From: "Darrick J. Wong" <djwong@kernel.org>
To: Carlos Maiolino <cem@kernel.org>
Cc: Long Li <leo.lilong@huawei.com>, linux-xfs@vger.kernel.org, hch@lst.de
Subject: Re: [PATCH 2/3] xfs: don't expose stale pointers to callers of xlog_recover_iget
Date: Thu, 26 Mar 2026 07:54:48 -0700 [thread overview]
Message-ID: <20260326145448.GA6223@frogsfrogsfrogs> (raw)
In-Reply-To: <acUrniYmDuw6k71m@nidhogg.toxiclabs.cc>
On Thu, Mar 26, 2026 at 02:04:19PM +0100, Carlos Maiolino wrote:
> On Mon, Mar 23, 2026 at 02:03:51PM -0700, Darrick J. Wong wrote:
> > From: Darrick J. Wong <djwong@kernel.org>
> >
> > Fix this function to avoid exposing a stale pointer to the caller when
> > returning an error code after dqattach fails.
> >
> > Cc: <stable@vger.kernel.org> # v5.15
> > Fixes: 4bc619833f738f ("xfs: refactor xfs_iget calls from log intent recovery")
> > Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> > Reviewed-by: Long Li <leo.lilong@huawei.com>
> > ---
>
> Hi.
>
>
> > fs/xfs/xfs_log_recover.c | 12 +++++++-----
> > 1 file changed, 7 insertions(+), 5 deletions(-)
> >
> > diff --git a/fs/xfs/xfs_log_recover.c b/fs/xfs/xfs_log_recover.c
> > index 09e6678ca4878e..0e91a62348eb79 100644
> > --- a/fs/xfs/xfs_log_recover.c
> > +++ b/fs/xfs/xfs_log_recover.c
> > @@ -1745,21 +1745,23 @@ xlog_recover_iget(
> > xfs_ino_t ino,
> > struct xfs_inode **ipp)
> > {
> > + struct xfs_inode *ip;
> > int error;
> >
> > - error = xfs_iget(mp, NULL, ino, 0, 0, ipp);
> > + error = xfs_iget(mp, NULL, ino, 0, 0, &ip);
> > if (error)
> > return error;
> >
> > - error = xfs_qm_dqattach(*ipp);
> > + error = xfs_qm_dqattach(ip);
> > if (error) {
> > - xfs_irele(*ipp);
> > + xfs_irele(ip);
> > return error;
> > }
> >
> > - if (VFS_I(*ipp)->i_nlink == 0)
> > - xfs_iflags_set(*ipp, XFS_IRECOVERY);
> > + if (VFS_I(ip)->i_nlink == 0)
> > + xfs_iflags_set(ip, XFS_IRECOVERY);
> >
> > + *ipp = ip;
> > return 0;
>
> Honestly I tend to agree with Christoph here. I don't really understand
> what bug, real or theoretical, this is trying to fix, other than
> somebody not aborting whatever operation is being done if an error
> is returned.
>
> I don't see any issue with an extra inode pointer being passed on the
> stack here, but I don't see any benefit for this either.
>
> Did you fall into this somehow? Have you seen this into the wild? I'll
> pull the other patches meanwhile, but I think this one deserves more
> discussion.
Yeah, look who wrote the function and the bad error handling. You could
say that the *author* didn't understand his own function's outparam
conventions and wants to prevent himself or anyone else from making
further mistakes. ;)
--D
next prev parent reply other threads:[~2026-03-26 14:54 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-23 21:01 [PATCH 1/3] xfs: don't irele after failing to iget in xfs_attri_recover_work Darrick J. Wong
2026-03-23 21:03 ` [PATCH 2/3] xfs: don't expose stale pointers to callers of xlog_recover_iget Darrick J. Wong
2026-03-24 6:17 ` Christoph Hellwig
2026-03-24 17:15 ` Darrick J. Wong
2026-03-25 5:44 ` Christoph Hellwig
2026-03-26 13:04 ` Carlos Maiolino
2026-03-26 14:54 ` Darrick J. Wong [this message]
2026-03-23 21:04 ` [PATCH 3/3] xfs: remove file_path tracepoint data Darrick J. Wong
2026-03-24 6:18 ` Christoph Hellwig
2026-03-26 12:31 ` Carlos Maiolino
2026-03-26 12:28 ` [PATCH 1/3] xfs: don't irele after failing to iget in xfs_attri_recover_work Carlos Maiolino
2026-03-26 14:52 ` Darrick J. Wong
2026-03-26 12:32 ` Carlos Maiolino
2026-03-26 17:11 ` Carlos Maiolino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260326145448.GA6223@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=cem@kernel.org \
--cc=hch@lst.de \
--cc=leo.lilong@huawei.com \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox