Re: [PATCH] nfs client O_DIRECT oops

[Pete Zaitcev]

On Mon, 28 Feb 2005 14:02:30 -0500, Steve Dickson <SteveD@xxxxxxxxxx> wrote:

> Discovered using AKPM's ext3-tools: odwrite -ko 0 16385 foo

> Signed-off-by: Bill Rugolsky <brugolsky@xxxxxxxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxx>

The root cause of the bug is that the code violates the principle of the
least surprise, which in this case is: if a function fails, you do not have
to clean up for that function. Therefore, Bill's fix papers over instead
of fixing.

This is how I think it should have been fixed:

--- linux-2.6.9-5.EL/fs/nfs/direct.c	2004-10-18 14:55:07.000000000 -0700
+++ linux-2.6.9-5.EL-nfs/fs/nfs/direct.c	2005-02-28 16:48:54.000000000 -0800
@@ -86,6 +86,8 @@
 					page_count, (rw == READ), 0,
 					*pages, NULL);
 		up_read(&current->mm->mmap_sem);
+		if (result < 0)
+			kfree(*pages);
 	}
 	return result;
 }
@@ -211,7 +213,6 @@
 
                 page_count = nfs_get_user_pages(READ, user_addr, size, &pages);
                 if (page_count < 0) {
-                        nfs_free_user_pages(pages, 0, 0);
 			if (tot_bytes > 0)
 				break;
                         return page_count;
@@ -377,7 +378,6 @@
 
                 page_count = nfs_get_user_pages(WRITE, user_addr, size, &pages);
                 if (page_count < 0) {
-                        nfs_free_user_pages(pages, 0, 0);
 			if (tot_bytes > 0)
 				break;
                         return page_count;

Best wishes,
-- Pete
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/