On 2023/8/10 18:31, Dan Carpenter wrote:
> Hello Zhang Yi,
>
> The patch 6493792d3299: "ext4: convert symlink external data block
> mapping to bdev" from Apr 24, 2022 (linux-next), leads to the
> following Smatch static checker warning:
>
> fs/ext4/namei.c:3353 ext4_init_symlink_block()
> error: potential NULL/IS_ERR bug 'bh'
>
> fs/ext4/namei.c
> 3337 static int ext4_init_symlink_block(handle_t *handle, struct inode *inode,
> 3338 struct fscrypt_str *disk_link)
> 3339 {
> 3340 struct buffer_head *bh;
> 3341 char *kaddr;
> 3342 int err = 0;
> 3343
> 3344 bh = ext4_bread(handle, inode, 0, EXT4_GET_BLOCKS_CREATE);
> 3345 if (IS_ERR(bh))
> 3346 return PTR_ERR(bh);
>
>>From reading the code, it looks like ext4_bread() can return both error
> pointers and NULL. (Second return statement).
Hello, Dan,
After checking the code, we have passed in EXT4_GET_BLOCKS_CREATE to
ext4_bread(), the return value must be an error code or a valid
buffer_head, it's impossible to return NULL. So I think the warning
is a false positive.
Thanks,
Yi.
>
> 3347
> 3348 BUFFER_TRACE(bh, "get_write_access");
> 3349 err = ext4_journal_get_write_access(handle, inode->i_sb, bh, EXT4_JTR_NONE);
> 3350 if (err)
> 3351 goto out;
> 3352
> --> 3353 kaddr = (char *)bh->b_data;
> ^^^^
> Unchecked dereference
>
> 3354 memcpy(kaddr, disk_link->name, disk_link->len);
> 3355 inode->i_size = disk_link->len - 1;
> 3356 EXT4_I(inode)->i_disksize = inode->i_size;
> 3357 err = ext4_handle_dirty_metadata(handle, inode, bh);
> 3358 out:
> 3359 brelse(bh);
> 3360 return err;
> 3361 }
>
> regards,
> dan carpenter
> .
>
