From: Jing Zhang <[email protected]>
Date: Wed Apr 7 21:34:48 2010
BUG_ON at [line: 2912] could be triggered,
if (pa->pa_deleted == 0 && pa->pa_free == 0)
as checked at [line: 3111] and [line: 3122].
It is bypassed by adding check for pa_free.
Cc: Theodore Ts'o <[email protected]>
Cc: Andreas Dilger <[email protected]>
Cc: Dave Kleikamp <[email protected]>
Cc: Aneesh Kumar K. V <[email protected]>
Signed-off-by: Jing Zhang <[email protected]>
---
--- linux-2.6.32/fs/ext4/mballoc.c 2009-12-03 11:51:22.000000000 +0800
+++ ext4_mm_leak/mballoc-16.c 2010-04-07 20:20:26.000000000 +0800
@@ -2901,7 +2901,7 @@ ext4_mb_normalize_request(struct ext4_al
if (pa->pa_deleted)
continue;
spin_lock(&pa->pa_lock);
- if (pa->pa_deleted) {
+ if (pa->pa_deleted || 0 == pa->pa_free) {
spin_unlock(&pa->pa_lock);
continue;
}