LinuxLists.cc - [PATCH] NFSv4.1: need to put_layout_hdr on _pnfs_return

2011-06-15 15:40:03

Subject: [PATCH] NFSv4.1: need to put_layout_hdr on _pnfs_return_layout error path

We always get a reference on the layout header and we rely on
nfs4_layoutreturn_release to put it. If we hit an allocation error
before starting the rpc proc we bail out early without dereferncing
the layout header properly.

Signed-off-by: Benny Halevy <[email protected]>
---
fs/nfs/nfs4proc.c | 1 +
fs/nfs/pnfs.c | 1 +
2 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 79f3c33..a4705bc 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -5774,6 +5774,7 @@ static void nfs4_layoutreturn_done(struct rpc_task *task, void *calldata)
struct pnfs_layout_hdr *lo = NFS_I(lrp->args.inode)->layout;

dprintk("--> %s\n", __func__);
+ dprintk("%s: ref %d\n", atonic_read(&lo->plh_refcount));

if (!nfs4_sequence_done(task, &lrp->res.seq_res))
return;
diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c
index 0feeccc..bc3eb74 100644
--- a/fs/nfs/pnfs.c
+++ b/fs/nfs/pnfs.c
@@ -675,6 +675,7 @@ _pnfs_return_layout(struct inode *ino)
lrp = kzalloc(sizeof(*lrp), GFP_KERNEL);
if (unlikely(lrp == NULL)) {
status = -ENOMEM;
+ put_layout_hdr(lo);
goto out;
}

--
1.7.4.4

2011-06-15 15:44:07

by Benny Halevy

[permalink] [raw]

Subject: Re: [PATCH] NFSv4.1: need to put_layout_hdr on _pnfs_return_layout error path

On 2011-06-15 11:39, Benny Halevy wrote:
> We always get a reference on the layout header and we rely on
> nfs4_layoutreturn_release to put it. If we hit an allocation error
> before starting the rpc proc we bail out early without dereferncing
> the layout header properly.
>
> Signed-off-by: Benny Halevy <[email protected]>
> ---
> fs/nfs/nfs4proc.c | 1 +
> fs/nfs/pnfs.c | 1 +
> 2 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
> index 79f3c33..a4705bc 100644
> --- a/fs/nfs/nfs4proc.c
> +++ b/fs/nfs/nfs4proc.c
> @@ -5774,6 +5774,7 @@ static void nfs4_layoutreturn_done(struct rpc_task *task, void *calldata)
> struct pnfs_layout_hdr *lo = NFS_I(lrp->args.inode)->layout;
>
> dprintk("--> %s\n", __func__);
> + dprintk("%s: ref %d\n", atonic_read(&lo->plh_refcount));
>
> if (!nfs4_sequence_done(task, &lrp->res.seq_res))
> return;

please ignore this hunk,
got there totally by mistake...

Benny

> diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c
> index 0feeccc..bc3eb74 100644
> --- a/fs/nfs/pnfs.c
> +++ b/fs/nfs/pnfs.c
> @@ -675,6 +675,7 @@ _pnfs_return_layout(struct inode *ino)
> lrp = kzalloc(sizeof(*lrp), GFP_KERNEL);
> if (unlikely(lrp == NULL)) {
> status = -ENOMEM;
> + put_layout_hdr(lo);
> goto out;
> }
>