2013-05-29 22:30:07

by Bjorn Helgaas

[permalink] [raw]
Subject: [PATCH] bio-integrity: Fix use of bs->bio_integrity_pool after free

This fixes a copy and paste error introduced by 9f060e2231
("block: Convert integrity to bvec_alloc_bs()").

Found by Coverity (CID 1020654).

Signed-off-by: Bjorn Helgaas <[email protected]>
---
fs/bio-integrity.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
index 8fb4291..45e944f 100644
--- a/fs/bio-integrity.c
+++ b/fs/bio-integrity.c
@@ -734,7 +734,7 @@ void bioset_integrity_free(struct bio_set *bs)
mempool_destroy(bs->bio_integrity_pool);

if (bs->bvec_integrity_pool)
- mempool_destroy(bs->bio_integrity_pool);
+ mempool_destroy(bs->bvec_integrity_pool);
}
EXPORT_SYMBOL(bioset_integrity_free);


2013-06-13 18:15:17

by Bjorn Helgaas

[permalink] [raw]
Subject: Re: [PATCH] bio-integrity: Fix use of bs->bio_integrity_pool after free

On Wed, May 29, 2013 at 4:29 PM, Bjorn Helgaas <[email protected]> wrote:
> This fixes a copy and paste error introduced by 9f060e2231
> ("block: Convert integrity to bvec_alloc_bs()").
>
> Found by Coverity (CID 1020654).
>
> Signed-off-by: Bjorn Helgaas <[email protected]>
> ---
> fs/bio-integrity.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
> index 8fb4291..45e944f 100644
> --- a/fs/bio-integrity.c
> +++ b/fs/bio-integrity.c
> @@ -734,7 +734,7 @@ void bioset_integrity_free(struct bio_set *bs)
> mempool_destroy(bs->bio_integrity_pool);
>
> if (bs->bvec_integrity_pool)
> - mempool_destroy(bs->bio_integrity_pool);
> + mempool_destroy(bs->bvec_integrity_pool);
> }
> EXPORT_SYMBOL(bioset_integrity_free);

Kent, do you want to chime in on this? Looks like an obvious error to
me, but maybe I'm missing something and we should teach Coverity to
shut up about it.

Bjorn

2013-06-13 18:33:25

by Kent Overstreet

[permalink] [raw]
Subject: Re: [PATCH] bio-integrity: Fix use of bs->bio_integrity_pool after free

On Thu, Jun 13, 2013 at 12:14:54PM -0600, Bjorn Helgaas wrote:
> On Wed, May 29, 2013 at 4:29 PM, Bjorn Helgaas <[email protected]> wrote:
> > This fixes a copy and paste error introduced by 9f060e2231
> > ("block: Convert integrity to bvec_alloc_bs()").
> >
> > Found by Coverity (CID 1020654).
> >
> > Signed-off-by: Bjorn Helgaas <[email protected]>
> > ---
> > fs/bio-integrity.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
> > index 8fb4291..45e944f 100644
> > --- a/fs/bio-integrity.c
> > +++ b/fs/bio-integrity.c
> > @@ -734,7 +734,7 @@ void bioset_integrity_free(struct bio_set *bs)
> > mempool_destroy(bs->bio_integrity_pool);
> >
> > if (bs->bvec_integrity_pool)
> > - mempool_destroy(bs->bio_integrity_pool);
> > + mempool_destroy(bs->bvec_integrity_pool);
> > }
> > EXPORT_SYMBOL(bioset_integrity_free);
>
> Kent, do you want to chime in on this? Looks like an obvious error to
> me, but maybe I'm missing something and we should teach Coverity to
> shut up about it.

Sorry - no, this is definitely a bug:

Acked-by: Kent Overstreet <[email protected]>

2013-09-16 13:40:47

by Bjorn Helgaas

[permalink] [raw]
Subject: Re: [PATCH] bio-integrity: Fix use of bs->bio_integrity_pool after free

On Thu, Jun 13, 2013 at 12:33 PM, Kent Overstreet
<[email protected]> wrote:
> On Thu, Jun 13, 2013 at 12:14:54PM -0600, Bjorn Helgaas wrote:
>> On Wed, May 29, 2013 at 4:29 PM, Bjorn Helgaas <[email protected]> wrote:
>> > This fixes a copy and paste error introduced by 9f060e2231
>> > ("block: Convert integrity to bvec_alloc_bs()").
>> >
>> > Found by Coverity (CID 1020654).
>> >
>> > Signed-off-by: Bjorn Helgaas <[email protected]>
>> > ---
>> > fs/bio-integrity.c | 2 +-
>> > 1 file changed, 1 insertion(+), 1 deletion(-)
>> >
>> > diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
>> > index 8fb4291..45e944f 100644
>> > --- a/fs/bio-integrity.c
>> > +++ b/fs/bio-integrity.c
>> > @@ -734,7 +734,7 @@ void bioset_integrity_free(struct bio_set *bs)
>> > mempool_destroy(bs->bio_integrity_pool);
>> >
>> > if (bs->bvec_integrity_pool)
>> > - mempool_destroy(bs->bio_integrity_pool);
>> > + mempool_destroy(bs->bvec_integrity_pool);
>> > }
>> > EXPORT_SYMBOL(bioset_integrity_free);
>>
>> Kent, do you want to chime in on this? Looks like an obvious error to
>> me, but maybe I'm missing something and we should teach Coverity to
>> shut up about it.
>
> Sorry - no, this is definitely a bug:
>
> Acked-by: Kent Overstreet <[email protected]>

>From my v3.12-rc1 reminder list: what's going on with this patch?

It's been acked, Gu asked whether he could include it in some
patchset, I see a Sep 11 2013 patch from Gu upstream already
(bc5c8f078), but this patch (from May 29 2013) still hasn't gone
anywhere. Why is this so hard?

Bjorn

2013-09-16 13:50:24

by Bjorn Helgaas

[permalink] [raw]
Subject: Re: [PATCH] bio-integrity: Fix use of bs->bio_integrity_pool after free

[update Kent's email address]

On Mon, Sep 16, 2013 at 7:40 AM, Bjorn Helgaas <[email protected]> wrote:
> On Thu, Jun 13, 2013 at 12:33 PM, Kent Overstreet
> <[email protected]> wrote:
>> On Thu, Jun 13, 2013 at 12:14:54PM -0600, Bjorn Helgaas wrote:
>>> On Wed, May 29, 2013 at 4:29 PM, Bjorn Helgaas <[email protected]> wrote:
>>> > This fixes a copy and paste error introduced by 9f060e2231
>>> > ("block: Convert integrity to bvec_alloc_bs()").
>>> >
>>> > Found by Coverity (CID 1020654).
>>> >
>>> > Signed-off-by: Bjorn Helgaas <[email protected]>
>>> > ---
>>> > fs/bio-integrity.c | 2 +-
>>> > 1 file changed, 1 insertion(+), 1 deletion(-)
>>> >
>>> > diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
>>> > index 8fb4291..45e944f 100644
>>> > --- a/fs/bio-integrity.c
>>> > +++ b/fs/bio-integrity.c
>>> > @@ -734,7 +734,7 @@ void bioset_integrity_free(struct bio_set *bs)
>>> > mempool_destroy(bs->bio_integrity_pool);
>>> >
>>> > if (bs->bvec_integrity_pool)
>>> > - mempool_destroy(bs->bio_integrity_pool);
>>> > + mempool_destroy(bs->bvec_integrity_pool);
>>> > }
>>> > EXPORT_SYMBOL(bioset_integrity_free);
>>>
>>> Kent, do you want to chime in on this? Looks like an obvious error to
>>> me, but maybe I'm missing something and we should teach Coverity to
>>> shut up about it.
>>
>> Sorry - no, this is definitely a bug:
>>
>> Acked-by: Kent Overstreet <[email protected]>
>
> From my v3.12-rc1 reminder list: what's going on with this patch?
>
> It's been acked, Gu asked whether he could include it in some
> patchset, I see a Sep 11 2013 patch from Gu upstream already
> (bc5c8f078), but this patch (from May 29 2013) still hasn't gone
> anywhere. Why is this so hard?
>
> Bjorn

2013-09-17 18:47:34

by Jens Axboe

[permalink] [raw]
Subject: Re: [PATCH] bio-integrity: Fix use of bs->bio_integrity_pool after free

On 09/16/2013 07:40 AM, Bjorn Helgaas wrote:
> On Thu, Jun 13, 2013 at 12:33 PM, Kent Overstreet
> <[email protected]> wrote:
>> On Thu, Jun 13, 2013 at 12:14:54PM -0600, Bjorn Helgaas wrote:
>>> On Wed, May 29, 2013 at 4:29 PM, Bjorn Helgaas <[email protected]> wrote:
>>>> This fixes a copy and paste error introduced by 9f060e2231
>>>> ("block: Convert integrity to bvec_alloc_bs()").
>>>>
>>>> Found by Coverity (CID 1020654).
>>>>
>>>> Signed-off-by: Bjorn Helgaas <[email protected]>
>>>> ---
>>>> fs/bio-integrity.c | 2 +-
>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
>>>> index 8fb4291..45e944f 100644
>>>> --- a/fs/bio-integrity.c
>>>> +++ b/fs/bio-integrity.c
>>>> @@ -734,7 +734,7 @@ void bioset_integrity_free(struct bio_set *bs)
>>>> mempool_destroy(bs->bio_integrity_pool);
>>>>
>>>> if (bs->bvec_integrity_pool)
>>>> - mempool_destroy(bs->bio_integrity_pool);
>>>> + mempool_destroy(bs->bvec_integrity_pool);
>>>> }
>>>> EXPORT_SYMBOL(bioset_integrity_free);
>>>
>>> Kent, do you want to chime in on this? Looks like an obvious error to
>>> me, but maybe I'm missing something and we should teach Coverity to
>>> shut up about it.
>>
>> Sorry - no, this is definitely a bug:
>>
>> Acked-by: Kent Overstreet <[email protected]>
>
> From my v3.12-rc1 reminder list: what's going on with this patch?
>
> It's been acked, Gu asked whether he could include it in some
> patchset, I see a Sep 11 2013 patch from Gu upstream already
> (bc5c8f078), but this patch (from May 29 2013) still hasn't gone
> anywhere. Why is this so hard?

Queued up.

--
Jens Axboe