From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org
Subject: Re: [djwong-xfs:djwong-wtf 349/351] fs/xfs/xfs_bmap_util.c:1372 xfs_map_free_extent() warn: missing error code 'error'
Date: Tue, 22 Mar 2022 08:47:26 +0300 [thread overview]
Message-ID: <20220322054726.GR336@kadam> (raw)
In-Reply-To: <20220321215908.GL8241@magnolia>
[-- Attachment #1: Type: text/plain, Size: 1697 bytes --]
On Mon, Mar 21, 2022 at 02:59:08PM -0700, Darrick J. Wong wrote:
> On Mon, Mar 21, 2022 at 10:33:02AM +0300, Dan Carpenter wrote:
> > b82670045aab66 Darrick J. Wong 2022-01-06 1365
> > b82670045aab66 Darrick J. Wong 2022-01-06 1366 error = xfs_alloc_find_freesp(tp, pag, cursor, end_agbno, &len);
> > b82670045aab66 Darrick J. Wong 2022-01-06 1367 if (error)
> > b82670045aab66 Darrick J. Wong 2022-01-06 1368 goto out_cancel;
> > b82670045aab66 Darrick J. Wong 2022-01-06 1369
> > b82670045aab66 Darrick J. Wong 2022-01-06 1370 /* Bail out if the cursor is beyond what we asked for. */
> > b82670045aab66 Darrick J. Wong 2022-01-06 1371 if (*cursor >= end_agbno)
> > b82670045aab66 Darrick J. Wong 2022-01-06 @1372 goto out_cancel;
> >
> > This looks like it should have an error = -EINVAL;
>
> Nope. If xfs_alloc_find_freesp moves @cursor goes beyond end_agbno, we
> want to exit early so that the xfs_map_free_extent caller will return to
> userspace.
>
> --D
I'm generally pretty happy with this static checker rule. Returning
success on a failure path almost always results if something bad like a
NULL deref or a use after free. But false positives are a real risk
because it's tempting to add an error code to this and introduce a bug.
Smatch will not print the warning if error is set within 4 lines of the
goto.
error = 0;
if (*cursor >= end_agbno)
goto out_cancel;
Another option is that people have started adding comments to these
blocks in response to the checker warning.
Or if you had a different idea about how to silence the checker warning
I can also probably implement that.
regards,
dan carpenter
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild-all@lists.01.org
Subject: Re: [kbuild] [djwong-xfs:djwong-wtf 349/351] fs/xfs/xfs_bmap_util.c:1372 xfs_map_free_extent() warn: missing error code 'error'
Date: Tue, 22 Mar 2022 08:47:26 +0300 [thread overview]
Message-ID: <20220322054726.GR336@kadam> (raw)
In-Reply-To: <20220321215908.GL8241@magnolia>
[-- Attachment #1: Type: text/plain, Size: 1697 bytes --]
On Mon, Mar 21, 2022 at 02:59:08PM -0700, Darrick J. Wong wrote:
> On Mon, Mar 21, 2022 at 10:33:02AM +0300, Dan Carpenter wrote:
> > b82670045aab66 Darrick J. Wong 2022-01-06 1365
> > b82670045aab66 Darrick J. Wong 2022-01-06 1366 error = xfs_alloc_find_freesp(tp, pag, cursor, end_agbno, &len);
> > b82670045aab66 Darrick J. Wong 2022-01-06 1367 if (error)
> > b82670045aab66 Darrick J. Wong 2022-01-06 1368 goto out_cancel;
> > b82670045aab66 Darrick J. Wong 2022-01-06 1369
> > b82670045aab66 Darrick J. Wong 2022-01-06 1370 /* Bail out if the cursor is beyond what we asked for. */
> > b82670045aab66 Darrick J. Wong 2022-01-06 1371 if (*cursor >= end_agbno)
> > b82670045aab66 Darrick J. Wong 2022-01-06 @1372 goto out_cancel;
> >
> > This looks like it should have an error = -EINVAL;
>
> Nope. If xfs_alloc_find_freesp moves @cursor goes beyond end_agbno, we
> want to exit early so that the xfs_map_free_extent caller will return to
> userspace.
>
> --D
I'm generally pretty happy with this static checker rule. Returning
success on a failure path almost always results if something bad like a
NULL deref or a use after free. But false positives are a real risk
because it's tempting to add an error code to this and introduce a bug.
Smatch will not print the warning if error is set within 4 lines of the
goto.
error = 0;
if (*cursor >= end_agbno)
goto out_cancel;
Another option is that people have started adding comments to these
blocks in response to the checker warning.
Or if you had a different idea about how to silence the checker warning
I can also probably implement that.
regards,
dan carpenter
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: "Darrick J. Wong" <djwong@kernel.org>
Cc: kbuild@lists.01.org, lkp@intel.com, kbuild-all@lists.01.org,
"Darrick J. Wong" <darrick.wong@oracle.com>,
linux-kernel@vger.kernel.org
Subject: Re: [kbuild] [djwong-xfs:djwong-wtf 349/351] fs/xfs/xfs_bmap_util.c:1372 xfs_map_free_extent() warn: missing error code 'error'
Date: Tue, 22 Mar 2022 08:47:26 +0300 [thread overview]
Message-ID: <20220322054726.GR336@kadam> (raw)
In-Reply-To: <20220321215908.GL8241@magnolia>
On Mon, Mar 21, 2022 at 02:59:08PM -0700, Darrick J. Wong wrote:
> On Mon, Mar 21, 2022 at 10:33:02AM +0300, Dan Carpenter wrote:
> > b82670045aab66 Darrick J. Wong 2022-01-06 1365
> > b82670045aab66 Darrick J. Wong 2022-01-06 1366 error = xfs_alloc_find_freesp(tp, pag, cursor, end_agbno, &len);
> > b82670045aab66 Darrick J. Wong 2022-01-06 1367 if (error)
> > b82670045aab66 Darrick J. Wong 2022-01-06 1368 goto out_cancel;
> > b82670045aab66 Darrick J. Wong 2022-01-06 1369
> > b82670045aab66 Darrick J. Wong 2022-01-06 1370 /* Bail out if the cursor is beyond what we asked for. */
> > b82670045aab66 Darrick J. Wong 2022-01-06 1371 if (*cursor >= end_agbno)
> > b82670045aab66 Darrick J. Wong 2022-01-06 @1372 goto out_cancel;
> >
> > This looks like it should have an error = -EINVAL;
>
> Nope. If xfs_alloc_find_freesp moves @cursor goes beyond end_agbno, we
> want to exit early so that the xfs_map_free_extent caller will return to
> userspace.
>
> --D
I'm generally pretty happy with this static checker rule. Returning
success on a failure path almost always results if something bad like a
NULL deref or a use after free. But false positives are a real risk
because it's tempting to add an error code to this and introduce a bug.
Smatch will not print the warning if error is set within 4 lines of the
goto.
error = 0;
if (*cursor >= end_agbno)
goto out_cancel;
Another option is that people have started adding comments to these
blocks in response to the checker warning.
Or if you had a different idea about how to silence the checker warning
I can also probably implement that.
regards,
dan carpenter
next prev parent reply other threads:[~2022-03-22 5:47 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-19 0:44 [djwong-xfs:djwong-wtf 349/351] fs/xfs/xfs_bmap_util.c:1372 xfs_map_free_extent() warn: missing error code 'error' kernel test robot
2022-03-21 7:33 ` [kbuild] " Dan Carpenter
2022-03-21 7:33 ` Dan Carpenter
2022-03-21 21:59 ` Darrick J. Wong
2022-03-21 21:59 ` Darrick J. Wong
2022-03-22 5:47 ` Dan Carpenter [this message]
2022-03-22 5:47 ` Dan Carpenter
2022-03-22 5:47 ` Dan Carpenter
2022-03-22 16:38 ` Darrick J. Wong
2022-03-22 16:38 ` Darrick J. Wong
2022-03-24 10:45 ` Dan Carpenter
2022-03-24 10:45 ` Dan Carpenter
2022-03-24 10:45 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220322054726.GR336@kadam \
--to=dan.carpenter@oracle.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.