Re: [PATCH v1] drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
From: Dan Carpenter
Date: Tue Sep 13 2022 - 05:12:51 EST
Hi Li,
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Li-Zhong/drivers-md-md-bitmap-check-the-return-value-of-md_bitmap_get_counter/20220909-121143
base: git://git.kernel.org/pub/scm/linux/kernel/git/song/md.git md-next
config: m68k-randconfig-m031-20220909
compiler: m68k-linux-gcc (GCC) 12.1.0
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@xxxxxxxxx>
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
smatch warnings:
drivers/md/md-bitmap.c:2211 md_bitmap_resize() error: we previously assumed 'bmc_new' could be null (see line 2198)
vim +/bmc_new +2211 drivers/md/md-bitmap.c
c9d65032282943 drivers/md/bitmap.c Guoqing Jiang 2016-05-02 2184 } else
c9d65032282943 drivers/md/bitmap.c Guoqing Jiang 2016-05-02 2185 bitmap->counts.bp[page].count += 1;
c9d65032282943 drivers/md/bitmap.c Guoqing Jiang 2016-05-02 2186 }
c9d65032282943 drivers/md/bitmap.c Guoqing Jiang 2016-05-02 2187 }
c9d65032282943 drivers/md/bitmap.c Guoqing Jiang 2016-05-02 2188
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2189 for (block = 0; block < blocks; ) {
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2190 bitmap_counter_t *bmc_old, *bmc_new;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2191 int set;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2192
e64e4018d57271 drivers/md/md-bitmap.c Andy Shevchenko 2018-08-01 2193 bmc_old = md_bitmap_get_counter(&old_counts, block, &old_blocks, 0);
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2194 set = bmc_old && NEEDED(*bmc_old);
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2195
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2196 if (set) {
e64e4018d57271 drivers/md/md-bitmap.c Andy Shevchenko 2018-08-01 2197 bmc_new = md_bitmap_get_counter(&bitmap->counts, block, &new_blocks, 1);
a0b3a521efba6a drivers/md/md-bitmap.c Li Zhong 2022-09-08 @2198 if (bmc_new && *bmc_new == 0) {
^^^^^^^
New check for NULL
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2199 /* need to set on-disk bits too. */
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2200 sector_t end = block + new_blocks;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2201 sector_t start = block >> chunkshift;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2202 start <<= chunkshift;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2203 while (start < end) {
e64e4018d57271 drivers/md/md-bitmap.c Andy Shevchenko 2018-08-01 2204 md_bitmap_file_set_bit(bitmap, block);
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2205 start += 1 << chunkshift;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2206 }
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2207 *bmc_new = 2;
e64e4018d57271 drivers/md/md-bitmap.c Andy Shevchenko 2018-08-01 2208 md_bitmap_count_page(&bitmap->counts, block, 1);
e64e4018d57271 drivers/md/md-bitmap.c Andy Shevchenko 2018-08-01 2209 md_bitmap_set_pending(&bitmap->counts, block);
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2210 }
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 @2211 *bmc_new |= NEEDED_MASK;
^^^^^^^^
Unchecked dereference
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2212 if (new_blocks < old_blocks)
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2213 old_blocks = new_blocks;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2214 }
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2215 block += old_blocks;
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2216 }
d60b479d177a57 drivers/md/bitmap.c NeilBrown 2012-05-22 2217
0868b99c214a3d drivers/md/md-bitmap.c Zdenek Kabelac 2017-11-08 2218 if (bitmap->counts.bp != old_counts.bp) {