Hello Ritesh Harjani,
The patch c8cc88163f40: "ext4: Add support for blocksize < pagesize
in dioread_nolock" from Oct 16, 2019, leads to the following static
checker warning:
fs/ext4/inode.c:2390 mpage_process_page() error: 'io_end_vec' dereferencing possible ERR_PTR()
fs/ext4/inode.c:2557 mpage_map_and_submit_extent() error: 'io_end_vec' dereferencing possible ERR_PTR()
fs/ext4/inode.c:3677 ext4_end_io_dio() error: 'io_end_vec' dereferencing possible ERR_PTR()
fs/ext4/inode.c
2371 bh = head = page_buffers(page);
2372 do {
2373 if (lblk < mpd->map.m_lblk)
2374 continue;
2375 if (lblk >= mpd->map.m_lblk + mpd->map.m_len) {
2376 /*
2377 * Buffer after end of mapped extent.
2378 * Find next buffer in the page to map.
2379 */
2380 mpd->map.m_len = 0;
2381 mpd->map.m_flags = 0;
2382 io_end_vec->size += io_end_size;
2383 io_end_size = 0;
2384
2385 err = mpage_process_page_bufs(mpd, head, bh, lblk);
2386 if (err > 0)
2387 err = 0;
2388 if (!err && mpd->map.m_len && mpd->map.m_lblk > lblk) {
2389 io_end_vec = ext4_alloc_io_end_vec(io_end);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This allocation can fail.
2390 io_end_vec->offset = mpd->map.m_lblk << blkbits;
^^^^^^^^^^^^^^^^^^
Oops
2391 }
2392 *map_bh = true;
2393 goto out;
2394 }
2395 if (buffer_delay(bh)) {
2396 clear_buffer_delay(bh);
2397 bh->b_blocknr = pblock++;
2398 }
2399 clear_buffer_unwritten(bh);
2400 io_end_size += (1 << blkbits);
2401 } while (lblk++, (bh = bh->b_this_page) != head);
regards,
dan carpenter
This patch adds the error handling in case of any memory allocation
failure for io_end_vec. This was missing in original
patch series which enables dioread_nolock for blocksize < pagesize.
Fixes: c8cc88163f40 ("ext4: Add support for blocksize < pagesize in dioread_nolock")
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Ritesh Harjani <[email protected]>
---
fs/ext4/inode.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 381813205f99..de70f19bfa7e 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -2240,6 +2240,10 @@ static int mpage_process_page(struct mpage_da_data *mpd, struct page *page,
err = 0;
if (!err && mpd->map.m_len && mpd->map.m_lblk > lblk) {
io_end_vec = ext4_alloc_io_end_vec(io_end);
+ if (IS_ERR(io_end_vec)) {
+ err = PTR_ERR(io_end_vec);
+ goto out;
+ }
io_end_vec->offset = mpd->map.m_lblk << blkbits;
}
*map_bh = true;
@@ -2405,8 +2409,11 @@ static int mpage_map_and_submit_extent(handle_t *handle,
loff_t disksize;
int progress = 0;
ext4_io_end_t *io_end = mpd->io_submit.io_end;
- struct ext4_io_end_vec *io_end_vec = ext4_alloc_io_end_vec(io_end);
+ struct ext4_io_end_vec *io_end_vec;
+ io_end_vec = ext4_alloc_io_end_vec(io_end);
+ if (IS_ERR(io_end_vec))
+ return PTR_ERR(io_end_vec);
io_end_vec->offset = ((loff_t)map->m_lblk) << inode->i_blkbits;
do {
err = mpage_map_one_extent(handle, mpd);
--
2.21.0
Thanks Dan for reporting this.
On 11/6/19 1:55 PM, Dan Carpenter wrote:
> Hello Ritesh Harjani,
>
> The patch c8cc88163f40: "ext4: Add support for blocksize < pagesize
> in dioread_nolock" from Oct 16, 2019, leads to the following static
> checker warning:
>
> fs/ext4/inode.c:2390 mpage_process_page() error: 'io_end_vec' dereferencing possible ERR_PTR()
> fs/ext4/inode.c:2557 mpage_map_and_submit_extent() error: 'io_end_vec' dereferencing possible ERR_PTR()
> fs/ext4/inode.c:3677 ext4_end_io_dio() error: 'io_end_vec' dereferencing possible ERR_PTR()
ext4_end_io_dio func is removed on recent ext4 master branch.
It got removed in ext4 iomap DIO patches. So my patch
(which is based on today's ext4 master branch) does not covers
for ext4_end_io_dio().
-ritesh
On Wed, Nov 06, 2019 at 03:08:09PM +0530, Ritesh Harjani wrote:
> This patch adds the error handling in case of any memory allocation
> failure for io_end_vec. This was missing in original
> patch series which enables dioread_nolock for blocksize < pagesize.
>
> Fixes: c8cc88163f40 ("ext4: Add support for blocksize < pagesize in dioread_nolock")
> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Ritesh Harjani <[email protected]>
Applied, thanks.
- Ted