From: Yan <yanzheng@21cn.com>
Date: Tue, 22 Jan 2008 16:32:05 +0000 (-0500)
Subject: Fix for btrfs_find_free_objectid
X-Git-Tag: upstream/0.20.rc1~331
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7c2844538143aebb26f0436c2760172017901536;p=platform%2Fupstream%2Fbtrfs-progs.git

Fix for btrfs_find_free_objectid

btrfs_find_free_objectid may return a used objectid due to arithmetic
underflow. This bug may happen when parameter 'root' is tree root,  so
it may cause serious problems when creating snapshot or sub-volume.
---

diff --git a/inode-map.c b/inode-map.c
index ab74977..a0925ea 100644
--- a/inode-map.c
+++ b/inode-map.c
@@ -62,7 +62,6 @@ int btrfs_find_free_objectid(struct btrfs_trans_handle *trans,
 	struct btrfs_path *path;
 	struct btrfs_key key;
 	int ret;
-	u64 hole_size = 0;
 	int slot = 0;
 	u64 last_ino = 0;
 	int start_found;
@@ -109,8 +108,7 @@ int btrfs_find_free_objectid(struct btrfs_trans_handle *trans,
 			if (start_found) {
 				if (last_ino < search_start)
 					last_ino = search_start;
-				hole_size = key.objectid - last_ino;
-				if (hole_size > 0) {
+				if (key.objectid > last_ino) {
 					*objectid = last_ino;
 					goto found;
 				}