Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp4123729ybv; Tue, 25 Feb 2020 13:41:03 -0800 (PST) X-Google-Smtp-Source: APXvYqyv7dLFVOjYUV+ktLWsdqqBtZcVxwMLo4bsPGauIn7t4SeJLx7XwQYjzkpWqum4VBQf1YZS X-Received: by 2002:a9d:7342:: with SMTP id l2mr531361otk.98.1582666863775; Tue, 25 Feb 2020 13:41:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582666863; cv=none; d=google.com; s=arc-20160816; b=l34YBOtwmWG89+ZTc7mIla6boBEpl8vCo6njE2jI/OuGgCkbzuxtvqD8t0ubF4eI8m ZBgP5xkdFBIbe+/2lZ4S/kcjx9vbtweysQK41Scq9uybTJdVj5CNc5df/b9lxkaA9Qu9 KAZR+uqXOkniGP8SRpsKjQwLHXayNyiznTa6zP7YEFRomqKz8W0VGqLuvTmalWDUBM8X /Sye9cIZJcGwSnoFLzObiOFhfUQKJQl/W8qjQnT2VpfTF7gdVGLlJVDQt4UapPZDOq66 yk6UTMzV/6abqIoDpU6tBRFNTkQUlDyU3su+wmvs91LxHSTn6iiIoPgyk3dqk0+q3o/m qxnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=8h8Mk/+i2ci77DBxC+22pQBGtOSOCk88EXwXWgQP6/o=; b=denjYFqM7DoLo9Dnz0LMoYkhnSv6yZeTskj2w/j7YEWg1OTLg8HeuMBeNTDOyG6Pyc i1HOgT9LNc7AwDvIukUhlQIFngZwAQolhlR4CAM0sbHAP6eAnEnPQZyXV84eyKaHYgIZ kG+WklytHyUM7SBVSMvGyGVelNWoMLx0oMSFaxmdGiDFXM6W8hH1QnqHD9thUkt5O6N3 WwXANAtgQ0eIYuYtZghLIO0QYYAv2wSo3RxnZs0Qv7Xo1s8XBu3SJW2C6+OhZo+4LmFn T46Ew8K8VUx7LrDObhP/8I7AdbYLteBcmy+eBzgHz5fxvu5Sx5OnX9bBS0DNFy6x4mb1 hmNA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=SM3k+FIk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r21si45345ota.204.2020.02.25.13.40.50; Tue, 25 Feb 2020 13:41:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=SM3k+FIk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727227AbgBYVkr (ORCPT + 99 others); Tue, 25 Feb 2020 16:40:47 -0500 Received: from bombadil.infradead.org ([198.137.202.133]:39976 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726130AbgBYVkq (ORCPT ); Tue, 25 Feb 2020 16:40:46 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=8h8Mk/+i2ci77DBxC+22pQBGtOSOCk88EXwXWgQP6/o=; b=SM3k+FIk88DTWRwntxpfYAN89K 8730/L0k8T1+XsnrvgFNMWAfU3J+npnA7AcglPMW6Bo1xxfLLLpVFkPpIYJPJP6Bhu7+++sdf2nEH YB261ciNtDjMI/oof919hR4o1Vy1b/Tpm1qbQB3EJuexLkfZNNuOV19796072HGhlsh0EIzWw5HYM eUtiC/75UHd7z4CtLi7iS7enj2b4YxR2RIq/XwjOL2jsuV22QQdFs+uI19makOCqv8ClbB0oAVsbW Z77s9bVrdikXc2kEfrt+0KjleiaHbcqyykssQ37fBRsVTqPhlgghL5coVoY1AOq2xP0UIa8q2Eciy KEJgOYKw==; Received: from hch by bombadil.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1j6hwb-0005MJ-8Z; Tue, 25 Feb 2020 21:40:45 +0000 Date: Tue, 25 Feb 2020 13:40:45 -0800 From: Christoph Hellwig To: Qian Cai Cc: darrick.wong@oracle.com, hch@infradead.org, linux-xfs@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] xfs: fix an undefined behaviour in _da3_path_shift Message-ID: <20200225214045.GA14399@infradead.org> References: <1582660388-28735-1-git-send-email-cai@lca.pw> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1582660388-28735-1-git-send-email-cai@lca.pw> X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 25, 2020 at 02:53:08PM -0500, Qian Cai wrote: > xfs_da3_path_shift() could see state->path.blk[-1] because > state->path.active == 1 is a valid state when it tries to add an entry > to a single dir leaf block and then to shift forward to see if > there's a sibling block that would be a better place to put the new > entry. I think this needs a better explanation. Something like: In xfs_da3_path_shift() blk can be assigned to state->path.blk[-1] if state->path.active is 1 (which is a valid state) when it tries to add an entry > to a single dir leaf block and then to shift forward to see if there's a sibling block that would be a better place to put the new entry. This causes a KASAN warning given negative array indices are undefined behavior in C. In practice the warning is entirely harmless given that blk is never dereference in this case, but it is still better to fix up the warning and slightly improve the code.