On Thu, May 15, 2025 at 08:01:54PM +0800, caius.zone@xxxxxxxxxx wrote:
> diff --git a/fs/squashfs/block.c b/fs/squashfs/block.c
> index 2dc730800f44..b00a71f8933c 100644
> --- a/fs/squashfs/block.c
> +++ b/fs/squashfs/block.c
> @@ -115,6 +115,9 @@ static int squashfs_bio_read_cached(struct bio *fullbio,
> struct bio *new = bio_alloc_clone(bdev, fullbio,
> GFP_NOIO, &fs_bio_set);
>
> + if (!new)
> + return -ENOMEM;
> +
> if (bio) {
> bio_trim(bio, start_idx * PAGE_SECTORS,
> (end_idx - start_idx) * PAGE_SECTORS);
This is definitely wrong. The check for 'new' being NULL should be
after the submit_bio() otherwise we'll leak the previous bio.
But then we need to not call bio_chain() ... so I think this ends up
looking like:
@@ -115,12 +115,15 @@ static int squashfs_bio_read_cached(struct bio *fullbio,
struct bio *new = bio_alloc_clone(bdev, fullbio,
GFP_NOIO, &fs_bio_set);
+ if (new)
+ bio_chain(bio, new);
if (bio) {
bio_trim(bio, start_idx * PAGE_SECTORS,
(end_idx - start_idx) * PAGE_SECTORS);
- bio_chain(bio, new);
submit_bio(bio);
}
+ if (!new)
+ return -ENOMEM;
bio = new;
start_idx = idx;
... but that might not be right either. We might need to break out of
the loop, rather than returning and do the submit_bio_wait() followed by
the bio_put().
