 3667) Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: CAACAA002C X-Stat-Signature: m6xrx9514ncqgpw75ewqwinchk97k3nx X-HE-Tag: 1697552805-411610 X-HE-Meta: U2FsdGVkX19ANUUp9xd9iVeE7e9jL3yklJSwa07vKxYslHiPmPe7N2gLq07JNBKGsPbAISVYuJa0WiJIk2pD2+5RARp3t1bJGpvveKcfIZtqHLCrbJRGG3BGn05QxTqda4YP0T5F2YSk+VV+g1QIoqQ98DMYhg4/8AR5PjK3xBygyovQU4cAfvENRmS7zO4DqJGbWSLspWKJ3DxphP0rIdDu57Pbm6B6IrsBauS/Jx9HBbXHmWRff13NgIaYKIiJPJ/d/7FDzgwmOcbjOz7x+jhCbcvWZ5NFoQhmJg97iDEPFCgX187HHiB701uHcu4uFwHlzTzoZsVB/SgjxGTIefuXQ4gWwsbNLVhI7tmT5+twU45lR9LPegMyBF0NoXAnRQu/2+zLWn6ld3PPpTEqJEx8M22e0NIHOoG2E5ofLKWr0yVbw29NHXJ8gIbdVh5cCluq1dQzbWCxiaijtvwvhtz6zC0ZRWu+iesg55kFbx9f//06QMkuDm8ifvyUp5RJQGmoT+T2QI/KUiY4/RlM0Qv8EPjwnJRShjCeimHQW8n9hae7q4kAkyT4luSD+FS4hAYisWy6m7mcfEgRp8OQO3AnikTi2cjiW0YqyiiPyFRWkhLhM25TMalTe7FTa5m4UAgPV7fF1uyCf01D6uGbbAosFmu7pVpL9T6nzQ5/0hEwEsF8EV5ck+usoeKHo7kOCOrVgjstuEYIwlE7ebFlq5QG7P9kxJAunY3FdpphE680f+75JiUpIYKdip0sya8PaPQd9Q4lqZd9j8e1hKh5nK8M1dgFi8maHvr3bm43SsVzk3Umpc58SAwXMbpeuY52/ffM70r6QroBchnAK7fM4ntCPB9/jZPaBSBrMUDIC3ELlemZKpNM4bTFY/rDP3vuEAGNawUygNjqWAYTB9lnbP9vAExqMdjD17kbfjIVgkfXPn3ReYdNNJQiXMx/T0b+aW/1pU6gwdLFeTsxi+V 8CRmpO+l 0dTPFHTy/Vsn084ztW1NboOvbsDWpZGZe0dkSUq0xTLSpqL1LBzfNeN/8joskW8w7duxaNlq6l0d5Skdi5y6Q0S8L/Pnfbvq+338dt2TaT2hac8aVIzUpLvuXuyVeBf3g9J3NFZULrpL5ktHN2fannU2g5kDgx/hoBpnMWORyMVXfmgvMhSaxCNJ4uruhaAPQJx/6Ee3J3/8HTZgNnizltATAZLRyE15DOWgigojGpZU36mWXSm+NCoLQOU2jxVPRQ6BGxOr2i/WfPciti4WvfCQNhm4FGou6hSc35h/qP9D946dOfW03L/v4c8xtETpD/Nv4tGYDOXTmkSNqLrPfri0Y/dOSwJazUWs45ojFOunsymtYA9XO9oBgOAWNiXB+P2KZH8CFTrwYeOmMS789l+wmH6BgZ06DV60DgO3nZWnoiQo/uzU858waSohzJGfZgcgG4IqHUg+ddmQQQxHIyc+qlb74ZXEcJYk7XMmyWynjJ5GhgG8iX0X5pLOQR7F7aZG6SCg40LpTqcZL+67UYi0HSL9oR3w+H4Qj7e4nh/0C1UunYsHnwOlsjCLdUFCs0F2/ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: 213f891525c222e8ed145ce1ce7ae1f47921cb9c commit: 4c91c07c93bbbdd7f2d9de2beb7ee5c2a48ad8e7 mm: vmalloc: convert vread() to vread_iter() config: x86_64-allnoconfig (https://download.01.org/0day-ci/archive/20231017/202310171600.WCrsOwFj-lkp@intel.com/config) compiler: gcc-12 (Debian 12.2.0-14) 12.2.0 reproduce: (https://download.01.org/0day-ci/archive/20231017/202310171600.WCrsOwFj-lkp@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot | Reported-by: Dan Carpenter | Closes: https://lore.kernel.org/r/202310171600.WCrsOwFj-lkp@intel.com/ smatch warnings: mm/vmalloc.c:3689 vread_iter() error: we previously assumed 'vm' could be null (see line 3667) vim +/vm +3689 mm/vmalloc.c 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3619 long vread_iter(struct iov_iter *iter, const char *addr, size_t count) ^1da177e4c3f41 Linus Torvalds 2005-04-16 3620 { e81ce85f960c2e Joonsoo Kim 2013-04-29 3621 struct vmap_area *va; e81ce85f960c2e Joonsoo Kim 2013-04-29 3622 struct vm_struct *vm; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3623 char *vaddr; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3624 size_t n, size, flags, remains; ^1da177e4c3f41 Linus Torvalds 2005-04-16 3625 4aff1dc4fb3a5a Andrey Konovalov 2022-03-24 3626 addr = kasan_reset_tag(addr); 4aff1dc4fb3a5a Andrey Konovalov 2022-03-24 3627 ^1da177e4c3f41 Linus Torvalds 2005-04-16 3628 /* Don't allow overflow */ ^1da177e4c3f41 Linus Torvalds 2005-04-16 3629 if ((unsigned long) addr + count < count) ^1da177e4c3f41 Linus Torvalds 2005-04-16 3630 count = -(unsigned long) addr; ^1da177e4c3f41 Linus Torvalds 2005-04-16 3631 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3632 remains = count; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3633 e81ce85f960c2e Joonsoo Kim 2013-04-29 3634 spin_lock(&vmap_area_lock); f181234a5a21fd Chen Wandun 2021-09-02 3635 va = find_vmap_area_exceed_addr((unsigned long)addr); f608788cd2d6ca Serapheim Dimitropoulos 2021-04-29 3636 if (!va) 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3637 goto finished_zero; f181234a5a21fd Chen Wandun 2021-09-02 3638 f181234a5a21fd Chen Wandun 2021-09-02 3639 /* no intersects with alive vmap_area */ 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3640 if ((unsigned long)addr + remains <= va->va_start) 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3641 goto finished_zero; f181234a5a21fd Chen Wandun 2021-09-02 3642 f608788cd2d6ca Serapheim Dimitropoulos 2021-04-29 3643 list_for_each_entry_from(va, &vmap_area_list, list) { 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3644 size_t copied; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3645 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3646 if (remains == 0) 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3647 goto finished; e81ce85f960c2e Joonsoo Kim 2013-04-29 3648 06c8994626d1b7 Baoquan He 2023-02-06 3649 vm = va->vm; 06c8994626d1b7 Baoquan He 2023-02-06 3650 flags = va->flags & VMAP_FLAGS_MASK; 06c8994626d1b7 Baoquan He 2023-02-06 3651 /* 06c8994626d1b7 Baoquan He 2023-02-06 3652 * VMAP_BLOCK indicates a sub-type of vm_map_ram area, need 06c8994626d1b7 Baoquan He 2023-02-06 3653 * be set together with VMAP_RAM. 06c8994626d1b7 Baoquan He 2023-02-06 3654 */ 06c8994626d1b7 Baoquan He 2023-02-06 3655 WARN_ON(flags == VMAP_BLOCK); 06c8994626d1b7 Baoquan He 2023-02-06 3656 06c8994626d1b7 Baoquan He 2023-02-06 3657 if (!vm && !flags) NULL check e81ce85f960c2e Joonsoo Kim 2013-04-29 3658 continue; e81ce85f960c2e Joonsoo Kim 2013-04-29 3659 30a7a9b17c4b03 Baoquan He 2023-02-06 3660 if (vm && (vm->flags & VM_UNINITIALIZED)) 30a7a9b17c4b03 Baoquan He 2023-02-06 3661 continue; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3662 30a7a9b17c4b03 Baoquan He 2023-02-06 3663 /* Pair with smp_wmb() in clear_vm_uninitialized_flag() */ 30a7a9b17c4b03 Baoquan He 2023-02-06 3664 smp_rmb(); 30a7a9b17c4b03 Baoquan He 2023-02-06 3665 06c8994626d1b7 Baoquan He 2023-02-06 3666 vaddr = (char *) va->va_start; 06c8994626d1b7 Baoquan He 2023-02-06 @3667 size = vm ? get_vm_area_size(vm) : va_size(va); 06c8994626d1b7 Baoquan He 2023-02-06 3668 06c8994626d1b7 Baoquan He 2023-02-06 3669 if (addr >= vaddr + size) ^1da177e4c3f41 Linus Torvalds 2005-04-16 3670 continue; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3671 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3672 if (addr < vaddr) { 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3673 size_t to_zero = min_t(size_t, vaddr - addr, remains); 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3674 size_t zeroed = zero_iter(iter, to_zero); 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3675 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3676 addr += zeroed; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3677 remains -= zeroed; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3678 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3679 if (remains == 0 || zeroed != to_zero) ^1da177e4c3f41 Linus Torvalds 2005-04-16 3680 goto finished; ^1da177e4c3f41 Linus Torvalds 2005-04-16 3681 } 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3682 06c8994626d1b7 Baoquan He 2023-02-06 3683 n = vaddr + size - addr; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3684 if (n > remains) 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3685 n = remains; 06c8994626d1b7 Baoquan He 2023-02-06 3686 06c8994626d1b7 Baoquan He 2023-02-06 3687 if (flags & VMAP_RAM) 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3688 copied = vmap_ram_vread_iter(iter, addr, n, flags); 06c8994626d1b7 Baoquan He 2023-02-06 @3689 else if (!(vm->flags & VM_IOREMAP)) ^^^^^^^^^ Unchecked dereference 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3690 copied = aligned_vread_iter(iter, addr, n); d0107eb07320b5 KAMEZAWA Hiroyuki 2009-09-21 3691 else /* IOREMAP area is treated as memory hole */ 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3692 copied = zero_iter(iter, n); 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3693 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3694 addr += copied; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3695 remains -= copied; 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3696 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3697 if (copied != n) 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3698 goto finished; ^1da177e4c3f41 Linus Torvalds 2005-04-16 3699 } d0107eb07320b5 KAMEZAWA Hiroyuki 2009-09-21 3700 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3701 finished_zero: 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3702 spin_unlock(&vmap_area_lock); d0107eb07320b5 KAMEZAWA Hiroyuki 2009-09-21 3703 /* zero-fill memory holes */ 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3704 return count - remains + zero_iter(iter, remains); 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3705 finished: 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3706 /* Nothing remains, or We couldn't copy/zero everything. */ 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3707 spin_unlock(&vmap_area_lock); d0107eb07320b5 KAMEZAWA Hiroyuki 2009-09-21 3708 4c91c07c93bbbd Lorenzo Stoakes 2023-03-22 3709 return count - remains; ^1da177e4c3f41 Linus Torvalds 2005-04-16 3710 } -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki