* [PATCH] Btrfs: fix leak of block group cache objects
@ 2014-05-16 19:52 Filipe David Borba Manana
0 siblings, 0 replies; only message in thread
From: Filipe David Borba Manana @ 2014-05-16 19:52 UTC (permalink / raw)
To: linux-btrfs; +Cc: Filipe David Borba Manana
The change titled:
"Btrfs: fix broken free space cache after the system crashed"
can increment a block group cache object twice in find_free_extent() and
never decrement it twice, resulting in a memory leak.
This is easy to reproduce by having kmemleak enabled and the following
steps:
mkfs.btrfs -f /dev/sdd
mount /dev/sdd /mnt
umount /mnt
rmmod btrfs
cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff8802089249d8 (size 512):
comm "mount", pid 6826, jiffies 4306001111 (age 3065.636s)
hex dump (first 32 bytes):
00 00 c0 01 00 00 00 00 c0 00 00 00 40 00 00 00 ............@...
00 00 c0 01 00 00 00 00 00 00 01 00 00 00 00 00 ................
backtrace:
[<ffffffff816ab3b6>] kmemleak_alloc+0x26/0x50
[<ffffffff8119447d>] kmem_cache_alloc_trace+0x11d/0x1e0
[<ffffffffa02a369c>] btrfs_create_block_group_cache+0x3c/0x160 [btrfs]
[<ffffffffa02adf07>] btrfs_read_block_groups+0x1d7/0x650 [btrfs]
[<ffffffffa02bc800>] open_ctree+0x16a0/0x20c0 [btrfs]
[<ffffffffa0293321>] btrfs_mount+0x6b1/0x980 [btrfs]
[<ffffffff811aa9c0>] mount_fs+0x20/0xe0
[<ffffffff811c76f3>] vfs_kern_mount+0x73/0x170
[<ffffffff811ca046>] do_mount+0x206/0xb20
[<ffffffff811cac4e>] SyS_mount+0x8e/0xe0
[<ffffffff816c8492>] system_call_fastpath+0x16/0x1b
[<ffffffffffffffff>] 0xffffffffffffffff
unreferenced object 0xffff8802019571d0 (size 128):
comm "mount", pid 6826, jiffies 4306001111 (age 3065.684s)
hex dump (first 32 bytes):
4d 06 4d 06 ad 4e ad de ff ff ff ff 00 00 00 00 M.M..N..........
ff ff ff ff ff ff ff ff 90 0d 36 a0 ff ff ff ff ..........6.....
backtrace:
[<ffffffff816ab3b6>] kmemleak_alloc+0x26/0x50
[<ffffffff8119447d>] kmem_cache_alloc_trace+0x11d/0x1e0
[<ffffffffa02a36be>] btrfs_create_block_group_cache+0x5e/0x160 [btrfs]
[<ffffffffa02adf07>] btrfs_read_block_groups+0x1d7/0x650 [btrfs]
[<ffffffffa02bc800>] open_ctree+0x16a0/0x20c0 [btrfs]
[<ffffffffa0293321>] btrfs_mount+0x6b1/0x980 [btrfs]
[<ffffffff811aa9c0>] mount_fs+0x20/0xe0
[<ffffffff811c76f3>] vfs_kern_mount+0x73/0x170
[<ffffffff811ca046>] do_mount+0x206/0xb20
[<ffffffff811cac4e>] SyS_mount+0x8e/0xe0
[<ffffffff816c8492>] system_call_fastpath+0x16/0x1b
[<ffffffffffffffff>] 0xffffffffffffffff
Signed-off-by: Filipe David Borba Manana <fdmanana@gmail.com>
---
Note: this only affects Chris' integration branch.
fs/btrfs/extent-tree.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index eb0760f..0bad610 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -6456,6 +6456,8 @@ static noinline int find_free_extent(struct btrfs_root *orig_root,
} else {
index = get_block_group_index(block_group);
btrfs_grab_block_group(block_group, delalloc);
+ /* compensate get by btrfs_grab_block_group() */
+ btrfs_put_block_group(block_group);
goto have_block_group;
}
} else if (block_group) {
--
1.9.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2014-05-16 18:52 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-16 19:52 [PATCH] Btrfs: fix leak of block group cache objects Filipe David Borba Manana
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).