提交 3152fcd4 编写于 作者: J Jan Kara 提交者: Greg Kroah-Hartman

jbd2: Fix possible overflow in jbd2_log_space_left()

commit add3efdd78b8a0478ce423bb9d4df6bd95e8b335 upstream.

When number of free space in the journal is very low, the arithmetic in
jbd2_log_space_left() could underflow resulting in very high number of
free blocks and thus triggering assertion failure in transaction commit
code complaining there's not enough space in the journal:

J_ASSERT(journal->j_free > 1);

Properly check for the low number of free blocks.

CC: stable@vger.kernel.org
Reviewed-by: NTheodore Ts'o <tytso@mit.edu>
Signed-off-by: NJan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20191105164437.32602-1-jack@suse.czSigned-off-by: NTheodore Ts'o <tytso@mit.edu>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
上级 18493bac
...@@ -1587,7 +1587,7 @@ static inline int jbd2_space_needed(journal_t *journal) ...@@ -1587,7 +1587,7 @@ static inline int jbd2_space_needed(journal_t *journal)
static inline unsigned long jbd2_log_space_left(journal_t *journal) static inline unsigned long jbd2_log_space_left(journal_t *journal)
{ {
/* Allow for rounding errors */ /* Allow for rounding errors */
unsigned long free = journal->j_free - 32; long free = journal->j_free - 32;
if (journal->j_committing_transaction) { if (journal->j_committing_transaction) {
unsigned long committing = atomic_read(&journal-> unsigned long committing = atomic_read(&journal->
...@@ -1596,7 +1596,7 @@ static inline unsigned long jbd2_log_space_left(journal_t *journal) ...@@ -1596,7 +1596,7 @@ static inline unsigned long jbd2_log_space_left(journal_t *journal)
/* Transaction + control blocks */ /* Transaction + control blocks */
free -= committing + (committing >> JBD2_CONTROL_BLOCKS_SHIFT); free -= committing + (committing >> JBD2_CONTROL_BLOCKS_SHIFT);
} }
return free; return max_t(long, free, 0);
} }
/* /*
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册