lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202207080923.s0L0sZLm-lkp@intel.com>
Date:   Fri, 8 Jul 2022 09:34:29 +0800
From:   kernel test robot <lkp@...el.com>
To:     David Howells <dhowells@...hat.com>
Cc:     llvm@...ts.linux.dev, kbuild-all@...ts.01.org,
        GNU/Weeb Mailing List <gwml@...r.gnuweeb.org>,
        linux-kernel@...r.kernel.org
Subject: [ammarfaizi2-block:dhowells/linux-fs/cifs-for-viro 5/8]
 fs/cifs/smb2ops.c:4994:7: warning: variable 'length' is used uninitialized
 whenever 'if' condition is false

tree:   https://github.com/ammarfaizi2/linux-block dhowells/linux-fs/cifs-for-viro
head:   569e0acf4192ada33675e44b24701e679d87ebc9
commit: f398cb911105297654980b5973ff230323061fce [5/8] cifs: Change the I/O paths to use an iterator rather than a page list
config: x86_64-randconfig-a012 (https://download.01.org/0day-ci/archive/20220708/202207080923.s0L0sZLm-lkp@intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 562c3467a6738aa89203f72fc1d1343e5baadf3c)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/ammarfaizi2/linux-block/commit/f398cb911105297654980b5973ff230323061fce
        git remote add ammarfaizi2-block https://github.com/ammarfaizi2/linux-block
        git fetch --no-tags ammarfaizi2-block dhowells/linux-fs/cifs-for-viro
        git checkout f398cb911105297654980b5973ff230323061fce
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash fs/cifs/

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@...el.com>

All warnings (new ones prefixed by >>):

>> fs/cifs/smb2ops.c:4994:7: warning: variable 'length' is used uninitialized whenever 'if' condition is false [-Wsometimes-uninitialized]
                   if (rdata->result != 0) {
                       ^~~~~~~~~~~~~~~~~~
   fs/cifs/smb2ops.c:5026:9: note: uninitialized use occurs here
           return length;
                  ^~~~~~
   fs/cifs/smb2ops.c:4994:3: note: remove the 'if' if its condition is always true
                   if (rdata->result != 0) {
                   ^~~~~~~~~~~~~~~~~~~~~~~~
   fs/cifs/smb2ops.c:4893:12: note: initialize the variable 'length' to silence this warning
           int length;
                     ^
                      = 0
   1 warning generated.


vim +4994 fs/cifs/smb2ops.c

c42a6abe301283 Pavel Shilovsky    2016-11-17  4880  
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4881  static int
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4882  handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid,
f398cb91110529 David Howells      2022-01-24  4883  		 char *buf, unsigned int buf_len, struct xarray *pages,
f398cb91110529 David Howells      2022-01-24  4884  		 unsigned int pages_len, bool is_offloaded)
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4885  {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4886  	unsigned int data_offset;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4887  	unsigned int data_len;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4888  	unsigned int cur_off;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4889  	unsigned int cur_page_idx;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4890  	unsigned int pad_len;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4891  	struct cifs_readdata *rdata = mid->callback_data;
0d35e382e4e96a Ronnie Sahlberg    2021-11-05  4892  	struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4893  	int length;
74dcf418fe3446 Long Li            2017-11-22  4894  	bool use_rdma_mr = false;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4895  
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4896  	if (shdr->Command != SMB2_READ) {
3175eb9b577e82 Ronnie Sahlberg    2019-09-04  4897  		cifs_server_dbg(VFS, "only big read responses are supported\n");
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4898  		return -ENOTSUPP;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4899  	}
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4900  
511c54a2f69195 Pavel Shilovsky    2017-07-08  4901  	if (server->ops->is_session_expired &&
511c54a2f69195 Pavel Shilovsky    2017-07-08  4902  	    server->ops->is_session_expired(buf)) {
de9ac0a6e9efdf Rohith Surabattula 2020-10-28  4903  		if (!is_offloaded)
183eea2ee5ba96 Shyam Prasad N     2021-07-19  4904  			cifs_reconnect(server, true);
511c54a2f69195 Pavel Shilovsky    2017-07-08  4905  		return -1;
511c54a2f69195 Pavel Shilovsky    2017-07-08  4906  	}
511c54a2f69195 Pavel Shilovsky    2017-07-08  4907  
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4908  	if (server->ops->is_status_pending &&
66265f134acfb2 Pavel Shilovsky    2019-01-23  4909  			server->ops->is_status_pending(buf, server))
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4910  		return -1;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4911  
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4912  	/* set up first two iov to get credits */
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4913  	rdata->iov[0].iov_base = buf;
bb1bccb60c2ebd Pavel Shilovsky    2019-01-17  4914  	rdata->iov[0].iov_len = 0;
bb1bccb60c2ebd Pavel Shilovsky    2019-01-17  4915  	rdata->iov[1].iov_base = buf;
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4916  	rdata->iov[1].iov_len =
bb1bccb60c2ebd Pavel Shilovsky    2019-01-17  4917  		min_t(unsigned int, buf_len, server->vals->read_rsp_size);
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4918  	cifs_dbg(FYI, "0: iov_base=%p iov_len=%zu\n",
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4919  		 rdata->iov[0].iov_base, rdata->iov[0].iov_len);
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4920  	cifs_dbg(FYI, "1: iov_base=%p iov_len=%zu\n",
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4921  		 rdata->iov[1].iov_base, rdata->iov[1].iov_len);
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4922  
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4923  	rdata->result = server->ops->map_error(buf, true);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4924  	if (rdata->result != 0) {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4925  		cifs_dbg(FYI, "%s: server returned error %d\n",
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4926  			 __func__, rdata->result);
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4927  		/* normal error on read response */
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4928  		if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4929  			mid->mid_state = MID_RESPONSE_RECEIVED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4930  		else
ec678eae746dd2 Pavel Shilovsky    2019-01-18  4931  			dequeue_mid(mid, false);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4932  		return 0;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4933  	}
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4934  
1fc6ad2f10ad6f Ronnie Sahlberg    2018-06-01  4935  	data_offset = server->ops->read_data_offset(buf);
74dcf418fe3446 Long Li            2017-11-22  4936  #ifdef CONFIG_CIFS_SMB_DIRECT
74dcf418fe3446 Long Li            2017-11-22  4937  	use_rdma_mr = rdata->mr;
74dcf418fe3446 Long Li            2017-11-22  4938  #endif
74dcf418fe3446 Long Li            2017-11-22  4939  	data_len = server->ops->read_data_length(buf, use_rdma_mr);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4940  
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4941  	if (data_offset < server->vals->read_rsp_size) {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4942  		/*
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4943  		 * win2k8 sometimes sends an offset of 0 when the read
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4944  		 * is beyond the EOF. Treat it as if the data starts just after
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4945  		 * the header.
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4946  		 */
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4947  		cifs_dbg(FYI, "%s: data offset (%u) inside read response header\n",
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4948  			 __func__, data_offset);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4949  		data_offset = server->vals->read_rsp_size;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4950  	} else if (data_offset > MAX_CIFS_SMALL_BUFFER_SIZE) {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4951  		/* data_offset is beyond the end of smallbuf */
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4952  		cifs_dbg(FYI, "%s: data offset (%u) beyond end of smallbuf\n",
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4953  			 __func__, data_offset);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4954  		rdata->result = -EIO;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4955  		if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4956  			mid->mid_state = MID_RESPONSE_MALFORMED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4957  		else
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4958  			dequeue_mid(mid, rdata->result);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4959  		return 0;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4960  	}
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4961  
c42a6abe301283 Pavel Shilovsky    2016-11-17  4962  	pad_len = data_offset - server->vals->read_rsp_size;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4963  
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4964  	if (buf_len <= data_offset) {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  4965  		/* read response payload is in pages */
c42a6abe301283 Pavel Shilovsky    2016-11-17  4966  		cur_page_idx = pad_len / PAGE_SIZE;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4967  		cur_off = pad_len % PAGE_SIZE;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4968  
c42a6abe301283 Pavel Shilovsky    2016-11-17  4969  		if (cur_page_idx != 0) {
c42a6abe301283 Pavel Shilovsky    2016-11-17  4970  			/* data offset is beyond the 1st page of response */
c42a6abe301283 Pavel Shilovsky    2016-11-17  4971  			cifs_dbg(FYI, "%s: data offset (%u) beyond 1st page of response\n",
c42a6abe301283 Pavel Shilovsky    2016-11-17  4972  				 __func__, data_offset);
c42a6abe301283 Pavel Shilovsky    2016-11-17  4973  			rdata->result = -EIO;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4974  			if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4975  				mid->mid_state = MID_RESPONSE_MALFORMED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4976  			else
c42a6abe301283 Pavel Shilovsky    2016-11-17  4977  				dequeue_mid(mid, rdata->result);
c42a6abe301283 Pavel Shilovsky    2016-11-17  4978  			return 0;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4979  		}
c42a6abe301283 Pavel Shilovsky    2016-11-17  4980  
f398cb91110529 David Howells      2022-01-24  4981  		if (data_len > pages_len - pad_len) {
c42a6abe301283 Pavel Shilovsky    2016-11-17  4982  			/* data_len is corrupt -- discard frame */
c42a6abe301283 Pavel Shilovsky    2016-11-17  4983  			rdata->result = -EIO;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4984  			if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4985  				mid->mid_state = MID_RESPONSE_MALFORMED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4986  			else
c42a6abe301283 Pavel Shilovsky    2016-11-17  4987  				dequeue_mid(mid, rdata->result);
c42a6abe301283 Pavel Shilovsky    2016-11-17  4988  			return 0;
c42a6abe301283 Pavel Shilovsky    2016-11-17  4989  		}
c42a6abe301283 Pavel Shilovsky    2016-11-17  4990  
f398cb91110529 David Howells      2022-01-24  4991  		/* Copy the data to the output I/O iterator. */
f398cb91110529 David Howells      2022-01-24  4992  		rdata->result = cifs_copy_pages_to_iter(pages, pages_len,
f398cb91110529 David Howells      2022-01-24  4993  							cur_off, &rdata->iter);
c42a6abe301283 Pavel Shilovsky    2016-11-17 @4994  		if (rdata->result != 0) {
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4995  			if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4996  				mid->mid_state = MID_RESPONSE_MALFORMED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  4997  			else
c42a6abe301283 Pavel Shilovsky    2016-11-17  4998  				dequeue_mid(mid, rdata->result);
c42a6abe301283 Pavel Shilovsky    2016-11-17  4999  			return 0;
c42a6abe301283 Pavel Shilovsky    2016-11-17  5000  		}
f398cb91110529 David Howells      2022-01-24  5001  		rdata->got_bytes = pages_len;
c42a6abe301283 Pavel Shilovsky    2016-11-17  5002  
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5003  	} else if (buf_len >= data_offset + data_len) {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5004  		/* read response payload is in buf */
f398cb91110529 David Howells      2022-01-24  5005  		WARN_ONCE(pages && !xa_empty(pages),
f398cb91110529 David Howells      2022-01-24  5006  			  "read data can be either in buf or in pages");
f398cb91110529 David Howells      2022-01-24  5007  		length = copy_to_iter(buf + data_offset, data_len, &rdata->iter);
f398cb91110529 David Howells      2022-01-24  5008  		if (length < 0)
f398cb91110529 David Howells      2022-01-24  5009  			return length;
f398cb91110529 David Howells      2022-01-24  5010  		rdata->got_bytes = data_len;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5011  	} else {
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5012  		/* read response payload cannot be in both buf and pages */
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5013  		WARN_ONCE(1, "buf can not contain only a part of read data");
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5014  		rdata->result = -EIO;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  5015  		if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  5016  			mid->mid_state = MID_RESPONSE_MALFORMED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  5017  		else
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5018  			dequeue_mid(mid, rdata->result);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5019  		return 0;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5020  	}
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5021  
ac873aa3dc2170 Rohith Surabattula 2020-10-29  5022  	if (is_offloaded)
ac873aa3dc2170 Rohith Surabattula 2020-10-29  5023  		mid->mid_state = MID_RESPONSE_RECEIVED;
ac873aa3dc2170 Rohith Surabattula 2020-10-29  5024  	else
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5025  		dequeue_mid(mid, false);
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5026  	return length;
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5027  }
4326ed2f6a16ae Pavel Shilovsky    2016-11-17  5028  

:::::: The code at line 4994 was first introduced by commit
:::::: c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Add capability to decrypt big read responses

:::::: TO: Pavel Shilovsky <pshilov@...rosoft.com>
:::::: CC: Steve French <smfrench@...il.com>

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ