* [PATCH] rbd: fix leak of format 2 snapshot context
@ 2013-05-07 1:33 Alex Elder
2013-05-07 14:12 ` Josh Durgin
0 siblings, 1 reply; 2+ messages in thread
From: Alex Elder @ 2013-05-07 1:33 UTC (permalink / raw)
To: ceph-devel
When rbd_dev_v2_refresh() is called, the rbd device already has a
snapshot context associated with it. But that never gets freed,
the pointer just gets overwritten.
Fix this by dropping the rbd device's reference to the snapshot
context before overwriting the pointer.
Because ceph_put_snap_context() already handles for a null pointer
we don't need to check for that (for the probe case, where no
context has yet been assigned).
This resolves:
http://tracker.ceph.com/issues/4912
Signed-off-by: Alex Elder <elder@inktank.com>
---
drivers/block/rbd.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c
index c2ca181..4263743 100644
--- a/drivers/block/rbd.c
+++ b/drivers/block/rbd.c
@@ -4004,6 +4004,7 @@ static int rbd_dev_v2_snap_context(struct
rbd_device *rbd_dev)
for (i = 0; i < snap_count; i++)
snapc->snaps[i] = ceph_decode_64(&p);
+ ceph_put_snap_context(rbd_dev->header.snapc);
rbd_dev->header.snapc = snapc;
dout(" snap context seq = %llu, snap_count = %u\n",
--
1.7.9.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] rbd: fix leak of format 2 snapshot context
2013-05-07 1:33 [PATCH] rbd: fix leak of format 2 snapshot context Alex Elder
@ 2013-05-07 14:12 ` Josh Durgin
0 siblings, 0 replies; 2+ messages in thread
From: Josh Durgin @ 2013-05-07 14:12 UTC (permalink / raw)
To: Alex Elder, ceph-devel
Alex Elder <elder@inktank.com> wrote:
>When rbd_dev_v2_refresh() is called, the rbd device already has a
>snapshot context associated with it. But that never gets freed,
>the pointer just gets overwritten.
>
>Fix this by dropping the rbd device's reference to the snapshot
>context before overwriting the pointer.
>
>Because ceph_put_snap_context() already handles for a null pointer
>we don't need to check for that (for the probe case, where no
>context has yet been assigned).
>
>This resolves:
> http://tracker.ceph.com/issues/4912
>
>Signed-off-by: Alex Elder <elder@inktank.com>
>---
> drivers/block/rbd.c | 1 +
> 1 file changed, 1 insertion(+)
>
>diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c
>index c2ca181..4263743 100644
>--- a/drivers/block/rbd.c
>+++ b/drivers/block/rbd.c
>@@ -4004,6 +4004,7 @@ static int rbd_dev_v2_snap_context(struct
>rbd_device *rbd_dev)
> for (i = 0; i < snap_count; i++)
> snapc->snaps[i] = ceph_decode_64(&p);
>
>+ ceph_put_snap_context(rbd_dev->header.snapc);
> rbd_dev->header.snapc = snapc;
>
> dout(" snap context seq = %llu, snap_count = %u\n",
Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-05-12 22:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-07 1:33 [PATCH] rbd: fix leak of format 2 snapshot context Alex Elder
2013-05-07 14:12 ` Josh Durgin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.