From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-194.mimecast.com ([63.128.21.194]:21260 "EHLO us-smtp-delivery-194.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752087AbcEYSMd convert rfc822-to-8bit (ORCPT ); Wed, 25 May 2016 14:12:33 -0400 From: Thomas Haynes To: hch CC: Thomas Haynes , "J. Bruce Fields" , Linux NFS Mailing list Subject: Re: [PATCH 2/4] nfsd: Can leak pnfs_block_extent on error Date: Wed, 25 May 2016 18:12:25 +0000 Message-ID: <308154CA-0C3A-4D4F-82F0-6E2F221DBC18@primarydata.com> References: <1464152979-103988-1-git-send-email-loghyr@primarydata.com> <1464152979-103988-3-git-send-email-loghyr@primarydata.com> <20160525150724.GA27535@lst.de> In-Reply-To: <20160525150724.GA27535@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=WINDOWS-1252 Sender: linux-nfs-owner@vger.kernel.org List-ID: > On May 25, 2016, at 8:07 AM, Christoph Hellwig wrote: > > On Tue, May 24, 2016 at 10:09:37PM -0700, Tom Haynes wrote: >> Signed-off-by: Tom Haynes > > How was this reported? Code inspection. My guess is no one ever hit the error cases in there. > > Like other NFS procedures the private data should be freed by the > XDR encode callback (nfsd4_encode_layoutget in this case) even > in the error case. It could be that there is a bug somewhere, > but it probably shouldn't be fixed here. > No, it doesn’t do that on errors: nfsd4_layoutget(): nfserr = ops->proc_layoutget(d_inode(current_fh->fh_dentry), current_fh, lgp); if (nfserr) goto out_put_stid; nfserr = nfsd4_insert_layout(lgp, ls); out_put_stid: mutex_unlock(&ls->ls_mutex); nfs4_put_stid(&ls->ls_stid); out: return nfserr; } So on error we never do anything with the lgp and the memory would be dropped.