[lustre-devel] [bug report] staging: lustre: lov: Ensure correct operation for large object sizes

Tue Aug 1 04:10:58 PDT 2017

Hello Nathaniel Clark,

The patch 476f575cf070: "staging: lustre: lov: Ensure correct
operation for large object sizes" from Jul 26, 2017, leads to the
following static checker warning:

	drivers/staging/lustre/lustre/lov/lov_ea.c:207 lsm_unpackmd_common()
	warn: signed overflow undefined. 'min_stripe_maxbytes * stripe_count < min_stripe_maxbytes'

drivers/staging/lustre/lustre/lov/lov_ea.c
   148  static int lsm_unpackmd_common(struct lov_obd *lov,
   149                                 struct lov_stripe_md *lsm,
   150                                 struct lov_mds_md *lmm,
   151                                 struct lov_ost_data_v1 *objects)
   152  {
   153          loff_t min_stripe_maxbytes = 0;
                ^^^^^^
loff_t is long long.

   154          unsigned int stripe_count;
   155          struct lov_oinfo *loi;
   156          loff_t lov_bytes;
   157          unsigned int i;
   158  
   159          /*
   160           * This supposes lov_mds_md_v1/v3 first fields are
   161           * are the same
   162           */
   163          lmm_oi_le_to_cpu(&lsm->lsm_oi, &lmm->lmm_oi);
   164          lsm->lsm_stripe_size = le32_to_cpu(lmm->lmm_stripe_size);
   165          lsm->lsm_pattern = le32_to_cpu(lmm->lmm_pattern);
   166          lsm->lsm_layout_gen = le16_to_cpu(lmm->lmm_layout_gen);
   167          lsm->lsm_pool_name[0] = '\0';
   168  
   169          stripe_count = lsm_is_released(lsm) ? 0 : lsm->lsm_stripe_count;
   170  
   171          for (i = 0; i < stripe_count; i++) {
   172                  loi = lsm->lsm_oinfo[i];
   173                  ostid_le_to_cpu(&objects[i].l_ost_oi, &loi->loi_oi);
   174                  loi->loi_ost_idx = le32_to_cpu(objects[i].l_ost_idx);
   175                  loi->loi_ost_gen = le32_to_cpu(objects[i].l_ost_gen);
   176                  if (lov_oinfo_is_dummy(loi))
   177                          continue;
   178  
   179                  if (loi->loi_ost_idx >= lov->desc.ld_tgt_count &&
   180                      !lov2obd(lov)->obd_process_conf) {
   181                          CERROR("%s: OST index %d more than OST count %d\n",
   182                                 (char *)lov->desc.ld_uuid.uuid,
   183                                 loi->loi_ost_idx, lov->desc.ld_tgt_count);
   184                          lov_dump_lmm_v1(D_WARNING, lmm);
   185                          return -EINVAL;
   186                  }
   187  
   188                  if (!lov->lov_tgts[loi->loi_ost_idx]) {
   189                          CERROR("%s: OST index %d missing\n",
   190                                 (char *)lov->desc.ld_uuid.uuid,
   191                                 loi->loi_ost_idx);
   192                          lov_dump_lmm_v1(D_WARNING, lmm);
   193                          continue;
   194                  }
   195  
   196                  lov_bytes = lov_tgt_maxbytes(lov->lov_tgts[loi->loi_ost_idx]);
   197                  if (min_stripe_maxbytes == 0 || lov_bytes < min_stripe_maxbytes)
   198                          min_stripe_maxbytes = lov_bytes;
   199          }
   200  
   201          if (min_stripe_maxbytes == 0)
   202                  min_stripe_maxbytes = LUSTRE_EXT3_STRIPE_MAXBYTES;
   203  
   204          stripe_count = lsm->lsm_stripe_count ?: lov->desc.ld_tgt_count;
   205          lov_bytes = min_stripe_maxbytes * stripe_count;
                            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is undefined in C.

   206  
   207          if (lov_bytes < min_stripe_maxbytes) /* handle overflow */
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
So this might be wrong.

   208                  lsm->lsm_maxbytes = MAX_LFS_FILESIZE;
   209          else
   210                  lsm->lsm_maxbytes = lov_bytes;
   211  
   212          return 0;
   213  }

regards,
dan carpenter