On Wed, Jul 19, 2017 at 09:20:32AM -0400, Brian Foster wrote:
> On Tue, Jul 18, 2017 at 11:24:28AM -0700, Darrick J. Wong wrote:
> > From: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
> >
> > In some circumstances, _alloc_read_agf can return an error code of zero
> > but also a null AGF buffer pointer. Check for this and jump out.
> >
>
> It looks like this is only possible in trylock cases. Otherwise (and
> unless I'm missing something), it should always return a buffer or
> error.
>
> This is circuitous regardless and so seems fine if it shuts up a
> coverity warning:
<shrug> I argue it's also defensive, in case we ever /do/ change the
semantics to allow more "zero return and no bp" cases, then these parts
won't suddenly start blowing up.
I think the Coverity analysis is just plain wrong (it claims that we can
somehow corrupt return values to end up with a zero return having
started with -EIO) but I did spot the trylock case and figured we could
be defensive about that.
--D
> Reviewed-by: Brian Foster <bfoster@xxxxxxxxxx>
>
> > Fixes-coverity-id: 1415250
> > Fixes-coverity-id: 1415320
> > Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
> > ---
> > fs/xfs/libxfs/xfs_refcount.c | 4 ++++
> > fs/xfs/xfs_reflink.c | 2 ++
> > 2 files changed, 6 insertions(+)
> >
> >
> > diff --git a/fs/xfs/libxfs/xfs_refcount.c b/fs/xfs/libxfs/xfs_refcount.c
> > index 900ea23..45b1c3b 100644
> > --- a/fs/xfs/libxfs/xfs_refcount.c
> > +++ b/fs/xfs/libxfs/xfs_refcount.c
> > @@ -1638,6 +1638,10 @@ xfs_refcount_recover_cow_leftovers(
> > error = xfs_alloc_read_agf(mp, tp, agno, 0, &agbp);
> > if (error)
> > goto out_trans;
> > + if (!agbp) {
> > + error = -ENOMEM;
> > + goto out_trans;
> > + }
> > cur = xfs_refcountbt_init_cursor(mp, tp, agbp, agno, NULL);
> >
> > /* Find all the leftover CoW staging extents. */
> > diff --git a/fs/xfs/xfs_reflink.c b/fs/xfs/xfs_reflink.c
> > index d9b3d57..f45fbf0 100644
> > --- a/fs/xfs/xfs_reflink.c
> > +++ b/fs/xfs/xfs_reflink.c
> > @@ -170,6 +170,8 @@ xfs_reflink_find_shared(
> > error = xfs_alloc_read_agf(mp, tp, agno, 0, &agbp);
> > if (error)
> > return error;
> > + if (!agbp)
> > + return -ENOMEM;
> >
> > cur = xfs_refcountbt_init_cursor(mp, tp, agbp, agno, NULL);
> >
> >
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
> > the body of a message to majordomo@xxxxxxxxxxxxxxx
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> --
> To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
