[PATCH] fuse: fix oops in fuse_send_readpages()

During heavy parallel filesystem activity it was possible to Oops the kernel.
The reason is that read_cache_pages() could skip pages which have already been
inserted into the cache by another task.  Occasionally this may result in zero
pages actually being sent, while fuse_send_readpages() relies on at least one
page being in the request.

So check this corner case and just free the request instead of trying to send
it.

Reported and tested by Konstantin Isakov.

Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index 975f2697e866388d5c9e5ad9f80fc75f6e0953a1..3ac39c0288dee4737cba61aa0d9f6f1e0a050ec0 100644 (file)
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -397,8 +397,12 @@ static int fuse_readpages(struct file *file, struct address_space *mapping,
                return -EINTR;
 
        err = read_cache_pages(mapping, pages, fuse_readpages_fill, &data);
-       if (!err)
-               fuse_send_readpages(data.req, file, inode);
+       if (!err) {
+               if (data.req->num_pages)
+                       fuse_send_readpages(data.req, file, inode);
+               else
+                       fuse_put_request(fc, data.req);
+       }
        return err;
 }