Commit eeb47d12 authored by Mark Fasheh's avatar Mark Fasheh

ocfs2: Fix invalid assertion during write on 64k pages

The write path code intends to bug if a math error (or unhandled case)
results in a write outside of the current cluster boundaries. The actual
BUG_ON() statements however are incorrect, leading to a crash on kernels
with 64k page size. Fix those by checking against the right variables.

Also, move the assertions higher up within the functions so that they trip
*before* the code starts to mark buffers.
Signed-off-by: default avatarMark Fasheh <mark.fasheh@oracle.com>
parent 59be7dc9
...@@ -798,6 +798,11 @@ int ocfs2_map_and_write_splice_data(struct inode *inode, ...@@ -798,6 +798,11 @@ int ocfs2_map_and_write_splice_data(struct inode *inode,
} }
to = from + bytes; to = from + bytes;
BUG_ON(from > PAGE_CACHE_SIZE);
BUG_ON(to > PAGE_CACHE_SIZE);
BUG_ON(from < cluster_start);
BUG_ON(to > cluster_end);
if (wc->w_this_page_new) if (wc->w_this_page_new)
ret = ocfs2_map_page_blocks(wc->w_this_page, p_blkno, inode, ret = ocfs2_map_page_blocks(wc->w_this_page, p_blkno, inode,
cluster_start, cluster_end, 1); cluster_start, cluster_end, 1);
...@@ -809,11 +814,6 @@ int ocfs2_map_and_write_splice_data(struct inode *inode, ...@@ -809,11 +814,6 @@ int ocfs2_map_and_write_splice_data(struct inode *inode,
goto out; goto out;
} }
BUG_ON(from > PAGE_CACHE_SIZE);
BUG_ON(to > PAGE_CACHE_SIZE);
BUG_ON(from > osb->s_clustersize);
BUG_ON(to > osb->s_clustersize);
src = buf->ops->map(sp->s_pipe, buf, 1); src = buf->ops->map(sp->s_pipe, buf, 1);
dst = kmap_atomic(wc->w_this_page, KM_USER1); dst = kmap_atomic(wc->w_this_page, KM_USER1);
memcpy(dst + from, src + src_from, bytes); memcpy(dst + from, src + src_from, bytes);
...@@ -890,6 +890,11 @@ int ocfs2_map_and_write_user_data(struct inode *inode, ...@@ -890,6 +890,11 @@ int ocfs2_map_and_write_user_data(struct inode *inode,
to = from + bytes; to = from + bytes;
BUG_ON(from > PAGE_CACHE_SIZE);
BUG_ON(to > PAGE_CACHE_SIZE);
BUG_ON(from < cluster_start);
BUG_ON(to > cluster_end);
if (wc->w_this_page_new) if (wc->w_this_page_new)
ret = ocfs2_map_page_blocks(wc->w_this_page, p_blkno, inode, ret = ocfs2_map_page_blocks(wc->w_this_page, p_blkno, inode,
cluster_start, cluster_end, 1); cluster_start, cluster_end, 1);
...@@ -901,11 +906,6 @@ int ocfs2_map_and_write_user_data(struct inode *inode, ...@@ -901,11 +906,6 @@ int ocfs2_map_and_write_user_data(struct inode *inode,
goto out; goto out;
} }
BUG_ON(from > PAGE_CACHE_SIZE);
BUG_ON(to > PAGE_CACHE_SIZE);
BUG_ON(from > osb->s_clustersize);
BUG_ON(to > osb->s_clustersize);
dst = kmap(wc->w_this_page); dst = kmap(wc->w_this_page);
memcpy(dst + from, bp->b_src_buf + src_from, bytes); memcpy(dst + from, bp->b_src_buf + src_from, bytes);
kunmap(wc->w_this_page); kunmap(wc->w_this_page);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment