* [PATCH][XFS][resend] fix memory leak in xfs_inactive()
@ 2007-06-30 23:16 Jesper Juhl
2007-07-01 22:31 ` David Chinner
0 siblings, 1 reply; 4+ messages in thread
From: Jesper Juhl @ 2007-06-30 23:16 UTC (permalink / raw)
To: Linux Kernel Mailing List
Cc: David Chinner, xfs-masters, xfs, Andrew Morton, Jesper Juhl
(this is back from May 16 2007, resending since it doesn't look like
the patch ever made it in anywhere)
The Coverity checker found a memory leak in xfs_inactive().
The offending code is this bit :
1671 tp = xfs_trans_alloc(mp, XFS_TRANS_INACTIVE);
At conditional (1): "truncate != 0" taking true path
1672 if (truncate) {
1673 /*
1674 * Do the xfs_itruncate_start() call before
1675 * reserving any log space because itruncate_start
1676 * will call into the buffer cache and we can't
1677 * do that within a transaction.
1678 */
1679 xfs_ilock(ip, XFS_IOLOCK_EXCL);
1680
1681 error = xfs_itruncate_start(ip, XFS_ITRUNC_DEFINITE, 0);
At conditional (2): "error != 0" taking true path
1682 if (error) {
1683 xfs_iunlock(ip, XFS_IOLOCK_EXCL);
Event leaked_storage: Returned without freeing storage "tp"
Also see events: [alloc_fn][var_assign]
1684 return VN_INACTIVE_CACHE;
1685 }
So, the code allocates a transaction, but in the case where 'truncate' is !=0 and xfs_itruncate_start(ip, XFS_ITRUNC_DEFINITE, 0); happens to return an error, we'll just return from the function without dealing with the memory allocated byxfs_trans_alloc() and assigned to 'tp', thus it'll be orphaned/leaked - not good.
The bug was introduced by this commit:
http://git2.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d3cf209476b72c83907a412b6708c5e498410aa7
The patch below is
From: Dave Chinner <dgc@sgi.com>
Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
---
fs/xfs/xfs_vnodeops.c | 1 +
1 file changed, 1 insertion(+)
Index: 2.6.x-xfs-new/fs/xfs/xfs_vnodeops.c
===================================================================
--- 2.6.x-xfs-new.orig/fs/xfs/xfs_vnodeops.c 2007-05-11 16:04:03.000000000 +1000
+++ 2.6.x-xfs-new/fs/xfs/xfs_vnodeops.c 2007-05-17 12:37:25.671399078 +1000
@@ -1710,6 +1710,7 @@ xfs_inactive(
error = xfs_itruncate_start(ip, XFS_ITRUNC_DEFINITE, 0);
if (error) {
+ xfs_trans_cancel(tp, 0);
xfs_iunlock(ip, XFS_IOLOCK_EXCL);
return VN_INACTIVE_CACHE;
}
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH][XFS][resend] fix memory leak in xfs_inactive()
2007-06-30 23:16 [PATCH][XFS][resend] fix memory leak in xfs_inactive() Jesper Juhl
@ 2007-07-01 22:31 ` David Chinner
2007-07-02 1:06 ` Jesper Juhl
2007-07-02 1:23 ` [xfs-masters] " Timothy Shimmin
0 siblings, 2 replies; 4+ messages in thread
From: David Chinner @ 2007-07-01 22:31 UTC (permalink / raw)
To: Jesper Juhl
Cc: Linux Kernel Mailing List, David Chinner, xfs-masters, xfs,
Andrew Morton
On Sun, Jul 01, 2007 at 01:16:51AM +0200, Jesper Juhl wrote:
> (this is back from May 16 2007, resending since it doesn't look like
> the patch ever made it in anywhere)
http://oss.sgi.com/cgi-bin/cvsweb.cgi/linux-2.6-xfs/fs/xfs/xfs_vnodeops.c.diff?r1=1.698;r2=1.699;f=h
Will get merged in 2.6.23-rc1 window.
Cheers,
Dave.
--
Dave Chinner
Principal Engineer
SGI Australian Software Group
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH][XFS][resend] fix memory leak in xfs_inactive()
2007-07-01 22:31 ` David Chinner
@ 2007-07-02 1:06 ` Jesper Juhl
2007-07-02 1:23 ` [xfs-masters] " Timothy Shimmin
1 sibling, 0 replies; 4+ messages in thread
From: Jesper Juhl @ 2007-07-02 1:06 UTC (permalink / raw)
To: David Chinner; +Cc: Linux Kernel Mailing List, xfs-masters, xfs, Andrew Morton
On 02/07/07, David Chinner <dgc@sgi.com> wrote:
> On Sun, Jul 01, 2007 at 01:16:51AM +0200, Jesper Juhl wrote:
> > (this is back from May 16 2007, resending since it doesn't look like
> > the patch ever made it in anywhere)
>
> http://oss.sgi.com/cgi-bin/cvsweb.cgi/linux-2.6-xfs/fs/xfs/xfs_vnodeops.c.diff?r1=1.698;r2=1.699;f=h
>
> Will get merged in 2.6.23-rc1 window.
>
Ok, good to know, I thought it had been forgotten :-)
Thanks for the feedback Dave.
> Cheers,
>
> Dave.
> --
> Dave Chinner
> Principal Engineer
> SGI Australian Software Group
>
--
Jesper Juhl <jesper.juhl@gmail.com>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [xfs-masters] Re: [PATCH][XFS][resend] fix memory leak in xfs_inactive()
2007-07-01 22:31 ` David Chinner
2007-07-02 1:06 ` Jesper Juhl
@ 2007-07-02 1:23 ` Timothy Shimmin
1 sibling, 0 replies; 4+ messages in thread
From: Timothy Shimmin @ 2007-07-02 1:23 UTC (permalink / raw)
To: xfs-masters
Cc: Jesper Juhl, Linux Kernel Mailing List, David Chinner, xfs,
Andrew Morton
David Chinner wrote:
> On Sun, Jul 01, 2007 at 01:16:51AM +0200, Jesper Juhl wrote:
>> (this is back from May 16 2007, resending since it doesn't look like
>> the patch ever made it in anywhere)
>
> http://oss.sgi.com/cgi-bin/cvsweb.cgi/linux-2.6-xfs/fs/xfs/xfs_vnodeops.c.diff?r1=1.698;r2=1.699;f=h
>
> Will get merged in 2.6.23-rc1 window.
>
> Cheers,
>
> Dave.
Also, in our master branch of oss git tree (used by Andrew)..
git pull git://oss.sgi.com:8090/xfs/xfs-2.6.git master
commit 1ccb0a872f9cb5056b534fc80c746a68154e08c0
Author: Jesper Juhl <jesper.juhl@gmail.com>
Date: Thu Jun 28 16:43:14 2007 +1000
[XFS] Cancel transactions on xfs_itruncate_start error.
SGI-PV: 966502
SGI-Modid: xfs-linux-melb:xfs-kern:28943a
Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
--Tim
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2007-07-02 1:24 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-30 23:16 [PATCH][XFS][resend] fix memory leak in xfs_inactive() Jesper Juhl
2007-07-01 22:31 ` David Chinner
2007-07-02 1:06 ` Jesper Juhl
2007-07-02 1:23 ` [xfs-masters] " Timothy Shimmin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox