* [PATCH] fs: Fix a missing check bug
@ 2019-12-07 14:41 Dinghao Liu
2019-12-07 17:16 ` Filipe Manana
2019-12-08 5:02 ` Qu Wenruo
0 siblings, 2 replies; 3+ messages in thread
From: Dinghao Liu @ 2019-12-07 14:41 UTC (permalink / raw)
To: dinghao.liu, kjlu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
The return value of link_free_space(ctl, info) is checked out-sync. Only one branch of an if statement checks this return value after WARN_ON(ret).
Since this path pair is similar in semantic, there might be a missing check bug.
Fix this by simply adding a check on ret.
Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
---
fs/btrfs/free-space-cache.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
index 3283da419200..acbb3a59d344 100644
--- a/fs/btrfs/free-space-cache.c
+++ b/fs/btrfs/free-space-cache.c
@@ -2437,6 +2437,8 @@ int btrfs_remove_free_space(struct btrfs_block_group *block_group,
if (info->bytes) {
ret = link_free_space(ctl, info);
WARN_ON(ret);
+ if (ret)
+ goto out_lock;
} else {
kmem_cache_free(btrfs_free_space_cachep, info);
}
--
2.21.0 (Apple Git-122)
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] fs: Fix a missing check bug
2019-12-07 14:41 [PATCH] fs: Fix a missing check bug Dinghao Liu
@ 2019-12-07 17:16 ` Filipe Manana
2019-12-08 5:02 ` Qu Wenruo
1 sibling, 0 replies; 3+ messages in thread
From: Filipe Manana @ 2019-12-07 17:16 UTC (permalink / raw)
To: Dinghao Liu
Cc: kjlu, pakki001, Chris Mason, Josef Bacik, David Sterba,
linux-btrfs, linux-kernel
On Sat, Dec 7, 2019 at 3:03 PM Dinghao Liu <dinghao.liu@zju.edu.cn> wrote:
>
> The return value of link_free_space(ctl, info) is checked out-sync. Only one branch of an if statement checks this return value after WARN_ON(ret).
>
> Since this path pair is similar in semantic, there might be a missing check bug.
>
> Fix this by simply adding a check on ret.
>
> Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
> ---
> fs/btrfs/free-space-cache.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
> index 3283da419200..acbb3a59d344 100644
> --- a/fs/btrfs/free-space-cache.c
> +++ b/fs/btrfs/free-space-cache.c
> @@ -2437,6 +2437,8 @@ int btrfs_remove_free_space(struct btrfs_block_group *block_group,
> if (info->bytes) {
> ret = link_free_space(ctl, info);
> WARN_ON(ret);
> + if (ret)
I think the WARN_ON() can go away as well.
The only possible error is -EEXIST, coming from tree_insert_offset().
When that happens tree_insert_offset() already emits a warning.
Also, the free space entry needs to be freed, otherwise we leak
memory. So it should be something like this:
if (ret) {
kmem_cache_free(btrfs_free_space_cachep, info);
goto out_unlock;
}
Further the subject should be prefixed with "btrfs: " and not "fs: ",
since this is a btrfs specific patch.
Something like the following for example:
"btrfs: add missing error handling when removing free space"
Thanks.
> + goto out_lock;
> } else {
> kmem_cache_free(btrfs_free_space_cachep, info);
> }
> --
> 2.21.0 (Apple Git-122)
>
--
Filipe David Manana,
“Whether you think you can, or you think you can't — you're right.”
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] fs: Fix a missing check bug
2019-12-07 14:41 [PATCH] fs: Fix a missing check bug Dinghao Liu
2019-12-07 17:16 ` Filipe Manana
@ 2019-12-08 5:02 ` Qu Wenruo
1 sibling, 0 replies; 3+ messages in thread
From: Qu Wenruo @ 2019-12-08 5:02 UTC (permalink / raw)
To: Dinghao Liu, kjlu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
[-- Attachment #1.1: Type: text/plain, Size: 1352 bytes --]
On 2019/12/7 下午10:41, Dinghao Liu wrote:
> The return value of link_free_space(ctl, info) is checked out-sync. Only one branch of an if statement checks this return value after WARN_ON(ret).
>
> Since this path pair is similar in semantic, there might be a missing check bug.
>
> Fix this by simply adding a check on ret.
The main failure mode for link_free_space() is -EEXIST, which means
there is already free space in the cache.
Here EEXIST may not be a big problem, and we may really want to continue
the iteration other than error out.
Would you explain in details about why you believe error out is the
correct way other than current continue behavior?
Thanks,
Qu
>
> Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
> ---
> fs/btrfs/free-space-cache.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
> index 3283da419200..acbb3a59d344 100644
> --- a/fs/btrfs/free-space-cache.c
> +++ b/fs/btrfs/free-space-cache.c
> @@ -2437,6 +2437,8 @@ int btrfs_remove_free_space(struct btrfs_block_group *block_group,
> if (info->bytes) {
> ret = link_free_space(ctl, info);
> WARN_ON(ret);
> + if (ret)
> + goto out_lock;
> } else {
> kmem_cache_free(btrfs_free_space_cachep, info);
> }
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-08 5:02 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-07 14:41 [PATCH] fs: Fix a missing check bug Dinghao Liu
2019-12-07 17:16 ` Filipe Manana
2019-12-08 5:02 ` Qu Wenruo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).