Patchwork ext4: BUG_ON could be triggered in ext4_mb_normalize_request()

login
register
mail settings
Submitter jing zhang
Date April 7, 2010, 1:51 p.m.
Message ID <j2oac8f92701004070651xf35cfb9bsedcdd25169427515@mail.gmail.com>
Download mbox | patch
Permalink /patch/49607/
State New
Headers show

Comments

jing zhang - April 7, 2010, 1:51 p.m.
From: Jing Zhang <zj.barak@gmail.com>

Date: Wed Apr 7 21:34:48     2010

BUG_ON at [line: 2912] could be triggered,
     if (pa->pa_deleted == 0 && pa->pa_free == 0)
as checked at [line: 3111] and [line: 3122].

It is bypassed by adding check for pa_free.

Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Andreas Dilger <adilger@sun.com>
Cc: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
Cc: Aneesh Kumar K. V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Jing Zhang <zj.barak@gmail.com>

---

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

--- linux-2.6.32/fs/ext4/mballoc.c	2009-12-03 11:51:22.000000000 +0800
+++ ext4_mm_leak/mballoc-16.c	2010-04-07 20:20:26.000000000 +0800
@@ -2901,7 +2901,7 @@  ext4_mb_normalize_request(struct ext4_al
 		if (pa->pa_deleted)
 			continue;
 		spin_lock(&pa->pa_lock);
-		if (pa->pa_deleted) {
+		if (pa->pa_deleted || 0 == pa->pa_free) {
 			spin_unlock(&pa->pa_lock);
 			continue;
 		}