lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ba7dea85-4bd4-42f7-be04-c23afff5b34b@nvidia.com>
Date: Tue, 3 Feb 2026 21:34:40 +1100
From: Balbir Singh <balbirs@...dia.com>
To: Dan Carpenter <dan.carpenter@...aro.org>, oe-kbuild@...ts.linux.dev,
 Alistair Popple <apopple@...dia.com>
Cc: lkp@...el.com, oe-kbuild-all@...ts.linux.dev,
 linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>,
 Linux Memory Management List <linux-mm@...ck.org>,
 Björn Töpel <bjorn@...osinc.com>,
 Jason Gunthorpe <jgg@...dia.com>
Subject: Re: lib/test_hmm.c:932 dmirror_migrate_to_system() error:
 uninitialized symbol 'ret'.

On 1/18/26 23:04, Dan Carpenter wrote:
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> head:   944aacb68baf7624ab8d277d0ebf07f025ca137c
> commit: d438d273417055241ebaaf1ba3be23459fc27cba mm: remove devmap related functions and page table bits
> config: s390-randconfig-r071-20260115 (https://download.01.org/0day-ci/archive/20260115/202601152125.McLpiKxS-lkp@intel.com/config)
> compiler: clang version 22.0.0git (https://github.com/llvm/llvm-project 9b8addffa70cee5b2acc5454712d9cf78ce45710)
> smatch version: v0.5.0-8985-g2614ff1a
> 
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@...el.com>
> | Reported-by: Dan Carpenter <dan.carpenter@...aro.org>
> | Closes: https://lore.kernel.org/r/202601152125.McLpiKxS-lkp@intel.com/
> 
> smatch warnings:
> lib/test_hmm.c:932 dmirror_migrate_to_system() error: uninitialized symbol 'ret'.
> 
> vim +/ret +932 lib/test_hmm.c
> 
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  875  static int dmirror_migrate_to_system(struct dmirror *dmirror,
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  876  				     struct hmm_dmirror_cmd *cmd)
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  877  {
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  878  	unsigned long start, end, addr;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  879  	unsigned long size = cmd->npages << PAGE_SHIFT;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  880  	struct mm_struct *mm = dmirror->notifier.mm;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  881  	struct vm_area_struct *vma;
> 6046a3bed1c2b02 Arnd Bergmann   2025-06-10  882  	unsigned long src_pfns[32] = { 0 };
> 6046a3bed1c2b02 Arnd Bergmann   2025-06-10  883  	unsigned long dst_pfns[32] = { 0 };
> 16ce101db85db69 Alistair Popple 2022-09-28  884  	struct migrate_vma args = { 0 };
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  885  	unsigned long next;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  886  	int ret;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  887  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  888  	start = cmd->addr;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  889  	end = start + size;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  890  	if (end < start)
> 
> If end == start then ret is uninitialized.
> 
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  891  		return -EINVAL;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  892  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  893  	/* Since the mm is for the mirrored process, get a reference first. */
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  894  	if (!mmget_not_zero(mm))
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  895  		return -EINVAL;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  896  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  897  	cmd->cpages = 0;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  898  	mmap_read_lock(mm);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  899  	for (addr = start; addr < end; addr = next) {
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  900  		vma = vma_lookup(mm, addr);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  901  		if (!vma || !(vma->vm_flags & VM_READ)) {
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  902  			ret = -EINVAL;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  903  			goto out;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  904  		}
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  905  		next = min(end, addr + (ARRAY_SIZE(src_pfns) << PAGE_SHIFT));
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  906  		if (next > vma->vm_end)
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  907  			next = vma->vm_end;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  908  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  909  		args.vma = vma;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  910  		args.src = src_pfns;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  911  		args.dst = dst_pfns;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  912  		args.start = addr;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  913  		args.end = next;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  914  		args.pgmap_owner = dmirror->mdevice;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  915  		args.flags = dmirror_select_device(dmirror);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  916  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  917  		ret = migrate_vma_setup(&args);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  918  		if (ret)
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  919  			goto out;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  920  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  921  		pr_debug("Migrating from device mem to sys mem\n");
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  922  		dmirror_devmem_fault_alloc_and_copy(&args, dmirror);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  923  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  924  		migrate_vma_pages(&args);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  925  		cmd->cpages += dmirror_successful_migrated_pages(&args);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  926  		migrate_vma_finalize(&args);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  927  	}
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  928  out:
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  929  	mmap_read_unlock(mm);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  930  	mmput(mm);
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  931  
> 4c2e0f764eb4444 Alex Sierra     2022-07-15 @932  	return ret;
> 4c2e0f764eb4444 Alex Sierra     2022-07-15  933  }
> 

The code looks older than the current top of master? The smatch warning is still valid though. I was wondering
did smatch get new heuristics to catch this?

Balbir

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ