'Re: [PATCH] Btrfs: fix memory leak in btrfs_create_tree()'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-btrfs
Subject:    Re: [PATCH] Btrfs: fix memory leak in btrfs_create_tree()
From:       Tsutomu Itoh <t-itoh () jp ! fujitsu ! com>
Date:       2014-03-31 8:41:08
Message-ID: 53392A24.4020702 () jp ! fujitsu ! com
[Download RAW message or body]

Hi Alex,

On 2014/03/28 0:50, Alex Lyakas wrote:
> Hi Tsutomu Itoh,
>
> On Thu, Mar 21, 2013 at 6:32 AM, Tsutomu Itoh <t-itoh@jp.fujitsu.com> wrote:
>> We should free leaf and root before returning from the error
>> handling code.
>>
>> Signed-off-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com>
>> ---
>>   fs/btrfs/disk-io.c | 12 +++++++++---
>>   1 file changed, 9 insertions(+), 3 deletions(-)
>>
>> diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c
>> index 7d84651..b1b5baa 100644
>> --- a/fs/btrfs/disk-io.c
>> +++ b/fs/btrfs/disk-io.c
>> @@ -1291,6 +1291,7 @@ struct btrfs_root *btrfs_create_tree(struct btrfs_trans_handle *trans,
>>                                        0, objectid, NULL, 0, 0, 0);
>>          if (IS_ERR(leaf)) {
>>                  ret = PTR_ERR(leaf);
>> +               leaf = NULL;
>>                  goto fail;
>>          }
>>
>> @@ -1334,11 +1335,16 @@ struct btrfs_root *btrfs_create_tree(struct btrfs_trans_handle *trans,
>>
>>          btrfs_tree_unlock(leaf);
>>
>> +       return root;
>> +
>>   fail:
>> -       if (ret)
>> -               return ERR_PTR(ret);
>> +       if (leaf) {
>> +               btrfs_tree_unlock(leaf);
>> +               free_extent_buffer(leaf);
> I believe this is not enough. Few lines above, another reference on
> the root is taken by
> root->commit_root = btrfs_root_node(root);

Thank you for pointing this out.

You are right.
Could you re-post your fix by the patch submitting form?

Thanks,
Tsutomu

>
> So I believe the proper fix would be:
> diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c
> index d9698fd..260af79 100644
> --- a/fs/btrfs/disk-io.c
> +++ b/fs/btrfs/disk-io.c
> @@ -1354,10 +1354,10 @@ struct btrfs_root *btrfs_create_tree(struct
> btrfs_trans_handle *trans,
>          return root;
>
>   fail:
> -       if (leaf) {
> +       if (leaf)
>                  btrfs_tree_unlock(leaf);
> -               free_extent_buffer(leaf);
> -       }
> +       free_extent_buffer(root->node);
> +       free_extent_buffer(root->commit_root);
>          kfree(root);
>
>          return ERR_PTR(ret);
>
>
>
> Thanks,
> Alex.
>
>
>
>> +       }
>> +       kfree(root);
>>
>> -       return root;
>> +       return ERR_PTR(ret);
>>   }
>>
>>   static struct btrfs_root *alloc_log_tree(struct btrfs_trans_handle *trans,
>>


--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic