From: kernel test robot <lkp@intel.com>
To: oe-kbuild@lists.linux.dev
Cc: lkp@intel.com, Dan Carpenter <error27@gmail.com>
Subject: fs/nfs/inode.c:1854 nfs_ooo_merge() error: testing array offset 'cnt' after use.
Date: Sat, 6 May 2023 16:44:29 +0800 [thread overview]
Message-ID: <202305061623.JNCCAx1G-lkp@intel.com> (raw)
BCC: lkp@intel.com
CC: oe-kbuild-all@lists.linux.dev
CC: linux-kernel@vger.kernel.org
TO: NeilBrown <neilb@suse.de>
CC: Anna Schumaker <Anna.Schumaker@Netapp.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 2e1e1337881b0e9844d687982aa54b31b1269b11
commit: 3db63daabe210af32a09533fe7d8d47c711a103c NFSv3: handle out-of-order write replies.
date: 4 weeks ago
:::::: branch date: 6 hours ago
:::::: commit date: 4 weeks ago
config: x86_64-randconfig-m001-20230501 (https://download.01.org/0day-ci/archive/20230506/202305061623.JNCCAx1G-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-12) 11.3.0
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Reported-by: Dan Carpenter <error27@gmail.com>
| Link: https://lore.kernel.org/r/202305061623.JNCCAx1G-lkp@intel.com/
smatch warnings:
fs/nfs/inode.c:1854 nfs_ooo_merge() error: testing array offset 'cnt' after use.
vim +/cnt +1854 fs/nfs/inode.c
7b24dacf084005 Trond Myklebust 2021-04-09 1820
3db63daabe210a NeilBrown 2023-03-22 1821 static void nfs_ooo_merge(struct nfs_inode *nfsi,
3db63daabe210a NeilBrown 2023-03-22 1822 u64 start, u64 end)
3db63daabe210a NeilBrown 2023-03-22 1823 {
3db63daabe210a NeilBrown 2023-03-22 1824 int i, cnt;
3db63daabe210a NeilBrown 2023-03-22 1825
3db63daabe210a NeilBrown 2023-03-22 1826 if (nfsi->cache_validity & NFS_INO_DATA_INVAL_DEFER)
3db63daabe210a NeilBrown 2023-03-22 1827 /* No point merging anything */
3db63daabe210a NeilBrown 2023-03-22 1828 return;
3db63daabe210a NeilBrown 2023-03-22 1829
3db63daabe210a NeilBrown 2023-03-22 1830 if (!nfsi->ooo) {
3db63daabe210a NeilBrown 2023-03-22 1831 nfsi->ooo = kmalloc(sizeof(*nfsi->ooo), GFP_ATOMIC);
3db63daabe210a NeilBrown 2023-03-22 1832 if (!nfsi->ooo) {
3db63daabe210a NeilBrown 2023-03-22 1833 nfsi->cache_validity |= NFS_INO_DATA_INVAL_DEFER;
3db63daabe210a NeilBrown 2023-03-22 1834 return;
3db63daabe210a NeilBrown 2023-03-22 1835 }
3db63daabe210a NeilBrown 2023-03-22 1836 nfsi->ooo->cnt = 0;
3db63daabe210a NeilBrown 2023-03-22 1837 }
3db63daabe210a NeilBrown 2023-03-22 1838
3db63daabe210a NeilBrown 2023-03-22 1839 /* add this range, merging if possible */
3db63daabe210a NeilBrown 2023-03-22 1840 cnt = nfsi->ooo->cnt;
3db63daabe210a NeilBrown 2023-03-22 1841 for (i = 0; i < cnt; i++) {
3db63daabe210a NeilBrown 2023-03-22 1842 if (end == nfsi->ooo->gap[i].start)
3db63daabe210a NeilBrown 2023-03-22 1843 end = nfsi->ooo->gap[i].end;
3db63daabe210a NeilBrown 2023-03-22 1844 else if (start == nfsi->ooo->gap[i].end)
3db63daabe210a NeilBrown 2023-03-22 1845 start = nfsi->ooo->gap[i].start;
3db63daabe210a NeilBrown 2023-03-22 1846 else
3db63daabe210a NeilBrown 2023-03-22 1847 continue;
3db63daabe210a NeilBrown 2023-03-22 1848 /* Remove 'i' from table and loop to insert the new range */
3db63daabe210a NeilBrown 2023-03-22 1849 cnt -= 1;
3db63daabe210a NeilBrown 2023-03-22 1850 nfsi->ooo->gap[i] = nfsi->ooo->gap[cnt];
3db63daabe210a NeilBrown 2023-03-22 1851 i = -1;
3db63daabe210a NeilBrown 2023-03-22 1852 }
3db63daabe210a NeilBrown 2023-03-22 1853 if (start != end) {
3db63daabe210a NeilBrown 2023-03-22 @1854 if (cnt >= ARRAY_SIZE(nfsi->ooo->gap)) {
3db63daabe210a NeilBrown 2023-03-22 1855 nfsi->cache_validity |= NFS_INO_DATA_INVAL_DEFER;
3db63daabe210a NeilBrown 2023-03-22 1856 kfree(nfsi->ooo);
3db63daabe210a NeilBrown 2023-03-22 1857 nfsi->ooo = NULL;
3db63daabe210a NeilBrown 2023-03-22 1858 return;
3db63daabe210a NeilBrown 2023-03-22 1859 }
3db63daabe210a NeilBrown 2023-03-22 1860 nfsi->ooo->gap[cnt].start = start;
3db63daabe210a NeilBrown 2023-03-22 1861 nfsi->ooo->gap[cnt].end = end;
3db63daabe210a NeilBrown 2023-03-22 1862 cnt += 1;
3db63daabe210a NeilBrown 2023-03-22 1863 }
3db63daabe210a NeilBrown 2023-03-22 1864 nfsi->ooo->cnt = cnt;
3db63daabe210a NeilBrown 2023-03-22 1865 }
3db63daabe210a NeilBrown 2023-03-22 1866
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests
reply other threads:[~2023-05-06 8:45 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202305061623.JNCCAx1G-lkp@intel.com \
--to=lkp@intel.com \
--cc=error27@gmail.com \
--cc=oe-kbuild@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.