From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org
Subject: [fuse:fs_fuse_split 5/5] fs/fuse/virtio_fs.c:1458 virtio_fs_get_tree() error: uninitialized symbol 'fc'.
Date: Mon, 15 Feb 2021 14:30:51 +0300 [thread overview]
Message-ID: <20210215113051.GD2087@kadam> (raw)
[-- Attachment #1: Type: text/plain, Size: 5316 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git fs_fuse_split
head: 674d5faded4c40245ea02240e731aa82c7ab4c9e
commit: 674d5faded4c40245ea02240e731aa82c7ab4c9e [5/5] fuse: alloc initial fuse_conn and fuse_mount
config: i386-randconfig-m021-20210209 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
fs/fuse/virtio_fs.c:1458 virtio_fs_get_tree() error: uninitialized symbol 'fc'.
Old smatch warnings:
fs/fuse/virtio_fs.c:1444 virtio_fs_get_tree() error: double free of 'fm'
vim +/fc +1458 fs/fuse/virtio_fs.c
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1405 static int virtio_fs_get_tree(struct fs_context *fsc)
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1406 {
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1407 struct virtio_fs *fs;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1408 struct super_block *sb;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1409 struct fuse_conn *fc;
fcee216beb9c15 Max Reitz 2020-05-06 1410 struct fuse_mount *fm;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1411 int err;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1412
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1413 /* This gets a reference on virtio_fs object. This ptr gets installed
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1414 * in fc->iq->priv. Once fuse_conn is going away, it calls ->put()
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1415 * to drop the reference to this object.
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1416 */
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1417 fs = virtio_fs_find_instance(fsc->source);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1418 if (!fs) {
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1419 pr_info("virtio-fs: tag <%s> not found\n", fsc->source);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1420 return -EINVAL;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1421 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1422
833c5a42e28bee Miklos Szeredi 2020-11-11 1423 err = -ENOMEM;
674d5faded4c40 Miklos Szeredi 2021-02-11 1424 fm = fuse_conn_new(get_user_ns(current_user_ns()), &virtio_fs_fiq_ops, fs, NULL, NULL);
833c5a42e28bee Miklos Szeredi 2020-11-11 1425 if (!fm)
833c5a42e28bee Miklos Szeredi 2020-11-11 1426 goto out_err;
"fc" not initialized on this path.
674d5faded4c40 Miklos Szeredi 2021-02-11 1427 fc = fm->fc;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1428 fc->delete_stale = true;
bf109c64040f5b Max Reitz 2020-04-21 1429 fc->auto_submounts = true;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1430
fcee216beb9c15 Max Reitz 2020-05-06 1431 fsc->s_fs_info = fm;
b19d3d00d662cf Miklos Szeredi 2020-11-11 1432 sb = sget_fc(fsc, virtio_fs_test_super, set_anon_super_fc);
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1433 if (fsc->s_fs_info) {
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1434 fuse_conn_put(fc);
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1435 kfree(fm);
The error handling in this function is very confusing...
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1436 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1437 if (IS_ERR(sb))
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1438 return PTR_ERR(sb);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1439
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1440 if (!sb->s_root) {
1dd539577c42b6 Vivek Goyal 2020-08-19 1441 err = virtio_fs_fill_super(sb, fsc);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1442 if (err) {
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1443 fuse_conn_put(fc);
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1444 kfree(fm);
Smatch doesn't complain about a double free so presumably the earlier
kfree(fm) is done IFF sb is an error pointer.
66ab33bf6d4341 Miklos Szeredi 2020-11-11 1445 sb->s_fs_info = NULL;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1446 deactivate_locked_super(sb);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1447 return err;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1448 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1449
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1450 sb->s_flags |= SB_ACTIVE;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1451 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1452
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1453 WARN_ON(fsc->root);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1454 fsc->root = dget(sb->s_root);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1455 return 0;
833c5a42e28bee Miklos Szeredi 2020-11-11 1456
833c5a42e28bee Miklos Szeredi 2020-11-11 1457 out_err:
833c5a42e28bee Miklos Szeredi 2020-11-11 @1458 kfree(fc);
833c5a42e28bee Miklos Szeredi 2020-11-11 1459 mutex_lock(&virtio_fs_mutex);
833c5a42e28bee Miklos Szeredi 2020-11-11 1460 virtio_fs_put(fs);
833c5a42e28bee Miklos Szeredi 2020-11-11 1461 mutex_unlock(&virtio_fs_mutex);
833c5a42e28bee Miklos Szeredi 2020-11-11 1462 return err;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1463 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 37179 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild-all@lists.01.org
Subject: [fuse:fs_fuse_split 5/5] fs/fuse/virtio_fs.c:1458 virtio_fs_get_tree() error: uninitialized symbol 'fc'.
Date: Mon, 15 Feb 2021 14:30:51 +0300 [thread overview]
Message-ID: <20210215113051.GD2087@kadam> (raw)
[-- Attachment #1: Type: text/plain, Size: 5316 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git fs_fuse_split
head: 674d5faded4c40245ea02240e731aa82c7ab4c9e
commit: 674d5faded4c40245ea02240e731aa82c7ab4c9e [5/5] fuse: alloc initial fuse_conn and fuse_mount
config: i386-randconfig-m021-20210209 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
fs/fuse/virtio_fs.c:1458 virtio_fs_get_tree() error: uninitialized symbol 'fc'.
Old smatch warnings:
fs/fuse/virtio_fs.c:1444 virtio_fs_get_tree() error: double free of 'fm'
vim +/fc +1458 fs/fuse/virtio_fs.c
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1405 static int virtio_fs_get_tree(struct fs_context *fsc)
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1406 {
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1407 struct virtio_fs *fs;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1408 struct super_block *sb;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1409 struct fuse_conn *fc;
fcee216beb9c15 Max Reitz 2020-05-06 1410 struct fuse_mount *fm;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1411 int err;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1412
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1413 /* This gets a reference on virtio_fs object. This ptr gets installed
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1414 * in fc->iq->priv. Once fuse_conn is going away, it calls ->put()
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1415 * to drop the reference to this object.
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1416 */
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1417 fs = virtio_fs_find_instance(fsc->source);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1418 if (!fs) {
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1419 pr_info("virtio-fs: tag <%s> not found\n", fsc->source);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1420 return -EINVAL;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1421 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1422
833c5a42e28bee Miklos Szeredi 2020-11-11 1423 err = -ENOMEM;
674d5faded4c40 Miklos Szeredi 2021-02-11 1424 fm = fuse_conn_new(get_user_ns(current_user_ns()), &virtio_fs_fiq_ops, fs, NULL, NULL);
833c5a42e28bee Miklos Szeredi 2020-11-11 1425 if (!fm)
833c5a42e28bee Miklos Szeredi 2020-11-11 1426 goto out_err;
"fc" not initialized on this path.
674d5faded4c40 Miklos Szeredi 2021-02-11 1427 fc = fm->fc;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1428 fc->delete_stale = true;
bf109c64040f5b Max Reitz 2020-04-21 1429 fc->auto_submounts = true;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1430
fcee216beb9c15 Max Reitz 2020-05-06 1431 fsc->s_fs_info = fm;
b19d3d00d662cf Miklos Szeredi 2020-11-11 1432 sb = sget_fc(fsc, virtio_fs_test_super, set_anon_super_fc);
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1433 if (fsc->s_fs_info) {
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1434 fuse_conn_put(fc);
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1435 kfree(fm);
The error handling in this function is very confusing...
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1436 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1437 if (IS_ERR(sb))
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1438 return PTR_ERR(sb);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1439
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1440 if (!sb->s_root) {
1dd539577c42b6 Vivek Goyal 2020-08-19 1441 err = virtio_fs_fill_super(sb, fsc);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1442 if (err) {
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1443 fuse_conn_put(fc);
514b5e3ff45e6c Miklos Szeredi 2020-11-11 1444 kfree(fm);
Smatch doesn't complain about a double free so presumably the earlier
kfree(fm) is done IFF sb is an error pointer.
66ab33bf6d4341 Miklos Szeredi 2020-11-11 1445 sb->s_fs_info = NULL;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1446 deactivate_locked_super(sb);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1447 return err;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1448 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1449
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1450 sb->s_flags |= SB_ACTIVE;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1451 }
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1452
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1453 WARN_ON(fsc->root);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1454 fsc->root = dget(sb->s_root);
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1455 return 0;
833c5a42e28bee Miklos Szeredi 2020-11-11 1456
833c5a42e28bee Miklos Szeredi 2020-11-11 1457 out_err:
833c5a42e28bee Miklos Szeredi 2020-11-11 @1458 kfree(fc);
833c5a42e28bee Miklos Szeredi 2020-11-11 1459 mutex_lock(&virtio_fs_mutex);
833c5a42e28bee Miklos Szeredi 2020-11-11 1460 virtio_fs_put(fs);
833c5a42e28bee Miklos Szeredi 2020-11-11 1461 mutex_unlock(&virtio_fs_mutex);
833c5a42e28bee Miklos Szeredi 2020-11-11 1462 return err;
a62a8ef9d97da2 Stefan Hajnoczi 2018-06-12 1463 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 37179 bytes --]
next reply other threads:[~2021-02-15 11:30 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-15 11:30 Dan Carpenter [this message]
2021-02-15 11:30 ` [fuse:fs_fuse_split 5/5] fs/fuse/virtio_fs.c:1458 virtio_fs_get_tree() error: uninitialized symbol 'fc' Dan Carpenter
2021-02-15 12:48 ` Miklos Szeredi
2021-02-15 12:48 ` Miklos Szeredi
-- strict thread matches above, loose matches on Subject: below --
2021-02-11 21:34 kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210215113051.GD2087@kadam \
--to=dan.carpenter@oracle.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.