1. Patchew
  2. linux
  3. View series

[PATCH] btrfs: fix array index in qgroup_auto_inherit()

Dan Carpenter posted 1 patch 1 year, 7 months ago 
fs/btrfs/qgroup.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] btrfs: fix array index in qgroup_auto_inherit()
Posted by Dan Carpenter 1 year, 7 months ago 
The "i++" was accidentally left out so it just sets qgids[0] over and
over.

Fixes: 5343cd9364ea ("btrfs: qgroup: simple quota auto hierarchy for nested subvolumes")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
From static analysis.  Untested.

 fs/btrfs/qgroup.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c
index 2ca6bbc1bcc9..1284e78fffce 100644
--- a/fs/btrfs/qgroup.c
+++ b/fs/btrfs/qgroup.c
@@ -3121,7 +3121,7 @@ static int qgroup_auto_inherit(struct btrfs_fs_info *fs_info,
 	qgids = res->qgroups;
 
 	list_for_each_entry(qg_list, &inode_qg->groups, next_group)
-		qgids[i] = qg_list->group->qgroupid;
+		qgids[i++] = qg_list->group->qgroupid;
 
 	*inherit = res;
 	return 0;
-- 
2.43.0
Re: [PATCH] btrfs: fix array index in qgroup_auto_inherit()
Posted by David Sterba 1 year, 7 months ago 
On Sat, May 04, 2024 at 02:38:41PM +0300, Dan Carpenter wrote:
> The "i++" was accidentally left out so it just sets qgids[0] over and
> over.
> 
> Fixes: 5343cd9364ea ("btrfs: qgroup: simple quota auto hierarchy for nested subvolumes")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
> ---
> >From static analysis.  Untested.

A real bug, thanks. Patch added to for-next.
Re: [PATCH] btrfs: fix array index in qgroup_auto_inherit()
Posted by Qu Wenruo 1 year, 7 months ago 

在 2024/5/4 21:08, Dan Carpenter 写道:
> The "i++" was accidentally left out so it just sets qgids[0] over and
> over.
>
> Fixes: 5343cd9364ea ("btrfs: qgroup: simple quota auto hierarchy for nested subvolumes")
> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>

It is indeed the case, btrfs_qgroup_inherit::groups[] should be the
parent qgroupis the subvolume would be added to.

In fact this can lead to unexpected problems, as the groups[1:] would be
all 0, leading to later find_qgroup_rb() unable to find a qgroup and
cause snapshot creation failure.

IMHO you can also craft a fstest case, where the parent subvolume is
assgined to multiple qgroups, and creating a new subvolume inside that
one, which should lead to subvolume creation failure.

Reviewed-by: Qu Wenruo <wqu@suse.com>

Thanks,
Qu
> ---
>  From static analysis.  Untested.
>
>   fs/btrfs/qgroup.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c
> index 2ca6bbc1bcc9..1284e78fffce 100644
> --- a/fs/btrfs/qgroup.c
> +++ b/fs/btrfs/qgroup.c
> @@ -3121,7 +3121,7 @@ static int qgroup_auto_inherit(struct btrfs_fs_info *fs_info,
>   	qgids = res->qgroups;
>
>   	list_for_each_entry(qg_list, &inode_qg->groups, next_group)
> -		qgids[i] = qg_list->group->qgroupid;
> +		qgids[i++] = qg_list->group->qgroupid;
>
>   	*inherit = res;
>   	return 0;

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.