* [PATCH] splice: fix bad unlock_page() in error case
@ 2007-07-20 13:18 Jens Axboe
0 siblings, 0 replies; only message in thread
From: Jens Axboe @ 2007-07-20 13:18 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-kernel
Hi,
If add_to_page_cache_lru() fails, the page will not be locked. But
splice jumps to an error path that does a page release and unlock,
causing a BUG() in unlock_page().
Fix this by adding one more label that just releases the page. This bug
was actually triggered on EL5 by gurudas pai <gurudas.pai@oracle.com>
using fio.
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
diff --git a/fs/splice.c b/fs/splice.c
index 099b831..4960085 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -628,7 +628,7 @@ find_page:
ret = add_to_page_cache_lru(page, mapping, index,
GFP_KERNEL);
if (unlikely(ret))
- goto out;
+ goto out_release;
}
ret = mapping->a_ops->prepare_write(file, page, offset, offset+this_len);
@@ -684,8 +684,9 @@ find_page:
*/
mark_page_accessed(page);
out:
- page_cache_release(page);
unlock_page(page);
+out_release:
+ page_cache_release(page);
out_ret:
return ret;
}
--
Jens Axboe
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2007-07-20 13:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-20 13:18 [PATCH] splice: fix bad unlock_page() in error case Jens Axboe
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.