| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Feb 2021 10:04:55 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: kbuild@...ts.01.org, "Liam R. Howlett" <Liam.Howlett@...cle.com>
Cc: lkp@...el.com, kbuild-all@...ts.01.org,
linux-kernel@...r.kernel.org
Subject: [rcu:willy-maple 164/202] fs/proc/task_mmu.c:941 show_smaps_rollup()
error: uninitialized symbol 'vma_start'.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git willy-maple
head: 7e346d2845b4bd77663394f39fa70456e0084c86
commit: c4e6b1dfcb6f997eb870e859ab84ca9f39572eab [164/202] fs/proc/task_mmu: Stop using linked list and highest_vm_end
config: x86_64-randconfig-m001-20210202 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
smatch warnings:
fs/proc/task_mmu.c:941 show_smaps_rollup() error: uninitialized symbol 'vma_start'.
vim +/vma_start +941 fs/proc/task_mmu.c
258f669e7e88c1 Vlastimil Babka 2018-08-21 839 static int show_smaps_rollup(struct seq_file *m, void *v)
258f669e7e88c1 Vlastimil Babka 2018-08-21 840 {
258f669e7e88c1 Vlastimil Babka 2018-08-21 841 struct proc_maps_private *priv = m->private;
258f669e7e88c1 Vlastimil Babka 2018-08-21 842 struct mem_size_stats mss;
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 843 struct mm_struct *mm = priv->mm;
258f669e7e88c1 Vlastimil Babka 2018-08-21 844 struct vm_area_struct *vma;
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 845 unsigned long vma_start, last_vma_end = 0;
258f669e7e88c1 Vlastimil Babka 2018-08-21 846 int ret = 0;
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 847 MA_STATE(mas, &mm->mm_mt, 0, 0);
258f669e7e88c1 Vlastimil Babka 2018-08-21 848
258f669e7e88c1 Vlastimil Babka 2018-08-21 849 priv->task = get_proc_task(priv->inode);
258f669e7e88c1 Vlastimil Babka 2018-08-21 850 if (!priv->task)
258f669e7e88c1 Vlastimil Babka 2018-08-21 851 return -ESRCH;
258f669e7e88c1 Vlastimil Babka 2018-08-21 852
258f669e7e88c1 Vlastimil Babka 2018-08-21 853 if (!mm || !mmget_not_zero(mm)) {
258f669e7e88c1 Vlastimil Babka 2018-08-21 854 ret = -ESRCH;
258f669e7e88c1 Vlastimil Babka 2018-08-21 855 goto out_put_task;
258f669e7e88c1 Vlastimil Babka 2018-08-21 856 }
258f669e7e88c1 Vlastimil Babka 2018-08-21 857
258f669e7e88c1 Vlastimil Babka 2018-08-21 858 memset(&mss, 0, sizeof(mss));
258f669e7e88c1 Vlastimil Babka 2018-08-21 859
d8ed45c5dcd455 Michel Lespinasse 2020-06-08 860 ret = mmap_read_lock_killable(mm);
a26a9781554857 Konstantin Khlebnikov 2019-07-11 861 if (ret)
a26a9781554857 Konstantin Khlebnikov 2019-07-11 862 goto out_put_mm;
a26a9781554857 Konstantin Khlebnikov 2019-07-11 863
258f669e7e88c1 Vlastimil Babka 2018-08-21 864 hold_task_mempolicy(priv);
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 865 vma = mas_find(&mas, 0);
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 866
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 867 if (vma)
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 868 vma_start = vma->vm_start;
"vma_start" not initialized on else path.
258f669e7e88c1 Vlastimil Babka 2018-08-21 869
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 870 mas_set(&mas, 0);
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 871 mas_for_each(&mas, vma, -1) {
03b4b1149308b0 Chinwen Chang 2020-10-13 872 smap_gather_stats(vma, &mss, 0);
258f669e7e88c1 Vlastimil Babka 2018-08-21 873 last_vma_end = vma->vm_end;
ff9f47f6f00cfe Chinwen Chang 2020-10-13 874
ff9f47f6f00cfe Chinwen Chang 2020-10-13 875 /*
ff9f47f6f00cfe Chinwen Chang 2020-10-13 876 * Release mmap_lock temporarily if someone wants to
ff9f47f6f00cfe Chinwen Chang 2020-10-13 877 * access it for write request.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 878 */
ff9f47f6f00cfe Chinwen Chang 2020-10-13 879 if (mmap_lock_is_contended(mm)) {
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 880 mas_pause(&mas);
ff9f47f6f00cfe Chinwen Chang 2020-10-13 881 mmap_read_unlock(mm);
ff9f47f6f00cfe Chinwen Chang 2020-10-13 882 ret = mmap_read_lock_killable(mm);
ff9f47f6f00cfe Chinwen Chang 2020-10-13 883 if (ret) {
ff9f47f6f00cfe Chinwen Chang 2020-10-13 884 release_task_mempolicy(priv);
ff9f47f6f00cfe Chinwen Chang 2020-10-13 885 goto out_put_mm;
ff9f47f6f00cfe Chinwen Chang 2020-10-13 886 }
ff9f47f6f00cfe Chinwen Chang 2020-10-13 887
ff9f47f6f00cfe Chinwen Chang 2020-10-13 888 /*
ff9f47f6f00cfe Chinwen Chang 2020-10-13 889 * After dropping the lock, there are four cases to
ff9f47f6f00cfe Chinwen Chang 2020-10-13 890 * consider. See the following example for explanation.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 891 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 892 * +------+------+-----------+
ff9f47f6f00cfe Chinwen Chang 2020-10-13 893 * | VMA1 | VMA2 | VMA3 |
ff9f47f6f00cfe Chinwen Chang 2020-10-13 894 * +------+------+-----------+
ff9f47f6f00cfe Chinwen Chang 2020-10-13 895 * | | | |
ff9f47f6f00cfe Chinwen Chang 2020-10-13 896 * 4k 8k 16k 400k
ff9f47f6f00cfe Chinwen Chang 2020-10-13 897 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 898 * Suppose we drop the lock after reading VMA2 due to
ff9f47f6f00cfe Chinwen Chang 2020-10-13 899 * contention, then we get:
ff9f47f6f00cfe Chinwen Chang 2020-10-13 900 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 901 * last_vma_end = 16k
ff9f47f6f00cfe Chinwen Chang 2020-10-13 902 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 903 * 1) VMA2 is freed, but VMA3 exists:
ff9f47f6f00cfe Chinwen Chang 2020-10-13 904 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 905 * find_vma(mm, 16k - 1) will return VMA3.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 906 * In this case, just continue from VMA3.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 907 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 908 * 2) VMA2 still exists:
ff9f47f6f00cfe Chinwen Chang 2020-10-13 909 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 910 * find_vma(mm, 16k - 1) will return VMA2.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 911 * Iterate the loop like the original one.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 912 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 913 * 3) No more VMAs can be found:
ff9f47f6f00cfe Chinwen Chang 2020-10-13 914 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 915 * find_vma(mm, 16k - 1) will return NULL.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 916 * No more things to do, just break.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 917 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 918 * 4) (last_vma_end - 1) is the middle of a vma (VMA'):
ff9f47f6f00cfe Chinwen Chang 2020-10-13 919 *
ff9f47f6f00cfe Chinwen Chang 2020-10-13 920 * find_vma(mm, 16k - 1) will return VMA' whose range
ff9f47f6f00cfe Chinwen Chang 2020-10-13 921 * contains last_vma_end.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 922 * Iterate VMA' from last_vma_end.
ff9f47f6f00cfe Chinwen Chang 2020-10-13 923 */
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 924 mas.index = mas.last = last_vma_end - 1;
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 925 vma = mas_find(&mas, -1);
ff9f47f6f00cfe Chinwen Chang 2020-10-13 926 /* Case 3 above */
ff9f47f6f00cfe Chinwen Chang 2020-10-13 927 if (!vma)
ff9f47f6f00cfe Chinwen Chang 2020-10-13 928 break;
ff9f47f6f00cfe Chinwen Chang 2020-10-13 929
ff9f47f6f00cfe Chinwen Chang 2020-10-13 930 /* Case 1 above */
ff9f47f6f00cfe Chinwen Chang 2020-10-13 931 if (vma->vm_start >= last_vma_end)
ff9f47f6f00cfe Chinwen Chang 2020-10-13 932 continue;
ff9f47f6f00cfe Chinwen Chang 2020-10-13 933
ff9f47f6f00cfe Chinwen Chang 2020-10-13 934 /* Case 4 above */
ff9f47f6f00cfe Chinwen Chang 2020-10-13 935 if (vma->vm_end > last_vma_end)
ff9f47f6f00cfe Chinwen Chang 2020-10-13 936 smap_gather_stats(vma, &mss, last_vma_end);
ff9f47f6f00cfe Chinwen Chang 2020-10-13 937 }
ff9f47f6f00cfe Chinwen Chang 2020-10-13 938 /* Case 2 above */
258f669e7e88c1 Vlastimil Babka 2018-08-21 939 }
258f669e7e88c1 Vlastimil Babka 2018-08-21 940
c4e6b1dfcb6f99 Liam R. Howlett 2021-01-04 @941 show_vma_header_prefix(m, vma_start, last_vma_end, 0, 0, 0, 0);
^^^^^^^^^
Uninitialized.
258f669e7e88c1 Vlastimil Babka 2018-08-21 942 seq_pad(m, ' ');
258f669e7e88c1 Vlastimil Babka 2018-08-21 943 seq_puts(m, "[rollup]\n");
258f669e7e88c1 Vlastimil Babka 2018-08-21 944
ee2ad71b0756e9 Luigi Semenzato 2019-07-11 945 __show_smap(m, &mss, true);
258f669e7e88c1 Vlastimil Babka 2018-08-21 946
258f669e7e88c1 Vlastimil Babka 2018-08-21 947 release_task_mempolicy(priv);
d8ed45c5dcd455 Michel Lespinasse 2020-06-08 948 mmap_read_unlock(mm);
258f669e7e88c1 Vlastimil Babka 2018-08-21 949
a26a9781554857 Konstantin Khlebnikov 2019-07-11 950 out_put_mm:
a26a9781554857 Konstantin Khlebnikov 2019-07-11 951 mmput(mm);
258f669e7e88c1 Vlastimil Babka 2018-08-21 952 out_put_task:
258f669e7e88c1 Vlastimil Babka 2018-08-21 953 put_task_struct(priv->task);
258f669e7e88c1 Vlastimil Babka 2018-08-21 954 priv->task = NULL;
258f669e7e88c1 Vlastimil Babka 2018-08-21 955
493b0e9d945fa9 Daniel Colascione 2017-09-06 956 return ret;
e070ad49f31155 Mauricio Lin 2005-09-03 957 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Download attachment ".config.gz" of type "application/gzip" (34023 bytes)
Powered by blists - more mailing lists