[cifs:for-next 7/9] fs/cifs/file.c:3203 cifs_send_async_read() warn: unsigned 'cur_len' is never less than zero.
kbuild test robot
lkp at intel.com
Thu Nov 1 16:34:12 UTC 2018
tree: git://git.samba.org/sfrench/cifs-2.6.git for-next
head: 81b4dd0ea7cd93a6ebb5d6d0f22e77a463397bc2
commit: 27d00133fadd8753e1856889dea2da4cb22910a3 [7/9] CIFS: Add support for direct I/O read
New smatch warnings:
fs/cifs/file.c:3203 cifs_send_async_read() warn: unsigned 'cur_len' is never less than zero.
Old smatch warnings:
fs/cifs/file.c:3608 cifs_read() warn: variable dereferenced before check 'tcon->ses' (see line 3583)
vim +/cur_len +3203 fs/cifs/file.c
3164
3165 static int
3166 cifs_send_async_read(loff_t offset, size_t len, struct cifsFileInfo *open_file,
3167 struct cifs_sb_info *cifs_sb, struct list_head *rdata_list,
3168 struct cifs_aio_ctx *ctx)
3169 {
3170 struct cifs_readdata *rdata;
3171 unsigned int npages, rsize, credits;
3172 size_t cur_len;
3173 int rc;
3174 pid_t pid;
3175 struct TCP_Server_Info *server;
3176 struct page **pagevec;
3177 size_t start;
3178 struct iov_iter direct_iov = ctx->iter;
3179
3180 server = tlink_tcon(open_file->tlink)->ses->server;
3181
3182 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
3183 pid = open_file->pid;
3184 else
3185 pid = current->tgid;
3186
3187 if (ctx->direct_io)
3188 iov_iter_advance(&direct_iov, offset - ctx->pos);
3189
3190 do {
3191 rc = server->ops->wait_mtu_credits(server, cifs_sb->rsize,
3192 &rsize, &credits);
3193 if (rc)
3194 break;
3195
3196 cur_len = min_t(const size_t, len, rsize);
3197
3198 if (ctx->direct_io) {
3199
3200 cur_len = iov_iter_get_pages_alloc(
3201 &direct_iov, &pagevec,
3202 cur_len, &start);
> 3203 if (cur_len < 0) {
3204 cifs_dbg(VFS,
3205 "couldn't get user pages (cur_len=%zd)"
3206 " iter type %d"
3207 " iov_offset %zd count %zd\n",
3208 cur_len, direct_iov.type, direct_iov.iov_offset,
3209 direct_iov.count);
3210 dump_stack();
3211 break;
3212 }
3213 iov_iter_advance(&direct_iov, cur_len);
3214
3215 rdata = cifs_readdata_direct_alloc(
3216 pagevec, cifs_uncached_readv_complete);
3217 if (!rdata) {
3218 add_credits_and_wake_if(server, credits, 0);
3219 rc = -ENOMEM;
3220 break;
3221 }
3222
3223 npages = (cur_len + start + PAGE_SIZE-1) / PAGE_SIZE;
3224 rdata->page_offset = start;
3225 rdata->tailsz = npages > 1 ?
3226 cur_len-(PAGE_SIZE-start)-(npages-2)*PAGE_SIZE :
3227 cur_len;
3228
3229 } else {
3230
3231 npages = DIV_ROUND_UP(cur_len, PAGE_SIZE);
3232 /* allocate a readdata struct */
3233 rdata = cifs_readdata_alloc(npages,
3234 cifs_uncached_readv_complete);
3235 if (!rdata) {
3236 add_credits_and_wake_if(server, credits, 0);
3237 rc = -ENOMEM;
3238 break;
3239 }
3240
3241 rc = cifs_read_allocate_pages(rdata, npages);
3242 if (rc)
3243 goto error;
3244
3245 rdata->tailsz = PAGE_SIZE;
3246 }
3247
3248 rdata->cfile = cifsFileInfo_get(open_file);
3249 rdata->nr_pages = npages;
3250 rdata->offset = offset;
3251 rdata->bytes = cur_len;
3252 rdata->pid = pid;
3253 rdata->pagesz = PAGE_SIZE;
3254 rdata->read_into_pages = cifs_uncached_read_into_pages;
3255 rdata->copy_into_pages = cifs_uncached_copy_into_pages;
3256 rdata->credits = credits;
3257 rdata->ctx = ctx;
3258 kref_get(&ctx->refcount);
3259
3260 if (!rdata->cfile->invalidHandle ||
3261 !(rc = cifs_reopen_file(rdata->cfile, true)))
3262 rc = server->ops->async_readv(rdata);
3263 error:
3264 if (rc) {
3265 add_credits_and_wake_if(server, rdata->credits, 0);
3266 kref_put(&rdata->refcount,
3267 cifs_uncached_readdata_release);
3268 if (rc == -EAGAIN) {
3269 iov_iter_revert(&direct_iov, cur_len);
3270 continue;
3271 }
3272 break;
3273 }
3274
3275 list_add_tail(&rdata->list, rdata_list);
3276 offset += cur_len;
3277 len -= cur_len;
3278 } while (len > 0);
3279
3280 return rc;
3281 }
3282
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
More information about the samba-technical
mailing list