linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Coly Li <colyli@suse.de>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: lkp@intel.com, kbuild-all@lists.01.org,
	linux-kernel@vger.kernel.org, kbuild@lists.01.org
Subject: Re: [bcache:nvdimm-meta 11/12] drivers/md/bcache/journal.c:114 journal_read_bucket() error: potentially dereferencing uninitialized 'j'.
Date: Fri, 6 Aug 2021 00:30:46 +0800	[thread overview]
Message-ID: <2c46204f-0baf-e1d1-cd9e-f37224f70dd4@suse.de> (raw)
In-Reply-To: <202108050754.7KPm2WwN-lkp@intel.com>

On 8/5/21 7:18 PM, Dan Carpenter wrote:
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/colyli/linux-bcache.git nvdimm-meta
> head:   a12f8ec824edd1317f14882c7d0aee5e5c941edd
> commit: 5f408d113974d2bb3eb1b237d549724f7509ab23 [11/12] bcache: read jset from NVDIMM pages for journal replay
> config: x86_64-randconfig-m001-20210804 (attached as .config)
> compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
>
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@intel.com>
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> smatch warnings:
> drivers/md/bcache/journal.c:114 journal_read_bucket() error: potentially dereferencing uninitialized 'j'.
>
> vim +/j +114 drivers/md/bcache/journal.c
>
> cafe563591446c Kent Overstreet   2013-03-23  106  
> cafe563591446c Kent Overstreet   2013-03-23  107  		/* This function could be simpler now since we no longer write
> cafe563591446c Kent Overstreet   2013-03-23  108  		 * journal entries that overlap bucket boundaries; this means
> cafe563591446c Kent Overstreet   2013-03-23  109  		 * the start of a bucket will always have a valid journal entry
> cafe563591446c Kent Overstreet   2013-03-23  110  		 * if it has any journal entries at all.
> cafe563591446c Kent Overstreet   2013-03-23  111  		 */
>
> On my kernel there is a "j = data;" line here, but I guess it got
> removed so that's why Smatch is complaining?

Removing "j = data" is on purpose, the jset *j is initialized by the
previous code block which I list here,
  96         while (offset < ca->sb.bucket_size) {
  97 reread:         left = ca->sb.bucket_size - offset;
  98                 len = min_t(unsigned int, left, PAGE_SECTORS <<
JSET_BITS);
  99
 100                 if (!bch_has_feature_nvdimm_meta(&ca->sb))
 101                         j = __jnl_rd_bkt(ca, bucket_index, len,
offset, &cl);
 102 #if defined(CONFIG_BCACHE_NVM_PAGES)
 103                 else
 104                         j = __jnl_rd_nvm_bkt(ca, bucket_index, len,
offset);
 105 #endif
 106
 107                 /* This function could be simpler now since we no
longer write
 108                  * journal entries that overlap bucket boundaries;
this means
 109                  * the start of a bucket will always have a valid
journal entry
 110                  * if it has any journal entries at all.
 111                  */
 112                 while (len) {

jset *j is initialized at line 101 for non CONFIG_BCACHE_NVM_PAGES
condition, and at line 104 for configed CONFIG_BCACHE_NVM_PAGES condition.

The warning might be from a missing condition check for "else if
(bch_has_feature_nvdimm_meta(&ca->sb))" in code block line 100 to line
105. The static checking tool may think for such condition branch, jset
*j is undefined and referenced by the following code. But if
CONFIG_BCACHE_NVM_PAGES is not configured, such condition branch won't
happen, the supported feature set checking will make sure if the cache
device is formatted to use nvdimm but the kernel does not support yet,
the kernel will report unsupported feature and fail the registration.

Your remind is informative and helpful, before reconstruct  the source
code files to handle the config condition more clean, I will add code
comments at line 102 to explain how the undefined jset *j won't happen.

Thanks.

Coly Li

> ---
> 0-DAY CI Kernel Test Service, Intel Corporation
> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
>


      reply	other threads:[~2021-08-05 16:31 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-05 11:18 [bcache:nvdimm-meta 11/12] drivers/md/bcache/journal.c:114 journal_read_bucket() error: potentially dereferencing uninitialized 'j' Dan Carpenter
2021-08-05 16:30 ` Coly Li [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2c46204f-0baf-e1d1-cd9e-f37224f70dd4@suse.de \
    --to=colyli@suse.de \
    --cc=dan.carpenter@oracle.com \
    --cc=kbuild-all@lists.01.org \
    --cc=kbuild@lists.01.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lkp@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).