[PATCH] [SCSI] libiscsi: fix iscsi pool error path

public inbox for linux-scsi@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] [SCSI] libiscsi: fix iscsi pool error path
@ 2009-02-18 19:35 Jean Delvare
  2009-02-19 17:26 ` Mike Christie
  0 siblings, 1 reply; 2+ messages in thread
From: Jean Delvare @ 2009-02-18 19:35 UTC (permalink / raw)
  To: linux-scsi; +Cc: Mike Christie

Memory freeing in iscsi_pool_free() looks wrong to me. Either q->pool
can be NULL and this should be tested before dereferencing it, or it
can't be NULL and it shouldn't be tested at all. As far as I can see,
the only case where q->pool is NULL is on early error in
iscsi_pool_init(). One possible way to fix the bug is thus to not
call iscsi_pool_free() in this case (nothing needs to be freed anyway)
and then we can get rid of the q->pool check.

Signed-off-by: Jean Delvare <jdelvare@suse.de>
Acked-by: Mike Christie <michaelc@cs.wisc.edu>
---
Another possible fix is to move the q->pool check one line up. Both
are fine with me.

 drivers/scsi/libiscsi.c |    5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

--- linux-2.6.29-rc5.orig/drivers/scsi/libiscsi.c	2009-01-29 08:27:19.000000000 +0100
+++ linux-2.6.29-rc5/drivers/scsi/libiscsi.c	2009-02-16 21:19:14.000000000 +0100
@@ -1944,7 +1944,7 @@ iscsi_pool_init(struct iscsi_pool *q, in
 		num_arrays++;
 	q->pool = kzalloc(num_arrays * max * sizeof(void*), GFP_KERNEL);
 	if (q->pool == NULL)
-		goto enomem;
+		return -ENOMEM;
 
 	q->queue = kfifo_init((void*)q->pool, max * sizeof(void*),
 			      GFP_KERNEL, NULL);
@@ -1979,8 +1979,7 @@ void iscsi_pool_free(struct iscsi_pool *
 
 	for (i = 0; i < q->max; i++)
 		kfree(q->pool[i]);
-	if (q->pool)
-		kfree(q->pool);
+	kfree(q->pool);
 	kfree(q->queue);
 }
 EXPORT_SYMBOL_GPL(iscsi_pool_free);

-- 
Jean Delvare
Suse L3

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] [SCSI] libiscsi: fix iscsi pool error path
  2009-02-18 19:35 [PATCH] [SCSI] libiscsi: fix iscsi pool error path Jean Delvare
@ 2009-02-19 17:26 ` Mike Christie
  0 siblings, 0 replies; 2+ messages in thread
From: Mike Christie @ 2009-02-19 17:26 UTC (permalink / raw)
  To: Jean Delvare; +Cc: linux-scsi

Jean Delvare wrote:
> Memory freeing in iscsi_pool_free() looks wrong to me. Either q->pool
> can be NULL and this should be tested before dereferencing it, or it
> can't be NULL and it shouldn't be tested at all. As far as I can see,
> the only case where q->pool is NULL is on early error in
> iscsi_pool_init(). One possible way to fix the bug is thus to not
> call iscsi_pool_free() in this case (nothing needs to be freed anyway)
> and then we can get rid of the q->pool check.
> 
> Signed-off-by: Jean Delvare <jdelvare@suse.de>
> Acked-by: Mike Christie <michaelc@cs.wisc.edu>


James,

If you are scooping up late fixes for 2.6.29-rc, then please take this 
if it qualifies. It is not a regression, but a simple bug fix that can 
be hit in situations where there is small amounts of memory (for some 
reason common in virtual machine setups a lot).

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2009-02-19 17:26 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-02-18 19:35 [PATCH] [SCSI] libiscsi: fix iscsi pool error path Jean Delvare
2009-02-19 17:26 ` Mike Christie

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox