[patch] fuse: fix bug in aborted fuse_release_end()

From: Miklos Szeredi
Date: Thu Feb 16 2006 - 08:21:45 EST

Next message: Bartlomiej Zolnierkiewicz: "Re: [BUG] kernel 2.6.15.4: soft lockup detected on CPU#0!"
Previous message: Jes Sorensen: "Re: [PATCH 1/8] Notifier chain update: API changes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There's a rather theoretical case of the BUG triggering in
fuse_reset_request():

- iget() fails because of OOM after a successful CREATE_OPEN request
- during IO on the resulting RELEASE request the connection is aborted

Fix and add warning to fuse_reset_request().

Signed-off-by: Miklos Szeredi <miklos@xxxxxxxxxx>
---

Index: linux/fs/fuse/dev.c
===================================================================
--- linux.orig/fs/fuse/dev.c 2006-02-16 14:03:37.000000000 +0100
+++ linux/fs/fuse/dev.c 2006-02-16 14:09:17.000000000 +0100
@@ -66,6 +66,12 @@ static void restore_sigs(sigset_t *oldse
sigprocmask(SIG_SETMASK, oldset, NULL);
}

+/*
+ * Reset request, so that it can be reused
+ *
+ * The caller must be _very_ careful to make sure, that it is holding
+ * the only reference to req
+ */
void fuse_reset_request(struct fuse_req *req)
{
int preallocated = req->preallocated;
Index: linux/fs/fuse/file.c
===================================================================
--- linux.orig/fs/fuse/file.c 2006-02-16 14:03:37.000000000 +0100
+++ linux/fs/fuse/file.c 2006-02-16 14:09:17.000000000 +0100
@@ -116,9 +116,14 @@ int fuse_open_common(struct inode *inode
/* Special case for failed iget in CREATE */
static void fuse_release_end(struct fuse_conn *fc, struct fuse_req *req)
{
- u64 nodeid = req->in.h.nodeid;
- fuse_reset_request(req);
- fuse_send_forget(fc, req, nodeid, 1);
+ /* If called from end_io_requests(), req has more than one
+ reference and fuse_reset_request() cannot work */
+ if (fc->connected) {
+ u64 nodeid = req->in.h.nodeid;
+ fuse_reset_request(req);
+ fuse_send_forget(fc, req, nodeid, 1);
+ } else
+ fuse_put_request(fc, req);
}

void fuse_send_release(struct fuse_conn *fc, struct fuse_file *ff,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bartlomiej Zolnierkiewicz: "Re: [BUG] kernel 2.6.15.4: soft lockup detected on CPU#0!"
Previous message: Jes Sorensen: "Re: [PATCH 1/8] Notifier chain update: API changes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]