Commit 95f18c9d authored Apr 25, 2019 by Shenghui Wang Committed by Jens Axboe Apr 24, 2019

bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC...


bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set

In the CACHE_SYNC branch of run_cache_set(), LIST_HEAD(journal) is used
to collect journal_replay(s) and filled by bch_journal_read().

If all goes well, bch_journal_replay() will release the list of
jounal_replay(s) at the end of the branch.

If something goes wrong, code flow will jump to the label "err:" and leave
the list unreleased.

This patch will release the list of journal_replay(s) in the case of
error detected.

v1 -> v2:
* Move the release code to the location after label 'err:' to
  simply the change.

Signed-off-by: Shenghui Wang <shhuiw@foxmail.com>
Signed-off-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

parent f16277ca

drivers/md/bcache/super.c

+8 −0

Original line number	Diff line number	Diff line
		@@ -1790,6 +1790,8 @@ static int run_cache_set(struct cache_set *c)
		struct cache *ca;
		struct closure cl;
		unsigned int i;
		LIST_HEAD(journal);
		struct journal_replay *l;

		closure_init_stack(&cl);

		@@ -1949,6 +1951,12 @@ static int run_cache_set(struct cache_set *c)
		set_bit(CACHE_SET_RUNNING, &c->flags);
		return 0;
		err:
		while (!list_empty(&journal)) {
		l = list_first_entry(&journal, struct journal_replay, list);
		list_del(&l->list);
		kfree(l);
		}

		closure_sync(&cl);
		/* XXX: test this, it's broken */
		bch_cache_set_error(c, "%s", err);

Admin message