On Wed, May 20, 2020 at 01:27:02PM -0700, Darrick J. Wong wrote: > On Wed, May 20, 2020 at 12:48:05AM -0700, Christoph Hellwig wrote: > > On Wed, May 20, 2020 at 05:33:58PM +1000, Dave Chinner wrote: > > > + /* > > > + * Debug checks outside of the spinlock so they don't lock up the > > > + * machine if they fail. > > > + */ > > > + ASSERT(mp->m_sb.sb_frextents >= 0); > > > + ASSERT(mp->m_sb.sb_dblocks >= 0); > > > + ASSERT(mp->m_sb.sb_agcount >= 0); > > > + ASSERT(mp->m_sb.sb_imax_pct >= 0); > > > + ASSERT(mp->m_sb.sb_rextsize >= 0); > > > + ASSERT(mp->m_sb.sb_rbmblocks >= 0); > > > + ASSERT(mp->m_sb.sb_rblocks >= 0); > > > + ASSERT(mp->m_sb.sb_rextents >= 0); > > > + ASSERT(mp->m_sb.sb_rextslog >= 0); > > Except for imax_pct and rextslog, all of these are unsigned quantities, > right? So the asserts will /never/ trigger? In truth, I didn't look that far. I just assumed that because all the xfs_sb_mod*() functions used signed math that they could all underflow/overflow. IOWs, the checking for overflow/underflow was completely wrong in the first place. Should I just remove the ASSERT()s entirely? Cheers, Dave. -- Dave Chinner david@xxxxxxxxxxxxx
