Home » Mailing list archives » linux-kernel » 2010 » August » 24

[019/114] nilfs2: fix list corruption after ifile creation failure

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Greg KH
Subject: [019/114] nilfs2: fix list corruption after ifile creation failure
Date: Tuesday, August 24, 2010 - 3:44 pm

2.6.35-stable review patch.  If anyone has any objections, please let us know.

------------------

From: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>

commit af4e36318edb848fcc0a8d5f75000ca00cdc7595 upstream.

If nilfs_attach_checkpoint() gets a memory allocation failure during
creation of ifile, it will return without removing nilfs_sb_info
struct from ns_supers list.  When a concurrently mounted snapshot is
unmounted or another new snapshot is mounted after that, this causes
kernel oops as below:

<snip>

This fixes the problem.

Signed-off-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
Tested-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

---
 fs/nilfs2/super.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

--- a/fs/nilfs2/super.c
+++ b/fs/nilfs2/super.c
@@ -336,9 +336,10 @@ int nilfs_attach_checkpoint(struct nilfs
 	list_add(&sbi->s_list, &nilfs->ns_supers);
 	up_write(&nilfs->ns_super_sem);
 
+	err = -ENOMEM;
 	sbi->s_ifile = nilfs_ifile_new(sbi, nilfs->ns_inode_size);
 	if (!sbi->s_ifile)
-		return -ENOMEM;
+		goto delist;
 
 	down_read(&nilfs->ns_segctor_sem);
 	err = nilfs_cpfile_get_checkpoint(nilfs->ns_cpfile, cno, 0, &raw_cp,
@@ -369,6 +370,7 @@ int nilfs_attach_checkpoint(struct nilfs
 	nilfs_mdt_destroy(sbi->s_ifile);
 	sbi->s_ifile = NULL;
 
+ delist:
 	down_write(&nilfs->ns_super_sem);
 	list_del_init(&sbi->s_list);
 	up_write(&nilfs->ns_super_sem);


--
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[019/114] nilfs2: fix list corruption after ifile creation ..., Greg KH, (Tue Aug 24, 3:44 pm)