From: Dan Carpenter <error27@gmail.com>
To: Namjae Jeon <linkinjeon@kernel.org>
Cc: linux-fsdevel@vger.kernel.org
Subject: [bug report] ntfs: update attrib operations
Date: Fri, 10 Apr 2026 09:46:46 +0300 [thread overview]
Message-ID: <adic1vbVQJoOJq9n@stanley.mountain> (raw)
Hello Namjae Jeon,
Commit 495e90fa3348 ("ntfs: update attrib operations") from Feb 13,
2026 (linux-next), leads to the following Smatch static checker
warning:
fs/ntfs/attrib.c:196 ntfs_map_runlist_nolock()
error: uninitialized symbol 'ctx_needs_reset'.
fs/ntfs/attrib.c
78 int ntfs_map_runlist_nolock(struct ntfs_inode *ni, s64 vcn, struct ntfs_attr_search_ctx *ctx)
79 {
80 s64 end_vcn;
81 unsigned long flags;
82 struct ntfs_inode *base_ni;
83 struct mft_record *m;
84 struct attr_record *a;
85 struct runlist_element *rl;
86 struct folio *put_this_folio = NULL;
87 int err = 0;
88 bool ctx_is_temporary = false, ctx_needs_reset;
89 struct ntfs_attr_search_ctx old_ctx = { NULL, };
90 size_t new_rl_count;
91
92 ntfs_debug("Mapping runlist part containing vcn 0x%llx.",
93 (unsigned long long)vcn);
94 if (!NInoAttr(ni))
95 base_ni = ni;
96 else
97 base_ni = ni->ext.base_ntfs_ino;
98 if (!ctx) {
99 ctx_is_temporary = ctx_needs_reset = true;
100 m = map_mft_record(base_ni);
101 if (IS_ERR(m))
102 return PTR_ERR(m);
103 ctx = ntfs_attr_get_search_ctx(base_ni, m);
104 if (unlikely(!ctx)) {
105 err = -ENOMEM;
106 goto err_out;
107 }
108 } else {
109 s64 allocated_size_vcn;
110
111 WARN_ON(IS_ERR(ctx->mrec));
112 a = ctx->attr;
113 if (!a->non_resident) {
114 err = -EIO;
115 goto err_out;
ctx_is_temporary is false. ctx_needs_reset is uninitialized.
116 }
117 end_vcn = le64_to_cpu(a->data.non_resident.highest_vcn);
118 read_lock_irqsave(&ni->size_lock, flags);
119 allocated_size_vcn =
120 ntfs_bytes_to_cluster(ni->vol, ni->allocated_size);
121 read_unlock_irqrestore(&ni->size_lock, flags);
122 if (!a->data.non_resident.lowest_vcn && end_vcn <= 0)
123 end_vcn = allocated_size_vcn - 1;
124 /*
125 * If we already have the attribute extent containing @vcn in
126 * @ctx, no need to look it up again. We slightly cheat in
127 * that if vcn exceeds the allocated size, we will refuse to
128 * map the runlist below, so there is definitely no need to get
129 * the right attribute extent.
130 */
131 if (vcn >= allocated_size_vcn || (a->type == ni->type &&
132 a->name_length == ni->name_len &&
133 !memcmp((u8 *)a + le16_to_cpu(a->name_offset),
134 ni->name, ni->name_len) &&
135 le64_to_cpu(a->data.non_resident.lowest_vcn)
136 <= vcn && end_vcn >= vcn))
137 ctx_needs_reset = false;
138 else {
139 /* Save the old search context. */
140 old_ctx = *ctx;
141 /*
142 * If the currently mapped (extent) inode is not the
143 * base inode we will unmap it when we reinitialize the
144 * search context which means we need to get a
145 * reference to the page containing the mapped mft
146 * record so we do not accidentally drop changes to the
147 * mft record when it has not been marked dirty yet.
148 */
149 if (old_ctx.base_ntfs_ino && old_ctx.ntfs_ino !=
150 old_ctx.base_ntfs_ino) {
151 put_this_folio = old_ctx.ntfs_ino->folio;
152 folio_get(put_this_folio);
153 }
154 /*
155 * Reinitialize the search context so we can lookup the
156 * needed attribute extent.
157 */
158 ntfs_attr_reinit_search_ctx(ctx);
159 ctx_needs_reset = true;
160 }
161 }
162 if (ctx_needs_reset) {
163 err = ntfs_attr_lookup(ni->type, ni->name, ni->name_len,
164 CASE_SENSITIVE, vcn, NULL, 0, ctx);
165 if (unlikely(err)) {
166 if (err == -ENOENT)
167 err = -EIO;
168 goto err_out;
169 }
170 WARN_ON(!ctx->attr->non_resident);
171 }
172 a = ctx->attr;
173 /*
174 * Only decompress the mapping pairs if @vcn is inside it. Otherwise
175 * we get into problems when we try to map an out of bounds vcn because
176 * we then try to map the already mapped runlist fragment and
177 * ntfs_mapping_pairs_decompress() fails.
178 */
179 end_vcn = le64_to_cpu(a->data.non_resident.highest_vcn) + 1;
180 if (unlikely(vcn && vcn >= end_vcn)) {
181 err = -ENOENT;
182 goto err_out;
183 }
184 rl = ntfs_mapping_pairs_decompress(ni->vol, a, &ni->runlist, &new_rl_count);
185 if (IS_ERR(rl))
186 err = PTR_ERR(rl);
187 else {
188 ni->runlist.rl = rl;
189 ni->runlist.count = new_rl_count;
190 }
191 err_out:
192 if (ctx_is_temporary) {
193 if (likely(ctx))
194 ntfs_attr_put_search_ctx(ctx);
195 unmap_mft_record(base_ni);
--> 196 } else if (ctx_needs_reset) {
^^^^^^^^^^^^^^^
Uninitialized
197 /*
198 * If there is no attribute list, restoring the search context
199 * is accomplished simply by copying the saved context back over
200 * the caller supplied context. If there is an attribute list,
This email is a free service from the Smatch-CI project [smatch.sf.net].
regards,
dan carpenter
next reply other threads:[~2026-04-10 6:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-10 6:46 Dan Carpenter [this message]
-- strict thread matches above, loose matches on Subject: below --
2026-04-10 10:11 [bug report] ntfs: update attrib operations Dan Carpenter
2026-02-27 7:58 Dan Carpenter
2026-02-27 9:46 ` Namjae Jeon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adic1vbVQJoOJq9n@stanley.mountain \
--to=error27@gmail.com \
--cc=linkinjeon@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.