On Thu, 2010-10-28 at 09:55 -0400, Jeff Layton wrote: > On Thu, 28 Oct 2010 08:34:35 -0400 > Jeff Layton <jlayton@xxxxxxxxxx> wrote: > > > On Thu, 28 Oct 2010 08:17:54 -0400 > > Steve Dickson <steved@xxxxxxxxxx> wrote: > > > > > A typo, introduced by commit f11ac8db, in the nfs_direct_write() > > > routine causes writes with O_DIRECT set to fail with a ENOMEM error. > > > > > > Found-by: Jeff Layton <jlayton@xxxxxxxxxx> > > > Signed-off-by: Steve Dickson <steved@xxxxxxxxxx> > > > --- > > > fs/nfs/direct.c | 2 +- > > > 1 files changed, 1 insertions(+), 1 deletions(-) > > > > > > diff --git a/fs/nfs/direct.c b/fs/nfs/direct.c > > > index 064a809..84d3c8b 100644 > > > --- a/fs/nfs/direct.c > > > +++ b/fs/nfs/direct.c > > > @@ -873,7 +873,7 @@ static ssize_t nfs_direct_write(struct kiocb *iocb, const struct iovec *iov, > > > dreq->inode = inode; > > > dreq->ctx = get_nfs_open_context(nfs_file_open_context(iocb->ki_filp)); > > > dreq->l_ctx = nfs_get_lock_context(dreq->ctx); > > > - if (dreq->l_ctx != NULL) > > > + if (dreq->l_ctx == NULL) > > > goto out_release; > > > if (!is_sync_kiocb(iocb)) > > > dreq->iocb = iocb; > > > > Also, since get_lock_context holds references, this prevents the fs > > from being unmounted. It looks like this bug is in 2.6.36 too, so this > > may be suitable for stable series as well. > > > > Oh...and another thing I noticed too... > > nfs_create_request doesn't check for a NULL return from > nfs_get_lock_context. If it ever does, it looks like that will likely > trickle down to an oops in encode_stateid. > > It might be good to fix that as well. Maybe something like this > compile-tested-only patch? > > --------------------[snip]--------------------- > > nfs: handle lock context allocation failures in nfs_create_request > > nfs_get_lock_context can return NULL on an allocation failure. > > Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx> > --- > fs/nfs/pagelist.c | 8 +++++++- > 1 files changed, 7 insertions(+), 1 deletions(-) > > diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c > index 9194902..137b549 100644 > --- a/fs/nfs/pagelist.c > +++ b/fs/nfs/pagelist.c > @@ -65,6 +65,13 @@ nfs_create_request(struct nfs_open_context *ctx, struct inode *inode, > if (req == NULL) > return ERR_PTR(-ENOMEM); > > + /* get lock context early so we can deal with alloc failures */ > + req->wb_lock_context = nfs_get_lock_context(ctx); > + if (req->wb_lock_context == NULL) { > + nfs_page_free(req); > + return ERR_PTR(-ENOMEM); > + } > + > /* Initialize the request struct. Initially, we assume a > * long write-back delay. This will be adjusted in > * update_nfs_request below if the region is not locked. */ > @@ -79,7 +86,6 @@ nfs_create_request(struct nfs_open_context *ctx, struct inode *inode, > req->wb_pgbase = offset; > req->wb_bytes = count; > req->wb_context = get_nfs_open_context(ctx); > - req->wb_lock_context = nfs_get_lock_context(ctx); > kref_init(&req->wb_kref); > return req; > } Yup. That looks as if it should be required... Trond -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html