| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <50ec567f-6b79-42ea-bf2c-2c9b2ecb427d@suswa.mountain>
Date: Mon, 20 Nov 2023 09:26:19 -0500
From: Dan Carpenter <dan.carpenter@...aro.org>
To: oe-kbuild@...ts.linux.dev, Xiaobing Li <xiaobing.li@...sung.com>,
axboe@...nel.dk, asml.silence@...il.com
Cc: lkp@...el.com, oe-kbuild-all@...ts.linux.dev,
linux-kernel@...r.kernel.org, io-uring@...r.kernel.org,
kun.dou@...sung.com, peiwei.li@...sung.com, joshi.k@...sung.com,
kundan.kumar@...sung.com, wenwen.chen@...sung.com,
ruyi.zhang@...sung.com, cliang01.li@...sung.com,
xue01.he@...sung.com, Xiaobing Li <xiaobing.li@...sung.com>
Subject: Re: [PATCH v3] io_uring: Statistics of the true utilization of sq
threads.
Hi Xiaobing,
kernel test robot noticed the following build warnings:
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Xiaobing-Li/io_uring-Statistics-of-the-true-utilization-of-sq-threads/20231115-211954
base: linus/master
patch link: https://lore.kernel.org/r/20231115121839.12556-1-xiaobing.li%40samsung.com
patch subject: [PATCH v3] io_uring: Statistics of the true utilization of sq threads.
config: x86_64-randconfig-161-20231115 (https://download.01.org/0day-ci/archive/20231116/202311160629.h4GrebJh-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce: (https://download.01.org/0day-ci/archive/20231116/202311160629.h4GrebJh-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@...el.com>
| Reported-by: Dan Carpenter <error27@...il.com>
| Closes: https://lore.kernel.org/r/202311160629.h4GrebJh-lkp@intel.com/
smatch warnings:
io_uring/fdinfo.c:138 io_uring_show_fdinfo() warn: variable dereferenced before check 'ctx' (see line 57)
io_uring/fdinfo.c:144 io_uring_show_fdinfo() error: we previously assumed 'sq' could be null (see line 141)
vim +/ctx +138 io_uring/fdinfo.c
3aaf22b62a9270 Jens Axboe 2023-07-10 53 __cold void io_uring_show_fdinfo(struct seq_file *m, struct file *f)
a4ad4f748ea962 Jens Axboe 2022-05-25 54 {
3aaf22b62a9270 Jens Axboe 2023-07-10 55 struct io_ring_ctx *ctx = f->private_data;
a4ad4f748ea962 Jens Axboe 2022-05-25 56 struct io_overflow_cqe *ocqe;
a4ad4f748ea962 Jens Axboe 2022-05-25 @57 struct io_rings *r = ctx->rings;
^^^^^^^^^^
Tons of unchecked dereferences so ctx can't be NULL.
a4ad4f748ea962 Jens Axboe 2022-05-25 58 unsigned int sq_mask = ctx->sq_entries - 1, cq_mask = ctx->cq_entries - 1;
a4ad4f748ea962 Jens Axboe 2022-05-25 59 unsigned int sq_head = READ_ONCE(r->sq.head);
a4ad4f748ea962 Jens Axboe 2022-05-25 60 unsigned int sq_tail = READ_ONCE(r->sq.tail);
a4ad4f748ea962 Jens Axboe 2022-05-25 61 unsigned int cq_head = READ_ONCE(r->cq.head);
a4ad4f748ea962 Jens Axboe 2022-05-25 62 unsigned int cq_tail = READ_ONCE(r->cq.tail);
a4ad4f748ea962 Jens Axboe 2022-05-25 63 unsigned int cq_shift = 0;
3b8fdd1dc35e39 Jens Axboe 2022-09-11 64 unsigned int sq_shift = 0;
a4ad4f748ea962 Jens Axboe 2022-05-25 65 unsigned int sq_entries, cq_entries;
7644b1a1c9a7ae Jens Axboe 2023-10-21 66 int sq_pid = -1, sq_cpu = -1;
5b1b61674371b7 Xiaobing Li 2023-11-15 67 int sq_busy = 0;
a4ad4f748ea962 Jens Axboe 2022-05-25 68 bool has_lock;
a4ad4f748ea962 Jens Axboe 2022-05-25 69 unsigned int i;
a4ad4f748ea962 Jens Axboe 2022-05-25 70
4f731705cc1f15 Jens Axboe 2022-09-11 71 if (ctx->flags & IORING_SETUP_CQE32)
a4ad4f748ea962 Jens Axboe 2022-05-25 72 cq_shift = 1;
3b8fdd1dc35e39 Jens Axboe 2022-09-11 73 if (ctx->flags & IORING_SETUP_SQE128)
3b8fdd1dc35e39 Jens Axboe 2022-09-11 74 sq_shift = 1;
a4ad4f748ea962 Jens Axboe 2022-05-25 75
a4ad4f748ea962 Jens Axboe 2022-05-25 76 /*
a4ad4f748ea962 Jens Axboe 2022-05-25 77 * we may get imprecise sqe and cqe info if uring is actively running
a4ad4f748ea962 Jens Axboe 2022-05-25 78 * since we get cached_sq_head and cached_cq_tail without uring_lock
a4ad4f748ea962 Jens Axboe 2022-05-25 79 * and sq_tail and cq_head are changed by userspace. But it's ok since
a4ad4f748ea962 Jens Axboe 2022-05-25 80 * we usually use these info when it is stuck.
a4ad4f748ea962 Jens Axboe 2022-05-25 81 */
a4ad4f748ea962 Jens Axboe 2022-05-25 82 seq_printf(m, "SqMask:\t0x%x\n", sq_mask);
a4ad4f748ea962 Jens Axboe 2022-05-25 83 seq_printf(m, "SqHead:\t%u\n", sq_head);
a4ad4f748ea962 Jens Axboe 2022-05-25 84 seq_printf(m, "SqTail:\t%u\n", sq_tail);
a4ad4f748ea962 Jens Axboe 2022-05-25 85 seq_printf(m, "CachedSqHead:\t%u\n", ctx->cached_sq_head);
a4ad4f748ea962 Jens Axboe 2022-05-25 86 seq_printf(m, "CqMask:\t0x%x\n", cq_mask);
a4ad4f748ea962 Jens Axboe 2022-05-25 87 seq_printf(m, "CqHead:\t%u\n", cq_head);
a4ad4f748ea962 Jens Axboe 2022-05-25 88 seq_printf(m, "CqTail:\t%u\n", cq_tail);
a4ad4f748ea962 Jens Axboe 2022-05-25 89 seq_printf(m, "CachedCqTail:\t%u\n", ctx->cached_cq_tail);
3b8fdd1dc35e39 Jens Axboe 2022-09-11 90 seq_printf(m, "SQEs:\t%u\n", sq_tail - sq_head);
a4ad4f748ea962 Jens Axboe 2022-05-25 91 sq_entries = min(sq_tail - sq_head, ctx->sq_entries);
a4ad4f748ea962 Jens Axboe 2022-05-25 92 for (i = 0; i < sq_entries; i++) {
a4ad4f748ea962 Jens Axboe 2022-05-25 93 unsigned int entry = i + sq_head;
a4ad4f748ea962 Jens Axboe 2022-05-25 94 struct io_uring_sqe *sqe;
3b8fdd1dc35e39 Jens Axboe 2022-09-11 95 unsigned int sq_idx;
a4ad4f748ea962 Jens Axboe 2022-05-25 96
32f5dea040ee6e Jens Axboe 2023-09-01 97 if (ctx->flags & IORING_SETUP_NO_SQARRAY)
32f5dea040ee6e Jens Axboe 2023-09-01 98 break;
3b8fdd1dc35e39 Jens Axboe 2022-09-11 99 sq_idx = READ_ONCE(ctx->sq_array[entry & sq_mask]);
a4ad4f748ea962 Jens Axboe 2022-05-25 100 if (sq_idx > sq_mask)
a4ad4f748ea962 Jens Axboe 2022-05-25 101 continue;
00927931cb630b Pavel Begunkov 2022-10-11 102 sqe = &ctx->sq_sqes[sq_idx << sq_shift];
3b8fdd1dc35e39 Jens Axboe 2022-09-11 103 seq_printf(m, "%5u: opcode:%s, fd:%d, flags:%x, off:%llu, "
3b8fdd1dc35e39 Jens Axboe 2022-09-11 104 "addr:0x%llx, rw_flags:0x%x, buf_index:%d "
3b8fdd1dc35e39 Jens Axboe 2022-09-11 105 "user_data:%llu",
3b8fdd1dc35e39 Jens Axboe 2022-09-11 106 sq_idx, io_uring_get_opcode(sqe->opcode), sqe->fd,
3b8fdd1dc35e39 Jens Axboe 2022-09-11 107 sqe->flags, (unsigned long long) sqe->off,
3b8fdd1dc35e39 Jens Axboe 2022-09-11 108 (unsigned long long) sqe->addr, sqe->rw_flags,
3b8fdd1dc35e39 Jens Axboe 2022-09-11 109 sqe->buf_index, sqe->user_data);
3b8fdd1dc35e39 Jens Axboe 2022-09-11 110 if (sq_shift) {
3b8fdd1dc35e39 Jens Axboe 2022-09-11 111 u64 *sqeb = (void *) (sqe + 1);
3b8fdd1dc35e39 Jens Axboe 2022-09-11 112 int size = sizeof(struct io_uring_sqe) / sizeof(u64);
3b8fdd1dc35e39 Jens Axboe 2022-09-11 113 int j;
3b8fdd1dc35e39 Jens Axboe 2022-09-11 114
3b8fdd1dc35e39 Jens Axboe 2022-09-11 115 for (j = 0; j < size; j++) {
3b8fdd1dc35e39 Jens Axboe 2022-09-11 116 seq_printf(m, ", e%d:0x%llx", j,
3b8fdd1dc35e39 Jens Axboe 2022-09-11 117 (unsigned long long) *sqeb);
3b8fdd1dc35e39 Jens Axboe 2022-09-11 118 sqeb++;
3b8fdd1dc35e39 Jens Axboe 2022-09-11 119 }
3b8fdd1dc35e39 Jens Axboe 2022-09-11 120 }
3b8fdd1dc35e39 Jens Axboe 2022-09-11 121 seq_printf(m, "\n");
a4ad4f748ea962 Jens Axboe 2022-05-25 122 }
a4ad4f748ea962 Jens Axboe 2022-05-25 123 seq_printf(m, "CQEs:\t%u\n", cq_tail - cq_head);
a4ad4f748ea962 Jens Axboe 2022-05-25 124 cq_entries = min(cq_tail - cq_head, ctx->cq_entries);
a4ad4f748ea962 Jens Axboe 2022-05-25 125 for (i = 0; i < cq_entries; i++) {
a4ad4f748ea962 Jens Axboe 2022-05-25 126 unsigned int entry = i + cq_head;
a4ad4f748ea962 Jens Axboe 2022-05-25 127 struct io_uring_cqe *cqe = &r->cqes[(entry & cq_mask) << cq_shift];
a4ad4f748ea962 Jens Axboe 2022-05-25 128
4f731705cc1f15 Jens Axboe 2022-09-11 129 seq_printf(m, "%5u: user_data:%llu, res:%d, flag:%x",
a4ad4f748ea962 Jens Axboe 2022-05-25 130 entry & cq_mask, cqe->user_data, cqe->res,
a4ad4f748ea962 Jens Axboe 2022-05-25 131 cqe->flags);
4f731705cc1f15 Jens Axboe 2022-09-11 132 if (cq_shift)
4f731705cc1f15 Jens Axboe 2022-09-11 133 seq_printf(m, ", extra1:%llu, extra2:%llu\n",
4f731705cc1f15 Jens Axboe 2022-09-11 134 cqe->big_cqe[0], cqe->big_cqe[1]);
4f731705cc1f15 Jens Axboe 2022-09-11 135 seq_printf(m, "\n");
a4ad4f748ea962 Jens Axboe 2022-05-25 136 }
a4ad4f748ea962 Jens Axboe 2022-05-25 137
5b1b61674371b7 Xiaobing Li 2023-11-15 @138 if (ctx && (ctx->flags & IORING_SETUP_SQPOLL)) {
^^^
Delete this check.
5b1b61674371b7 Xiaobing Li 2023-11-15 139 struct io_sq_data *sq = ctx->sq_data;
5b1b61674371b7 Xiaobing Li 2023-11-15 140
5b1b61674371b7 Xiaobing Li 2023-11-15 @141 if (sq && sq->total_time != 0)
^^
sq can be NULL?
5b1b61674371b7 Xiaobing Li 2023-11-15 142 sq_busy = (int)(sq->work_time * 100 / sq->total_time);
5b1b61674371b7 Xiaobing Li 2023-11-15 143
5b1b61674371b7 Xiaobing Li 2023-11-15 @144 sq_pid = sq->task_pid;
^^^^
Unchecked dereference.
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists