[kernel] r21897 - in dists/wheezy/linux/debian: . patches patches/bugfix/all

[Ben Hutchings]

Author: benh
Date: Wed Sep 24 01:17:44 2014
New Revision: 21897

Log:
ext4: fix BUG_ON in mb_free_blocks() (regression in 3.2.63)

Added:
   dists/wheezy/linux/debian/patches/bugfix/all/ext4-fix-BUG_ON-in-mb_free_blocks.patch
Modified:
   dists/wheezy/linux/debian/changelog
   dists/wheezy/linux/debian/patches/series

Modified: dists/wheezy/linux/debian/changelog
==============================================================================
--- dists/wheezy/linux/debian/changelog	Wed Sep 24 01:09:29 2014	(r21896)
+++ dists/wheezy/linux/debian/changelog	Wed Sep 24 01:17:44 2014	(r21897)
@@ -191,6 +191,7 @@
     - drm/radeon: stop poisoning the GART TLB
   * nfsd: Fix ACL null pointer deref (thanks to Sergio Gelato)
     (Closes: #754420)
+  * ext4: fix BUG_ON in mb_free_blocks() (regression in 3.2.63)
 
   [ Cyril Brulebois ]
   * udeb: Add virtio_scsi to virtio-modules (Closes: #756249).

Added: dists/wheezy/linux/debian/patches/bugfix/all/ext4-fix-BUG_ON-in-mb_free_blocks.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/wheezy/linux/debian/patches/bugfix/all/ext4-fix-BUG_ON-in-mb_free_blocks.patch	Wed Sep 24 01:17:44 2014	(r21897)
@@ -0,0 +1,58 @@
+From: Theodore Ts'o <tytso at mit.edu>
+Date: Sat, 23 Aug 2014 17:47:28 -0400
+Subject: ext4: fix BUG_ON in mb_free_blocks()
+Origin: https://git.kernel.org/linus/c99d1e6e83b06744c75d9f5e491ed495a7086b7b
+
+If we suffer a block allocation failure (for example due to a memory
+allocation failure), it's possible that we will call
+ext4_discard_allocated_blocks() before we've actually allocated any
+blocks.  In that case, fe_len and fe_start in ac->ac_f_ex will still
+be zero, and this will result in mb_free_blocks(inode, e4b, 0, 0)
+triggering the BUG_ON on mb_free_blocks():
+
+	BUG_ON(last >= (sb->s_blocksize << 3));
+
+Fix this by bailing out of ext4_discard_allocated_blocks() if fs_len
+is zero.
+
+Also fix a missing ext4_mb_unload_buddy() call in
+ext4_discard_allocated_blocks().
+
+Google-Bug-Id: 16844242
+
+Fixes: 86f0afd463215fc3e58020493482faa4ac3a4d69
+Signed-off-by: Theodore Ts'o <tytso at mit.edu>
+Cc: stable at vger.kernel.org
+[bwh: Backported to 3.2: adjust context]
+---
+ fs/ext4/mballoc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/fs/ext4/mballoc.c
++++ b/fs/ext4/mballoc.c
+@@ -1312,6 +1312,8 @@ static void mb_free_blocks(struct inode
+ 	void *buddy2;
+ 	struct super_block *sb = e4b->bd_sb;
+ 
++	if (WARN_ON(count == 0))
++		return;
+ 	BUG_ON(first + count > (sb->s_blocksize << 3));
+ 	assert_spin_locked(ext4_group_lock_ptr(sb, e4b->bd_group));
+ 	mb_check_buddy(e4b);
+@@ -3132,6 +3134,8 @@ static void ext4_discard_allocated_block
+ 	int err;
+ 
+ 	if (pa == NULL) {
++		if (ac->ac_f_ex.fe_len == 0)
++			return;
+ 		err = ext4_mb_load_buddy(ac->ac_sb, ac->ac_f_ex.fe_group, &e4b);
+ 		if (err) {
+ 			/*
+@@ -3146,6 +3150,7 @@ static void ext4_discard_allocated_block
+ 		mb_free_blocks(ac->ac_inode, &e4b, ac->ac_f_ex.fe_start,
+ 			       ac->ac_f_ex.fe_len);
+ 		ext4_unlock_group(ac->ac_sb, ac->ac_f_ex.fe_group);
++		ext4_mb_unload_buddy(&e4b);
+ 		return;
+ 	}
+ 	if (pa->pa_type == MB_INODE_PA)

Modified: dists/wheezy/linux/debian/patches/series
==============================================================================
--- dists/wheezy/linux/debian/patches/series	Wed Sep 24 01:09:29 2014	(r21896)
+++ dists/wheezy/linux/debian/patches/series	Wed Sep 24 01:17:44 2014	(r21897)
@@ -1132,3 +1132,4 @@
 debian/scsi-avoid-abi-change-in-3.2.62.patch
 debian/nlattr-avoid-abi-change-in-3.2.61.patch
 bugfix/all/nfsd-fix-acl-null-pointer-deref.patch
+bugfix/all/ext4-fix-BUG_ON-in-mb_free_blocks.patch