Commit b7b7fa43 authored by Jeff Mahoney's avatar Jeff Mahoney Committed by Frederic Weisbecker

reiserfs: Fix locking BUG during mount failure

Commit 8ebc4232 (reiserfs: kill-the-BKL)
introduced a bug in the mount failure case.

The error label releases the lock before calling journal_release_error,
but it requires that the lock be held. do_journal_release unlocks and
retakes it. When it releases it without it held, we trigger a BUG().

The error_alloc label skips the unlock since the lock isn't held yet
but none of the other conditions that are clean up exist yet either.

This patch returns immediately after the kzalloc failure and moves
the reiserfs_write_unlock after the journal_release_error call.

This was reported in https://bugzilla.novell.com/show_bug.cgi?id=591807Reported-by: default avatarThomas Siedentopf <thomas.siedentopf@novell.com>
Signed-off-by: default avatarJeff Mahoney <jeffm@suse.com>
Cc: Thomas Siedentopf <thomas.siedentopf@novell.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: 2.6.33.x <stable@kernel.org>
Signed-off-by: default avatarFrederic Weisbecker <fweisbec@gmail.com>
parent 2eaa9cfd
...@@ -1618,10 +1618,8 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent) ...@@ -1618,10 +1618,8 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent)
save_mount_options(s, data); save_mount_options(s, data);
sbi = kzalloc(sizeof(struct reiserfs_sb_info), GFP_KERNEL); sbi = kzalloc(sizeof(struct reiserfs_sb_info), GFP_KERNEL);
if (!sbi) { if (!sbi)
errval = -ENOMEM; return -ENOMEM;
goto error_alloc;
}
s->s_fs_info = sbi; s->s_fs_info = sbi;
/* Set default values for options: non-aggressive tails, RO on errors */ /* Set default values for options: non-aggressive tails, RO on errors */
REISERFS_SB(s)->s_mount_opt |= (1 << REISERFS_SMALLTAIL); REISERFS_SB(s)->s_mount_opt |= (1 << REISERFS_SMALLTAIL);
...@@ -1878,12 +1876,12 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent) ...@@ -1878,12 +1876,12 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent)
return (0); return (0);
error: error:
reiserfs_write_unlock(s);
error_alloc:
if (jinit_done) { /* kill the commit thread, free journal ram */ if (jinit_done) { /* kill the commit thread, free journal ram */
journal_release_error(NULL, s); journal_release_error(NULL, s);
} }
reiserfs_write_unlock(s);
reiserfs_free_bitmap_cache(s); reiserfs_free_bitmap_cache(s);
if (SB_BUFFER_WITH_SB(s)) if (SB_BUFFER_WITH_SB(s))
brelse(SB_BUFFER_WITH_SB(s)); brelse(SB_BUFFER_WITH_SB(s));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment