lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20210204070455.GA2696@kadam>
Date:   Thu, 4 Feb 2021 10:04:55 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     kbuild@...ts.01.org, "Liam R. Howlett" <Liam.Howlett@...cle.com>
Cc:     lkp@...el.com, kbuild-all@...ts.01.org,
        linux-kernel@...r.kernel.org
Subject: [rcu:willy-maple 164/202] fs/proc/task_mmu.c:941 show_smaps_rollup()
 error: uninitialized symbol 'vma_start'.

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git willy-maple
head:   7e346d2845b4bd77663394f39fa70456e0084c86
commit: c4e6b1dfcb6f997eb870e859ab84ca9f39572eab [164/202] fs/proc/task_mmu: Stop using linked list and highest_vm_end
config: x86_64-randconfig-m001-20210202 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>

smatch warnings:
fs/proc/task_mmu.c:941 show_smaps_rollup() error: uninitialized symbol 'vma_start'.

vim +/vma_start +941 fs/proc/task_mmu.c

258f669e7e88c1 Vlastimil Babka       2018-08-21  839  static int show_smaps_rollup(struct seq_file *m, void *v)
258f669e7e88c1 Vlastimil Babka       2018-08-21  840  {
258f669e7e88c1 Vlastimil Babka       2018-08-21  841  	struct proc_maps_private *priv = m->private;
258f669e7e88c1 Vlastimil Babka       2018-08-21  842  	struct mem_size_stats mss;
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  843  	struct mm_struct *mm = priv->mm;
258f669e7e88c1 Vlastimil Babka       2018-08-21  844  	struct vm_area_struct *vma;
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  845  	unsigned long vma_start, last_vma_end = 0;
258f669e7e88c1 Vlastimil Babka       2018-08-21  846  	int ret = 0;
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  847  	MA_STATE(mas, &mm->mm_mt, 0, 0);
258f669e7e88c1 Vlastimil Babka       2018-08-21  848  
258f669e7e88c1 Vlastimil Babka       2018-08-21  849  	priv->task = get_proc_task(priv->inode);
258f669e7e88c1 Vlastimil Babka       2018-08-21  850  	if (!priv->task)
258f669e7e88c1 Vlastimil Babka       2018-08-21  851  		return -ESRCH;
258f669e7e88c1 Vlastimil Babka       2018-08-21  852  
258f669e7e88c1 Vlastimil Babka       2018-08-21  853  	if (!mm || !mmget_not_zero(mm)) {
258f669e7e88c1 Vlastimil Babka       2018-08-21  854  		ret = -ESRCH;
258f669e7e88c1 Vlastimil Babka       2018-08-21  855  		goto out_put_task;
258f669e7e88c1 Vlastimil Babka       2018-08-21  856  	}
258f669e7e88c1 Vlastimil Babka       2018-08-21  857  
258f669e7e88c1 Vlastimil Babka       2018-08-21  858  	memset(&mss, 0, sizeof(mss));
258f669e7e88c1 Vlastimil Babka       2018-08-21  859  
d8ed45c5dcd455 Michel Lespinasse     2020-06-08  860  	ret = mmap_read_lock_killable(mm);
a26a9781554857 Konstantin Khlebnikov 2019-07-11  861  	if (ret)
a26a9781554857 Konstantin Khlebnikov 2019-07-11  862  		goto out_put_mm;
a26a9781554857 Konstantin Khlebnikov 2019-07-11  863  
258f669e7e88c1 Vlastimil Babka       2018-08-21  864  	hold_task_mempolicy(priv);
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  865  	vma = mas_find(&mas, 0);
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  866  
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  867  	if (vma)
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  868  		vma_start = vma->vm_start;

"vma_start" not initialized on else path.

258f669e7e88c1 Vlastimil Babka       2018-08-21  869  
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  870  	mas_set(&mas, 0);
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  871  	mas_for_each(&mas, vma, -1) {
03b4b1149308b0 Chinwen Chang         2020-10-13  872  		smap_gather_stats(vma, &mss, 0);
258f669e7e88c1 Vlastimil Babka       2018-08-21  873  		last_vma_end = vma->vm_end;
ff9f47f6f00cfe Chinwen Chang         2020-10-13  874  
ff9f47f6f00cfe Chinwen Chang         2020-10-13  875  		/*
ff9f47f6f00cfe Chinwen Chang         2020-10-13  876  		 * Release mmap_lock temporarily if someone wants to
ff9f47f6f00cfe Chinwen Chang         2020-10-13  877  		 * access it for write request.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  878  		 */
ff9f47f6f00cfe Chinwen Chang         2020-10-13  879  		if (mmap_lock_is_contended(mm)) {
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  880  			mas_pause(&mas);
ff9f47f6f00cfe Chinwen Chang         2020-10-13  881  			mmap_read_unlock(mm);
ff9f47f6f00cfe Chinwen Chang         2020-10-13  882  			ret = mmap_read_lock_killable(mm);
ff9f47f6f00cfe Chinwen Chang         2020-10-13  883  			if (ret) {
ff9f47f6f00cfe Chinwen Chang         2020-10-13  884  				release_task_mempolicy(priv);
ff9f47f6f00cfe Chinwen Chang         2020-10-13  885  				goto out_put_mm;
ff9f47f6f00cfe Chinwen Chang         2020-10-13  886  			}
ff9f47f6f00cfe Chinwen Chang         2020-10-13  887  
ff9f47f6f00cfe Chinwen Chang         2020-10-13  888  			/*
ff9f47f6f00cfe Chinwen Chang         2020-10-13  889  			 * After dropping the lock, there are four cases to
ff9f47f6f00cfe Chinwen Chang         2020-10-13  890  			 * consider. See the following example for explanation.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  891  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  892  			 *   +------+------+-----------+
ff9f47f6f00cfe Chinwen Chang         2020-10-13  893  			 *   | VMA1 | VMA2 | VMA3      |
ff9f47f6f00cfe Chinwen Chang         2020-10-13  894  			 *   +------+------+-----------+
ff9f47f6f00cfe Chinwen Chang         2020-10-13  895  			 *   |      |      |           |
ff9f47f6f00cfe Chinwen Chang         2020-10-13  896  			 *  4k     8k     16k         400k
ff9f47f6f00cfe Chinwen Chang         2020-10-13  897  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  898  			 * Suppose we drop the lock after reading VMA2 due to
ff9f47f6f00cfe Chinwen Chang         2020-10-13  899  			 * contention, then we get:
ff9f47f6f00cfe Chinwen Chang         2020-10-13  900  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  901  			 *	last_vma_end = 16k
ff9f47f6f00cfe Chinwen Chang         2020-10-13  902  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  903  			 * 1) VMA2 is freed, but VMA3 exists:
ff9f47f6f00cfe Chinwen Chang         2020-10-13  904  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  905  			 *    find_vma(mm, 16k - 1) will return VMA3.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  906  			 *    In this case, just continue from VMA3.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  907  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  908  			 * 2) VMA2 still exists:
ff9f47f6f00cfe Chinwen Chang         2020-10-13  909  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  910  			 *    find_vma(mm, 16k - 1) will return VMA2.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  911  			 *    Iterate the loop like the original one.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  912  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  913  			 * 3) No more VMAs can be found:
ff9f47f6f00cfe Chinwen Chang         2020-10-13  914  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  915  			 *    find_vma(mm, 16k - 1) will return NULL.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  916  			 *    No more things to do, just break.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  917  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  918  			 * 4) (last_vma_end - 1) is the middle of a vma (VMA'):
ff9f47f6f00cfe Chinwen Chang         2020-10-13  919  			 *
ff9f47f6f00cfe Chinwen Chang         2020-10-13  920  			 *    find_vma(mm, 16k - 1) will return VMA' whose range
ff9f47f6f00cfe Chinwen Chang         2020-10-13  921  			 *    contains last_vma_end.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  922  			 *    Iterate VMA' from last_vma_end.
ff9f47f6f00cfe Chinwen Chang         2020-10-13  923  			 */
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  924  			mas.index = mas.last = last_vma_end - 1;
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04  925  			vma = mas_find(&mas, -1);
ff9f47f6f00cfe Chinwen Chang         2020-10-13  926  			/* Case 3 above */
ff9f47f6f00cfe Chinwen Chang         2020-10-13  927  			if (!vma)
ff9f47f6f00cfe Chinwen Chang         2020-10-13  928  				break;
ff9f47f6f00cfe Chinwen Chang         2020-10-13  929  
ff9f47f6f00cfe Chinwen Chang         2020-10-13  930  			/* Case 1 above */
ff9f47f6f00cfe Chinwen Chang         2020-10-13  931  			if (vma->vm_start >= last_vma_end)
ff9f47f6f00cfe Chinwen Chang         2020-10-13  932  				continue;
ff9f47f6f00cfe Chinwen Chang         2020-10-13  933  
ff9f47f6f00cfe Chinwen Chang         2020-10-13  934  			/* Case 4 above */
ff9f47f6f00cfe Chinwen Chang         2020-10-13  935  			if (vma->vm_end > last_vma_end)
ff9f47f6f00cfe Chinwen Chang         2020-10-13  936  				smap_gather_stats(vma, &mss, last_vma_end);
ff9f47f6f00cfe Chinwen Chang         2020-10-13  937  		}
ff9f47f6f00cfe Chinwen Chang         2020-10-13  938  		/* Case 2 above */
258f669e7e88c1 Vlastimil Babka       2018-08-21  939  	}
258f669e7e88c1 Vlastimil Babka       2018-08-21  940  
c4e6b1dfcb6f99 Liam R. Howlett       2021-01-04 @941  	show_vma_header_prefix(m, vma_start, last_vma_end, 0, 0, 0, 0);
                                                                                  ^^^^^^^^^
Uninitialized.

258f669e7e88c1 Vlastimil Babka       2018-08-21  942  	seq_pad(m, ' ');
258f669e7e88c1 Vlastimil Babka       2018-08-21  943  	seq_puts(m, "[rollup]\n");
258f669e7e88c1 Vlastimil Babka       2018-08-21  944  
ee2ad71b0756e9 Luigi Semenzato       2019-07-11  945  	__show_smap(m, &mss, true);
258f669e7e88c1 Vlastimil Babka       2018-08-21  946  
258f669e7e88c1 Vlastimil Babka       2018-08-21  947  	release_task_mempolicy(priv);
d8ed45c5dcd455 Michel Lespinasse     2020-06-08  948  	mmap_read_unlock(mm);
258f669e7e88c1 Vlastimil Babka       2018-08-21  949  
a26a9781554857 Konstantin Khlebnikov 2019-07-11  950  out_put_mm:
a26a9781554857 Konstantin Khlebnikov 2019-07-11  951  	mmput(mm);
258f669e7e88c1 Vlastimil Babka       2018-08-21  952  out_put_task:
258f669e7e88c1 Vlastimil Babka       2018-08-21  953  	put_task_struct(priv->task);
258f669e7e88c1 Vlastimil Babka       2018-08-21  954  	priv->task = NULL;
258f669e7e88c1 Vlastimil Babka       2018-08-21  955  
493b0e9d945fa9 Daniel Colascione     2017-09-06  956  	return ret;
e070ad49f31155 Mauricio Lin          2005-09-03  957  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Download attachment ".config.gz" of type "application/gzip" (34023 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ