[PATCH 4.4 28/41] btrfs: propagate error to btrfs_cmp_data_prepare caller

From: Greg Kroah-Hartman
Date: Tue Oct 03 2017 - 08:22:36 EST


4.4-stable review patch. If anyone has any objections, please let me know.

------------------

From: Naohiro Aota <naohiro.aota@xxxxxxx>

commit 78ad4ce014d025f41b8dde3a81876832ead643cf upstream.

btrfs_cmp_data_prepare() (almost) always returns 0 i.e. ignoring errors
from gather_extent_pages(). While the pages are freed by
btrfs_cmp_data_free(), cmp->num_pages still has > 0. Then,
btrfs_extent_same() try to access the already freed pages causing faults
(or violates PageLocked assertion).

This patch just return the error as is so that the caller stop the process.

Signed-off-by: Naohiro Aota <naohiro.aota@xxxxxxx>
Fixes: f441460202cb ("btrfs: fix deadlock with extent-same and readpage")
Reviewed-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
fs/btrfs/ioctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -2984,7 +2984,7 @@ static int btrfs_cmp_data_prepare(struct
out:
if (ret)
btrfs_cmp_data_free(cmp);
- return 0;
+ return ret;
}

static int btrfs_cmp_data(struct inode *src, u64 loff, struct inode *dst,