On 2019/3/18 下午11:45, Nikolay Borisov wrote:
> qgroup_rsv_size is calculated as the product of
> outstanding_extent * fs_info->nodesize. The product is calculated with
> 32 bith precision since both variables are defined as u32. Yet
> qgroup_rsv_size expects a 64 bit result.
>
> Avoid possible multiplication overflow by casting outstanding_extent to
> u64.
>
> Fixes-coverity-id: 1435101
> ff6bc37eb7f6 ("btrfs: qgroup: Use independent and accurate per inode qgroup rsv")
>
> Signed-off-by: Nikolay Borisov <nborisov@xxxxxxxx>
> ---
> fs/btrfs/extent-tree.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
> index b085d8215f0e..beddf9eef4a2 100644
> --- a/fs/btrfs/extent-tree.c
> +++ b/fs/btrfs/extent-tree.c
> @@ -6173,7 +6173,7 @@ static void btrfs_calculate_inode_block_rsv_size(struct btrfs_fs_info *fs_info,
> *
> * This is overestimating in most cases.
> */
> - qgroup_rsv_size = outstanding_extents * fs_info->nodesize;
> + qgroup_rsv_size = (u64) outstanding_extents * fs_info->nodesize;
I'm a little uncertain about what's the proper way to do a u32 * u32 and
get a u64 in C.
For division we have DIV macro but not for multiple.
Thanks,
Qu
>
> spin_lock(&block_rsv->lock);
> block_rsv->size = reserve_size;
>
