git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Robbie Ko <robbieko@synology.com>
	Tue, 26 Mar 2019 03:56:11 +0000 (11:56 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 31 May 2019 13:43:19 +0000 (06:43 -0700)
commit	f033d6a229e56807fe4703c003d2b00043c7d478
tree	3143ab335ff780edf32af73c4102f9adf24d896d	tree \| snapshot
parent	eee8c24f4ce72ec5d3319dc73b9f1ebbdc148727	commit \| diff

Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve

[ Upstream commit 39ad317315887c2cb9a4347a93a8859326ddf136 ]

When doing fallocate, we first add the range to the reserve_list and
then reserve the quota.  If quota reservation fails, we'll release all
reserved parts of reserve_list.

However, cur_offset is not updated to indicate that this range is
already been inserted into the list.  Therefore, the same range is freed
twice.  Once at list_for_each_entry loop, and once at the end of the
function.  This will result in WARN_ON on bytes_may_use when we free the
remaining space.

At the end, under the 'out' label we have a call to:

   btrfs_free_reserved_data_space(inode, data_reserved, alloc_start, alloc_end - cur_offset);

The start offset, third argument, should be cur_offset.

Everything from alloc_start to cur_offset was freed by the
list_for_each_entry_safe_loop.

Fixes: 18513091af94 ("btrfs: update btrfs_space_info's bytes_may_use timely")
Reviewed-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: Robbie Ko <robbieko@synology.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>