lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202111181237.wzl85OnY-lkp@intel.com>
Date:   Thu, 18 Nov 2021 12:37:45 +0800
From:   kernel test robot <lkp@...el.com>
To:     Amir Goldstein <amir73il@...il.com>
Cc:     llvm@...ts.linux.dev, kbuild-all@...ts.01.org,
        linux-kernel@...r.kernel.org
Subject: [amir73il:fan_rename 6/8] fs/notify/fanotify/fanotify.c:796:8:
 warning: variable 'old_memcg' is used uninitialized whenever 'if' condition
 is true

tree:   https://github.com/amir73il/linux fan_rename
head:   d853df988fac35734c681deca299d26358f3e2fd
commit: 5fe3b310a5dc68cff5bd3dfbdfcc4c699a11ab15 [6/8] fanotify: record either old name new name or both for FAN_RENAME
config: hexagon-randconfig-r045-20211118 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project c46becf500df2a7fb4b4fce16178a036c344315a)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/amir73il/linux/commit/5fe3b310a5dc68cff5bd3dfbdfcc4c699a11ab15
        git remote add amir73il https://github.com/amir73il/linux
        git fetch --no-tags amir73il fan_rename
        git checkout 5fe3b310a5dc68cff5bd3dfbdfcc4c699a11ab15
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 ARCH=hexagon 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>

All warnings (new ones prefixed by >>):

>> fs/notify/fanotify/fanotify.c:796:8: warning: variable 'old_memcg' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
                           if (WARN_ON_ONCE(!(mask & FAN_MOVE)))
                               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   include/asm-generic/bug.h:179:33: note: expanded from macro 'WARN_ON_ONCE'
   #define WARN_ON_ONCE(condition) WARN_ON(condition)
                                   ^~~~~~~~~~~~~~~~~~
   include/asm-generic/bug.h:165:28: note: expanded from macro 'WARN_ON'
   #define WARN_ON(condition) ({                                           \
                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   fs/notify/fanotify/fanotify.c:856:19: note: uninitialized use occurs here
           set_active_memcg(old_memcg);
                            ^~~~~~~~~
   fs/notify/fanotify/fanotify.c:796:4: note: remove the 'if' if its condition is always false
                           if (WARN_ON_ONCE(!(mask & FAN_MOVE)))
                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   fs/notify/fanotify/fanotify.c:749:30: note: initialize the variable 'old_memcg' to silence this warning
           struct mem_cgroup *old_memcg;
                                       ^
                                        = NULL
   1 warning generated.


vim +796 fs/notify/fanotify/fanotify.c

   735	
   736	static struct fanotify_event *fanotify_alloc_event(struct fsnotify_group *group,
   737							   u32 mask, const void *data,
   738							   int data_type, struct inode *dir,
   739							   const struct qstr *file_name,
   740							   __kernel_fsid_t *fsid)
   741	{
   742		struct fanotify_event *event = NULL;
   743		gfp_t gfp = GFP_KERNEL_ACCOUNT;
   744		unsigned int fid_mode = FAN_GROUP_FLAG(group, FANOTIFY_FID_BITS);
   745		struct inode *id = fanotify_fid_inode(mask, data, data_type, dir,
   746						      fid_mode);
   747		struct inode *dirid = fanotify_dfid_inode(mask, data, data_type, dir);
   748		const struct path *path = fsnotify_data_path(data, data_type);
   749		struct mem_cgroup *old_memcg;
   750		struct dentry *moved = NULL;
   751		struct inode *child = NULL;
   752		bool name_event = false;
   753		unsigned int hash = 0;
   754		bool ondir = mask & FAN_ONDIR;
   755		struct pid *pid;
   756	
   757		if ((fid_mode & FAN_REPORT_DIR_FID) && dirid) {
   758			/*
   759			 * For certain events and group flags, report the child fid
   760			 * in addition to reporting the parent fid and maybe child name.
   761			 */
   762			if (fanotify_report_child_fid(fid_mode, mask) && id != dirid)
   763				child = id;
   764	
   765			id = dirid;
   766	
   767			/*
   768			 * We record file name only in a group with FAN_REPORT_NAME
   769			 * and when we have a directory inode to report.
   770			 *
   771			 * For directory entry modification event, we record the fid of
   772			 * the directory and the name of the modified entry.
   773			 *
   774			 * For event on non-directory that is reported to parent, we
   775			 * record the fid of the parent and the name of the child.
   776			 *
   777			 * Even if not reporting name, we need a variable length
   778			 * fanotify_name_event if reporting both parent and child fids.
   779			 */
   780			if (!(fid_mode & FAN_REPORT_NAME)) {
   781				name_event = !!child;
   782				file_name = NULL;
   783			} else if ((mask & ALL_FSNOTIFY_DIRENT_EVENTS) || !ondir) {
   784				name_event = true;
   785			}
   786	
   787			/*
   788			 * In the special case of FAN_RENAME event, the FAN_MOVE flags
   789			 * are only used internally to indicate if we need to report
   790			 * only the old parent+name, only the new parent+name or both.
   791			 * 'dirid' and 'file_name' are the old parent+name and
   792			 * 'moved' has the new parent+name.
   793			 */
   794			if (mask & FAN_RENAME) {
   795				/* Either old and/or new info must be reported */
 > 796				if (WARN_ON_ONCE(!(mask & FAN_MOVE)))
   797					goto out;
   798	
   799				if (!(mask & FAN_MOVED_FROM)) {
   800					/* Do not report old parent+name */
   801					dirid = NULL;
   802					file_name = NULL;
   803				}
   804				if (mask & FAN_MOVED_FROM) {
   805					/* Report new parent+name */
   806					moved = fsnotify_data_dentry(data, data_type);
   807				}
   808				/* Clear internal flags */
   809				mask &= ~FAN_MOVE;
   810				name_event = true;
   811			}
   812		}
   813	
   814		/*
   815		 * For queues with unlimited length lost events are not expected and
   816		 * can possibly have security implications. Avoid losing events when
   817		 * memory is short. For the limited size queues, avoid OOM killer in the
   818		 * target monitoring memcg as it may have security repercussion.
   819		 */
   820		if (group->max_events == UINT_MAX)
   821			gfp |= __GFP_NOFAIL;
   822		else
   823			gfp |= __GFP_RETRY_MAYFAIL;
   824	
   825		/* Whoever is interested in the event, pays for the allocation. */
   826		old_memcg = set_active_memcg(group->memcg);
   827	
   828		if (fanotify_is_perm_event(mask)) {
   829			event = fanotify_alloc_perm_event(path, gfp);
   830		} else if (fanotify_is_error_event(mask)) {
   831			event = fanotify_alloc_error_event(group, fsid, data,
   832							   data_type, &hash);
   833		} else if (name_event && (file_name || moved || child)) {
   834			event = fanotify_alloc_name_event(dirid, fsid, file_name, child,
   835							  moved, &hash, gfp);
   836		} else if (fid_mode) {
   837			event = fanotify_alloc_fid_event(id, fsid, &hash, gfp);
   838		} else {
   839			event = fanotify_alloc_path_event(path, &hash, gfp);
   840		}
   841	
   842		if (!event)
   843			goto out;
   844	
   845		if (FAN_GROUP_FLAG(group, FAN_REPORT_TID))
   846			pid = get_pid(task_pid(current));
   847		else
   848			pid = get_pid(task_tgid(current));
   849	
   850		/* Mix event info, FAN_ONDIR flag and pid into event merge key */
   851		hash ^= hash_long((unsigned long)pid | ondir, FANOTIFY_EVENT_HASH_BITS);
   852		fanotify_init_event(event, hash, mask);
   853		event->pid = pid;
   854	
   855	out:
   856		set_active_memcg(old_memcg);
   857		return event;
   858	}
   859	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Download attachment ".config.gz" of type "application/gzip" (25835 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ