CC: [email protected] CC: [email protected] CC: [email protected] TO: Sean Christopherson <[email protected]> CC: Paolo Bonzini <[email protected]>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: 4634129ad9fdc89d10b597fc6f8f4336fb61e105 commit: c2f79a65b4b66681894ef7d7e3912ba55acc20d5 KVM: x86: WARN if the APIC map is dirty without an in-kernel local APIC date: 5 months ago :::::: branch date: 23 hours ago :::::: commit date: 5 months ago config: x86_64-randconfig-c007-20220108 (https://download.01.org/0day-ci/archive/20220110/[email protected]/config) compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project f3a344d2125fa37e59bae1b0874442c650a19607) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c2f79a65b4b66681894ef7d7e3912ba55acc20d5 git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git git fetch --no-tags linus master git checkout c2f79a65b4b66681894ef7d7e3912ba55acc20d5 # save the config file to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> clang-analyzer warnings: (new ones prefixed by >>) page = alloc_pages_node(nid, gfp_mask, 0); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/sparse-vmemmap.c:339:7: note: Assuming 'page' is null if (!page) ^~~~~ mm/sparse-vmemmap.c:339:3: note: Taking true branch if (!page) ^ mm/sparse-vmemmap.c:340:4: note: Control jumps to line 346 goto out; ^ mm/sparse-vmemmap.c:346:2: note: Left side of '&&' is false list_for_each_entry_safe(page, next, list, lru) ^ include/linux/list.h:715:13: note: expanded from macro 'list_for_each_entry_safe' for (pos = list_first_entry(head, typeof(*pos), member), \ ^ include/linux/list.h:522:2: note: expanded from macro 'list_first_entry' list_entry((ptr)->next, type, member) ^ include/linux/list.h:511:2: note: expanded from macro 'list_entry' container_of(ptr, type, member) ^ include/linux/kernel.h:495:61: note: expanded from macro 'container_of' BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \ ^ mm/sparse-vmemmap.c:346:2: note: Taking false branch list_for_each_entry_safe(page, next, list, lru) ^ include/linux/list.h:715:13: note: expanded from macro 'list_for_each_entry_safe' for (pos = list_first_entry(head, typeof(*pos), member), \ ^ include/linux/list.h:522:2: note: expanded from macro 'list_first_entry' list_entry((ptr)->next, type, member) ^ include/linux/list.h:511:2: note: expanded from macro 'list_entry' container_of(ptr, type, member) ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert' _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) ^ include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert' __compiletime_assert(condition, msg, prefix, suffix) ^ include/linux/compiler_types.h:308:3: note: expanded from macro '__compiletime_assert' if (!(condition)) \ ^ mm/sparse-vmemmap.c:346:2: note: Loop condition is false. Exiting loop list_for_each_entry_safe(page, next, list, lru) ^ include/linux/list.h:715:13: note: expanded from macro 'list_for_each_entry_safe' for (pos = list_first_entry(head, typeof(*pos), member), \ ^ include/linux/list.h:522:2: note: expanded from macro 'list_first_entry' list_entry((ptr)->next, type, member) ^ include/linux/list.h:511:2: note: expanded from macro 'list_entry' container_of(ptr, type, member) ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert' _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) ^ include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert' __compiletime_assert(condition, msg, prefix, suffix) ^ include/linux/compiler_types.h:306:2: note: expanded from macro '__compiletime_assert' do { \ ^ mm/sparse-vmemmap.c:346:2: note: Assigned value is garbage or undefined list_for_each_entry_safe(page, next, list, lru) ^ include/linux/list.h:716:7: note: expanded from macro 'list_for_each_entry_safe' n = list_next_entry(pos, member); \ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/list.h:555:2: note: expanded from macro 'list_next_entry' list_entry((pos)->member.next, typeof(*(pos)), member) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/list.h:511:2: note: expanded from macro 'list_entry' container_of(ptr, type, member) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/kernel.h:494:2: note: expanded from macro 'container_of' void *__mptr = (void *)(ptr); \ ^ ~~~~~~~~~~~~~ Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 7 warnings generated. arch/x86/kvm/i8259.c:255:4: warning: Value stored to 'irq' is never read [clang-analyzer-deadcode.DeadStores] irq = irq2 + 8; ^ ~~~~~~~~ arch/x86/kvm/i8259.c:255:4: note: Value stored to 'irq' is never read irq = irq2 + 8; ^ ~~~~~~~~ Suppressed 6 warnings (6 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 6 warnings generated. Suppressed 6 warnings (6 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 8 warnings generated. >> arch/x86/kvm/lapic.c:957:9: warning: Array access results in a null pointer >> dereference [clang-analyzer-core.NullDereference] if (!(*dst)[i]) ^ arch/x86/kvm/lapic.c:1171:2: note: 'dest_vcpu' initialized to a null pointer value struct kvm_lapic **dest_vcpu = NULL; ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/lapic.c:1180:8: note: Left side of '||' is false map = rcu_dereference(kvm->arch.apic_map); ^ include/linux/rcupdate.h:596:28: note: expanded from macro 'rcu_dereference' #define rcu_dereference(p) rcu_dereference_check(p, 0) ^ include/linux/rcupdate.h:528:2: note: expanded from macro 'rcu_dereference_check' __rcu_dereference_check((p), (c) || rcu_read_lock_held(), __rcu) ^ include/linux/rcupdate.h:389:48: note: expanded from macro '__rcu_dereference_check' typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \ ^ include/asm-generic/rwonce.h:49:2: note: expanded from macro 'READ_ONCE' compiletime_assert_rwonce_type(x); \ ^ include/asm-generic/rwonce.h:36:21: note: expanded from macro 'compiletime_assert_rwonce_type' compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ ^ include/linux/compiler_types.h:290:3: note: expanded from macro '__native_word' (sizeof(t) == sizeof(char) || sizeof(t) == sizeof(short) || \ ^ arch/x86/kvm/lapic.c:1180:8: note: Left side of '||' is false map = rcu_dereference(kvm->arch.apic_map); ^ include/linux/rcupdate.h:596:28: note: expanded from macro 'rcu_dereference' #define rcu_dereference(p) rcu_dereference_check(p, 0) ^ include/linux/rcupdate.h:528:2: note: expanded from macro 'rcu_dereference_check' __rcu_dereference_check((p), (c) || rcu_read_lock_held(), __rcu) ^ include/linux/rcupdate.h:389:48: note: expanded from macro '__rcu_dereference_check' typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \ ^ include/asm-generic/rwonce.h:49:2: note: expanded from macro 'READ_ONCE' compiletime_assert_rwonce_type(x); \ ^ include/asm-generic/rwonce.h:36:21: note: expanded from macro 'compiletime_assert_rwonce_type' compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ ^ include/linux/compiler_types.h:290:3: note: expanded from macro '__native_word' (sizeof(t) == sizeof(char) || sizeof(t) == sizeof(short) || \ ^ arch/x86/kvm/lapic.c:1180:8: note: Left side of '||' is false map = rcu_dereference(kvm->arch.apic_map); ^ include/linux/rcupdate.h:596:28: note: expanded from macro 'rcu_dereference' #define rcu_dereference(p) rcu_dereference_check(p, 0) ^ include/linux/rcupdate.h:528:2: note: expanded from macro 'rcu_dereference_check' __rcu_dereference_check((p), (c) || rcu_read_lock_held(), __rcu) ^ include/linux/rcupdate.h:389:48: note: expanded from macro '__rcu_dereference_check' typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \ ^ include/asm-generic/rwonce.h:49:2: note: expanded from macro 'READ_ONCE' compiletime_assert_rwonce_type(x); \ ^ include/asm-generic/rwonce.h:36:21: note: expanded from macro 'compiletime_assert_rwonce_type' compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ ^ include/linux/compiler_types.h:290:3: note: expanded from macro '__native_word' (sizeof(t) == sizeof(char) || sizeof(t) == sizeof(short) || \ ^ arch/x86/kvm/lapic.c:1180:8: note: Left side of '||' is true map = rcu_dereference(kvm->arch.apic_map); ^ include/linux/rcupdate.h:596:28: note: expanded from macro 'rcu_dereference' #define rcu_dereference(p) rcu_dereference_check(p, 0) ^ include/linux/rcupdate.h:528:2: note: expanded from macro 'rcu_dereference_check' __rcu_dereference_check((p), (c) || rcu_read_lock_held(), __rcu) ^ include/linux/rcupdate.h:389:48: note: expanded from macro '__rcu_dereference_check' typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \ ^ include/asm-generic/rwonce.h:49:2: note: expanded from macro 'READ_ONCE' compiletime_assert_rwonce_type(x); \ ^ include/asm-generic/rwonce.h:36:38: note: expanded from macro 'compiletime_assert_rwonce_type' compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ ^ arch/x86/kvm/lapic.c:1180:8: note: Taking false branch map = rcu_dereference(kvm->arch.apic_map); ^ include/linux/rcupdate.h:596:28: note: expanded from macro 'rcu_dereference' #define rcu_dereference(p) rcu_dereference_check(p, 0) ^ include/linux/rcupdate.h:528:2: note: expanded from macro 'rcu_dereference_check' __rcu_dereference_check((p), (c) || rcu_read_lock_held(), __rcu) ^ include/linux/rcupdate.h:389:48: note: expanded from macro '__rcu_dereference_check' typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \ ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert' vim +957 arch/x86/kvm/lapic.c 1e08ec4a130e27 Gleb Natapov 2012-09-13 910 64aa47bfc45323 Radim Krčmář 2016-07-12 911 /* Return true if the interrupt can be handled by using *bitmap as index mask 64aa47bfc45323 Radim Krčmář 2016-07-12 912 * for valid destinations in *dst array. 64aa47bfc45323 Radim Krčmář 2016-07-12 913 * Return false if kvm_apic_map_get_dest_lapic did nothing useful. 64aa47bfc45323 Radim Krčmář 2016-07-12 914 * Note: we may have zero kvm_lapic destinations when we return true, which 64aa47bfc45323 Radim Krčmář 2016-07-12 915 * means that the interrupt should be dropped. In this case, *bitmap would be 64aa47bfc45323 Radim Krčmář 2016-07-12 916 * zero and *dst undefined. 64aa47bfc45323 Radim Krčmář 2016-07-12 917 */ 64aa47bfc45323 Radim Krčmář 2016-07-12 918 static inline bool kvm_apic_map_get_dest_lapic(struct kvm *kvm, 64aa47bfc45323 Radim Krčmář 2016-07-12 919 struct kvm_lapic **src, struct kvm_lapic_irq *irq, 64aa47bfc45323 Radim Krčmář 2016-07-12 920 struct kvm_apic_map *map, struct kvm_lapic ***dst, 64aa47bfc45323 Radim Krčmář 2016-07-12 921 unsigned long *bitmap) 1e08ec4a130e27 Gleb Natapov 2012-09-13 922 { 64aa47bfc45323 Radim Krčmář 2016-07-12 923 int i, lowest; 9ea369b032d87b Radim Krčmář 2015-02-12 924 64aa47bfc45323 Radim Krčmář 2016-07-12 925 if (irq->shorthand == APIC_DEST_SELF && src) { 64aa47bfc45323 Radim Krčmář 2016-07-12 926 *dst = src; 64aa47bfc45323 Radim Krčmář 2016-07-12 927 *bitmap = 1; 1e08ec4a130e27 Gleb Natapov 2012-09-13 928 return true; 64aa47bfc45323 Radim Krčmář 2016-07-12 929 } else if (irq->shorthand) 1e08ec4a130e27 Gleb Natapov 2012-09-13 930 return false; 1e08ec4a130e27 Gleb Natapov 2012-09-13 931 c519265f2aa348 Radim Krčmář 2016-07-12 932 if (!map || kvm_apic_is_broadcast_dest(kvm, src, irq, map)) 64aa47bfc45323 Radim Krčmář 2016-07-12 933 return false; 698f9755d9c061 Radim Krčmář 2014-11-27 934 3697f302ab3700 Radim Krčmář 2015-01-29 935 if (irq->dest_mode == APIC_DEST_PHYSICAL) { 0ca52e7b81a372 Radim Krčmář 2016-07-12 936 if (irq->dest_id > map->max_apic_id) { 64aa47bfc45323 Radim Krčmář 2016-07-12 937 *bitmap = 0; 1e08ec4a130e27 Gleb Natapov 2012-09-13 938 } else { 1d487e9bf8ba66 Paolo Bonzini 2019-04-11 939 u32 dest_id = array_index_nospec(irq->dest_id, map->max_apic_id + 1); 1d487e9bf8ba66 Paolo Bonzini 2019-04-11 940 *dst = &map->phys_map[dest_id]; 64aa47bfc45323 Radim Krčmář 2016-07-12 941 *bitmap = 1; 64aa47bfc45323 Radim Krčmář 2016-07-12 942 } 64aa47bfc45323 Radim Krčmář 2016-07-12 943 return true; 3548a259f6990d Radim Krčmář 2015-02-12 944 } 3548a259f6990d Radim Krčmář 2015-02-12 945 64aa47bfc45323 Radim Krčmář 2016-07-12 946 *bitmap = 0; e45115b62f9abb Radim Krčmář 2016-07-12 947 if (!kvm_apic_map_get_logical_dest(map, irq->dest_id, dst, e45115b62f9abb Radim Krčmář 2016-07-12 948 (u16 *)bitmap)) e45115b62f9abb Radim Krčmář 2016-07-12 949 return false; 1e08ec4a130e27 Gleb Natapov 2012-09-13 950 520040146a0af3 Feng Wu 2016-01-25 951 if (!kvm_lowest_prio_delivery(irq)) 64aa47bfc45323 Radim Krčmář 2016-07-12 952 return true; 520040146a0af3 Feng Wu 2016-01-25 953 520040146a0af3 Feng Wu 2016-01-25 954 if (!kvm_vector_hashing_enabled()) { 64aa47bfc45323 Radim Krčmář 2016-07-12 955 lowest = -1; 64aa47bfc45323 Radim Krčmář 2016-07-12 956 for_each_set_bit(i, bitmap, 16) { 64aa47bfc45323 Radim Krčmář 2016-07-12 @957 if (!(*dst)[i]) 1e08ec4a130e27 Gleb Natapov 2012-09-13 958 continue; 64aa47bfc45323 Radim Krčmář 2016-07-12 959 if (lowest < 0) 64aa47bfc45323 Radim Krčmář 2016-07-12 960 lowest = i; 64aa47bfc45323 Radim Krčmář 2016-07-12 961 else if (kvm_apic_compare_prio((*dst)[i]->vcpu, 64aa47bfc45323 Radim Krčmář 2016-07-12 962 (*dst)[lowest]->vcpu) < 0) 64aa47bfc45323 Radim Krčmář 2016-07-12 963 lowest = i; 1e08ec4a130e27 Gleb Natapov 2012-09-13 964 } 520040146a0af3 Feng Wu 2016-01-25 965 } else { 64aa47bfc45323 Radim Krčmář 2016-07-12 966 if (!*bitmap) 64aa47bfc45323 Radim Krčmář 2016-07-12 967 return true; 520040146a0af3 Feng Wu 2016-01-25 968 64aa47bfc45323 Radim Krčmář 2016-07-12 969 lowest = kvm_vector_to_index(irq->vector, hweight16(*bitmap), 64aa47bfc45323 Radim Krčmář 2016-07-12 970 bitmap, 16); 520040146a0af3 Feng Wu 2016-01-25 971 64aa47bfc45323 Radim Krčmář 2016-07-12 972 if (!(*dst)[lowest]) { 4efd805fca5590 Radim Krčmář 2016-02-12 973 kvm_apic_disabled_lapic_found(kvm); 64aa47bfc45323 Radim Krčmář 2016-07-12 974 *bitmap = 0; 64aa47bfc45323 Radim Krčmář 2016-07-12 975 return true; 64aa47bfc45323 Radim Krčmář 2016-07-12 976 } 520040146a0af3 Feng Wu 2016-01-25 977 } 520040146a0af3 Feng Wu 2016-01-25 978 64aa47bfc45323 Radim Krčmář 2016-07-12 979 *bitmap = (lowest >= 0) ? 1 << lowest : 0; 64aa47bfc45323 Radim Krčmář 2016-07-12 980 64aa47bfc45323 Radim Krčmář 2016-07-12 981 return true; 1e08ec4a130e27 Gleb Natapov 2012-09-13 982 } 64aa47bfc45323 Radim Krčmář 2016-07-12 983 :::::: The code at line 957 was first introduced by commit :::::: 64aa47bfc45323040d5db8f30cbd6851f2606c7d KVM: x86: add kvm_apic_map_get_dest_lapic :::::: TO: Radim Krčmář <[email protected]> :::::: CC: Paolo Bonzini <[email protected]> --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected] _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
