2010-03-13 06:33:31

by jing zhang

Subject: [PATCH] memory leakage in ext4_ext_zeroout

From: Jing Zhang <[email protected]>

Date: Sat Mar 13 14:05:27 2010

When EIO occurs after bio is submitted, there is no memory free
operation for bio, which results in memory leakage. And there is also
no check against bio_alloc() for bio.

Cc: Dave Kleikamp <[email protected]>
Signed-off-by: Jing Zhang <[email protected]>

---

--- o/fs/ext4/extents.c 2010-03-13 13:47:22.000000000 +0800
+++ c/fs/ext4/extents.c 2010-03-13 13:54:36.000000000 +0800
@@ -2568,6 +2568,10 @@ static int ext4_ext_zeroout(struct inode
len = ee_len;

bio = bio_alloc(GFP_NOIO, len);
+ if (! bio) {
+ ret = -ENOMEM;
+ break;
+ }
bio->bi_sector = ee_pblock;
bio->bi_bdev = inode->i_sb->s_bdev;

@@ -2598,6 +2602,7 @@ static int ext4_ext_zeroout(struct inode
if (test_bit(BIO_UPTODATE, &bio->bi_flags))
ret = 0;
else {
+ bio_put(bio);
ret = -EIO;
break;
}

2010-03-22 02:12:18

by Theodore Ts'o

Subject: Re: [PATCH] memory leakage in ext4_ext_zeroout

On Sat, Mar 13, 2010 at 02:33:28PM +0800, jing zhang wrote:
> From: Jing Zhang <[email protected]>
>
> Date: Sat Mar 13 14:05:27 2010
>
> When EIO occurs after bio is submitted, there is no memory free
> operation for bio, which results in memory leakage. And there is also
> no check against bio_alloc() for bio.
>
> Cc: Dave Kleikamp <[email protected]>
> Signed-off-by: Jing Zhang <[email protected]>

Thanks for the patch.

This is what I've checked in, which also simplifies the error handling
a bit and makes the code a bit easier to follow.

- Ted

ext4: fix memory leaks in error path handling of ext4_ext_zeroout()

From: jing zhang <[email protected]>

When EIO occurs after bio is submitted, there is no memory free
operation for bio, which results in memory leakage. And there is also
no check against bio_alloc() for bio.

Acked-by: Dave Kleikamp <[email protected]>
Signed-off-by: Jing Zhang <[email protected]>
Signed-off-by: "Theodore Ts'o" <[email protected]>
---
fs/ext4/extents.c | 15 ++++++++-------
1 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 94c8ee8..8bdee27 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -2544,7 +2544,7 @@ static void bi_complete(struct bio *bio, int error)
/* FIXME!! we need to try to merge to left or right after zero-out */
static int ext4_ext_zeroout(struct inode *inode, struct ext4_extent *ex)
{
- int ret = -EIO;
+ int ret;
struct bio *bio;
int blkbits, blocksize;
sector_t ee_pblock;
@@ -2568,6 +2568,9 @@ static int ext4_ext_zeroout(struct inode *inode, struct ext4_extent *ex)
len = ee_len;

bio = bio_alloc(GFP_NOIO, len);
+ if (!bio)
+ return -ENOMEM;
+
bio->bi_sector = ee_pblock;
bio->bi_bdev = inode->i_sb->s_bdev;

@@ -2595,17 +2598,15 @@ static int ext4_ext_zeroout(struct inode *inode, struct ext4_extent *ex)
submit_bio(WRITE, bio);
wait_for_completion(&event);

- if (test_bit(BIO_UPTODATE, &bio->bi_flags))
- ret = 0;
- else {
- ret = -EIO;
- break;
+ if (!test_bit(BIO_UPTODATE, &bio->bi_flags)) {
+ bio_put(bio);
+ return -EIO;
}
bio_put(bio);
ee_len -= done;
ee_pblock += done << (blkbits - 9);
}
- return ret;
+ return 0;
}

#define EXT4_EXT_ZERO_LEN 7