[kbuild] net/sunrpc/xprtrdma/frwr_ops.c:533 frwr_unmap_sync() error: uninitialized symbol 'last'.

Wed, 23 Jun 2021 11:37:59 -0700 

CC: kbuild-...@lists.01.org
CC: linux-ker...@vger.kernel.org
TO: Chuck Lever <chuck.le...@oracle.com>
CC: Trond Myklebust <trond.mykleb...@hammerspace.com>

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 
master
head:   0c18f29aae7ce3dadd26d8ee3505d07cc982df75
commit: 9e895cd9649abe4392c59d14e31b0f5667d082d2 xprtrdma: Fix a NULL 
dereference in frwr_unmap_sync()
date:   8 weeks ago
:::::: branch date: 24 hours ago
:::::: commit date: 8 weeks ago
config: x86_64-randconfig-m001-20210622 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <l...@intel.com>
Reported-by: Dan Carpenter <dan.carpen...@oracle.com>

New smatch warnings:
net/sunrpc/xprtrdma/frwr_ops.c:533 frwr_unmap_sync() error: uninitialized 
symbol 'last'.

Old smatch warnings:
net/sunrpc/xprtrdma/frwr_ops.c:637 frwr_unmap_async() error: potentially 
dereferencing uninitialized 'last'.

vim +/last +533 net/sunrpc/xprtrdma/frwr_ops.c

847568942f93e0 Chuck Lever     2019-06-19  488  
847568942f93e0 Chuck Lever     2019-06-19  489  /**
847568942f93e0 Chuck Lever     2019-06-19  490   * frwr_unmap_sync - invalidate 
memory regions that were registered for @req
847568942f93e0 Chuck Lever     2019-06-19  491   * @r_xprt: controlling 
transport instance
847568942f93e0 Chuck Lever     2019-06-19  492   * @req: rpcrdma_req with a 
non-empty list of MRs to process
9d6b0409788287 Chuck Lever     2016-06-29  493   *
847568942f93e0 Chuck Lever     2019-06-19  494   * Sleeps until it is safe for 
the host CPU to access the previously mapped
d8099feda4833b Chuck Lever     2019-06-19  495   * memory regions. This 
guarantees that registered MRs are properly fenced
d8099feda4833b Chuck Lever     2019-06-19  496   * from the server before the 
RPC consumer accesses the data in them. It
d8099feda4833b Chuck Lever     2019-06-19  497   * also ensures proper Send 
flow control: waking the next RPC waits until
d8099feda4833b Chuck Lever     2019-06-19  498   * this RPC has relinquished 
all its Send Queue entries.
c9918ff56dfb17 Chuck Lever     2015-12-16  499   */
847568942f93e0 Chuck Lever     2019-06-19  500  void frwr_unmap_sync(struct 
rpcrdma_xprt *r_xprt, struct rpcrdma_req *req)
c9918ff56dfb17 Chuck Lever     2015-12-16  501  {
d34ac5cd3a73aa Bart Van Assche 2018-07-18  502          struct ib_send_wr 
*first, **prev, *last;
5ecef9c8436695 Chuck Lever     2020-11-09  503          struct rpcrdma_ep *ep = 
r_xprt->rx_ep;
d34ac5cd3a73aa Bart Van Assche 2018-07-18  504          const struct ib_send_wr 
*bad_wr;
96ceddea3710f6 Chuck Lever     2017-12-14  505          struct rpcrdma_mr *mr;
847568942f93e0 Chuck Lever     2019-06-19  506          int rc;
c9918ff56dfb17 Chuck Lever     2015-12-16  507  
451d26e151f079 Chuck Lever     2017-06-08  508          /* ORDER: Invalidate 
all of the MRs first
c9918ff56dfb17 Chuck Lever     2015-12-16  509           *
c9918ff56dfb17 Chuck Lever     2015-12-16  510           * Chain the LOCAL_INV 
Work Requests and post them with
c9918ff56dfb17 Chuck Lever     2015-12-16  511           * a single 
ib_post_send() call.
c9918ff56dfb17 Chuck Lever     2015-12-16  512           */
a100fda1a2e1fa Chuck Lever     2016-11-29  513          prev = &first;
265a38d4611360 Chuck Lever     2019-08-19  514          while ((mr = 
rpcrdma_mr_pop(&req->rl_registered))) {
96ceddea3710f6 Chuck Lever     2017-12-14  515  
d379eaa838f181 Chuck Lever     2018-10-01  516                  
trace_xprtrdma_mr_localinv(mr);
847568942f93e0 Chuck Lever     2019-06-19  517                  
r_xprt->rx_stats.local_inv_needed++;
a100fda1a2e1fa Chuck Lever     2016-11-29  518  
dcff9ed209aa6a Chuck Lever     2021-04-19  519                  last = 
&mr->mr_invwr;
847568942f93e0 Chuck Lever     2019-06-19  520                  last->next = 
NULL;
e10fa96d347488 Chuck Lever     2021-04-19  521                  last->wr_cqe = 
&mr->mr_cqe;
847568942f93e0 Chuck Lever     2019-06-19  522                  last->sg_list = 
NULL;
847568942f93e0 Chuck Lever     2019-06-19  523                  last->num_sge = 
0;
a100fda1a2e1fa Chuck Lever     2016-11-29  524                  last->opcode = 
IB_WR_LOCAL_INV;
847568942f93e0 Chuck Lever     2019-06-19  525                  
last->send_flags = IB_SEND_SIGNALED;
96ceddea3710f6 Chuck Lever     2017-12-14  526                  
last->ex.invalidate_rkey = mr->mr_handle;
c9918ff56dfb17 Chuck Lever     2015-12-16  527  
e10fa96d347488 Chuck Lever     2021-04-19  528                  
last->wr_cqe->done = frwr_wc_localinv;
e10fa96d347488 Chuck Lever     2021-04-19  529  
a100fda1a2e1fa Chuck Lever     2016-11-29  530                  *prev = last;
a100fda1a2e1fa Chuck Lever     2016-11-29  531                  prev = 
&last->next;
c9918ff56dfb17 Chuck Lever     2015-12-16  532          }
9e895cd9649abe Chuck Lever     2021-05-01 @533          mr = container_of(last, 
struct rpcrdma_mr, mr_invwr);
c9918ff56dfb17 Chuck Lever     2015-12-16  534  
c9918ff56dfb17 Chuck Lever     2015-12-16  535          /* Strong send queue 
ordering guarantees that when the
c9918ff56dfb17 Chuck Lever     2015-12-16  536           * last WR in the chain 
completes, all WRs in the chain
c9918ff56dfb17 Chuck Lever     2015-12-16  537           * are complete.
c9918ff56dfb17 Chuck Lever     2015-12-16  538           */
e10fa96d347488 Chuck Lever     2021-04-19  539          last->wr_cqe->done = 
frwr_wc_localinv_wake;
9a301cafc8619c Chuck Lever     2021-04-19  540          
reinit_completion(&mr->mr_linv_done);
8d38de65644d90 Chuck Lever     2016-11-29  541  
c9918ff56dfb17 Chuck Lever     2015-12-16  542          /* Transport disconnect 
drains the receive CQ before it
c9918ff56dfb17 Chuck Lever     2015-12-16  543           * replaces the QP. The 
RPC reply handler won't call us
93aa8e0a9de80e Chuck Lever     2020-02-21  544           * unless re_id->qp is 
a valid pointer.
c9918ff56dfb17 Chuck Lever     2015-12-16  545           */
8d75483a232aea Chuck Lever     2017-06-08  546          bad_wr = NULL;
5ecef9c8436695 Chuck Lever     2020-11-09  547          rc = 
ib_post_send(ep->re_id->qp, first, &bad_wr);
c9918ff56dfb17 Chuck Lever     2015-12-16  548  
847568942f93e0 Chuck Lever     2019-06-19  549          /* The final LOCAL_INV 
WR in the chain is supposed to
847568942f93e0 Chuck Lever     2019-06-19  550           * do the wake. If it 
was never posted, the wake will
847568942f93e0 Chuck Lever     2019-06-19  551           * not happen, so don't 
wait in that case.
c9918ff56dfb17 Chuck Lever     2015-12-16  552           */
847568942f93e0 Chuck Lever     2019-06-19  553          if (bad_wr != first)
9a301cafc8619c Chuck Lever     2021-04-19  554                  
wait_for_completion(&mr->mr_linv_done);
847568942f93e0 Chuck Lever     2019-06-19  555          if (!rc)
d7a21c1bed54ad Chuck Lever     2016-05-02  556                  return;
c9918ff56dfb17 Chuck Lever     2015-12-16  557  
e4b52ca01315ad Chuck Lever     2021-04-19  558          /* On error, the MRs 
get destroyed once the QP has drained. */
36a55edfc3d5b1 Chuck Lever     2020-11-09  559          
trace_xprtrdma_post_linv_err(req, rc);
c9918ff56dfb17 Chuck Lever     2015-12-16  560  }
d8099feda4833b Chuck Lever     2019-06-19  561  

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-...@lists.01.org

Attachment: .config.gz
Description: application/gzip

_______________________________________________
kbuild mailing list -- kbuild@lists.01.org
To unsubscribe send an email to kbuild-le...@lists.01.org

Reply via email to