tree: https://github.com/osandov/linux.git btrfs-send-encoded head: 6d1a91b1d05e515beb4b5d571757228a3454d181 commit: cf88299102259873694cd6d7ddf8434801a0006b [8/18] btrfs: implement RWF_ENCODED reads config: x86_64-randconfig-m031-20200807 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp(a)intel.com&gt; smatch warnings: fs/btrfs/inode.c:10239 btrfs_encoded_read_regular() warn: potentially one past the end of array 'pages[i]' fs/btrfs/inode.c:10239 btrfs_encoded_read_regular() warn: potentially one past the end of array 'pages[i]' vim +10239 fs/btrfs/inode.c 10185 10186 static ssize_t btrfs_encoded_read_regular(struct kiocb *iocb, 10187 struct iov_iter *iter, 10188 u64 start, u64 lockend, 10189 struct extent_state **cached_state, 10190 u64 offset, u64 disk_io_size, 10191 size_t count, 10192 const struct encoded_iov *encoded, 10193 bool *unlocked) 10194 { 10195 struct inode *inode = file_inode(iocb->ki_filp); 10196 struct extent_io_tree *io_tree = &BTRFS_I(inode)->io_tree; 10197 struct page **pages; 10198 unsigned long nr_pages, i; 10199 u64 cur; 10200 size_t page_offset; 10201 ssize_t ret; 10202 10203 nr_pages = DIV_ROUND_UP(disk_io_size, PAGE_SIZE); 10204 pages = kcalloc(nr_pages, sizeof(struct page *), GFP_NOFS); 10205 if (!pages) 10206 return -ENOMEM; 10207 for (i = 0; i < nr_pages; i++) { 10208 pages[i] = alloc_page(GFP_NOFS | __GFP_HIGHMEM); 10209 if (!pages[i]) { 10210 ret = -ENOMEM; 10211 goto out; 10212 } 10213 } 10214 10215 ret = btrfs_encoded_read_regular_fill_pages(inode, offset, disk_io_size, 10216 pages); 10217 if (ret) 10218 goto out; 10219 10220 unlock_extent_cached(io_tree, start, lockend, cached_state); 10221 inode_unlock_shared(inode); 10222 *unlocked = true; 10223 10224 ret = copy_encoded_iov_to_iter(encoded, iter); 10225 if (ret) 10226 goto out; 10227 if (encoded->compression) { 10228 i = 0; 10229 page_offset = 0; 10230 } else { 10231 i = (iocb->ki_pos - start) >> PAGE_SHIFT; 10232 page_offset = (iocb->ki_pos - start) & (PAGE_SIZE - 1); 10233 } 10234 cur = 0; 10235 while (cur < count) { 10236 size_t bytes = min_t(size_t, count - cur, 10237 PAGE_SIZE - page_offset); 10238 10239 if (copy_page_to_iter(pages[i], page_offset, bytes, 10240 iter) != bytes) { 10241 ret = -EFAULT; 10242 goto out; 10243 } 10244 i++; 10245 cur += bytes; 10246 page_offset = 0; 10247 } 10248 ret = count; 10249 out: 10250 for (i = 0; i < nr_pages; i++) { 10251 if (pages[i]) 10252 __free_page(pages[i]); 10253 } 10254 kfree(pages); 10255 return ret; 10256 } 10257 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org