:::::: :::::: Manual check reason: "low confidence bisect report" :::::: Manual check reason: "low confidence static check first_new_problem: include/linux/uio.h:246:17: warning: use of uninitialized value 'msg_sys.msg_iter.count' [CWE-457] [-Wanalyzer-use-of-uninitialized-value]" ::::::
BCC: [email protected] CC: [email protected] CC: [email protected] TO: Peter Zijlstra <[email protected]> tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: a335366bad1364a07f49df9da1fdfa6d411a5f39 commit: a1a5482a2c6e38a3ebed32e571625c56a8cc41a6 x86/extable: Fix ex_handler_msr() print condition date: 8 weeks ago :::::: branch date: 21 hours ago :::::: commit date: 8 weeks ago config: arm-randconfig-c002-20220917 (https://download.01.org/0day-ci/archive/20220918/[email protected]/config) compiler: arm-linux-gnueabi-gcc (GCC) 12.1.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a1a5482a2c6e38a3ebed32e571625c56a8cc41a6 git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git git fetch --no-tags linus master git checkout a1a5482a2c6e38a3ebed32e571625c56a8cc41a6 # save the config file COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross ARCH=arm KBUILD_USERCFLAGS='-fanalyzer -Wno-error' If you fix the issue, kindly add following tag where applicable Reported-by: kernel test robot <[email protected]> gcc_analyzer warnings: (new ones prefixed by >>) In file included from include/linux/socket.h:8, from include/net/flow.h:11, from include/net/net_namespace.h:15, from include/linux/netdevice.h:38, from include/net/sock.h:46, from include/linux/bpf-cgroup.h:11, from net/socket.c:55: In function 'iov_iter_count', inlined from 'msg_data_left' at include/linux/socket.h:164:9, inlined from '__sys_sendmmsg' at net/socket.c:2640:7: >> include/linux/uio.h:246:17: warning: use of uninitialized value >> 'msg_sys.msg_iter.count' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 246 | return i->count; | ~^~~~~~~ '__se_sys_sendmmsg': event 1 | |include/linux/syscalls.h:247:25: | 247 | asmlinkage long __se_sys##name(__MAP(x,__SC_LONG,__VA_ARGS__)) \ | | ^~~~~~~~ | | | | | (1) entry to '__se_sys_sendmmsg' include/linux/syscalls.h:228:9: note: in expansion of macro '__SYSCALL_DEFINEx' | 228 | __SYSCALL_DEFINEx(x, sname, __VA_ARGS__) | | ^~~~~~~~~~~~~~~~~ include/linux/syscalls.h:220:36: note: in expansion of macro 'SYSCALL_DEFINEx' | 220 | #define SYSCALL_DEFINE4(name, ...) SYSCALL_DEFINEx(4, _##name, __VA_ARGS__) | | ^~~~~~~~~~~~~~~ net/socket.c:2654:1: note: in expansion of macro 'SYSCALL_DEFINE4' | 2654 | SYSCALL_DEFINE4(sendmmsg, int, fd, struct mmsghdr __user *, mmsg, | | ^~~~~~~~~~~~~~~ | '__se_sys_sendmmsg': event 2 | | 2657 | return __sys_sendmmsg(fd, mmsg, vlen, flags, true); | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (2) calling '__sys_sendmmsg' from '__se_sys_sendmmsg' | +--> '__sys_sendmmsg': events 3-5 | | 2587 | int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen, | | ^~~~~~~~~~~~~~ | | | | | (3) entry to '__sys_sendmmsg' |...... | 2594 | struct msghdr msg_sys; | | ~~~~~~~ | | | | | (4) region created on stack here |...... | 2606 | sock = sockfd_lookup_light(fd, &err, &fput_needed); | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (5) calling 'sockfd_lookup_light' from '__sys_sendmmsg' | +--> 'sockfd_lookup_light': events 6-11 | | 506 | if (file->f_op == &socket_file_ops) | | ~~~~~~~~~~~ | | | | | | | (8) ...to here | | (9) following 'true' branch... | 507 | return file->private_data; /* set in sock_alloc_file */ | | ~~~~~~~~~~~~~~~~~~ | | | | | (10) ...to here |...... | 546 | static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed) | | ^~~~~~~~~~~~~~~~~~~ | | | | | (6) entry to 'sockfd_lookup_light' |...... | 552 | if (f.file) { | | ~ | | | | | (7) following 'true' branch... | 553 | sock = sock_from_file(f.file); | 554 | if (likely(sock)) { | | ~ | | | | | (11) following 'true' branch... | 'sockfd_lookup_light': event 12 | | 555 | *fput_needed = f.flags & FDPUT_FPUT; | <------+ | '__sys_sendmmsg': events 13-14 | | 2606 | sock = sockfd_lookup_light(fd, &err, &fput_needed); | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (13) returning to '__sys_sendmmsg' from 'sockfd_lookup_light' | 2607 | if (!sock) | | ~ | | | | | (14) following 'false' branch (when 'sock' is non-NULL)... | '__sys_sendmmsg': events 15-20 | | 2610 | used_address.name_len = UINT_MAX; |...... | 2616 | while (datagrams < vlen) { | | ~~~~~~~~~~~~~~~~ | | | | | (16) following 'true' branch... | 2617 | if (datagrams == vlen - 1) | | ~ ~~~~~~~~ | | | | | | | (17) ...to here | | (18) following 'false' branch... vim +246 include/linux/uio.h 4b8164b91d9fdf Al Viro 2015-01-31 243 b57332b4105abf Al Viro 2016-10-10 244 static inline size_t iov_iter_count(const struct iov_iter *i) 9223687863ffa6 Kent Overstreet 2013-11-27 245 { 9223687863ffa6 Kent Overstreet 2013-11-27 @246 return i->count; 9223687863ffa6 Kent Overstreet 2013-11-27 247 } 9223687863ffa6 Kent Overstreet 2013-11-27 248 :::::: The code at line 246 was first introduced by commit :::::: 9223687863ffa63fa655f52ef64148ee08dee4d1 iov_iter: Move iov_iter to uio.h :::::: TO: Kent Overstreet <[email protected]> :::::: CC: Al Viro <[email protected]> -- 0-DAY CI Kernel Test Service https://01.org/lkp _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
