From: Dan Carpenter <dan.carpenter@oracle.com>
To: kolga@netapp.com
Cc: linux-nfs@vger.kernel.org
Subject: [bug report] NFSD introduce async copy feature
Date: Tue, 30 Mar 2021 12:30:30 +0300 [thread overview]
Message-ID: <YGLvtkMGkjdme57B@mwanda> (raw)
Hello Olga Kornievskaia,
The patch e0639dc5805a: "NFSD introduce async copy feature" from Jul
20, 2018, leads to the following static checker warning:
fs/nfsd/nfs4proc.c:1544 nfsd4_copy()
error: '__memcpy()' '©->cp_res.cb_stateid' too small (16 vs 24)
fs/nfsd/nfs4proc.c
1508 static __be32
1509 nfsd4_copy(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
1510 union nfsd4_op_u *u)
1511 {
1512 struct nfsd4_copy *copy = &u->copy;
1513 __be32 status;
1514 struct nfsd4_copy *async_copy = NULL;
1515
1516 if (!copy->cp_intra) { /* Inter server SSC */
1517 if (!inter_copy_offload_enable || copy->cp_synchronous) {
1518 status = nfserr_notsupp;
1519 goto out;
1520 }
1521 status = nfsd4_setup_inter_ssc(rqstp, cstate, copy,
1522 ©->ss_mnt);
1523 if (status)
1524 return nfserr_offload_denied;
1525 } else {
1526 status = nfsd4_setup_intra_ssc(rqstp, cstate, copy);
1527 if (status)
1528 return status;
1529 }
1530
1531 copy->cp_clp = cstate->clp;
1532 memcpy(©->fh, &cstate->current_fh.fh_handle,
1533 sizeof(struct knfsd_fh));
1534 if (!copy->cp_synchronous) {
1535 struct nfsd_net *nn = net_generic(SVC_NET(rqstp), nfsd_net_id);
1536
1537 status = nfserrno(-ENOMEM);
1538 async_copy = kzalloc(sizeof(struct nfsd4_copy), GFP_KERNEL);
1539 if (!async_copy)
1540 goto out_err;
1541 if (!nfs4_init_copy_state(nn, copy))
1542 goto out_err;
1543 refcount_set(&async_copy->refcount, 1);
1544 memcpy(©->cp_res.cb_stateid, ©->cp_stateid,
1545 sizeof(copy->cp_stateid));
It took me a while to spot the cb_ vs cp_... :P
The copy->cp_stateid looks like this: fs/nfsd/state.h
59 typedef struct {
60 stateid_t stid;
61 #define NFS4_COPY_STID 1
62 #define NFS4_COPYNOTIFY_STID 2
63 unsigned char sc_type;
64 refcount_t sc_count;
65 } copy_stateid_t;
The .cb_stateid is just the stateid without the sc_type or the
refcounting. I suspect we should only be copying the stateid.
1546 dup_copy_fields(copy, async_copy);
1547 async_copy->copy_task = kthread_create(nfsd4_do_async_copy,
1548 async_copy, "%s", "copy thread");
1549 if (IS_ERR(async_copy->copy_task))
1550 goto out_err;
1551 spin_lock(&async_copy->cp_clp->async_lock);
1552 list_add(&async_copy->copies,
regards,
dan carpenter
next reply other threads:[~2021-03-30 9:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-30 9:30 Dan Carpenter [this message]
-- strict thread matches above, loose matches on Subject: below --
2019-12-04 8:00 [bug report] NFSD introduce async copy feature Dan Carpenter
2019-12-04 8:00 Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YGLvtkMGkjdme57B@mwanda \
--to=dan.carpenter@oracle.com \
--cc=kolga@netapp.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox