[kbuild] Re: [PATCH v11 09/10] fs/ntfs3: Add NTFS3 in fs/Kconfig and fs/Makefile

[Dan Carpenter]

Hi Konstantin,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on linus/master]
[also build test WARNING on v5.10-rc2 next-20201030]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch ]

url:    
https://github.com/0day-ci/linux/commits/Konstantin-Komarov/NTFS-read-write-driver-GPL-implementation-by-Paragon-Software/20201031-220904
 
base:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git  
5fc6b075e165f641fbc366b58b578055762d5f8c
config: i386-randconfig-m021-20201101 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <l...@intel.com>
Reported-by: Dan Carpenter <dan.carpen...@oracle.com>

smatch warnings:
fs/ntfs3/attrib.c:331 attr_set_size_res() error: dereferencing freed memory 
'attr_s'
fs/ntfs3/attrib.c:1267 attr_allocate_frame() error: uninitialized symbol 'hint'.
fs/ntfs3/attrib.c:1393 attr_allocate_frame() error: we previously assumed 
'attr_b' could be null (see line 1306)
fs/ntfs3/namei.c:438 ntfs_rename() warn: variable dereferenced before check 
'old_inode' (see line 296)
fs/ntfs3/fsntfs.c:844 ntfs_clear_mft_tail() error: uninitialized symbol 'err'.
fs/ntfs3/fsntfs.c:1294 ntfs_read_run_nb() error: uninitialized symbol 'idx'.
fs/ntfs3/frecord.c:166 ni_load_mi_ex() error: we previously assumed 'r' could 
be null (see line 159)
fs/ntfs3/frecord.c:505 ni_ins_new_attr() error: we previously assumed 'le' 
could be null (see line 490)
fs/ntfs3/frecord.c:658 ni_repack() warn: 'run.runs_' double freed
fs/ntfs3/frecord.c:1439 ni_insert_nonresident() warn: potential memory 
corrupting cast 8 vs 2 bytes
fs/ntfs3/frecord.c:2214 ni_read_frame() warn: ignoring unreachable code.
fs/ntfs3/xattr.c:514 ntfs_get_acl_ex() warn: passing zero to 'ERR_PTR'
fs/ntfs3/index.c:1133 indx_find() warn: variable dereferenced before check 
'fnd' (see line 1117)
fs/ntfs3/index.c:1371 indx_find_raw() error: we previously assumed 'n' could be 
null (see line 1349)
fs/ntfs3/index.c:1404 indx_create_allocate() warn: should '1 << 
indx->index_bits' be a 64 bit type?
fs/ntfs3/index.c:1755 indx_insert_into_root() warn: possible memory leak of 're'
fs/ntfs3/index.c:549 hdr_find_split() warn: variable dereferenced before check 
'e' (see line 547)
fs/ntfs3/inode.c:687 ntfs_readpage() warn: should 'page->index << 12' be a 64 
bit type?
fs/ntfs3/fslog.c:2205 last_log_lsn() warn: possible memory leak of 'page_bufs'
fs/ntfs3/fslog.c:2418 find_log_rec() error: we previously assumed 'rh' could be 
null (see line 2404)
fs/ntfs3/fslog.c:2551 find_client_next_lsn() error: double free of 'lcb->lrh'
fs/ntfs3/fslog.c:639 enum_rstbl() error: we previously assumed 't' could be 
null (see line 628)
fs/ntfs3/fslog.c:3158 do_action() warn: variable dereferenced before check 'mi' 
(see line 3118)
fs/ntfs3/fslog.c:3913 log_replay() error: dereferencing freed memory 
'rst_info.r_page'

vim +/attr_s +331 fs/ntfs3/attrib.c

e3a1cdcc648083 Konstantin Komarov 2020-10-30  241  static int 
attr_set_size_res(struct ntfs_inode *ni, struct ATTRIB *attr,
e3a1cdcc648083 Konstantin Komarov 2020-10-30  242                            
struct ATTR_LIST_ENTRY *le, struct mft_inode *mi,
e3a1cdcc648083 Konstantin Komarov 2020-10-30  243                            
u64 new_size, struct runs_tree *run,
e3a1cdcc648083 Konstantin Komarov 2020-10-30  244                            
struct ATTRIB **ins_attr)
e3a1cdcc648083 Konstantin Komarov 2020-10-30  245  {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  246       int err = 0;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  247       struct ntfs_sb_info 
*sbi = mi->sbi;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  248       struct MFT_REC *rec = 
mi->mrec;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  249       u32 used = 
le32_to_cpu(rec->used);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  250       u32 asize = 
le32_to_cpu(attr->size);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  251       u32 aoff = 
PtrOffset(rec, attr);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  252       u32 rsize = 
le32_to_cpu(attr->res.data_size);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  253       u32 tail = used - aoff 
- asize;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  254       char *next = 
Add2Ptr(attr, asize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  255       int dsize = 
QuadAlign(new_size) - QuadAlign(rsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  256       CLST len, alen;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  257       struct ATTRIB *attr_s = 
NULL;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  258       bool is_ext;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  259  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  260       if (dsize < 0) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  261               memmove(next + 
dsize, next, tail);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  262       } else if (dsize > 0) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  263               if (used + 
dsize > sbi->max_bytes_per_attr)
e3a1cdcc648083 Konstantin Komarov 2020-10-30  264                       goto 
resident2nonresident;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  265  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  266               memmove(next + 
dsize, next, tail);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  267               memset(next, 0, 
dsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  268       }
e3a1cdcc648083 Konstantin Komarov 2020-10-30  269  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  270       rec->used = 
cpu_to_le32(used + dsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  271       attr->size = 
cpu_to_le32(asize + dsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  272       attr->res.data_size = 
cpu_to_le32(new_size);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  273       mi->dirty = true;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  274       *ins_attr = attr;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  275  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  276       return 0;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  277  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  278  resident2nonresident:
e3a1cdcc648083 Konstantin Komarov 2020-10-30  279       len = 
bytes_to_cluster(sbi, rsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  280  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  281       run_init(run);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  282  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  283       is_ext = 
is_attr_ext(attr);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  284  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  285       if (!len) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  286               alen = 0;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  287       } else if (is_ext) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  288               if 
(!run_add_entry(run, 0, SPARSE_LCN, len)) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  289                       err = 
-ENOMEM;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  290                       goto 
out;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  291               }
e3a1cdcc648083 Konstantin Komarov 2020-10-30  292               alen = len;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  293       } else {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  294               err = 
attr_allocate_clusters(sbi, run, 0, 0, len, NULL,
e3a1cdcc648083 Konstantin Komarov 2020-10-30  295                               
             ALLOCATE_DEF, &alen, 0, NULL);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  296               if (err)
e3a1cdcc648083 Konstantin Komarov 2020-10-30  297                       goto 
out;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  298  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  299               err = 
ntfs_sb_write_run(sbi, run, 0, resident_data(attr),
e3a1cdcc648083 Konstantin Komarov 2020-10-30  300                               
        rsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  301               if (err)
e3a1cdcc648083 Konstantin Komarov 2020-10-30  302                       goto 
out;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  303       }
e3a1cdcc648083 Konstantin Komarov 2020-10-30  304  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  305       attr_s = 
ntfs_memdup(attr, asize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  306       if (!attr_s) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  307               err = -ENOMEM;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  308               goto out;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  309       }
e3a1cdcc648083 Konstantin Komarov 2020-10-30  310  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  311       
/*verify(mi_remove_attr(mi, attr));*/
e3a1cdcc648083 Konstantin Komarov 2020-10-30  312       used -= asize;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  313       memmove(attr, 
Add2Ptr(attr, asize), used - aoff);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  314       rec->used = 
cpu_to_le32(used);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  315       mi->dirty = true;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  316       if (le)
e3a1cdcc648083 Konstantin Komarov 2020-10-30  317               
al_remove_le(ni, le);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  318  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  319       err = 
ni_insert_nonresident(ni, attr_s->type, attr_name(attr_s),
e3a1cdcc648083 Konstantin Komarov 2020-10-30  320                               
    attr_s->name_len, run, 0, alen,
e3a1cdcc648083 Konstantin Komarov 2020-10-30  321                               
    attr_s->flags, &attr, NULL);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  322       if (err)
e3a1cdcc648083 Konstantin Komarov 2020-10-30  323               goto out;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  324  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  325       ntfs_free(attr_s);
                                                        ^^^^^^^^^^^^^^^^^
Freed.

e3a1cdcc648083 Konstantin Komarov 2020-10-30  326       attr->nres.data_size = 
cpu_to_le64(rsize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  327       attr->nres.valid_size = 
attr->nres.data_size;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  328  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  329       *ins_attr = attr;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  330  
e3a1cdcc648083 Konstantin Komarov 2020-10-30 @331       if (attr_s->type == 
ATTR_DATA && !attr_s->name_len &&
                                                            ^^^^^^^^^^^^        
          ^^^^^^^^^^^^^^^^
Dereferenced after a free.

e3a1cdcc648083 Konstantin Komarov 2020-10-30  332           run == 
&ni->file.run) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  333               ni->ni_flags &= 
~NI_FLAG_RESIDENT;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  334       }
e3a1cdcc648083 Konstantin Komarov 2020-10-30  335  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  336       /* Resident attribute 
becomes non resident */
e3a1cdcc648083 Konstantin Komarov 2020-10-30  337       return 0;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  338  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  339  out:
e3a1cdcc648083 Konstantin Komarov 2020-10-30  340       /* undo: do not trim 
new allocated clusters */
e3a1cdcc648083 Konstantin Komarov 2020-10-30  341       run_deallocate(sbi, 
run, false);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  342       run_close(run);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  343  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  344       if (attr_s) {
e3a1cdcc648083 Konstantin Komarov 2020-10-30  345               memmove(next, 
Add2Ptr(rec, aoff), used - aoff);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  346               
memcpy(Add2Ptr(rec, aoff), attr_s, asize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  347               rec->used = 
cpu_to_le32(used + asize);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  348               mi->dirty = 
true;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  349               
ntfs_free(attr_s);
e3a1cdcc648083 Konstantin Komarov 2020-10-30  350               /*reinsert le*/
e3a1cdcc648083 Konstantin Komarov 2020-10-30  351       }
e3a1cdcc648083 Konstantin Komarov 2020-10-30  352  
e3a1cdcc648083 Konstantin Komarov 2020-10-30  353       return err;
e3a1cdcc648083 Konstantin Komarov 2020-10-30  354  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-...@lists.01.org 

.config.gz
Description: application/gzip

_______________________________________________
kbuild mailing list -- kbu...@lists.01.org
To unsubscribe send an email to kbuild-le...@lists.01.org