* [Ocfs2-devel] [PATCH] ocfs2: fix possible double free in ocfs2_write_begin_nolock
@ 2013-10-26 9:09 Xue jiufei
2013-10-26 9:58 ` Jeff Liu
2013-11-07 11:11 ` Joel Becker
0 siblings, 2 replies; 3+ messages in thread
From: Xue jiufei @ 2013-10-26 9:09 UTC (permalink / raw)
To: ocfs2-devel
When ocfs2_write_cluster_by_desc() failed in ocfs2_write_begin_nolock()
because of ENOSPC, it goes to out_quota, freeing data_ac(meta_ac). Then
it calls ocfs2_try_to_free_truncate_log() to free space. If enough
space freed, it will try to write again. Unfortunately, some error
happenes before ocfs2_lock_allocators(), it goes to out and free
data_ac(meta_ac) again.
Signed-off-by: joyce <xuejiufei@huawei.com>
---
fs/ocfs2/aops.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/fs/ocfs2/aops.c b/fs/ocfs2/aops.c
index f37d3c0..8ad0a41 100644
--- a/fs/ocfs2/aops.c
+++ b/fs/ocfs2/aops.c
@@ -1897,10 +1897,14 @@ out_commit:
out:
ocfs2_free_write_ctxt(wc);
- if (data_ac)
+ if (data_ac) {
ocfs2_free_alloc_context(data_ac);
- if (meta_ac)
+ data_ac = NULL;
+ }
+ if (meta_ac) {
ocfs2_free_alloc_context(meta_ac);
+ meta_ac = NULL;
+ }
if (ret == -ENOSPC && try_free) {
/*
--
1.7.9.7
^ permalink raw reply related [flat|nested] 3+ messages in thread* [Ocfs2-devel] [PATCH] ocfs2: fix possible double free in ocfs2_write_begin_nolock
2013-10-26 9:09 [Ocfs2-devel] [PATCH] ocfs2: fix possible double free in ocfs2_write_begin_nolock Xue jiufei
@ 2013-10-26 9:58 ` Jeff Liu
2013-11-07 11:11 ` Joel Becker
1 sibling, 0 replies; 3+ messages in thread
From: Jeff Liu @ 2013-10-26 9:58 UTC (permalink / raw)
To: ocfs2-devel
On 10/26/2013 05:09 PM, Xue jiufei wrote:
> When ocfs2_write_cluster_by_desc() failed in ocfs2_write_begin_nolock()
> because of ENOSPC, it goes to out_quota, freeing data_ac(meta_ac). Then
> it calls ocfs2_try_to_free_truncate_log() to free space. If enough
> space freed, it will try to write again. Unfortunately, some error
> happenes before ocfs2_lock_allocators(), it goes to out and free
> data_ac(meta_ac) again.
Looks good to me, thanks.
Reviewed-by: Jie Liu <jeff.liu@oracle.com>
>
> Signed-off-by: joyce <xuejiufei@huawei.com>
> ---
> fs/ocfs2/aops.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ocfs2/aops.c b/fs/ocfs2/aops.c
> index f37d3c0..8ad0a41 100644
> --- a/fs/ocfs2/aops.c
> +++ b/fs/ocfs2/aops.c
> @@ -1897,10 +1897,14 @@ out_commit:
> out:
> ocfs2_free_write_ctxt(wc);
>
> - if (data_ac)
> + if (data_ac) {
> ocfs2_free_alloc_context(data_ac);
> - if (meta_ac)
> + data_ac = NULL;
> + }
> + if (meta_ac) {
> ocfs2_free_alloc_context(meta_ac);
> + meta_ac = NULL;
> + }
>
> if (ret == -ENOSPC && try_free) {
> /*
^ permalink raw reply [flat|nested] 3+ messages in thread* [Ocfs2-devel] [PATCH] ocfs2: fix possible double free in ocfs2_write_begin_nolock
2013-10-26 9:09 [Ocfs2-devel] [PATCH] ocfs2: fix possible double free in ocfs2_write_begin_nolock Xue jiufei
2013-10-26 9:58 ` Jeff Liu
@ 2013-11-07 11:11 ` Joel Becker
1 sibling, 0 replies; 3+ messages in thread
From: Joel Becker @ 2013-11-07 11:11 UTC (permalink / raw)
To: ocfs2-devel
On Sat, Oct 26, 2013 at 05:09:52PM +0800, Xue jiufei wrote:
> When ocfs2_write_cluster_by_desc() failed in ocfs2_write_begin_nolock()
> because of ENOSPC, it goes to out_quota, freeing data_ac(meta_ac). Then
> it calls ocfs2_try_to_free_truncate_log() to free space. If enough
> space freed, it will try to write again. Unfortunately, some error
> happenes before ocfs2_lock_allocators(), it goes to out and free
> data_ac(meta_ac) again.
>
> Signed-off-by: joyce <xuejiufei@huawei.com>
Good catch. This function could use some refactoring for
understandability.
Acked-by: Joel Becker <jlbec@evilplan.org>
> ---
> fs/ocfs2/aops.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ocfs2/aops.c b/fs/ocfs2/aops.c
> index f37d3c0..8ad0a41 100644
> --- a/fs/ocfs2/aops.c
> +++ b/fs/ocfs2/aops.c
> @@ -1897,10 +1897,14 @@ out_commit:
> out:
> ocfs2_free_write_ctxt(wc);
>
> - if (data_ac)
> + if (data_ac) {
> ocfs2_free_alloc_context(data_ac);
> - if (meta_ac)
> + data_ac = NULL;
> + }
> + if (meta_ac) {
> ocfs2_free_alloc_context(meta_ac);
> + meta_ac = NULL;
> + }
>
> if (ret == -ENOSPC && try_free) {
> /*
> --
> 1.7.9.7
>
>
> _______________________________________________
> Ocfs2-devel mailing list
> Ocfs2-devel at oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/ocfs2-devel
--
Life's Little Instruction Book #464
"Don't miss the magic of the moment by focusing on what's
to come."
http://www.jlbec.org/
jlbec at evilplan.org
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-11-07 11:11 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-26 9:09 [Ocfs2-devel] [PATCH] ocfs2: fix possible double free in ocfs2_write_begin_nolock Xue jiufei
2013-10-26 9:58 ` Jeff Liu
2013-11-07 11:11 ` Joel Becker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.