* [PATCH] fix array index out of bound exception
@ 2021-08-11 13:11 F.A. SULAIMAN
2021-08-11 14:59 ` Jan Kara
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: F.A. SULAIMAN @ 2021-08-11 13:11 UTC (permalink / raw)
To: jack; +Cc: F.A.Sulaiman, linux-kernel
From: "F.A.Sulaiman" <asha.16@itfac.mrt.ac.lk>
Array index out of bound exception occurs when the 'part' variable is passed into the freeSpactTable array,
this can be avoided using pointer arithmetic.
Signed-off-by: F.A. SULAIMAN <asha.16@itfac.mrt.ac.lk>
---
fs/udf/super.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/udf/super.c b/fs/udf/super.c
index 2f83c1204e20..d330c7162c3a 100644
--- a/fs/udf/super.c
+++ b/fs/udf/super.c
@@ -2522,7 +2522,7 @@ static unsigned int udf_count_free(struct super_block *sb)
sbi->s_lvid_bh->b_data;
if (le32_to_cpu(lvid->numOfPartitions) > part) {
accum = le32_to_cpu(
- lvid->freeSpaceTable[part]);
+ (lvid->freeSpaceTable + part));
if (accum == 0xFFFFFFFF)
accum = 0;
}
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* Re: [PATCH] fix array index out of bound exception
2021-08-11 13:11 [PATCH] fix array index out of bound exception F.A. SULAIMAN
@ 2021-08-11 14:59 ` Jan Kara
2021-08-11 16:31 ` kernel test robot
` (2 subsequent siblings)
3 siblings, 0 replies; 9+ messages in thread
From: Jan Kara @ 2021-08-11 14:59 UTC (permalink / raw)
To: F.A. SULAIMAN; +Cc: jack, linux-kernel
On Wed 11-08-21 18:41:50, F.A. SULAIMAN wrote:
> From: "F.A.Sulaiman" <asha.16@itfac.mrt.ac.lk>
>
> Array index out of bound exception occurs when the 'part' variable is
> passed into the freeSpactTable array, this can be avoided using pointer
> arithmetic.
>
> Signed-off-by: F.A. SULAIMAN <asha.16@itfac.mrt.ac.lk>
I'm sorry but this doesn't even compile and the change is obviously
bogus...
Honza
> ---
> fs/udf/super.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/udf/super.c b/fs/udf/super.c
> index 2f83c1204e20..d330c7162c3a 100644
> --- a/fs/udf/super.c
> +++ b/fs/udf/super.c
> @@ -2522,7 +2522,7 @@ static unsigned int udf_count_free(struct super_block *sb)
> sbi->s_lvid_bh->b_data;
> if (le32_to_cpu(lvid->numOfPartitions) > part) {
> accum = le32_to_cpu(
> - lvid->freeSpaceTable[part]);
> + (lvid->freeSpaceTable + part));
> if (accum == 0xFFFFFFFF)
> accum = 0;
> }
> --
> 2.17.1
>
--
Jan Kara <jack@suse.com>
SUSE Labs, CR
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [PATCH] fix array index out of bound exception
2021-08-11 13:11 [PATCH] fix array index out of bound exception F.A. SULAIMAN
@ 2021-08-11 16:31 ` kernel test robot
2021-08-11 16:31 ` kernel test robot
` (2 subsequent siblings)
3 siblings, 0 replies; 9+ messages in thread
From: kernel test robot @ 2021-08-11 16:31 UTC (permalink / raw)
To: kbuild-all
[-- Attachment #1: Type: text/plain, Size: 6171 bytes --]
Hi SULAIMAN",
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14-rc5 next-20210811]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 761c6d7ec820f123b931e7b8ef7ec7c8564e450f
config: x86_64-randconfig-c001-20210810 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d39ebdae674c8efc84ebe8dc32716ec353220530)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/3c70bc4978e0cb74c7ba5189c093ecccf4564925
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
git checkout 3c70bc4978e0cb74c7ba5189c093ecccf4564925
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> fs/udf/super.c:2524:12: warning: cast to smaller integer type '__le32' (aka 'unsigned int') from '__le32 *' (aka 'unsigned int *') [-Wpointer-to-int-cast]
accum = le32_to_cpu(
^~~~~~~~~~~~
include/linux/byteorder/generic.h:89:21: note: expanded from macro 'le32_to_cpu'
#define le32_to_cpu __le32_to_cpu
^
include/uapi/linux/byteorder/little_endian.h:34:42: note: expanded from macro '__le32_to_cpu'
#define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
^~~~~~~~~~~
1 warning generated.
vim +2524 fs/udf/super.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 2499
cb00ea3528eb3c Cyrill Gorcunov 2007-07-19 2500 static unsigned int udf_count_free(struct super_block *sb)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2501 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 2502 unsigned int accum = 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2503 struct udf_sb_info *sbi = UDF_SB(sb);
6c79e987d629cb Marcin Slusarz 2008-02-08 2504 struct udf_part_map *map;
a4a8b99ec819ca Jan Kara 2020-01-07 2505 unsigned int part = sbi->s_partition;
a4a8b99ec819ca Jan Kara 2020-01-07 2506 int ptype = sbi->s_partmaps[part].s_partition_type;
a4a8b99ec819ca Jan Kara 2020-01-07 2507
a4a8b99ec819ca Jan Kara 2020-01-07 2508 if (ptype == UDF_METADATA_MAP25) {
a4a8b99ec819ca Jan Kara 2020-01-07 2509 part = sbi->s_partmaps[part].s_type_specific.s_metadata.
a4a8b99ec819ca Jan Kara 2020-01-07 2510 s_phys_partition_ref;
a4a8b99ec819ca Jan Kara 2020-01-07 2511 } else if (ptype == UDF_VIRTUAL_MAP15 || ptype == UDF_VIRTUAL_MAP20) {
a4a8b99ec819ca Jan Kara 2020-01-07 2512 /*
a4a8b99ec819ca Jan Kara 2020-01-07 2513 * Filesystems with VAT are append-only and we cannot write to
a4a8b99ec819ca Jan Kara 2020-01-07 2514 * them. Let's just report 0 here.
a4a8b99ec819ca Jan Kara 2020-01-07 2515 */
a4a8b99ec819ca Jan Kara 2020-01-07 2516 return 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2517 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2518
6c79e987d629cb Marcin Slusarz 2008-02-08 2519 if (sbi->s_lvid_bh) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 2520 struct logicalVolIntegrityDesc *lvid =
4b11111aba6c80 Marcin Slusarz 2008-02-08 2521 (struct logicalVolIntegrityDesc *)
4b11111aba6c80 Marcin Slusarz 2008-02-08 2522 sbi->s_lvid_bh->b_data;
a4a8b99ec819ca Jan Kara 2020-01-07 2523 if (le32_to_cpu(lvid->numOfPartitions) > part) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 @2524 accum = le32_to_cpu(
3c70bc4978e0cb F.A.Sulaiman 2021-08-11 2525 (lvid->freeSpaceTable + part));
^1da177e4c3f41 Linus Torvalds 2005-04-16 2526 if (accum == 0xFFFFFFFF)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2527 accum = 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2528 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2529 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2530
^1da177e4c3f41 Linus Torvalds 2005-04-16 2531 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2532 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2533
a4a8b99ec819ca Jan Kara 2020-01-07 2534 map = &sbi->s_partmaps[part];
6c79e987d629cb Marcin Slusarz 2008-02-08 2535 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_BITMAP) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2536 accum += udf_count_free_bitmap(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2537 map->s_uspace.s_bitmap);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2538 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2539 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2540 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2541
6c79e987d629cb Marcin Slusarz 2008-02-08 2542 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_TABLE) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2543 accum += udf_count_free_table(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2544 map->s_uspace.s_table);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2545 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2546 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2547 }
54bb60d53114b8 Fabian Frederick 2017-01-06 2548
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 36357 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [PATCH] fix array index out of bound exception
@ 2021-08-11 16:31 ` kernel test robot
0 siblings, 0 replies; 9+ messages in thread
From: kernel test robot @ 2021-08-11 16:31 UTC (permalink / raw)
To: F.A. SULAIMAN, jack
Cc: clang-built-linux, kbuild-all, F.A.Sulaiman, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 6072 bytes --]
Hi SULAIMAN",
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14-rc5 next-20210811]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 761c6d7ec820f123b931e7b8ef7ec7c8564e450f
config: x86_64-randconfig-c001-20210810 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d39ebdae674c8efc84ebe8dc32716ec353220530)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/3c70bc4978e0cb74c7ba5189c093ecccf4564925
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
git checkout 3c70bc4978e0cb74c7ba5189c093ecccf4564925
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> fs/udf/super.c:2524:12: warning: cast to smaller integer type '__le32' (aka 'unsigned int') from '__le32 *' (aka 'unsigned int *') [-Wpointer-to-int-cast]
accum = le32_to_cpu(
^~~~~~~~~~~~
include/linux/byteorder/generic.h:89:21: note: expanded from macro 'le32_to_cpu'
#define le32_to_cpu __le32_to_cpu
^
include/uapi/linux/byteorder/little_endian.h:34:42: note: expanded from macro '__le32_to_cpu'
#define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
^~~~~~~~~~~
1 warning generated.
vim +2524 fs/udf/super.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 2499
cb00ea3528eb3c Cyrill Gorcunov 2007-07-19 2500 static unsigned int udf_count_free(struct super_block *sb)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2501 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 2502 unsigned int accum = 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2503 struct udf_sb_info *sbi = UDF_SB(sb);
6c79e987d629cb Marcin Slusarz 2008-02-08 2504 struct udf_part_map *map;
a4a8b99ec819ca Jan Kara 2020-01-07 2505 unsigned int part = sbi->s_partition;
a4a8b99ec819ca Jan Kara 2020-01-07 2506 int ptype = sbi->s_partmaps[part].s_partition_type;
a4a8b99ec819ca Jan Kara 2020-01-07 2507
a4a8b99ec819ca Jan Kara 2020-01-07 2508 if (ptype == UDF_METADATA_MAP25) {
a4a8b99ec819ca Jan Kara 2020-01-07 2509 part = sbi->s_partmaps[part].s_type_specific.s_metadata.
a4a8b99ec819ca Jan Kara 2020-01-07 2510 s_phys_partition_ref;
a4a8b99ec819ca Jan Kara 2020-01-07 2511 } else if (ptype == UDF_VIRTUAL_MAP15 || ptype == UDF_VIRTUAL_MAP20) {
a4a8b99ec819ca Jan Kara 2020-01-07 2512 /*
a4a8b99ec819ca Jan Kara 2020-01-07 2513 * Filesystems with VAT are append-only and we cannot write to
a4a8b99ec819ca Jan Kara 2020-01-07 2514 * them. Let's just report 0 here.
a4a8b99ec819ca Jan Kara 2020-01-07 2515 */
a4a8b99ec819ca Jan Kara 2020-01-07 2516 return 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2517 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2518
6c79e987d629cb Marcin Slusarz 2008-02-08 2519 if (sbi->s_lvid_bh) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 2520 struct logicalVolIntegrityDesc *lvid =
4b11111aba6c80 Marcin Slusarz 2008-02-08 2521 (struct logicalVolIntegrityDesc *)
4b11111aba6c80 Marcin Slusarz 2008-02-08 2522 sbi->s_lvid_bh->b_data;
a4a8b99ec819ca Jan Kara 2020-01-07 2523 if (le32_to_cpu(lvid->numOfPartitions) > part) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 @2524 accum = le32_to_cpu(
3c70bc4978e0cb F.A.Sulaiman 2021-08-11 2525 (lvid->freeSpaceTable + part));
^1da177e4c3f41 Linus Torvalds 2005-04-16 2526 if (accum == 0xFFFFFFFF)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2527 accum = 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2528 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2529 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2530
^1da177e4c3f41 Linus Torvalds 2005-04-16 2531 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2532 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2533
a4a8b99ec819ca Jan Kara 2020-01-07 2534 map = &sbi->s_partmaps[part];
6c79e987d629cb Marcin Slusarz 2008-02-08 2535 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_BITMAP) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2536 accum += udf_count_free_bitmap(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2537 map->s_uspace.s_bitmap);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2538 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2539 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2540 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2541
6c79e987d629cb Marcin Slusarz 2008-02-08 2542 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_TABLE) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2543 accum += udf_count_free_table(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2544 map->s_uspace.s_table);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2545 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2546 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2547 }
54bb60d53114b8 Fabian Frederick 2017-01-06 2548
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 36357 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] fix array index out of bound exception
2021-08-11 13:11 [PATCH] fix array index out of bound exception F.A. SULAIMAN
@ 2021-08-11 17:23 ` kernel test robot
2021-08-11 16:31 ` kernel test robot
` (2 subsequent siblings)
3 siblings, 0 replies; 9+ messages in thread
From: kernel test robot @ 2021-08-11 17:23 UTC (permalink / raw)
To: kbuild-all
[-- Attachment #1: Type: text/plain, Size: 6904 bytes --]
Hi SULAIMAN",
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14-rc5 next-20210811]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 761c6d7ec820f123b931e7b8ef7ec7c8564e450f
config: x86_64-randconfig-s022-20210810 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.3-348-gf0e6938b-dirty
# https://github.com/0day-ci/linux/commit/3c70bc4978e0cb74c7ba5189c093ecccf4564925
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
git checkout 3c70bc4978e0cb74c7ba5189c093ecccf4564925
# save the attached .config to linux build tree
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=x86_64 SHELL=/bin/bash fs/udf/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
In file included from include/linux/byteorder/little_endian.h:5,
from arch/x86/include/uapi/asm/byteorder.h:5,
from include/asm-generic/bitops/le.h:7,
from arch/x86/include/asm/bitops.h:395,
from include/linux/bitops.h:32,
from include/linux/kernel.h:12,
from include/linux/list.h:9,
from include/linux/wait.h:7,
from include/linux/wait_bit.h:8,
from include/linux/fs.h:6,
from fs/udf/udfdecl.h:10,
from fs/udf/super.c:41:
fs/udf/super.c: In function 'udf_count_free':
>> include/uapi/linux/byteorder/little_endian.h:34:42: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
| ^
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
sparse warnings: (new ones prefixed by >>)
>> fs/udf/super.c:2524:33: sparse: sparse: cast to restricted __le32
>> fs/udf/super.c:2524:33: sparse: sparse: non size-preserving pointer to integer cast
vim +2524 fs/udf/super.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 2499
cb00ea3528eb3c Cyrill Gorcunov 2007-07-19 2500 static unsigned int udf_count_free(struct super_block *sb)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2501 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 2502 unsigned int accum = 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2503 struct udf_sb_info *sbi = UDF_SB(sb);
6c79e987d629cb Marcin Slusarz 2008-02-08 2504 struct udf_part_map *map;
a4a8b99ec819ca Jan Kara 2020-01-07 2505 unsigned int part = sbi->s_partition;
a4a8b99ec819ca Jan Kara 2020-01-07 2506 int ptype = sbi->s_partmaps[part].s_partition_type;
a4a8b99ec819ca Jan Kara 2020-01-07 2507
a4a8b99ec819ca Jan Kara 2020-01-07 2508 if (ptype == UDF_METADATA_MAP25) {
a4a8b99ec819ca Jan Kara 2020-01-07 2509 part = sbi->s_partmaps[part].s_type_specific.s_metadata.
a4a8b99ec819ca Jan Kara 2020-01-07 2510 s_phys_partition_ref;
a4a8b99ec819ca Jan Kara 2020-01-07 2511 } else if (ptype == UDF_VIRTUAL_MAP15 || ptype == UDF_VIRTUAL_MAP20) {
a4a8b99ec819ca Jan Kara 2020-01-07 2512 /*
a4a8b99ec819ca Jan Kara 2020-01-07 2513 * Filesystems with VAT are append-only and we cannot write to
a4a8b99ec819ca Jan Kara 2020-01-07 2514 * them. Let's just report 0 here.
a4a8b99ec819ca Jan Kara 2020-01-07 2515 */
a4a8b99ec819ca Jan Kara 2020-01-07 2516 return 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2517 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2518
6c79e987d629cb Marcin Slusarz 2008-02-08 2519 if (sbi->s_lvid_bh) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 2520 struct logicalVolIntegrityDesc *lvid =
4b11111aba6c80 Marcin Slusarz 2008-02-08 2521 (struct logicalVolIntegrityDesc *)
4b11111aba6c80 Marcin Slusarz 2008-02-08 2522 sbi->s_lvid_bh->b_data;
a4a8b99ec819ca Jan Kara 2020-01-07 2523 if (le32_to_cpu(lvid->numOfPartitions) > part) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 @2524 accum = le32_to_cpu(
3c70bc4978e0cb F.A.Sulaiman 2021-08-11 2525 (lvid->freeSpaceTable + part));
^1da177e4c3f41 Linus Torvalds 2005-04-16 2526 if (accum == 0xFFFFFFFF)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2527 accum = 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2528 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2529 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2530
^1da177e4c3f41 Linus Torvalds 2005-04-16 2531 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2532 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2533
a4a8b99ec819ca Jan Kara 2020-01-07 2534 map = &sbi->s_partmaps[part];
6c79e987d629cb Marcin Slusarz 2008-02-08 2535 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_BITMAP) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2536 accum += udf_count_free_bitmap(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2537 map->s_uspace.s_bitmap);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2538 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2539 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2540 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2541
6c79e987d629cb Marcin Slusarz 2008-02-08 2542 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_TABLE) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2543 accum += udf_count_free_table(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2544 map->s_uspace.s_table);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2545 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2546 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2547 }
54bb60d53114b8 Fabian Frederick 2017-01-06 2548
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 34744 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [PATCH] fix array index out of bound exception
@ 2021-08-11 17:23 ` kernel test robot
0 siblings, 0 replies; 9+ messages in thread
From: kernel test robot @ 2021-08-11 17:23 UTC (permalink / raw)
To: F.A. SULAIMAN, jack; +Cc: kbuild-all, F.A.Sulaiman, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 6789 bytes --]
Hi SULAIMAN",
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14-rc5 next-20210811]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 761c6d7ec820f123b931e7b8ef7ec7c8564e450f
config: x86_64-randconfig-s022-20210810 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.3-348-gf0e6938b-dirty
# https://github.com/0day-ci/linux/commit/3c70bc4978e0cb74c7ba5189c093ecccf4564925
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
git checkout 3c70bc4978e0cb74c7ba5189c093ecccf4564925
# save the attached .config to linux build tree
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=x86_64 SHELL=/bin/bash fs/udf/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
In file included from include/linux/byteorder/little_endian.h:5,
from arch/x86/include/uapi/asm/byteorder.h:5,
from include/asm-generic/bitops/le.h:7,
from arch/x86/include/asm/bitops.h:395,
from include/linux/bitops.h:32,
from include/linux/kernel.h:12,
from include/linux/list.h:9,
from include/linux/wait.h:7,
from include/linux/wait_bit.h:8,
from include/linux/fs.h:6,
from fs/udf/udfdecl.h:10,
from fs/udf/super.c:41:
fs/udf/super.c: In function 'udf_count_free':
>> include/uapi/linux/byteorder/little_endian.h:34:42: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x))
| ^
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
sparse warnings: (new ones prefixed by >>)
>> fs/udf/super.c:2524:33: sparse: sparse: cast to restricted __le32
>> fs/udf/super.c:2524:33: sparse: sparse: non size-preserving pointer to integer cast
vim +2524 fs/udf/super.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 2499
cb00ea3528eb3c Cyrill Gorcunov 2007-07-19 2500 static unsigned int udf_count_free(struct super_block *sb)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2501 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 2502 unsigned int accum = 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2503 struct udf_sb_info *sbi = UDF_SB(sb);
6c79e987d629cb Marcin Slusarz 2008-02-08 2504 struct udf_part_map *map;
a4a8b99ec819ca Jan Kara 2020-01-07 2505 unsigned int part = sbi->s_partition;
a4a8b99ec819ca Jan Kara 2020-01-07 2506 int ptype = sbi->s_partmaps[part].s_partition_type;
a4a8b99ec819ca Jan Kara 2020-01-07 2507
a4a8b99ec819ca Jan Kara 2020-01-07 2508 if (ptype == UDF_METADATA_MAP25) {
a4a8b99ec819ca Jan Kara 2020-01-07 2509 part = sbi->s_partmaps[part].s_type_specific.s_metadata.
a4a8b99ec819ca Jan Kara 2020-01-07 2510 s_phys_partition_ref;
a4a8b99ec819ca Jan Kara 2020-01-07 2511 } else if (ptype == UDF_VIRTUAL_MAP15 || ptype == UDF_VIRTUAL_MAP20) {
a4a8b99ec819ca Jan Kara 2020-01-07 2512 /*
a4a8b99ec819ca Jan Kara 2020-01-07 2513 * Filesystems with VAT are append-only and we cannot write to
a4a8b99ec819ca Jan Kara 2020-01-07 2514 * them. Let's just report 0 here.
a4a8b99ec819ca Jan Kara 2020-01-07 2515 */
a4a8b99ec819ca Jan Kara 2020-01-07 2516 return 0;
a4a8b99ec819ca Jan Kara 2020-01-07 2517 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2518
6c79e987d629cb Marcin Slusarz 2008-02-08 2519 if (sbi->s_lvid_bh) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 2520 struct logicalVolIntegrityDesc *lvid =
4b11111aba6c80 Marcin Slusarz 2008-02-08 2521 (struct logicalVolIntegrityDesc *)
4b11111aba6c80 Marcin Slusarz 2008-02-08 2522 sbi->s_lvid_bh->b_data;
a4a8b99ec819ca Jan Kara 2020-01-07 2523 if (le32_to_cpu(lvid->numOfPartitions) > part) {
4b11111aba6c80 Marcin Slusarz 2008-02-08 @2524 accum = le32_to_cpu(
3c70bc4978e0cb F.A.Sulaiman 2021-08-11 2525 (lvid->freeSpaceTable + part));
^1da177e4c3f41 Linus Torvalds 2005-04-16 2526 if (accum == 0xFFFFFFFF)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2527 accum = 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2528 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2529 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2530
^1da177e4c3f41 Linus Torvalds 2005-04-16 2531 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2532 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2533
a4a8b99ec819ca Jan Kara 2020-01-07 2534 map = &sbi->s_partmaps[part];
6c79e987d629cb Marcin Slusarz 2008-02-08 2535 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_BITMAP) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2536 accum += udf_count_free_bitmap(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2537 map->s_uspace.s_bitmap);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2538 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2539 if (accum)
^1da177e4c3f41 Linus Torvalds 2005-04-16 2540 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2541
6c79e987d629cb Marcin Slusarz 2008-02-08 2542 if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_TABLE) {
28de7948a89676 Cyrill Gorcunov 2007-07-21 2543 accum += udf_count_free_table(sb,
6c79e987d629cb Marcin Slusarz 2008-02-08 2544 map->s_uspace.s_table);
28de7948a89676 Cyrill Gorcunov 2007-07-21 2545 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 2546 return accum;
^1da177e4c3f41 Linus Torvalds 2005-04-16 2547 }
54bb60d53114b8 Fabian Frederick 2017-01-06 2548
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 34744 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] fix array index out of bound exception
2021-08-11 13:11 [PATCH] fix array index out of bound exception F.A. SULAIMAN
@ 2021-08-11 17:24 ` kernel test robot
2021-08-11 16:31 ` kernel test robot
` (2 subsequent siblings)
3 siblings, 0 replies; 9+ messages in thread
From: kernel test robot @ 2021-08-11 17:24 UTC (permalink / raw)
To: kbuild-all
[-- Attachment #1: Type: text/plain, Size: 11060 bytes --]
Hi SULAIMAN",
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14-rc5 next-20210811]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 761c6d7ec820f123b931e7b8ef7ec7c8564e450f
config: sparc64-randconfig-r026-20210811 (attached as .config)
compiler: sparc64-linux-gcc (GCC) 10.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/3c70bc4978e0cb74c7ba5189c093ecccf4564925
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
git checkout 3c70bc4978e0cb74c7ba5189c093ecccf4564925
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-10.3.0 make.cross ARCH=sparc64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
In file included from include/linux/swab.h:5,
from include/uapi/linux/byteorder/big_endian.h:13,
from include/linux/byteorder/big_endian.h:5,
from arch/sparc/include/uapi/asm/byteorder.h:5,
from arch/sparc/include/asm/bitops_64.h:16,
from arch/sparc/include/asm/bitops.h:5,
from include/linux/bitops.h:32,
from include/linux/kernel.h:12,
from include/linux/list.h:9,
from include/linux/wait.h:7,
from include/linux/wait_bit.h:8,
from include/linux/fs.h:6,
from fs/udf/udfdecl.h:10,
from fs/udf/super.c:41:
fs/udf/super.c: In function 'udf_count_free':
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:118:32: note: in definition of macro '__swab32'
118 | (__builtin_constant_p((__u32)(x)) ? \
| ^
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:19:12: note: in definition of macro '___constant_swab32'
19 | (((__u32)(x) & (__u32)0x000000ffUL) << 24) | \
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:20:12: note: in definition of macro '___constant_swab32'
20 | (((__u32)(x) & (__u32)0x0000ff00UL) << 8) | \
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:21:12: note: in definition of macro '___constant_swab32'
21 | (((__u32)(x) & (__u32)0x00ff0000UL) >> 8) | \
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:22:12: note: in definition of macro '___constant_swab32'
22 | (((__u32)(x) & (__u32)0xff000000UL) >> 24)))
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:120:12: note: in definition of macro '__swab32'
120 | __fswab32(x))
| ^
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
vim +34 include/uapi/linux/byteorder/big_endian.h
5921e6f8809b16 David Howells 2012-10-13 14
5921e6f8809b16 David Howells 2012-10-13 15 #define __constant_htonl(x) ((__force __be32)(__u32)(x))
5921e6f8809b16 David Howells 2012-10-13 16 #define __constant_ntohl(x) ((__force __u32)(__be32)(x))
5921e6f8809b16 David Howells 2012-10-13 17 #define __constant_htons(x) ((__force __be16)(__u16)(x))
5921e6f8809b16 David Howells 2012-10-13 18 #define __constant_ntohs(x) ((__force __u16)(__be16)(x))
5921e6f8809b16 David Howells 2012-10-13 19 #define __constant_cpu_to_le64(x) ((__force __le64)___constant_swab64((x)))
5921e6f8809b16 David Howells 2012-10-13 20 #define __constant_le64_to_cpu(x) ___constant_swab64((__force __u64)(__le64)(x))
5921e6f8809b16 David Howells 2012-10-13 21 #define __constant_cpu_to_le32(x) ((__force __le32)___constant_swab32((x)))
5921e6f8809b16 David Howells 2012-10-13 22 #define __constant_le32_to_cpu(x) ___constant_swab32((__force __u32)(__le32)(x))
5921e6f8809b16 David Howells 2012-10-13 23 #define __constant_cpu_to_le16(x) ((__force __le16)___constant_swab16((x)))
5921e6f8809b16 David Howells 2012-10-13 24 #define __constant_le16_to_cpu(x) ___constant_swab16((__force __u16)(__le16)(x))
5921e6f8809b16 David Howells 2012-10-13 25 #define __constant_cpu_to_be64(x) ((__force __be64)(__u64)(x))
5921e6f8809b16 David Howells 2012-10-13 26 #define __constant_be64_to_cpu(x) ((__force __u64)(__be64)(x))
5921e6f8809b16 David Howells 2012-10-13 27 #define __constant_cpu_to_be32(x) ((__force __be32)(__u32)(x))
5921e6f8809b16 David Howells 2012-10-13 28 #define __constant_be32_to_cpu(x) ((__force __u32)(__be32)(x))
5921e6f8809b16 David Howells 2012-10-13 29 #define __constant_cpu_to_be16(x) ((__force __be16)(__u16)(x))
5921e6f8809b16 David Howells 2012-10-13 30 #define __constant_be16_to_cpu(x) ((__force __u16)(__be16)(x))
5921e6f8809b16 David Howells 2012-10-13 31 #define __cpu_to_le64(x) ((__force __le64)__swab64((x)))
5921e6f8809b16 David Howells 2012-10-13 32 #define __le64_to_cpu(x) __swab64((__force __u64)(__le64)(x))
5921e6f8809b16 David Howells 2012-10-13 33 #define __cpu_to_le32(x) ((__force __le32)__swab32((x)))
5921e6f8809b16 David Howells 2012-10-13 @34 #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
5921e6f8809b16 David Howells 2012-10-13 35 #define __cpu_to_le16(x) ((__force __le16)__swab16((x)))
5921e6f8809b16 David Howells 2012-10-13 36 #define __le16_to_cpu(x) __swab16((__force __u16)(__le16)(x))
5921e6f8809b16 David Howells 2012-10-13 37 #define __cpu_to_be64(x) ((__force __be64)(__u64)(x))
5921e6f8809b16 David Howells 2012-10-13 38 #define __be64_to_cpu(x) ((__force __u64)(__be64)(x))
5921e6f8809b16 David Howells 2012-10-13 39 #define __cpu_to_be32(x) ((__force __be32)(__u32)(x))
5921e6f8809b16 David Howells 2012-10-13 40 #define __be32_to_cpu(x) ((__force __u32)(__be32)(x))
5921e6f8809b16 David Howells 2012-10-13 41 #define __cpu_to_be16(x) ((__force __be16)(__u16)(x))
5921e6f8809b16 David Howells 2012-10-13 42 #define __be16_to_cpu(x) ((__force __u16)(__be16)(x))
5921e6f8809b16 David Howells 2012-10-13 43
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 33703 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [PATCH] fix array index out of bound exception
@ 2021-08-11 17:24 ` kernel test robot
0 siblings, 0 replies; 9+ messages in thread
From: kernel test robot @ 2021-08-11 17:24 UTC (permalink / raw)
To: F.A. SULAIMAN, jack; +Cc: kbuild-all, F.A.Sulaiman, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 10892 bytes --]
Hi SULAIMAN",
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14-rc5 next-20210811]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 761c6d7ec820f123b931e7b8ef7ec7c8564e450f
config: sparc64-randconfig-r026-20210811 (attached as .config)
compiler: sparc64-linux-gcc (GCC) 10.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/3c70bc4978e0cb74c7ba5189c093ecccf4564925
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review F-A-SULAIMAN/fix-array-index-out-of-bound-exception/20210811-211453
git checkout 3c70bc4978e0cb74c7ba5189c093ecccf4564925
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-10.3.0 make.cross ARCH=sparc64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
In file included from include/linux/swab.h:5,
from include/uapi/linux/byteorder/big_endian.h:13,
from include/linux/byteorder/big_endian.h:5,
from arch/sparc/include/uapi/asm/byteorder.h:5,
from arch/sparc/include/asm/bitops_64.h:16,
from arch/sparc/include/asm/bitops.h:5,
from include/linux/bitops.h:32,
from include/linux/kernel.h:12,
from include/linux/list.h:9,
from include/linux/wait.h:7,
from include/linux/wait_bit.h:8,
from include/linux/fs.h:6,
from fs/udf/udfdecl.h:10,
from fs/udf/super.c:41:
fs/udf/super.c: In function 'udf_count_free':
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:118:32: note: in definition of macro '__swab32'
118 | (__builtin_constant_p((__u32)(x)) ? \
| ^
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:19:12: note: in definition of macro '___constant_swab32'
19 | (((__u32)(x) & (__u32)0x000000ffUL) << 24) | \
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:20:12: note: in definition of macro '___constant_swab32'
20 | (((__u32)(x) & (__u32)0x0000ff00UL) << 8) | \
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:21:12: note: in definition of macro '___constant_swab32'
21 | (((__u32)(x) & (__u32)0x00ff0000UL) >> 8) | \
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:22:12: note: in definition of macro '___constant_swab32'
22 | (((__u32)(x) & (__u32)0xff000000UL) >> 24)))
| ^
include/uapi/linux/byteorder/big_endian.h:34:26: note: in expansion of macro '__swab32'
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^~~~~~~~
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
>> include/uapi/linux/byteorder/big_endian.h:34:50: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
34 | #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
| ^
include/uapi/linux/swab.h:120:12: note: in definition of macro '__swab32'
120 | __fswab32(x))
| ^
include/linux/byteorder/generic.h:89:21: note: in expansion of macro '__le32_to_cpu'
89 | #define le32_to_cpu __le32_to_cpu
| ^~~~~~~~~~~~~
fs/udf/super.c:2524:12: note: in expansion of macro 'le32_to_cpu'
2524 | accum = le32_to_cpu(
| ^~~~~~~~~~~
vim +34 include/uapi/linux/byteorder/big_endian.h
5921e6f8809b16 David Howells 2012-10-13 14
5921e6f8809b16 David Howells 2012-10-13 15 #define __constant_htonl(x) ((__force __be32)(__u32)(x))
5921e6f8809b16 David Howells 2012-10-13 16 #define __constant_ntohl(x) ((__force __u32)(__be32)(x))
5921e6f8809b16 David Howells 2012-10-13 17 #define __constant_htons(x) ((__force __be16)(__u16)(x))
5921e6f8809b16 David Howells 2012-10-13 18 #define __constant_ntohs(x) ((__force __u16)(__be16)(x))
5921e6f8809b16 David Howells 2012-10-13 19 #define __constant_cpu_to_le64(x) ((__force __le64)___constant_swab64((x)))
5921e6f8809b16 David Howells 2012-10-13 20 #define __constant_le64_to_cpu(x) ___constant_swab64((__force __u64)(__le64)(x))
5921e6f8809b16 David Howells 2012-10-13 21 #define __constant_cpu_to_le32(x) ((__force __le32)___constant_swab32((x)))
5921e6f8809b16 David Howells 2012-10-13 22 #define __constant_le32_to_cpu(x) ___constant_swab32((__force __u32)(__le32)(x))
5921e6f8809b16 David Howells 2012-10-13 23 #define __constant_cpu_to_le16(x) ((__force __le16)___constant_swab16((x)))
5921e6f8809b16 David Howells 2012-10-13 24 #define __constant_le16_to_cpu(x) ___constant_swab16((__force __u16)(__le16)(x))
5921e6f8809b16 David Howells 2012-10-13 25 #define __constant_cpu_to_be64(x) ((__force __be64)(__u64)(x))
5921e6f8809b16 David Howells 2012-10-13 26 #define __constant_be64_to_cpu(x) ((__force __u64)(__be64)(x))
5921e6f8809b16 David Howells 2012-10-13 27 #define __constant_cpu_to_be32(x) ((__force __be32)(__u32)(x))
5921e6f8809b16 David Howells 2012-10-13 28 #define __constant_be32_to_cpu(x) ((__force __u32)(__be32)(x))
5921e6f8809b16 David Howells 2012-10-13 29 #define __constant_cpu_to_be16(x) ((__force __be16)(__u16)(x))
5921e6f8809b16 David Howells 2012-10-13 30 #define __constant_be16_to_cpu(x) ((__force __u16)(__be16)(x))
5921e6f8809b16 David Howells 2012-10-13 31 #define __cpu_to_le64(x) ((__force __le64)__swab64((x)))
5921e6f8809b16 David Howells 2012-10-13 32 #define __le64_to_cpu(x) __swab64((__force __u64)(__le64)(x))
5921e6f8809b16 David Howells 2012-10-13 33 #define __cpu_to_le32(x) ((__force __le32)__swab32((x)))
5921e6f8809b16 David Howells 2012-10-13 @34 #define __le32_to_cpu(x) __swab32((__force __u32)(__le32)(x))
5921e6f8809b16 David Howells 2012-10-13 35 #define __cpu_to_le16(x) ((__force __le16)__swab16((x)))
5921e6f8809b16 David Howells 2012-10-13 36 #define __le16_to_cpu(x) __swab16((__force __u16)(__le16)(x))
5921e6f8809b16 David Howells 2012-10-13 37 #define __cpu_to_be64(x) ((__force __be64)(__u64)(x))
5921e6f8809b16 David Howells 2012-10-13 38 #define __be64_to_cpu(x) ((__force __u64)(__be64)(x))
5921e6f8809b16 David Howells 2012-10-13 39 #define __cpu_to_be32(x) ((__force __be32)(__u32)(x))
5921e6f8809b16 David Howells 2012-10-13 40 #define __be32_to_cpu(x) ((__force __u32)(__be32)(x))
5921e6f8809b16 David Howells 2012-10-13 41 #define __cpu_to_be16(x) ((__force __be16)(__u16)(x))
5921e6f8809b16 David Howells 2012-10-13 42 #define __be16_to_cpu(x) ((__force __u16)(__be16)(x))
5921e6f8809b16 David Howells 2012-10-13 43
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 33703 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH] Fix array index out of bound exception
@ 2018-03-06 10:07 Lianbo Jiang
0 siblings, 0 replies; 9+ messages in thread
From: Lianbo Jiang @ 2018-03-06 10:07 UTC (permalink / raw)
To: kexec
A data overflow may lead to a reversal, which may turn a positive
number into a large negative number, in this case, the string's
length will exceed the array size(for example, eta: -2147483648s),
here the array size is defined 16 characters. So, it is nessasary
to consider some exceptions.
Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
---
print_info.c | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/print_info.c b/print_info.c
index e0e6a27..09e215a 100644
--- a/print_info.c
+++ b/print_info.c
@@ -16,6 +16,8 @@
#include "print_info.h"
#include <time.h>
#include <string.h>
+#include <stdint.h>
+#include <inttypes.h>
#define PROGRESS_MAXLEN "50"
@@ -352,18 +354,21 @@ static void calc_delta(struct timeval *tv_start, struct timeval *delta)
}
/* produce less than 12 bytes on msg */
-static int eta_to_human_short (int secs, char* msg)
+static int eta_to_human_short (int64_t secs, char* msg, int maxsize)
{
strcpy(msg, "eta: ");
msg += strlen("eta: ");
if (secs < 100)
- sprintf(msg, "%ds", secs);
+ snprintf(msg, maxsize, "%"PRId64"s", secs);
else if (secs < 100 * 60)
- sprintf(msg, "%dm%ds", secs / 60, secs % 60);
+ snprintf(msg, maxsize, "%"PRId64"m""%"PRId64"s",
+ secs / 60, secs % 60);
else if (secs < 48 * 3600)
- sprintf(msg, "%dh%dm", secs / 3600, (secs / 60) % 60);
+ snprintf(msg, maxsize, "%"PRId64"h""%"PRId64"m",
+ secs / 3600, (secs / 60) % 60);
else if (secs < 100 * 86400)
- sprintf(msg, "%dd%dh", secs / 86400, (secs / 3600) % 24);
+ snprintf(msg, maxsize, "%"PRId64"d""%"PRId64"h",
+ secs / 86400, (secs / 3600) % 24);
else
sprintf(msg, ">2day");
return 0;
@@ -379,8 +384,8 @@ print_progress(const char *msg, unsigned long current, unsigned long end, struct
static unsigned int lapse = 0;
static const char *spinner = "/|\\-";
struct timeval delta;
- double eta;
- char eta_msg[16] = " ";
+ int64_t eta;
+ char eta_msg[32] = " ";
if (current < end) {
tm = time(NULL);
@@ -395,7 +400,7 @@ print_progress(const char *msg, unsigned long current, unsigned long end, struct
calc_delta(start, &delta);
eta = delta.tv_sec + delta.tv_usec / 1e6;
eta = (100 - progress) * eta / progress;
- eta_to_human_short(eta, eta_msg);
+ eta_to_human_short(eta, eta_msg, sizeof(eta_msg));
}
if (flag_ignore_r_char) {
PROGRESS_MSG("%-" PROGRESS_MAXLEN "s: [%5.1f %%] %c %16s\n",
--
2.9.5
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2021-08-11 17:24 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-08-11 13:11 [PATCH] fix array index out of bound exception F.A. SULAIMAN
2021-08-11 14:59 ` Jan Kara
2021-08-11 16:31 ` kernel test robot
2021-08-11 16:31 ` kernel test robot
2021-08-11 17:23 ` kernel test robot
2021-08-11 17:23 ` kernel test robot
2021-08-11 17:24 ` kernel test robot
2021-08-11 17:24 ` kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2018-03-06 10:07 [PATCH] Fix " Lianbo Jiang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.