diff options
author | Mark Fasheh <mfasheh@suse.com> | 2011-08-05 15:46:16 -0700 |
---|---|---|
committer | David Sterba <dsterba@suse.cz> | 2012-03-22 01:45:37 +0100 |
commit | 0678b61851b510ba68341dff59cd9b47e1712e91 (patch) | |
tree | e8e8199ee3929e508c42bea39a3eeb122246626c | |
parent | be1a5564fd39fa2ca6adbb41c75fb08f96a1ffcb (diff) | |
download | op-kernel-dev-0678b61851b510ba68341dff59cd9b47e1712e91.zip op-kernel-dev-0678b61851b510ba68341dff59cd9b47e1712e91.tar.gz |
btrfs: Don't BUG_ON kzalloc error in btrfs_lookup_csums_range()
Unfortunately it isn't enough to just exit here - the kzalloc() happens in a
loop and the allocated items are added to a linked list whose head is passed
in from the caller.
To fix the BUG_ON() and also provide the semantic that the list passed in is
only modified on success, I create function-local temporary list that we add
items too. If no error is met, that list is spliced to the callers at the
end of the function. Otherwise the list will be walked and all items freed
before the error value is returned.
I did a simple test on this patch by forcing an error at the kzalloc() point
and verifying that when this hits (git clone seemed to exercise this), the
function throws the proper error. Unfortunately but predictably, we later
hit a BUG_ON(ret) type line that still hasn't been fixed up ;)
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
-rw-r--r-- | fs/btrfs/file-item.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/fs/btrfs/file-item.c b/fs/btrfs/file-item.c index edb69b4..89af104 100644 --- a/fs/btrfs/file-item.c +++ b/fs/btrfs/file-item.c @@ -284,6 +284,7 @@ int btrfs_lookup_csums_range(struct btrfs_root *root, u64 start, u64 end, struct btrfs_ordered_sum *sums; struct btrfs_sector_sum *sector_sum; struct btrfs_csum_item *item; + LIST_HEAD(tmplist); unsigned long offset; int ret; size_t size; @@ -358,7 +359,10 @@ int btrfs_lookup_csums_range(struct btrfs_root *root, u64 start, u64 end, MAX_ORDERED_SUM_BYTES(root)); sums = kzalloc(btrfs_ordered_sum_size(root, size), GFP_NOFS); - BUG_ON(!sums); + if (!sums) { + ret = -ENOMEM; + goto fail; + } sector_sum = sums->sums; sums->bytenr = start; @@ -380,12 +384,19 @@ int btrfs_lookup_csums_range(struct btrfs_root *root, u64 start, u64 end, offset += csum_size; sector_sum++; } - list_add_tail(&sums->list, list); + list_add_tail(&sums->list, &tmplist); } path->slots[0]++; } ret = 0; fail: + while (ret < 0 && !list_empty(&tmplist)) { + sums = list_entry(&tmplist, struct btrfs_ordered_sum, list); + list_del(&sums->list); + kfree(sums); + } + list_splice_tail(&tmplist, list); + btrfs_free_path(path); return ret; } |