| Message ID | e7e430d22bb78d6ab8b28a514685cda221bfe379.1440597812.git.zhaolei@cn.fujitsu.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
On Wed, Aug 26, 2015 at 10:03:36PM +0800, Zhao Lei wrote: > We can trigger the bug by following operation: > (no wait between commands 3~5) > btrfs subvolume create /mnt/btrfs/mysubvol > btrfs subvolume snapshot /mnt/btrfs/mysubvol /mnt/btrfs/mysubvol_snap > btrfs subvolume delete /mnt/btrfs/mysubvol_snap > btrfs subvolume delete /mnt/btrfs/mysubvol > btrfs subvolume sync /mnt/btrfs > The last command will not exit. > > Reason: > List of "deleted subvolumes" are not currectly set. > > It caused by a typo of value assign, in detail: > *ids[idx] = sh->offset; > should be: > (*ids)[idx] = sh->offset; > So only first element is set to right memory address. > > If there are multiple "deleted subvolumes", program will > keep wait. > > Above typo also caused some segment fault in my test. > > This patch fixed above bug. > > Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com> Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/cmds-subvolume.c b/cmds-subvolume.c index 61f08f5..8e8d019 100644 --- a/cmds-subvolume.c +++ b/cmds-subvolume.c @@ -1207,7 +1207,7 @@ static int enumerate_dead_subvols(int fd, int count, u64 **ids) off += sizeof(*sh); if (sh->type == BTRFS_ORPHAN_ITEM_KEY) { - *ids[idx] = sh->offset; + (*ids)[idx] = sh->offset; idx++; if (idx >= count) { u64 *newids;
We can trigger the bug by following operation: (no wait between commands 3~5) btrfs subvolume create /mnt/btrfs/mysubvol btrfs subvolume snapshot /mnt/btrfs/mysubvol /mnt/btrfs/mysubvol_snap btrfs subvolume delete /mnt/btrfs/mysubvol_snap btrfs subvolume delete /mnt/btrfs/mysubvol btrfs subvolume sync /mnt/btrfs The last command will not exit. Reason: List of "deleted subvolumes" are not currectly set. It caused by a typo of value assign, in detail: *ids[idx] = sh->offset; should be: (*ids)[idx] = sh->offset; So only first element is set to right memory address. If there are multiple "deleted subvolumes", program will keep wait. Above typo also caused some segment fault in my test. This patch fixed above bug. Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com> --- cmds-subvolume.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)