Re: 2.6.11-rc2/ext3 quota allocation bug on error path ...
From: Jan Kara
Date: Mon Jan 24 2005 - 05:17:02 EST
>
> looking at ext3_xattr_block_set() [fs/ext3/xattr.c] ...
> I see that
>
> error = -EDQUOT;
> if (DQUOT_ALLOC_BLOCK(inode, 1))
> goto cleanup;
>
> allocates a quota block, but right after that several
> error echecks happen ...
>
> if (error)
> goto cleanup;
>
> and I don't see any DQUOT_FREE_BLOCK() in the errorpath
>
> cleanup:
> if (ce)
> mb_cache_entry_release(ce);
> brelse(new_bh);
> if (!(bs->bh && s->base == bs->bh->b_data))
> kfree(s->base);
>
> return error;
>
> I'd suggest the attached fix (agains 2.6.11-rc2), comments?
Yes, the patch looks right. Please apply it, Andrew. BTW ext2 needs a
similar fix - will submit in the next mail.
Honza
> --- ./fs/ext3/xattr.c.orig 2005-01-22 15:07:50 +0100
> +++ ./fs/ext3/xattr.c 2005-01-22 16:45:09 +0100
> @@ -773,7 +773,7 @@ inserted:
> error = ext3_journal_get_write_access(handle,
> new_bh);
> if (error)
> - goto cleanup;
> + goto cleanup_dquot;
> lock_buffer(new_bh);
> BHDR(new_bh)->h_refcount = cpu_to_le32(1 +
> le32_to_cpu(BHDR(new_bh)->h_refcount));
> @@ -783,7 +783,7 @@ inserted:
> error = ext3_journal_dirty_metadata(handle,
> new_bh);
> if (error)
> - goto cleanup;
> + goto cleanup_dquot;
> }
> mb_cache_entry_release(ce);
> ce = NULL;
> @@ -844,6 +844,10 @@ cleanup:
>
> return error;
>
> +cleanup_dquot:
> + DQUOT_FREE_BLOCK(inode, 1);
> + goto cleanup;
> +
> bad_block:
> ext3_error(inode->i_sb, __FUNCTION__,
> "inode %ld: bad block %d", inode->i_ino,
>
--
Jan Kara <jack@xxxxxxx>
SuSE CR Labs
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/