* Re: [PATCH v2 11/35] mm: rcu safe vma freeing
@ 2022-01-30 3:33 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-30 3:33 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 17415 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
In-Reply-To: <20220128131006.67712-12-michel@lespinasse.org>
References: <20220128131006.67712-12-michel@lespinasse.org>
TO: Michel Lespinasse <michel@lespinasse.org>
TO: "Linux-MM" <linux-mm@kvack.org>
TO: linux-kernel(a)vger.kernel.org
TO: Andrew Morton <akpm@linux-foundation.org>
CC: kernel-team(a)fb.com
CC: Laurent Dufour <ldufour@linux.ibm.com>
CC: Jerome Glisse <jglisse@google.com>
CC: Peter Zijlstra <peterz@infradead.org>
CC: Michal Hocko <mhocko@suse.com>
CC: Vlastimil Babka <vbabka@suse.cz>
CC: Davidlohr Bueso <dave@stgolabs.net>
Hi Michel,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.17-rc1 next-20220128]
[cannot apply to tip/x86/mm arm64/for-next/core powerpc/next hnaz-mm/master]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Michel-Lespinasse/Speculative-page-faults/20220128-212122
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 145d9b498fc827b79c1260b4caa29a8e59d4c2b9
:::::: branch date: 2 days ago
:::::: commit date: 2 days ago
config: x86_64-randconfig-c007-20220124 (https://download.01.org/0day-ci/archive/20220130/202201301146.anuNJxXl-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 33b45ee44b1f32ffdbc995e6fec806271b4b3ba4)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/e070569f2fa273212280128b7d07f3d39f0fbd27
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Michel-Lespinasse/Speculative-page-faults/20220128-212122
git checkout e070569f2fa273212280128b7d07f3d39f0fbd27
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~
security/keys/keyring.c:1608:2: note: Taking false branch
if (ret < 0)
^
security/keys/keyring.c:1611:6: note: 'ret' is >= 0
if (ret < 0)
^~~
security/keys/keyring.c:1611:2: note: Taking false branch
if (ret < 0)
^
security/keys/keyring.c:1613:8: note: Calling '__key_link_begin'
ret = __key_link_begin(to_keyring, &key->index_key, &to_edit);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/keys/keyring.c:1299:2: note: Taking false branch
kenter("%d,%s,%s,",
^
security/keys/internal.h:34:2: note: expanded from macro 'kenter'
no_printk(KERN_DEBUG "==> %s("FMT")\n", __func__, ##__VA_ARGS__)
^
include/linux/printk.h:131:2: note: expanded from macro 'no_printk'
if (0) \
^
security/keys/keyring.c:1302:9: note: Assuming field 'desc_len' is not equal to 0
BUG_ON(index_key->desc_len == 0);
^
include/asm-generic/bug.h:65:45: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^~~~~~~~~
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
security/keys/keyring.c:1302:2: note: Taking false branch
BUG_ON(index_key->desc_len == 0);
^
include/asm-generic/bug.h:65:32: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
security/keys/keyring.c:1302:2: note: Loop condition is false. Exiting loop
BUG_ON(index_key->desc_len == 0);
^
include/asm-generic/bug.h:65:27: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
security/keys/keyring.c:1303:2: note: Taking false branch
BUG_ON(*_edit != NULL);
^
include/asm-generic/bug.h:65:32: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
security/keys/keyring.c:1303:2: note: Loop condition is false. Exiting loop
BUG_ON(*_edit != NULL);
^
include/asm-generic/bug.h:65:27: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
security/keys/keyring.c:1305:2: note: Null pointer value stored to 'to_edit'
*_edit = NULL;
^~~~~~~~~~~~~
security/keys/keyring.c:1308:6: note: Assuming the condition is false
if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/keys/keyring.c:1308:2: note: Taking false branch
if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
^
security/keys/keyring.c:1318:2: note: Taking true branch
if (IS_ERR(edit)) {
^
security/keys/keyring.c:1320:3: note: Control jumps to line 1340
goto error;
^
security/keys/keyring.c:1340:2: note: Taking false branch
kleave(" = %d", ret);
^
security/keys/internal.h:36:2: note: expanded from macro 'kleave'
no_printk(KERN_DEBUG "<== %s()"FMT"\n", __func__, ##__VA_ARGS__)
^
include/linux/printk.h:131:2: note: expanded from macro 'no_printk'
if (0) \
^
security/keys/keyring.c:1613:8: note: Returning from '__key_link_begin'
ret = __key_link_begin(to_keyring, &key->index_key, &to_edit);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/keys/keyring.c:1614:6: note: Assuming 'ret' is >= 0
if (ret < 0)
^~~~~~~
security/keys/keyring.c:1614:2: note: Taking false branch
if (ret < 0)
^
security/keys/keyring.c:1618:6: note: Access to field 'dead_leaf' results in a dereference of a null pointer (loaded from variable 'to_edit')
if (to_edit->dead_leaf && (flags & KEYCTL_MOVE_EXCL))
^~~~~~~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
>> arch/x86/mm/pat/memtype.c:1098:24: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
^~~~~~~~~~~~~
arch/x86/mm/pat/memtype.c:1092:6: note: Assuming 'vma' is null
if (vma && !(vma->vm_flags & VM_PAT))
^~~
arch/x86/mm/pat/memtype.c:1092:10: note: Left side of '&&' is false
if (vma && !(vma->vm_flags & VM_PAT))
^
arch/x86/mm/pat/memtype.c:1097:6: note: Assuming 'paddr' is 0
if (!paddr && !size) {
^~~~~~
arch/x86/mm/pat/memtype.c:1097:6: note: Left side of '&&' is true
arch/x86/mm/pat/memtype.c:1097:16: note: Assuming 'size' is 0
if (!paddr && !size) {
^~~~~
arch/x86/mm/pat/memtype.c:1097:2: note: Taking true branch
if (!paddr && !size) {
^
arch/x86/mm/pat/memtype.c:1098:24: note: Dereference of null pointer
if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
^~~~~~~~~~~~~
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
arch/x86/mm/kasan_init_64.c:131:3: warning: Value stored to 'p' is never read [clang-analyzer-deadcode.DeadStores]
p = early_alloc(PAGE_SIZE, nid, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:131:3: note: Value stored to 'p' is never read
p = early_alloc(PAGE_SIZE, nid, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:276:4: warning: Value stored to 'p' is never read [clang-analyzer-deadcode.DeadStores]
p = early_alloc(PAGE_SIZE, NUMA_NO_NODE, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:276:4: note: Value stored to 'p' is never read
p = early_alloc(PAGE_SIZE, NUMA_NO_NODE, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:301:2: warning: Value stored to 'p4d_val' is never read [clang-analyzer-deadcode.DeadStores]
p4d_val &= __default_kernel_pte_mask;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:301:2: note: Value stored to 'p4d_val' is never read
p4d_val &= __default_kernel_pte_mask;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:312:7: warning: Value stored to 'i' is never read [clang-analyzer-deadcode.DeadStores]
for (i = 0; pgtable_l5_enabled() && i < PTRS_PER_P4D; i++)
^ ~
arch/x86/mm/kasan_init_64.c:312:7: note: Value stored to 'i' is never read
for (i = 0; pgtable_l5_enabled() && i < PTRS_PER_P4D; i++)
^ ~
Suppressed 2 warnings (2 with check filters).
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
crypto/ecc.c:147:24: warning: The left operand of '&' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
return (vli[bit / 64] & ((u64)1 << (bit % 64)));
^
crypto/ecc.c:1618:6: note: Assuming 'private_key' is non-null
if (!private_key || !public_key || !curve ||
^~~~~~~~~~~~
crypto/ecc.c:1618:6: note: Left side of '||' is false
crypto/ecc.c:1618:22: note: Assuming 'public_key' is non-null
if (!private_key || !public_key || !curve ||
^~~~~~~~~~~
crypto/ecc.c:1618:6: note: Left side of '||' is false
if (!private_key || !public_key || !curve ||
^
crypto/ecc.c:1618:38: note: 'curve' is non-null
if (!private_key || !public_key || !curve ||
^~~~~
vim +1098 arch/x86/mm/pat/memtype.c
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1080
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1081 /*
5180da410db636 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1082 * untrack_pfn is called while unmapping a pfnmap for a region.
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1083 * untrack can be called for a specific region indicated by pfn and size or
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1084 * can be for the entire vma (in which case pfn, size are zero).
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1085 */
5180da410db636 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1086 void untrack_pfn(struct vm_area_struct *vma, unsigned long pfn,
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1087 unsigned long size)
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1088 {
c1c15b65ec3027 arch/x86/mm/pat.c H. Peter Anvin 2008-12-23 1089 resource_size_t paddr;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1090 unsigned long prot;
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi@intel.com 2008-12-18 1091
9049771f7d5490 arch/x86/mm/pat.c Dan Williams 2016-09-07 1092 if (vma && !(vma->vm_flags & VM_PAT))
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1093 return;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1094
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1095 /* free the chunk starting from pfn or the whole chunk */
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1096 paddr = (resource_size_t)pfn << PAGE_SHIFT;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1097 if (!paddr && !size) {
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 @1098 if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1099 WARN_ON_ONCE(1);
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1100 return;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1101 }
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1102
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1103 size = vma->vm_end - vma->vm_start;
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1104 }
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1105 free_pfn_range(paddr, size);
9049771f7d5490 arch/x86/mm/pat.c Dan Williams 2016-09-07 1106 if (vma)
b3b9c2932c32e0 arch/x86/mm/pat.c Konstantin Khlebnikov 2012-10-08 1107 vma->vm_flags &= ~VM_PAT;
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1108 }
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1109
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v2 11/35] mm: rcu safe vma freeing
@ 2022-01-29 12:17 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-29 12:17 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 16619 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
In-Reply-To: <20220128131006.67712-12-michel@lespinasse.org>
References: <20220128131006.67712-12-michel@lespinasse.org>
TO: Michel Lespinasse <michel@lespinasse.org>
TO: "Linux-MM" <linux-mm@kvack.org>
TO: linux-kernel(a)vger.kernel.org
TO: Andrew Morton <akpm@linux-foundation.org>
CC: kernel-team(a)fb.com
CC: Laurent Dufour <ldufour@linux.ibm.com>
CC: Jerome Glisse <jglisse@google.com>
CC: Peter Zijlstra <peterz@infradead.org>
CC: Michal Hocko <mhocko@suse.com>
CC: Vlastimil Babka <vbabka@suse.cz>
CC: Davidlohr Bueso <dave@stgolabs.net>
Hi Michel,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.17-rc1 next-20220128]
[cannot apply to tip/x86/mm arm64/for-next/core powerpc/next hnaz-mm/master]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Michel-Lespinasse/Speculative-page-faults/20220128-212122
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 145d9b498fc827b79c1260b4caa29a8e59d4c2b9
:::::: branch date: 23 hours ago
:::::: commit date: 23 hours ago
config: x86_64-randconfig-c007-20220124 (https://download.01.org/0day-ci/archive/20220129/202201292049.8ov9aDBO-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 33b45ee44b1f32ffdbc995e6fec806271b4b3ba4)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/e070569f2fa273212280128b7d07f3d39f0fbd27
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Michel-Lespinasse/Speculative-page-faults/20220128-212122
git checkout e070569f2fa273212280128b7d07f3d39f0fbd27
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^
fs/xfs/libxfs/xfs_dir2_data.c:155:7: note: Assuming field 'offset' is 0
if (bf[0].offset)
^~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:155:3: note: Taking false branch
if (bf[0].offset)
^
fs/xfs/libxfs/xfs_dir2_data.c:159:6: note: Assuming field 'length' is 0
if (!bf[1].length) {
^~~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:159:2: note: Taking true branch
if (!bf[1].length) {
^
fs/xfs/libxfs/xfs_dir2_data.c:160:7: note: Assuming field 'offset' is 0
if (bf[1].offset)
^~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:160:3: note: Taking false branch
if (bf[1].offset)
^
fs/xfs/libxfs/xfs_dir2_data.c:164:6: note: Assuming field 'length' is 0
if (!bf[2].length) {
^~~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:164:2: note: Taking true branch
if (!bf[2].length) {
^
fs/xfs/libxfs/xfs_dir2_data.c:165:7: note: Assuming field 'offset' is 0
if (bf[2].offset)
^~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:165:3: note: Taking false branch
if (bf[2].offset)
^
fs/xfs/libxfs/xfs_dir2_data.c:170:6: note: Assuming the condition is false
if (be16_to_cpu(bf[0].length) < be16_to_cpu(bf[1].length))
^
include/linux/byteorder/generic.h:97:21: note: expanded from macro 'be16_to_cpu'
#define be16_to_cpu __be16_to_cpu
^
include/uapi/linux/byteorder/little_endian.h:43:26: note: expanded from macro '__be16_to_cpu'
#define __be16_to_cpu(x) __swab16((__force __u16)(__be16)(x))
^
include/uapi/linux/swab.h:102:21: note: expanded from macro '__swab16'
#define __swab16(x) (__u16)__builtin_bswap16((__u16)(x))
^
fs/xfs/libxfs/xfs_dir2_data.c:170:2: note: Taking false branch
if (be16_to_cpu(bf[0].length) < be16_to_cpu(bf[1].length))
^
fs/xfs/libxfs/xfs_dir2_data.c:172:6: note: Assuming the condition is false
if (be16_to_cpu(bf[1].length) < be16_to_cpu(bf[2].length))
^
include/linux/byteorder/generic.h:97:21: note: expanded from macro 'be16_to_cpu'
#define be16_to_cpu __be16_to_cpu
^
include/uapi/linux/byteorder/little_endian.h:43:26: note: expanded from macro '__be16_to_cpu'
#define __be16_to_cpu(x) __swab16((__force __u16)(__be16)(x))
^
include/uapi/linux/swab.h:102:21: note: expanded from macro '__swab16'
#define __swab16(x) (__u16)__builtin_bswap16((__u16)(x))
^
fs/xfs/libxfs/xfs_dir2_data.c:172:2: note: Taking false branch
if (be16_to_cpu(bf[1].length) < be16_to_cpu(bf[2].length))
^
fs/xfs/libxfs/xfs_dir2_data.c:177:9: note: Assuming 'offset' is >= 'end'
while (offset < end) {
^~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:177:2: note: Loop condition is false. Execution continues on line 252
while (offset < end) {
^
fs/xfs/libxfs/xfs_dir2_data.c:252:6: note: 'freeseen' is equal to 7
if (freeseen != 7)
^~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:252:2: note: Taking false branch
if (freeseen != 7)
^
fs/xfs/libxfs/xfs_dir2_data.c:254:6: note: Assuming the condition is true
if (hdr->magic == cpu_to_be32(XFS_DIR2_BLOCK_MAGIC) ||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/xfs/libxfs/xfs_dir2_data.c:254:54: note: Left side of '||' is true
if (hdr->magic == cpu_to_be32(XFS_DIR2_BLOCK_MAGIC) ||
^
fs/xfs/libxfs/xfs_dir2_data.c:256:27: note: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'btp')
for (i = stale = 0; i < be32_to_cpu(btp->count); i++) {
^
include/linux/byteorder/generic.h:95:21: note: expanded from macro 'be32_to_cpu'
#define be32_to_cpu __be32_to_cpu
^
include/uapi/linux/byteorder/little_endian.h:41:58: note: expanded from macro '__be32_to_cpu'
#define __be32_to_cpu(x) __swab32((__force __u32)(__be32)(x))
^~
include/uapi/linux/swab.h:115:54: note: expanded from macro '__swab32'
#define __swab32(x) (__u32)__builtin_bswap32((__u32)(x))
^
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
>> arch/x86/mm/pat/memtype.c:1098:24: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
^~~~~~~~~~~~~
arch/x86/mm/pat/memtype.c:1092:6: note: Assuming 'vma' is null
if (vma && !(vma->vm_flags & VM_PAT))
^~~
arch/x86/mm/pat/memtype.c:1092:10: note: Left side of '&&' is false
if (vma && !(vma->vm_flags & VM_PAT))
^
arch/x86/mm/pat/memtype.c:1097:6: note: Assuming 'paddr' is 0
if (!paddr && !size) {
^~~~~~
arch/x86/mm/pat/memtype.c:1097:6: note: Left side of '&&' is true
arch/x86/mm/pat/memtype.c:1097:16: note: Assuming 'size' is 0
if (!paddr && !size) {
^~~~~
arch/x86/mm/pat/memtype.c:1097:2: note: Taking true branch
if (!paddr && !size) {
^
arch/x86/mm/pat/memtype.c:1098:24: note: Dereference of null pointer
if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
^~~~~~~~~~~~~
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
arch/x86/mm/kasan_init_64.c:131:3: warning: Value stored to 'p' is never read [clang-analyzer-deadcode.DeadStores]
p = early_alloc(PAGE_SIZE, nid, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:131:3: note: Value stored to 'p' is never read
p = early_alloc(PAGE_SIZE, nid, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:276:4: warning: Value stored to 'p' is never read [clang-analyzer-deadcode.DeadStores]
p = early_alloc(PAGE_SIZE, NUMA_NO_NODE, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:276:4: note: Value stored to 'p' is never read
p = early_alloc(PAGE_SIZE, NUMA_NO_NODE, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:301:2: warning: Value stored to 'p4d_val' is never read [clang-analyzer-deadcode.DeadStores]
p4d_val &= __default_kernel_pte_mask;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:301:2: note: Value stored to 'p4d_val' is never read
p4d_val &= __default_kernel_pte_mask;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/mm/kasan_init_64.c:312:7: warning: Value stored to 'i' is never read [clang-analyzer-deadcode.DeadStores]
for (i = 0; pgtable_l5_enabled() && i < PTRS_PER_P4D; i++)
^ ~
arch/x86/mm/kasan_init_64.c:312:7: note: Value stored to 'i' is never read
for (i = 0; pgtable_l5_enabled() && i < PTRS_PER_P4D; i++)
^ ~
Suppressed 2 warnings (2 with check filters).
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
fs/ntfs3/xattr.c:966:3: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
i_uid_write(inode, (uid_t)le32_to_cpu(value[0]));
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/ntfs3/xattr.c:960:6: note: Calling 'ntfs_get_ea'
if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0],
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/ntfs3/xattr.c:209:6: note: Assuming the condition is false
if (!(ni->ni_flags & NI_FLAG_EA))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/ntfs3/xattr.c:209:2: note: Taking false branch
if (!(ni->ni_flags & NI_FLAG_EA))
^
fs/ntfs3/xattr.c:212:7: note: 'required' is non-null
if (!required)
^~~~~~~~
fs/ntfs3/xattr.c:212:2: note: Taking false branch
if (!required)
^
fs/ntfs3/xattr.c:217:6: note: 'name_len' is <= 255
if (name_len > 255) {
^~~~~~~~
fs/ntfs3/xattr.c:217:2: note: Taking false branch
if (name_len > 255) {
^
fs/ntfs3/xattr.c:223:6: note: 'err' is not equal to 0
if (err)
^~~
fs/ntfs3/xattr.c:223:2: note: Taking true branch
if (err)
^
fs/ntfs3/xattr.c:224:3: note: Control jumps to line 253
goto out;
^
fs/ntfs3/xattr.c:254:7: note: 'required' is non-null
if (!required)
^~~~~~~~
fs/ntfs3/xattr.c:254:2: note: Taking false branch
if (!required)
^
fs/ntfs3/xattr.c:257:9: note: 'err' is not equal to 0
return err ? err : len;
^~~
fs/ntfs3/xattr.c:257:9: note: '?' condition is true
fs/ntfs3/xattr.c:257:2: note: Returning without writing to '*buffer'
return err ? err : len;
^
vim +1098 arch/x86/mm/pat/memtype.c
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1080
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1081 /*
5180da410db636 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1082 * untrack_pfn is called while unmapping a pfnmap for a region.
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1083 * untrack can be called for a specific region indicated by pfn and size or
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1084 * can be for the entire vma (in which case pfn, size are zero).
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1085 */
5180da410db636 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1086 void untrack_pfn(struct vm_area_struct *vma, unsigned long pfn,
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1087 unsigned long size)
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1088 {
c1c15b65ec3027 arch/x86/mm/pat.c H. Peter Anvin 2008-12-23 1089 resource_size_t paddr;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1090 unsigned long prot;
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1091
9049771f7d5490 arch/x86/mm/pat.c Dan Williams 2016-09-07 1092 if (vma && !(vma->vm_flags & VM_PAT))
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1093 return;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1094
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1095 /* free the chunk starting from pfn or the whole chunk */
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1096 paddr = (resource_size_t)pfn << PAGE_SHIFT;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1097 if (!paddr && !size) {
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 @1098 if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1099 WARN_ON_ONCE(1);
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1100 return;
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1101 }
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1102
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1103 size = vma->vm_end - vma->vm_start;
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1104 }
b1a86e15dc0304 arch/x86/mm/pat.c Suresh Siddha 2012-10-08 1105 free_pfn_range(paddr, size);
9049771f7d5490 arch/x86/mm/pat.c Dan Williams 2016-09-07 1106 if (vma)
b3b9c2932c32e0 arch/x86/mm/pat.c Konstantin Khlebnikov 2012-10-08 1107 vma->vm_flags &= ~VM_PAT;
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1108 }
5899329b19100c arch/x86/mm/pat.c venkatesh.pallipadi(a)intel.com 2008-12-18 1109
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH v2 11/35] mm: rcu safe vma freeing
2022-01-28 13:09 [PATCH v2 00/35] Speculative page faults Michel Lespinasse
@ 2022-01-28 13:09 ` Michel Lespinasse
0 siblings, 0 replies; 3+ messages in thread
From: Michel Lespinasse @ 2022-01-28 13:09 UTC (permalink / raw)
To: Linux-MM, linux-kernel, Andrew Morton
Cc: kernel-team, Laurent Dufour, Jerome Glisse, Peter Zijlstra,
Michal Hocko, Vlastimil Babka, Davidlohr Bueso, Matthew Wilcox,
Liam Howlett, Rik van Riel, Paul McKenney, Song Liu,
Suren Baghdasaryan, Minchan Kim, Joel Fernandes, David Rientjes,
Axel Rasmussen, Andy Lutomirski, Michel Lespinasse
This prepares for speculative page faults looking up and copying vmas
under protection of an rcu read lock, instead of the usual mmap read lock.
Note - it might also be feasible to just use SLAB_TYPESAFE_BY_RCU when
creating the vm_area_cachep, but that's probably too subtle to consider here.
Signed-off-by: Michel Lespinasse <michel@lespinasse.org>
---
include/linux/mm_types.h | 16 +++++++++++-----
kernel/fork.c | 13 +++++++++++++
2 files changed, 24 insertions(+), 5 deletions(-)
diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
index e4965a6f34f2..b6678578a729 100644
--- a/include/linux/mm_types.h
+++ b/include/linux/mm_types.h
@@ -374,12 +374,18 @@ struct anon_vma_name {
struct vm_area_struct {
/* The first cache line has the info for VMA tree walking. */
- unsigned long vm_start; /* Our start address within vm_mm. */
- unsigned long vm_end; /* The first byte after our end address
- within vm_mm. */
+ union {
+ struct {
+ /* VMA covers [vm_start; vm_end) addresses within mm */
+ unsigned long vm_start, vm_end;
- /* linked list of VM areas per task, sorted by address */
- struct vm_area_struct *vm_next, *vm_prev;
+ /* linked list of VMAs per task, sorted by address */
+ struct vm_area_struct *vm_next, *vm_prev;
+ };
+#ifdef CONFIG_SPECULATIVE_PAGE_FAULT
+ struct rcu_head vm_rcu; /* Used for deferred freeing. */
+#endif
+ };
struct rb_node vm_rb;
diff --git a/kernel/fork.c b/kernel/fork.c
index d75a528f7b21..2e5f2e8de31a 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -371,10 +371,23 @@ struct vm_area_struct *vm_area_dup(struct vm_area_struct *orig)
return new;
}
+#ifdef CONFIG_SPECULATIVE_PAGE_FAULT
+static void __vm_area_free(struct rcu_head *head)
+{
+ struct vm_area_struct *vma = container_of(head, struct vm_area_struct,
+ vm_rcu);
+ kmem_cache_free(vm_area_cachep, vma);
+}
+#endif
+
void vm_area_free(struct vm_area_struct *vma)
{
free_vma_anon_name(vma);
+#ifdef CONFIG_SPECULATIVE_PAGE_FAULT
+ call_rcu(&vma->vm_rcu, __vm_area_free);
+#else
kmem_cache_free(vm_area_cachep, vma);
+#endif
}
static void account_kernel_stack(struct task_struct *tsk, int account)
--
2.20.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-01-30 3:33 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-30 3:33 [PATCH v2 11/35] mm: rcu safe vma freeing kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2022-01-29 12:17 kernel test robot
2022-01-28 13:09 [PATCH v2 00/35] Speculative page faults Michel Lespinasse
2022-01-28 13:09 ` [PATCH v2 11/35] mm: rcu safe vma freeing Michel Lespinasse
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.