* [goldwynr:iomap 10/33] include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-01-04 16:46 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-04 16:46 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 12858 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Goldwyn Rodrigues <rgoldwyn@suse.com>
tree: https://github.com/goldwynr/linux iomap
head: fd871fa60e5495543660657e665f1a6c13d0af97
commit: 9b0be4cce9f84675546603825aa366923670b7bf [10/33] btrfs: Don't process pages if locked_page is NULL
:::::: branch date: 4 days ago
:::::: commit date: 4 days ago
config: x86_64-randconfig-c007-20220102 (https://download.01.org/0day-ci/archive/20220105/202201050045.f5XOCOID-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project b50fea47b6c454581fce89af359f3afe5154986c)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/goldwynr/linux/commit/9b0be4cce9f84675546603825aa366923670b7bf
git remote add goldwynr https://github.com/goldwynr/linux
git fetch --no-tags goldwynr iomap
git checkout 9b0be4cce9f84675546603825aa366923670b7bf
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:6: note: Assuming field 'locked_page' is null
if (async_chunk->locked_page) {
^~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:2: note: Taking false branch
if (async_chunk->locked_page) {
^
fs/btrfs/inode.c:948:6: note: Assuming field 'pages' is non-null
if (!async_extent->pages)
^~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:948:2: note: Taking false branch
if (!async_extent->pages)
^
fs/btrfs/inode.c:955:6: note: Assuming 'ret' is not equal to 0
if (ret) {
^~~
fs/btrfs/inode.c:955:2: note: Taking true branch
if (ret) {
^
fs/btrfs/inode.c:964:3: note: Control jumps to line 1023
goto out_free;
^
fs/btrfs/inode.c:1030:2: note: Memory is released
kfree(async_extent);
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1057:9: note: Returning; memory was released
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1053:3: note: Calling 'list_del'
list_del(&async_extent->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:148:2: note: Calling '__list_del_entry'
__list_del_entry(entry);
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:6: note: Assuming the condition is false
if (!__list_del_entry_valid(entry))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:2: note: Taking false branch
if (!__list_del_entry_valid(entry))
^
include/linux/list.h:137:13: note: Use of memory after it is freed
__list_del(entry->prev, entry->next);
^~~~~~~~~~~
include/linux/list.h:149:14: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
entry->next = LIST_POISON1;
^
fs/btrfs/inode.c:1368:6: note: Assuming field 'inode' is non-null
if (async_chunk->inode)
^~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1368:2: note: Taking true branch
if (async_chunk->inode)
^
fs/btrfs/inode.c:1369:3: note: Calling 'submit_compressed_extents'
submit_compressed_extents(async_chunk);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1057:9: note: Calling 'submit_one_async_extent'
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:6: note: Assuming field 'locked_page' is null
if (async_chunk->locked_page) {
^~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:2: note: Taking false branch
if (async_chunk->locked_page) {
^
fs/btrfs/inode.c:948:6: note: Assuming field 'pages' is non-null
if (!async_extent->pages)
^~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:948:2: note: Taking false branch
if (!async_extent->pages)
^
fs/btrfs/inode.c:955:6: note: Assuming 'ret' is not equal to 0
if (ret) {
^~~
fs/btrfs/inode.c:955:2: note: Taking true branch
if (ret) {
^
fs/btrfs/inode.c:964:3: note: Control jumps to line 1023
goto out_free;
^
fs/btrfs/inode.c:1030:2: note: Memory is released
kfree(async_extent);
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1057:9: note: Returning; memory was released
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1053:3: note: Calling 'list_del'
list_del(&async_extent->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:149:14: note: Use of memory after it is freed
entry->next = LIST_POISON1;
~~~~~~~~~~~ ^
>> include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
return ((loff_t)page->index) << PAGE_SHIFT;
^
fs/btrfs/inode.c:2003:6: note: Assuming 'locked_page' is null
if (locked_page)
^~~~~~~~~~~
fs/btrfs/inode.c:2003:2: note: Taking false branch
if (locked_page)
^
fs/btrfs/inode.c:2007:6: note: Calling 'should_nocow'
if (should_nocow(inode, start, end)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1978:6: note: Assuming the condition is true
if (inode->flags & (BTRFS_INODE_NODATACOW | BTRFS_INODE_PREALLOC)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1978:2: note: Taking true branch
if (inode->flags & (BTRFS_INODE_NODATACOW | BTRFS_INODE_PREALLOC)) {
^
fs/btrfs/inode.c:1979:7: note: Assuming field 'defrag_bytes' is 0
if (inode->defrag_bytes &&
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1979:27: note: Left side of '&&' is false
if (inode->defrag_bytes &&
^
fs/btrfs/inode.c:1983:3: note: Returning the value 1, which participates in a condition later
return true;
^~~~~~~~~~~
fs/btrfs/inode.c:2007:6: note: Returning from 'should_nocow'
if (should_nocow(inode, start, end)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:2007:2: note: Taking true branch
if (should_nocow(inode, start, end)) {
^
fs/btrfs/inode.c:2015:11: note: 'zoned' is false
ASSERT(!zoned ||
^
fs/btrfs/ctree.h:3526:29: note: expanded from macro 'ASSERT'
#define ASSERT(expr) (void)(expr)
^~~~
fs/btrfs/inode.c:2015:17: note: Left side of '||' is true
ASSERT(!zoned ||
^
fs/btrfs/inode.c:2032:9: note: Assuming 'ret' is > 0
ASSERT(ret <= 0);
^
fs/btrfs/ctree.h:3526:29: note: expanded from macro 'ASSERT'
#define ASSERT(expr) (void)(expr)
^~~~
fs/btrfs/inode.c:2033:6: note: 'ret' is not equal to 0
if (ret)
^~~
fs/btrfs/inode.c:2033:2: note: Taking true branch
if (ret)
^
fs/btrfs/inode.c:2034:40: note: Passing null pointer value via 2nd parameter 'locked_page'
btrfs_cleanup_ordered_extents(inode, locked_page, start,
^~~~~~~~~~~
fs/btrfs/inode.c:2034:3: note: Calling 'btrfs_cleanup_ordered_extents'
btrfs_cleanup_ordered_extents(inode, locked_page, start,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:164:31: note: Passing null pointer value via 1st parameter 'page'
u64 page_start = page_offset(locked_page);
^~~~~~~~~~~
fs/btrfs/inode.c:164:19: note: Calling 'page_offset'
u64 page_start = page_offset(locked_page);
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/pagemap.h:691:18: note: Dereference of null pointer
return ((loff_t)page->index) << PAGE_SHIFT;
^~~~~~~~~~~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
drivers/media/common/videobuf2/videobuf2-core.c:1929:10: warning: Access to field 'state' results in a dereference of a null pointer (loaded from variable 'vb') [clang-analyzer-core.NullDereference]
switch (vb->state) {
^
drivers/media/common/videobuf2/videobuf2-core.c:2921:6: note: Assuming field 'is_output' is 0
if (q->is_output) {
^~~~~~~~~~~~
drivers/media/common/videobuf2/videobuf2-core.c:2921:2: note: Taking false branch
if (q->is_output) {
^
drivers/media/common/videobuf2/videobuf2-core.c:2928:2: note: Loop condition is true. Entering loop body
for (;;) {
^
drivers/media/common/videobuf2/videobuf2-core.c:2934:7: note: 'prequeue' is 0
if (prequeue) {
^~~~~~~~
drivers/media/common/videobuf2/videobuf2-core.c:2934:3: note: Taking false branch
if (prequeue) {
^
drivers/media/common/videobuf2/videobuf2-core.c:2938:4: note: Assuming 'debug' is < 2
call_void_qop(q, wait_finish, q);
^
drivers/media/common/videobuf2/videobuf2-core.c:110:2: note: expanded from macro 'call_void_qop'
log_qop(q, op); \
^~~~~~~~~~~~~~
drivers/media/common/videobuf2/videobuf2-core.c:94:2: note: expanded from macro 'log_qop'
dprintk(q, 2, "call_qop(%s)%s\n", #op, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/common/videobuf2/videobuf2-core.c:39:7: note: expanded from macro 'dprintk'
if (debug >= level) \
vim +691 include/linux/pagemap.h
5cbc198ae08d84 Kirill A. Shutemov 2016-11-30 685
^1da177e4c3f41 Linus Torvalds 2005-04-16 686 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 687 * Return byte-offset into filesystem object for page.
^1da177e4c3f41 Linus Torvalds 2005-04-16 688 */
^1da177e4c3f41 Linus Torvalds 2005-04-16 689 static inline loff_t page_offset(struct page *page)
^1da177e4c3f41 Linus Torvalds 2005-04-16 690 {
09cbfeaf1a5a67 Kirill A. Shutemov 2016-04-01 @691 return ((loff_t)page->index) << PAGE_SHIFT;
^1da177e4c3f41 Linus Torvalds 2005-04-16 692 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 693
:::::: The code@line 691 was first introduced by commit
:::::: 09cbfeaf1a5a67bfb3201e0c83c810cecb2efa5a mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
:::::: TO: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
:::::: CC: Linus Torvalds <torvalds@linux-foundation.org>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* [goldwynr:iomap 10/33] include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-01-09 17:40 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-09 17:40 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 12987 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Goldwyn Rodrigues <rgoldwyn@suse.com>
tree: https://github.com/goldwynr/linux iomap
head: fd871fa60e5495543660657e665f1a6c13d0af97
commit: 9b0be4cce9f84675546603825aa366923670b7bf [10/33] btrfs: Don't process pages if locked_page is NULL
:::::: branch date: 9 days ago
:::::: commit date: 9 days ago
config: x86_64-randconfig-c007-20220102 (https://download.01.org/0day-ci/archive/20220109/202201092330.dCfyEM2E-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project b50fea47b6c454581fce89af359f3afe5154986c)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/goldwynr/linux/commit/9b0be4cce9f84675546603825aa366923670b7bf
git remote add goldwynr https://github.com/goldwynr/linux
git fetch --no-tags goldwynr iomap
git checkout 9b0be4cce9f84675546603825aa366923670b7bf
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:6: note: Assuming field 'locked_page' is null
if (async_chunk->locked_page) {
^~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:2: note: Taking false branch
if (async_chunk->locked_page) {
^
fs/btrfs/inode.c:948:6: note: Assuming field 'pages' is non-null
if (!async_extent->pages)
^~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:948:2: note: Taking false branch
if (!async_extent->pages)
^
fs/btrfs/inode.c:955:6: note: Assuming 'ret' is not equal to 0
if (ret) {
^~~
fs/btrfs/inode.c:955:2: note: Taking true branch
if (ret) {
^
fs/btrfs/inode.c:964:3: note: Control jumps to line 1023
goto out_free;
^
fs/btrfs/inode.c:1030:2: note: Memory is released
kfree(async_extent);
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1057:9: note: Returning; memory was released
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1053:3: note: Calling 'list_del'
list_del(&async_extent->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:148:2: note: Calling '__list_del_entry'
__list_del_entry(entry);
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:6: note: Assuming the condition is false
if (!__list_del_entry_valid(entry))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:2: note: Taking false branch
if (!__list_del_entry_valid(entry))
^
include/linux/list.h:137:13: note: Use of memory after it is freed
__list_del(entry->prev, entry->next);
^~~~~~~~~~~
include/linux/list.h:149:14: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
entry->next = LIST_POISON1;
^
fs/btrfs/inode.c:1368:6: note: Assuming field 'inode' is non-null
if (async_chunk->inode)
^~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1368:2: note: Taking true branch
if (async_chunk->inode)
^
fs/btrfs/inode.c:1369:3: note: Calling 'submit_compressed_extents'
submit_compressed_extents(async_chunk);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1057:9: note: Calling 'submit_one_async_extent'
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:6: note: Assuming field 'locked_page' is null
if (async_chunk->locked_page) {
^~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:2: note: Taking false branch
if (async_chunk->locked_page) {
^
fs/btrfs/inode.c:948:6: note: Assuming field 'pages' is non-null
if (!async_extent->pages)
^~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:948:2: note: Taking false branch
if (!async_extent->pages)
^
fs/btrfs/inode.c:955:6: note: Assuming 'ret' is not equal to 0
if (ret) {
^~~
fs/btrfs/inode.c:955:2: note: Taking true branch
if (ret) {
^
fs/btrfs/inode.c:964:3: note: Control jumps to line 1023
goto out_free;
^
fs/btrfs/inode.c:1030:2: note: Memory is released
kfree(async_extent);
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1057:9: note: Returning; memory was released
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1053:3: note: Calling 'list_del'
list_del(&async_extent->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:149:14: note: Use of memory after it is freed
entry->next = LIST_POISON1;
~~~~~~~~~~~ ^
>> include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
return ((loff_t)page->index) << PAGE_SHIFT;
^
fs/btrfs/inode.c:2003:6: note: Assuming 'locked_page' is null
if (locked_page)
^~~~~~~~~~~
fs/btrfs/inode.c:2003:2: note: Taking false branch
if (locked_page)
^
fs/btrfs/inode.c:2007:6: note: Calling 'should_nocow'
if (should_nocow(inode, start, end)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1978:6: note: Assuming the condition is true
if (inode->flags & (BTRFS_INODE_NODATACOW | BTRFS_INODE_PREALLOC)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1978:2: note: Taking true branch
if (inode->flags & (BTRFS_INODE_NODATACOW | BTRFS_INODE_PREALLOC)) {
^
fs/btrfs/inode.c:1979:7: note: Assuming field 'defrag_bytes' is 0
if (inode->defrag_bytes &&
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1979:27: note: Left side of '&&' is false
if (inode->defrag_bytes &&
^
fs/btrfs/inode.c:1983:3: note: Returning the value 1, which participates in a condition later
return true;
^~~~~~~~~~~
fs/btrfs/inode.c:2007:6: note: Returning from 'should_nocow'
if (should_nocow(inode, start, end)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:2007:2: note: Taking true branch
if (should_nocow(inode, start, end)) {
^
fs/btrfs/inode.c:2015:11: note: 'zoned' is false
ASSERT(!zoned ||
^
fs/btrfs/ctree.h:3526:29: note: expanded from macro 'ASSERT'
#define ASSERT(expr) (void)(expr)
^~~~
fs/btrfs/inode.c:2015:17: note: Left side of '||' is true
ASSERT(!zoned ||
^
fs/btrfs/inode.c:2032:9: note: Assuming 'ret' is > 0
ASSERT(ret <= 0);
^
fs/btrfs/ctree.h:3526:29: note: expanded from macro 'ASSERT'
#define ASSERT(expr) (void)(expr)
^~~~
fs/btrfs/inode.c:2033:6: note: 'ret' is not equal to 0
if (ret)
^~~
fs/btrfs/inode.c:2033:2: note: Taking true branch
if (ret)
^
fs/btrfs/inode.c:2034:40: note: Passing null pointer value via 2nd parameter 'locked_page'
btrfs_cleanup_ordered_extents(inode, locked_page, start,
^~~~~~~~~~~
fs/btrfs/inode.c:2034:3: note: Calling 'btrfs_cleanup_ordered_extents'
btrfs_cleanup_ordered_extents(inode, locked_page, start,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:164:31: note: Passing null pointer value via 1st parameter 'page'
u64 page_start = page_offset(locked_page);
^~~~~~~~~~~
fs/btrfs/inode.c:164:19: note: Calling 'page_offset'
u64 page_start = page_offset(locked_page);
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/pagemap.h:691:18: note: Dereference of null pointer
return ((loff_t)page->index) << PAGE_SHIFT;
^~~~~~~~~~~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
fs/namei.c:557:2: warning: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
dput(path->dentry);
^
fs/namei.c:4479:1: note: Calling '__se_sys_link'
SYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname)
^
include/linux/syscalls.h:218:36: note: expanded from macro 'SYSCALL_DEFINE2'
#define SYSCALL_DEFINE2(name, ...) SYSCALL_DEFINEx(2, _##name, __VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/syscalls.h:228:2: note: expanded from macro 'SYSCALL_DEFINEx'
__SYSCALL_DEFINEx(x, sname, __VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/include/asm/syscall_wrapper.h:232:2: note: expanded from macro '__SYSCALL_DEFINEx'
__IA32_SYS_STUBx(x, name, __VA_ARGS__) \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/include/asm/syscall_wrapper.h:117:2: note: expanded from macro '__IA32_SYS_STUBx'
__SYS_STUBx(ia32, sys##name, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/include/asm/syscall_wrapper.h:79:10: note: expanded from macro '__SYS_STUBx'
return __se_##name(__VA_ARGS__); \
^~~~~~~~~~~~~~~~~~~~~~~~
note: expanded from here
fs/namei.c:4479:1: note: Calling '__do_sys_link'
SYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname)
^
include/linux/syscalls.h:218:36: note: expanded from macro 'SYSCALL_DEFINE2'
#define SYSCALL_DEFINE2(name, ...) SYSCALL_DEFINEx(2, _##name, __VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/syscalls.h:228:2: note: expanded from macro 'SYSCALL_DEFINEx'
vim +691 include/linux/pagemap.h
5cbc198ae08d84 Kirill A. Shutemov 2016-11-30 685
^1da177e4c3f41 Linus Torvalds 2005-04-16 686 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 687 * Return byte-offset into filesystem object for page.
^1da177e4c3f41 Linus Torvalds 2005-04-16 688 */
^1da177e4c3f41 Linus Torvalds 2005-04-16 689 static inline loff_t page_offset(struct page *page)
^1da177e4c3f41 Linus Torvalds 2005-04-16 690 {
09cbfeaf1a5a67 Kirill A. Shutemov 2016-04-01 @691 return ((loff_t)page->index) << PAGE_SHIFT;
^1da177e4c3f41 Linus Torvalds 2005-04-16 692 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 693
:::::: The code@line 691 was first introduced by commit
:::::: 09cbfeaf1a5a67bfb3201e0c83c810cecb2efa5a mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
:::::: TO: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
:::::: CC: Linus Torvalds <torvalds@linux-foundation.org>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* [goldwynr:iomap 10/33] include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-01-06 23:23 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-06 23:23 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 12710 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Goldwyn Rodrigues <rgoldwyn@suse.com>
tree: https://github.com/goldwynr/linux iomap
head: fd871fa60e5495543660657e665f1a6c13d0af97
commit: 9b0be4cce9f84675546603825aa366923670b7bf [10/33] btrfs: Don't process pages if locked_page is NULL
:::::: branch date: 6 days ago
:::::: commit date: 6 days ago
config: x86_64-randconfig-c007-20220102 (https://download.01.org/0day-ci/archive/20220107/202201070729.yc8unxUd-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project b50fea47b6c454581fce89af359f3afe5154986c)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/goldwynr/linux/commit/9b0be4cce9f84675546603825aa366923670b7bf
git remote add goldwynr https://github.com/goldwynr/linux
git fetch --no-tags goldwynr iomap
git checkout 9b0be4cce9f84675546603825aa366923670b7bf
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:6: note: Assuming field 'locked_page' is null
if (async_chunk->locked_page) {
^~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:2: note: Taking false branch
if (async_chunk->locked_page) {
^
fs/btrfs/inode.c:948:6: note: Assuming field 'pages' is non-null
if (!async_extent->pages)
^~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:948:2: note: Taking false branch
if (!async_extent->pages)
^
fs/btrfs/inode.c:955:6: note: Assuming 'ret' is not equal to 0
if (ret) {
^~~
fs/btrfs/inode.c:955:2: note: Taking true branch
if (ret) {
^
fs/btrfs/inode.c:964:3: note: Control jumps to line 1023
goto out_free;
^
fs/btrfs/inode.c:1030:2: note: Memory is released
kfree(async_extent);
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1057:9: note: Returning; memory was released
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1053:3: note: Calling 'list_del'
list_del(&async_extent->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:148:2: note: Calling '__list_del_entry'
__list_del_entry(entry);
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:6: note: Assuming the condition is false
if (!__list_del_entry_valid(entry))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:2: note: Taking false branch
if (!__list_del_entry_valid(entry))
^
include/linux/list.h:137:13: note: Use of memory after it is freed
__list_del(entry->prev, entry->next);
^~~~~~~~~~~
include/linux/list.h:149:14: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
entry->next = LIST_POISON1;
^
fs/btrfs/inode.c:1368:6: note: Assuming field 'inode' is non-null
if (async_chunk->inode)
^~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1368:2: note: Taking true branch
if (async_chunk->inode)
^
fs/btrfs/inode.c:1369:3: note: Calling 'submit_compressed_extents'
submit_compressed_extents(async_chunk);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1057:9: note: Calling 'submit_one_async_extent'
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:6: note: Assuming field 'locked_page' is null
if (async_chunk->locked_page) {
^~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:938:2: note: Taking false branch
if (async_chunk->locked_page) {
^
fs/btrfs/inode.c:948:6: note: Assuming field 'pages' is non-null
if (!async_extent->pages)
^~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:948:2: note: Taking false branch
if (!async_extent->pages)
^
fs/btrfs/inode.c:955:6: note: Assuming 'ret' is not equal to 0
if (ret) {
^~~
fs/btrfs/inode.c:955:2: note: Taking true branch
if (ret) {
^
fs/btrfs/inode.c:964:3: note: Control jumps to line 1023
goto out_free;
^
fs/btrfs/inode.c:1030:2: note: Memory is released
kfree(async_extent);
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1057:9: note: Returning; memory was released
ret = submit_one_async_extent(inode, async_chunk, async_extent,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1047:2: note: Loop condition is true. Entering loop body
while (!list_empty(&async_chunk->extents)) {
^
fs/btrfs/inode.c:1053:3: note: Calling 'list_del'
list_del(&async_extent->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:149:14: note: Use of memory after it is freed
entry->next = LIST_POISON1;
~~~~~~~~~~~ ^
>> include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
return ((loff_t)page->index) << PAGE_SHIFT;
^
fs/btrfs/inode.c:2003:6: note: Assuming 'locked_page' is null
if (locked_page)
^~~~~~~~~~~
fs/btrfs/inode.c:2003:2: note: Taking false branch
if (locked_page)
^
fs/btrfs/inode.c:2007:6: note: Calling 'should_nocow'
if (should_nocow(inode, start, end)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1978:6: note: Assuming the condition is true
if (inode->flags & (BTRFS_INODE_NODATACOW | BTRFS_INODE_PREALLOC)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1978:2: note: Taking true branch
if (inode->flags & (BTRFS_INODE_NODATACOW | BTRFS_INODE_PREALLOC)) {
^
fs/btrfs/inode.c:1979:7: note: Assuming field 'defrag_bytes' is 0
if (inode->defrag_bytes &&
^~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:1979:27: note: Left side of '&&' is false
if (inode->defrag_bytes &&
^
fs/btrfs/inode.c:1983:3: note: Returning the value 1, which participates in a condition later
return true;
^~~~~~~~~~~
fs/btrfs/inode.c:2007:6: note: Returning from 'should_nocow'
if (should_nocow(inode, start, end)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:2007:2: note: Taking true branch
if (should_nocow(inode, start, end)) {
^
fs/btrfs/inode.c:2015:11: note: 'zoned' is false
ASSERT(!zoned ||
^
fs/btrfs/ctree.h:3526:29: note: expanded from macro 'ASSERT'
#define ASSERT(expr) (void)(expr)
^~~~
fs/btrfs/inode.c:2015:17: note: Left side of '||' is true
ASSERT(!zoned ||
^
fs/btrfs/inode.c:2032:9: note: Assuming 'ret' is > 0
ASSERT(ret <= 0);
^
fs/btrfs/ctree.h:3526:29: note: expanded from macro 'ASSERT'
#define ASSERT(expr) (void)(expr)
^~~~
fs/btrfs/inode.c:2033:6: note: 'ret' is not equal to 0
if (ret)
^~~
fs/btrfs/inode.c:2033:2: note: Taking true branch
if (ret)
^
fs/btrfs/inode.c:2034:40: note: Passing null pointer value via 2nd parameter 'locked_page'
btrfs_cleanup_ordered_extents(inode, locked_page, start,
^~~~~~~~~~~
fs/btrfs/inode.c:2034:3: note: Calling 'btrfs_cleanup_ordered_extents'
btrfs_cleanup_ordered_extents(inode, locked_page, start,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/inode.c:164:31: note: Passing null pointer value via 1st parameter 'page'
u64 page_start = page_offset(locked_page);
^~~~~~~~~~~
fs/btrfs/inode.c:164:19: note: Calling 'page_offset'
u64 page_start = page_offset(locked_page);
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/pagemap.h:691:18: note: Dereference of null pointer
return ((loff_t)page->index) << PAGE_SHIFT;
^~~~~~~~~~~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
drivers/crypto/ccree/cc_cipher.c:777:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = drvdata_to_dev(ctx_p->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_cipher.c:777:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = drvdata_to_dev(ctx_p->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_cipher.c:804:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = drvdata_to_dev(ctx_p->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_cipher.c:804:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = drvdata_to_dev(ctx_p->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
drivers/crypto/ccree/cc_hash.c:83:8: warning: Excessive padding in 'struct cc_hash_ctx' (95 padding bytes, where 31 is optimal).
Optimal fields order:
opad_tmp_keys_dma_addr,
drvdata,
digest_buff_dma_addr,
key_params,
setkey_comp,
hash_mode,
hw_mode,
inter_digestsize,
hash_len,
is_hmac,
digest_buff,
opad_tmp_keys_buff,
vim +691 include/linux/pagemap.h
5cbc198ae08d84 Kirill A. Shutemov 2016-11-30 685
^1da177e4c3f41 Linus Torvalds 2005-04-16 686 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 687 * Return byte-offset into filesystem object for page.
^1da177e4c3f41 Linus Torvalds 2005-04-16 688 */
^1da177e4c3f41 Linus Torvalds 2005-04-16 689 static inline loff_t page_offset(struct page *page)
^1da177e4c3f41 Linus Torvalds 2005-04-16 690 {
09cbfeaf1a5a67 Kirill A. Shutemov 2016-04-01 @691 return ((loff_t)page->index) << PAGE_SHIFT;
^1da177e4c3f41 Linus Torvalds 2005-04-16 692 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 693
:::::: The code@line 691 was first introduced by commit
:::::: 09cbfeaf1a5a67bfb3201e0c83c810cecb2efa5a mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
:::::: TO: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
:::::: CC: Linus Torvalds <torvalds@linux-foundation.org>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-01-09 17:40 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-04 16:46 [goldwynr:iomap 10/33] include/linux/pagemap.h:691:18: warning: Dereference of null pointer [clang-analyzer-core.NullDereference] kernel test robot
2022-01-06 23:23 kernel test robot
2022-01-09 17:40 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.