[block:dio-mem-align 1/3] fs/direct-io.c:1177 do_blockdev_direct_IO() warn: variable dereferenced before check 'bdev' (see line 1132)
11:18 p.m.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git
dio-mem-align
head: 3d6ef82805958611e8ffa0a901c014b6f066c3e6
commit: 446db6bc49cd5c4a77daffbbcbe0cf69ff7a62e0 [1/3] fs: relax memory alignment
restriction for O_DIRECT
config: x86_64-randconfig-m001-20210211 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
smatch warnings:
fs/direct-io.c:1177 do_blockdev_direct_IO() warn: variable dereferenced before check
'bdev' (see line 1132)
vim +/bdev +1177 fs/direct-io.c
65dd2aa90aa17a Andi Kleen 2012-01-12 1125 static inline ssize_t
17f8c842d24ac0 Omar Sandoval 2015-03-16 1126 do_blockdev_direct_IO(struct
kiocb *iocb, struct inode *inode,
17f8c842d24ac0 Omar Sandoval 2015-03-16 1127 struct block_device
*bdev, struct iov_iter *iter,
c8b8e32d700fe9 Christoph Hellwig 2016-04-07 1128 get_block_t get_block,
dio_iodone_t end_io,
facd07b07d2a79 Josef Bacik 2010-05-23 1129 dio_submit_t submit_io,
int flags)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1130 {
6aa7de059173a9 Mark Rutland 2017-10-23 1131 unsigned i_blkbits =
READ_ONCE(inode->i_blkbits);
446db6bc49cd5c Jens Axboe 2021-02-11 @1132 struct request_queue *q =
bdev_get_queue(bdev);
^^^^
Dereferenced inside the function (I didn't double check. #trustTheMachine)
ab73857e354ab9 Linus Torvalds 2012-11-29 1133 unsigned blkbits = i_blkbits;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1134 unsigned blocksize_mask = (1
<< blkbits) - 1;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1135 ssize_t retval = -EINVAL;
1c0ff0f1bdeb18 Nikolay Borisov 2018-04-05 1136 const size_t count =
iov_iter_count(iter);
c8b8e32d700fe9 Christoph Hellwig 2016-04-07 1137 loff_t offset =
iocb->ki_pos;
1c0ff0f1bdeb18 Nikolay Borisov 2018-04-05 1138 const loff_t end = offset +
count;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1139 struct dio *dio;
eb28be2b4c0a06 Andi Kleen 2011-08-01 1140 struct dio_submit sdio = { 0,
};
847cc6371ba820 Andi Kleen 2011-08-01 1141 struct buffer_head map_bh = { 0,
};
647d1e4c523576 Fengguang Wu 2012-08-09 1142 struct blk_plug plug;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1143
65dd2aa90aa17a Andi Kleen 2012-01-12 1144 /*
65dd2aa90aa17a Andi Kleen 2012-01-12 1145 * Avoid references to bdev if
not absolutely needed to give
65dd2aa90aa17a Andi Kleen 2012-01-12 1146 * the early prefetch in the
caller enough time.
65dd2aa90aa17a Andi Kleen 2012-01-12 1147 */
^1da177e4c3f41 Linus Torvalds 2005-04-16 1148
f9b5570d7fdedf Christoph Hellwig 2011-06-24 1149 /* watch out for a 0 len io from
a tricksy fs */
1c0ff0f1bdeb18 Nikolay Borisov 2018-04-05 1150 if (iov_iter_rw(iter) == READ
&& !count)
f9b5570d7fdedf Christoph Hellwig 2011-06-24 1151 return 0;
f9b5570d7fdedf Christoph Hellwig 2011-06-24 1152
6e8267f532a171 Andi Kleen 2011-08-01 1153 dio =
kmem_cache_alloc(dio_cache, GFP_KERNEL);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1154 if (!dio)
46d716025a228d Gabriel Krisman Bertazi 2020-10-08 1155 return -ENOMEM;
23aee091d804ef Jeff Moyer 2009-12-15 1156 /*
23aee091d804ef Jeff Moyer 2009-12-15 1157 * Believe it or not, zeroing
out the page array caused a .5%
23aee091d804ef Jeff Moyer 2009-12-15 1158 * performance regression in a
database benchmark. So, we take
23aee091d804ef Jeff Moyer 2009-12-15 1159 * care to only zero out
what's needed.
23aee091d804ef Jeff Moyer 2009-12-15 1160 */
23aee091d804ef Jeff Moyer 2009-12-15 1161 memset(dio, 0, offsetof(struct
dio, pages));
^1da177e4c3f41 Linus Torvalds 2005-04-16 1162
5fe878ae7f82fb Christoph Hellwig 2009-12-15 1163 dio->flags = flags;
0a9164cb7ff32d Gabriel Krisman Bertazi 2020-10-08 1164 if (dio->flags &
DIO_LOCKING && iov_iter_rw(iter) == READ) {
5fe878ae7f82fb Christoph Hellwig 2009-12-15 1165 /* will be released by
direct_io_worker */
5955102c9984fa Al Viro 2016-01-22 1166 inode_lock(inode);
df2d6f26586f12 Christoph Hellwig 2011-06-24 1167 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1168
74cedf9b6c603f Jan Kara 2015-11-30 1169 /* Once we sampled i_size check
for reads beyond EOF */
74cedf9b6c603f Jan Kara 2015-11-30 1170 dio->i_size =
i_size_read(inode);
74cedf9b6c603f Jan Kara 2015-11-30 1171 if (iov_iter_rw(iter) == READ
&& offset >= dio->i_size) {
2d4594acbf6d8f Al Viro 2015-12-08 1172 retval = 0;
46d716025a228d Gabriel Krisman Bertazi 2020-10-08 1173 goto fail_dio;
74cedf9b6c603f Jan Kara 2015-11-30 1174 }
74cedf9b6c603f Jan Kara 2015-11-30 1175
446db6bc49cd5c Jens Axboe 2021-02-11 1176 if (offset & blocksize_mask)
{
41b21af388f94b Gabriel Krisman Bertazi 2020-10-08 @1177 if (bdev)
^^^^
Hopefully this check can be removed? We would have crashed by this
point.
41b21af388f94b Gabriel Krisman Bertazi 2020-10-08 1178 blkbits =
blksize_bits(bdev_logical_block_size(bdev));
41b21af388f94b Gabriel Krisman Bertazi 2020-10-08 1179 blocksize_mask = (1 <<
blkbits) - 1;
446db6bc49cd5c Jens Axboe 2021-02-11 1180 if (offset &
blocksize_mask)
41b21af388f94b Gabriel Krisman Bertazi 2020-10-08 1181 goto fail_dio;
41b21af388f94b Gabriel Krisman Bertazi 2020-10-08 1182 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
582
days inactive
582
days old
0 comments
1 participants
participants (1)
-
Dan Carpenter