Linux-Fsdevel Archive on lore.kernel.org
 help / color / Atom feed
From: Jan Kara <jack@suse.cz>
To: Amir Goldstein <amir73il@gmail.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>,
	Jan Kara <jack@suse.cz>
Subject: Re: [bug report] fsnotify: pass dir and inode arguments to fsnotify()
Date: Thu, 30 Jul 2020 21:25:37 +0200
Message-ID: <20200730192537.GB13525@quack2.suse.cz> (raw)
In-Reply-To: <CAOQ4uxgEG9PNtdoMXw52_C4oaUQpi2DVx34_QEHeV195e3kYdg@mail.gmail.com>

On Thu 30-07-20 14:55:11, Amir Goldstein wrote:
> On Thu, Jul 30, 2020 at 2:13 PM <dan.carpenter@oracle.com> wrote:
> >
> > Hello Amir Goldstein,
> >
> > This is a semi-automatic email about new static checker warnings.
> >
> > The patch 40a100d3adc1: "fsnotify: pass dir and inode arguments to
> > fsnotify()" from Jul 22, 2020, leads to the following Smatch
> > complaint:
> 
> That's an odd report, because...
> 
> >
> >     fs/notify/fsnotify.c:460 fsnotify()
> >     warn: variable dereferenced before check 'inode' (see line 449)

Yeah, I've noticed a similar report from Coverity.

> > fs/notify/fsnotify.c
> >    448          }
> >    449          sb = inode->i_sb;
> >                      ^^^^^^^^^^^
> > New dreference.
> 
> First of all, two lines above we have
> if (!inode) inode = dir;
> 
> This function does not assert (inode || dir), but must it??
> This is even documented:
> 
>  * @inode:      optional inode associated with event -
>  *              either @dir or @inode must be non-NULL.
> 
> Second,
> The line above was indeed added by:
> 40a100d3adc1: "fsnotify: pass dir and inode arguments to fsnotify()"
> 
> However...
> 
> >
> >    450
> >    451          /*
> >    452           * Optimization: srcu_read_lock() has a memory barrier which can
> >    453           * be expensive.  It protects walking the *_fsnotify_marks lists.
> >    454           * However, if we do not walk the lists, we do not have to do
> >    455           * SRCU because we have no references to any objects and do not
> >    456           * need SRCU to keep them "alive".
> >    457           */
> >    458          if (!sb->s_fsnotify_marks &&
> >    459              (!mnt || !mnt->mnt_fsnotify_marks) &&
> >    460              (!inode || !inode->i_fsnotify_marks) &&
> >                      ^^^^^^
> > Check too late.  Presumably this check can be removed?
> 
> But this line was only added later by:
> 9b93f33105f5 fsnotify: send event with parent/name info to
> sb/mount/non-dir marks
> 
> So, yes, the check could be removed.
> It is a leftover from a previous revision, but even though it is a leftover
> I kind of like the code better this way.

And after looking at it my conclusion was the same. I like the symmetry of
the code despite some checks are actually unnecessary...

> In principle, an event on sb/mnt that is not associated with any inode
> (for example
> FS_UNMOUNT) could be added in the future.
> And then we will have to fix documentation and the inode dereference above.
> 
> In any case, thank you for the report, but I don't see a reason to make any
> changes right now.

Agreed.

								Honza
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

      reply index

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-30 11:13 dan.carpenter
2020-07-30 11:55 ` Amir Goldstein
2020-07-30 19:25   ` Jan Kara [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200730192537.GB13525@quack2.suse.cz \
    --to=jack@suse.cz \
    --cc=amir73il@gmail.com \
    --cc=dan.carpenter@oracle.com \
    --cc=linux-fsdevel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Fsdevel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-fsdevel/0 linux-fsdevel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-fsdevel linux-fsdevel/ https://lore.kernel.org/linux-fsdevel \
		linux-fsdevel@vger.kernel.org
	public-inbox-index linux-fsdevel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-fsdevel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git