From: kernel test robot <lkp@intel.com>
To: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Cc: kbuild-all@lists.01.org, linux-kernel@vger.kernel.org,
x86@kernel.org, Thomas Gleixner <tglx@linutronix.de>
Subject: [tip:timers/urgent 3/3] fs/exec.c:1307:26: sparse: sparse: incorrect type in argument 1 (different address spaces)
Date: Sun, 14 Aug 2022 00:12:41 +0800 [thread overview]
Message-ID: <202208140040.MMi4z6Ek-lkp@intel.com> (raw)
tree: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git timers/urgent
head: e362359ace6f87c201531872486ff295df306d13
commit: e362359ace6f87c201531872486ff295df306d13 [3/3] posix-cpu-timers: Cleanup CPU timers before freeing them during exec
config: arc-randconfig-s033-20220811 (https://download.01.org/0day-ci/archive/20220814/202208140040.MMi4z6Ek-lkp@intel.com/config)
compiler: arceb-elf-gcc (GCC) 12.1.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# apt-get install sparse
# sparse version: v0.6.4-39-gce1a6720-dirty
# https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=e362359ace6f87c201531872486ff295df306d13
git remote add tip https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git
git fetch --no-tags tip timers/urgent
git checkout e362359ace6f87c201531872486ff295df306d13
# save the config file
mkdir build_dir && cp config build_dir/.config
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=arc SHELL=/bin/bash
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
sparse warnings: (new ones prefixed by >>)
fs/exec.c:422:31: sparse: sparse: incorrect type in return expression (different address spaces) @@ expected char const [noderef] __user * @@ got void * @@
fs/exec.c:422:31: sparse: expected char const [noderef] __user *
fs/exec.c:422:31: sparse: got void *
fs/exec.c:1051:48: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct sighand_struct *oldsighand @@ got struct sighand_struct [noderef] __rcu *sighand @@
fs/exec.c:1051:48: sparse: expected struct sighand_struct *oldsighand
fs/exec.c:1051:48: sparse: got struct sighand_struct [noderef] __rcu *sighand
fs/exec.c:1158:56: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *parent @@ got struct task_struct [noderef] __rcu *parent @@
fs/exec.c:1158:56: sparse: expected struct task_struct *parent
fs/exec.c:1158:56: sparse: got struct task_struct [noderef] __rcu *parent
fs/exec.c:1193:47: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct sighand_struct *oldsighand @@ got struct sighand_struct [noderef] __rcu *sighand @@
fs/exec.c:1193:47: sparse: expected struct sighand_struct *oldsighand
fs/exec.c:1193:47: sparse: got struct sighand_struct [noderef] __rcu *sighand
>> fs/exec.c:1307:26: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
fs/exec.c:1307:26: sparse: expected struct spinlock [usertype] *lock
fs/exec.c:1307:26: sparse: got struct spinlock [noderef] __rcu *
fs/exec.c:1309:28: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
fs/exec.c:1309:28: sparse: expected struct spinlock [usertype] *lock
fs/exec.c:1309:28: sparse: got struct spinlock [noderef] __rcu *
fs/exec.c:1766:70: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *tsk @@ got struct task_struct [noderef] __rcu *parent @@
fs/exec.c:1766:70: sparse: expected struct task_struct *tsk
fs/exec.c:1766:70: sparse: got struct task_struct [noderef] __rcu *parent
fs/exec.c: note: in included file (through arch/arc/include/asm/irqflags.h, include/linux/irqflags.h, arch/arc/include/asm/smp.h, ...):
arch/arc/include/asm/irqflags-arcv2.h:80:31: sparse: sparse: undefined identifier '__builtin_arc_lr'
arch/arc/include/asm/irqflags-arcv2.h:83:17: sparse: sparse: undefined identifier '__builtin_arc_sr'
fs/exec.c: note: in included file (through arch/arc/include/asm/mmu.h, include/linux/mm_types.h, include/linux/mmzone.h, ...):
arch/arc/include/asm/mmu-arcv2.h:89:9: sparse: sparse: undefined identifier '__builtin_arc_sr'
arch/arc/include/asm/mmu-arcv2.h:82:9: sparse: sparse: undefined identifier '__builtin_arc_sr'
vim +1307 fs/exec.c
1243
1244 /*
1245 * Calling this is the point of no return. None of the failures will be
1246 * seen by userspace since either the process is already taking a fatal
1247 * signal (via de_thread() or coredump), or will have SEGV raised
1248 * (after exec_mmap()) by search_binary_handler (see below).
1249 */
1250 int begin_new_exec(struct linux_binprm * bprm)
1251 {
1252 struct task_struct *me = current;
1253 int retval;
1254
1255 /* Once we are committed compute the creds */
1256 retval = bprm_creds_from_file(bprm);
1257 if (retval)
1258 return retval;
1259
1260 /*
1261 * Ensure all future errors are fatal.
1262 */
1263 bprm->point_of_no_return = true;
1264
1265 /*
1266 * Make this the only thread in the thread group.
1267 */
1268 retval = de_thread(me);
1269 if (retval)
1270 goto out;
1271
1272 /*
1273 * Cancel any io_uring activity across execve
1274 */
1275 io_uring_task_cancel();
1276
1277 /* Ensure the files table is not shared. */
1278 retval = unshare_files();
1279 if (retval)
1280 goto out;
1281
1282 /*
1283 * Must be called _before_ exec_mmap() as bprm->mm is
1284 * not visible until then. This also enables the update
1285 * to be lockless.
1286 */
1287 retval = set_mm_exe_file(bprm->mm, bprm->file);
1288 if (retval)
1289 goto out;
1290
1291 /* If the binary is not readable then enforce mm->dumpable=0 */
1292 would_dump(bprm, bprm->file);
1293 if (bprm->have_execfd)
1294 would_dump(bprm, bprm->executable);
1295
1296 /*
1297 * Release all of the old mmap stuff
1298 */
1299 acct_arg_size(bprm, 0);
1300 retval = exec_mmap(bprm->mm);
1301 if (retval)
1302 goto out;
1303
1304 bprm->mm = NULL;
1305
1306 #ifdef CONFIG_POSIX_TIMERS
> 1307 spin_lock_irq(&me->sighand->siglock);
1308 posix_cpu_timers_exit(me);
1309 spin_unlock_irq(&me->sighand->siglock);
1310 exit_itimers(me);
1311 flush_itimer_signals();
1312 #endif
1313
1314 /*
1315 * Make the signal table private.
1316 */
1317 retval = unshare_sighand(me);
1318 if (retval)
1319 goto out_unlock;
1320
1321 me->flags &= ~(PF_RANDOMIZE | PF_FORKNOEXEC |
1322 PF_NOFREEZE | PF_NO_SETAFFINITY);
1323 flush_thread();
1324 me->personality &= ~bprm->per_clear;
1325
1326 clear_syscall_work_syscall_user_dispatch(me);
1327
1328 /*
1329 * We have to apply CLOEXEC before we change whether the process is
1330 * dumpable (in setup_new_exec) to avoid a race with a process in userspace
1331 * trying to access the should-be-closed file descriptors of a process
1332 * undergoing exec(2).
1333 */
1334 do_close_on_exec(me->files);
1335
1336 if (bprm->secureexec) {
1337 /* Make sure parent cannot signal privileged process. */
1338 me->pdeath_signal = 0;
1339
1340 /*
1341 * For secureexec, reset the stack limit to sane default to
1342 * avoid bad behavior from the prior rlimits. This has to
1343 * happen before arch_pick_mmap_layout(), which examines
1344 * RLIMIT_STACK, but after the point of no return to avoid
1345 * needing to clean up the change on failure.
1346 */
1347 if (bprm->rlim_stack.rlim_cur > _STK_LIM)
1348 bprm->rlim_stack.rlim_cur = _STK_LIM;
1349 }
1350
1351 me->sas_ss_sp = me->sas_ss_size = 0;
1352
1353 /*
1354 * Figure out dumpability. Note that this checking only of current
1355 * is wrong, but userspace depends on it. This should be testing
1356 * bprm->secureexec instead.
1357 */
1358 if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP ||
1359 !(uid_eq(current_euid(), current_uid()) &&
1360 gid_eq(current_egid(), current_gid())))
1361 set_dumpable(current->mm, suid_dumpable);
1362 else
1363 set_dumpable(current->mm, SUID_DUMP_USER);
1364
1365 perf_event_exec();
1366 __set_task_comm(me, kbasename(bprm->filename), true);
1367
1368 /* An exec changes our domain. We are no longer part of the thread
1369 group */
1370 WRITE_ONCE(me->self_exec_id, me->self_exec_id + 1);
1371 flush_signal_handlers(me, 0);
1372
1373 retval = set_cred_ucounts(bprm->cred);
1374 if (retval < 0)
1375 goto out_unlock;
1376
1377 /*
1378 * install the new credentials for this executable
1379 */
1380 security_bprm_committing_creds(bprm);
1381
1382 commit_creds(bprm->cred);
1383 bprm->cred = NULL;
1384
1385 /*
1386 * Disable monitoring for regular users
1387 * when executing setuid binaries. Must
1388 * wait until new credentials are committed
1389 * by commit_creds() above
1390 */
1391 if (get_dumpable(me->mm) != SUID_DUMP_USER)
1392 perf_event_exit_task(me);
1393 /*
1394 * cred_guard_mutex must be held at least to this point to prevent
1395 * ptrace_attach() from altering our determination of the task's
1396 * credentials; any time after this it may be unlocked.
1397 */
1398 security_bprm_committed_creds(bprm);
1399
1400 /* Pass the opened binary to the interpreter. */
1401 if (bprm->have_execfd) {
1402 retval = get_unused_fd_flags(0);
1403 if (retval < 0)
1404 goto out_unlock;
1405 fd_install(retval, bprm->executable);
1406 bprm->executable = NULL;
1407 bprm->execfd = retval;
1408 }
1409 return 0;
1410
1411 out_unlock:
1412 up_write(&me->signal->exec_update_lock);
1413 out:
1414 return retval;
1415 }
1416 EXPORT_SYMBOL(begin_new_exec);
1417
--
0-DAY CI Kernel Test Service
https://01.org/lkp
reply other threads:[~2022-08-13 16:13 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202208140040.MMi4z6Ek-lkp@intel.com \
--to=lkp@intel.com \
--cc=cascardo@canonical.com \
--cc=kbuild-all@lists.01.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.