Fix for btrfs_find_free_objectid

btrfs_find_free_objectid may return a used objectid due to arithmetic underflow. This bug may happen when parameter 'root' is tree root, so it may cause serious problems when creating snapshot or sub-volume. Signed-off-by: Chris Mason <chris.mason@oracle.com>

Fix for btrfs_find_free_objectid
btrfs_find_free_objectid may return a used objectid due to arithmetic underflow. This bug may happen when parameter 'root' is tree root, so it may cause serious problems when creating snapshot or sub-volume. Signed-off-by: Chris Mason <chris.mason@oracle.com>
b1785427 · Yan · Chris Mason · e18e4809 · b1785427
Commit b1785427 authored Jan 22, 2008 by Yan Committed by Chris Mason Sep 25, 2008
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 3 deletions

fs/btrfs/inode-map.c fs/btrfs/inode-map.c +1 -3

No files found.
--- a/fs/btrfs/inode-map.c
+++ b/fs/btrfs/inode-map.c
@@ -62,7 +62,6 @@ int btrfs_find_free_objectid(struct btrfs_trans_handle *trans,
 	struct btrfs_path *path;
 	struct btrfs_key key;
 	int ret;
-	u64 hole_size = 0;
 	int slot = 0;
 	u64 last_ino = 0;
 	int start_found;
@@ -109,8 +108,7 @@ int btrfs_find_free_objectid(struct btrfs_trans_handle *trans,
 			if (start_found) {
 				if (last_ino < search_start)
 					last_ino = search_start;
-				hole_size = key.objectid - last_ino;
+				if (key.objectid > last_ino) {
-				if (hole_size > 0) {
 					*objectid = last_ino;
 					goto found;
 				}