Hello Olga Kornievskaia,
The patch e0639dc5805a: "NFSD introduce async copy feature" from Jul
20, 2018, leads to the following static checker warning:
fs/nfsd/nfs4proc.c:1494 nfsd4_do_async_copy()
error: we previously assumed 'copy->nf_src' could be null (see line 1464)
fs/nfsd/nfs4proc.c
1460 struct nfsd4_copy *cb_copy;
1461
1462 if (!copy->cp_intra) { /* Inter server SSC */
1463 copy->nf_src = kzalloc(sizeof(struct nfsd_file), GFP_KERNEL);
1464 if (!copy->nf_src) {
^^^^^^^^^^^^
Check for NULL (allocation failure).
1465 copy->nfserr = nfserr_serverfault;
1466 nfsd4_interssc_disconnect(copy->ss_mnt);
1467 goto do_callback;
1468 }
1469 copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
1470 ©->stateid);
1471 if (IS_ERR(copy->nf_src->nf_file)) {
1472 kfree(copy->nf_src);
1473 copy->nfserr = nfserr_offload_denied;
1474 nfsd4_interssc_disconnect(copy->ss_mnt);
1475 goto do_callback;
1476 }
1477 }
1478
1479 copy->nfserr = nfsd4_do_copy(copy, 0);
1480 do_callback:
1481 cb_copy = kzalloc(sizeof(struct nfsd4_copy), GFP_KERNEL);
1482 if (!cb_copy)
1483 goto out;
1484 memcpy(&cb_copy->cp_res, ©->cp_res, sizeof(copy->cp_res));
1485 cb_copy->cp_clp = copy->cp_clp;
1486 cb_copy->nfserr = copy->nfserr;
1487 memcpy(&cb_copy->fh, ©->fh, sizeof(copy->fh));
1488 nfsd4_init_cb(&cb_copy->cp_cb, cb_copy->cp_clp,
1489 &nfsd4_cb_offload_ops, NFSPROC4_CLNT_CB_OFFLOAD);
1490 nfsd4_run_cb(&cb_copy->cp_cb);
1491 out:
1492 if (!copy->cp_intra)
1493 kfree(copy->nf_src);
^^^^^^^^^^^^
1494 cleanup_async_copy(copy);
^^^^
copy->nf_src can be NULL or it can be freed so this cleanup function
is going to crash.
1495 return 0;
1496 }
regards,
dan carpenter
