diff options
author | Miklos Szeredi <miklos@szeredi.hu> | 2006-02-17 16:52:52 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-02-17 16:59:27 -0500 |
commit | 77e7f250f88cd62844e24c42aff4d0e95969c746 (patch) | |
tree | ee14c76d87f8ac141d2fee43e40278b5fcadadd8 | |
parent | a8534adb74e23374889b84b3d97eb18da542a1b5 (diff) |
[PATCH] fuse: fix bug in aborted fuse_release_end()
There's a rather theoretical case of the BUG triggering in
fuse_reset_request():
- iget() fails because of OOM after a successful CREATE_OPEN request
- during IO on the resulting RELEASE request the connection is aborted
Fix and add warning to fuse_reset_request().
Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | fs/fuse/dev.c | 6 | ||||
-rw-r--r-- | fs/fuse/file.c | 11 |
2 files changed, 14 insertions, 3 deletions
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index f556a0d5c0d3..0c9a2ee54c91 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c | |||
@@ -66,6 +66,12 @@ static void restore_sigs(sigset_t *oldset) | |||
66 | sigprocmask(SIG_SETMASK, oldset, NULL); | 66 | sigprocmask(SIG_SETMASK, oldset, NULL); |
67 | } | 67 | } |
68 | 68 | ||
69 | /* | ||
70 | * Reset request, so that it can be reused | ||
71 | * | ||
72 | * The caller must be _very_ careful to make sure, that it is holding | ||
73 | * the only reference to req | ||
74 | */ | ||
69 | void fuse_reset_request(struct fuse_req *req) | 75 | void fuse_reset_request(struct fuse_req *req) |
70 | { | 76 | { |
71 | int preallocated = req->preallocated; | 77 | int preallocated = req->preallocated; |
diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 296351615b00..6f05379b0a0d 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c | |||
@@ -116,9 +116,14 @@ int fuse_open_common(struct inode *inode, struct file *file, int isdir) | |||
116 | /* Special case for failed iget in CREATE */ | 116 | /* Special case for failed iget in CREATE */ |
117 | static void fuse_release_end(struct fuse_conn *fc, struct fuse_req *req) | 117 | static void fuse_release_end(struct fuse_conn *fc, struct fuse_req *req) |
118 | { | 118 | { |
119 | u64 nodeid = req->in.h.nodeid; | 119 | /* If called from end_io_requests(), req has more than one |
120 | fuse_reset_request(req); | 120 | reference and fuse_reset_request() cannot work */ |
121 | fuse_send_forget(fc, req, nodeid, 1); | 121 | if (fc->connected) { |
122 | u64 nodeid = req->in.h.nodeid; | ||
123 | fuse_reset_request(req); | ||
124 | fuse_send_forget(fc, req, nodeid, 1); | ||
125 | } else | ||
126 | fuse_put_request(fc, req); | ||
122 | } | 127 | } |
123 | 128 | ||
124 | void fuse_send_release(struct fuse_conn *fc, struct fuse_file *ff, | 129 | void fuse_send_release(struct fuse_conn *fc, struct fuse_file *ff, |