xfs
[Top] [All Lists]

Re: [PATCH] xfs: fix memory leak in xlog_recover_add_to_trans

To: tinguely@xxxxxxx
Subject: Re: [PATCH] xfs: fix memory leak in xlog_recover_add_to_trans
From: Eric Sandeen <sandeen@xxxxxxxxxxx>
Date: Fri, 27 Sep 2013 11:55:11 -0500
Cc: xfs@xxxxxxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20130927140104.515578025@xxxxxxx>
References: <20130927140104.515578025@xxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
On 9/27/13 9:00 AM, tinguely@xxxxxxx wrote:
> Free the memory in error path of xlog_recover_add_to_trans().
> Normally this memory is freed in recovery pass2, but is leaked
> in the error path.
> 
> Signed-off-by: Mark Tinguely <tinguely@xxxxxxx>

For this local leak & the fix,

Reviewed-by: Eric Sandeen <sandeen@xxxxxxxxxx>

Since this gets called in a loop from xlog_recover_process_data(),
I'm wondering what happens to previously-allocated items, if we
return an error and never get to pass2?

(I could be off base, haven't really followed it through, but
it seems like they might leak).

Thanks,
-Eric

> ---
> Found by Coverity (134683) in userspace, same patch applies there
> also.
>  fs/xfs/xfs_log_recover.c |    1 +
>  1 file changed, 1 insertion(+)
> 
> Index: b/fs/xfs/xfs_log_recover.c
> ===================================================================
> --- a/fs/xfs/xfs_log_recover.c
> +++ b/fs/xfs/xfs_log_recover.c
> @@ -1585,6 +1585,7 @@ xlog_recover_add_to_trans(
>               "bad number of regions (%d) in inode log format",
>                                 in_f->ilf_size);
>                       ASSERT(0);
> +                     free(ptr);
>                       return XFS_ERROR(EIO);
>               }
>  
> 
> 
> _______________________________________________
> xfs mailing list
> xfs@xxxxxxxxxxx
> http://oss.sgi.com/mailman/listinfo/xfs
> 

<Prev in Thread] Current Thread [Next in Thread>