diff options
| author | Krutika Dhananjay <kdhananj@redhat.com> | 2016-12-03 09:09:15 +0530 |
|---|---|---|
| committer | Pranith Kumar Karampuri <pkarampu@redhat.com> | 2016-12-04 17:28:40 -0800 |
| commit | c89cb610f51e7a5df5c4b7e9378a7ac8ac513e46 (patch) | |
| tree | 1ddaeb27a9ba9d24ca9efa290bc76e393e798a0e /xlators/cluster | |
| parent | 55ddf8c6b665d0b2ed024b984e871a68b25cffbf (diff) | |
afr, client: More mem-leak fixes in COMPOUND fop cbk
Bugs found and fixed:
1. Use correct subvolume index in pre-op-writev compound cbk
2. Prevent use-after-free of local->compound_args members in
compound fops cbk in protocol/client
3. Fix xdata and xattr leaks in client_process_response
4. Fix possible leak of xdata in client_pre_writev() in
test mode.
5. Free req->compound_req_array.compound_req_array_val as well
after freeing its members
6. Free tmp_rsp->flock.lk_owner.lk_owner_val in LK fop.
Change-Id: I15b646d7d4e0e5cd4ea3d2d6452c815cf2eaf68f
BUG: 1401218
Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com>
Reviewed-on: http://review.gluster.org/16020
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Diffstat (limited to 'xlators/cluster')
| -rw-r--r-- | xlators/cluster/afr/src/afr-common.c | 12 | ||||
| -rw-r--r-- | xlators/cluster/afr/src/afr-transaction.c | 25 | ||||
| -rw-r--r-- | xlators/cluster/afr/src/afr.h | 5 |
3 files changed, 22 insertions, 20 deletions
diff --git a/xlators/cluster/afr/src/afr-common.c b/xlators/cluster/afr/src/afr-common.c index aa50e505afe..bce955cfd03 100644 --- a/xlators/cluster/afr/src/afr-common.c +++ b/xlators/cluster/afr/src/afr-common.c @@ -5896,18 +5896,6 @@ afr_pack_fop_args (call_frame_t *frame, compound_args_t *args, return NULL; } -void -afr_compound_cleanup (compound_args_t *args, dict_t *xdata, - dict_t *newloc_xdata) -{ - if (args) - compound_args_cleanup (args); - if (xdata) - dict_unref (xdata); - if (newloc_xdata) - dict_unref (newloc_xdata); -} - int afr_fav_child_reset_sink_xattrs_cbk (int ret, call_frame_t *heal_frame, void *opaque) diff --git a/xlators/cluster/afr/src/afr-transaction.c b/xlators/cluster/afr/src/afr-transaction.c index d23654d8354..bedc4069f09 100644 --- a/xlators/cluster/afr/src/afr-transaction.c +++ b/xlators/cluster/afr/src/afr-transaction.c @@ -1272,7 +1272,7 @@ afr_pre_op_writev_cbk (call_frame_t *frame, void *cookie, xlator_t *this, NULL, NULL, NULL); } else { write_args_cbk = &args_cbk->rsp_list[1]; - afr_inode_write_fill (frame, this, (long) i, + afr_inode_write_fill (frame, this, (long) child_index, write_args_cbk->op_ret, write_args_cbk->op_errno, &write_args_cbk->prestat, @@ -1283,6 +1283,8 @@ afr_pre_op_writev_cbk (call_frame_t *frame, void *cookie, xlator_t *this, call_count = afr_frame_return (frame); if (call_count == 0) { + compound_args_cleanup (local->c_args); + local->c_args = NULL; afr_process_post_writev (frame, this); if (!afr_txn_nothing_failed (frame, this)) { /* Don't unwind until post-op is complete */ @@ -1374,6 +1376,8 @@ afr_pre_op_fop_do (call_frame_t *frame, xlator_t *this, dict_t *xattr, */ compound_cbk = afr_pack_fop_args (frame, args, local->op, i); + local->c_args = args; + for (i = 0; i < priv->child_count; i++) { /* Means lock did not succeed on this brick */ if (!local->transaction.pre_op[i]) @@ -1389,7 +1393,10 @@ afr_pre_op_fop_do (call_frame_t *frame, xlator_t *this, dict_t *xattr, break; } - afr_compound_cleanup (args, xdata, newloc_xdata); + if (xdata) + dict_unref (xdata); + if (newloc_xdata) + dict_unref (newloc_xdata); return 0; err: local->internal_lock.lock_cbk = local->transaction.done; @@ -1399,7 +1406,10 @@ err: afr_restore_lk_owner (frame); afr_unlock (frame, this); - afr_compound_cleanup (args, xdata, newloc_xdata); + if (xdata) + dict_unref (xdata); + if (newloc_xdata) + dict_unref (newloc_xdata); return 0; } @@ -1428,6 +1438,8 @@ afr_post_op_unlock_cbk (call_frame_t *frame, void *cookie, xlator_t *this, UNLOCK (&frame->lock); if (call_count == 0) { + compound_args_cleanup (local->c_args); + local->c_args = NULL; if (local->transaction.resume_stub) { call_resume (local->transaction.resume_stub); local->transaction.resume_stub = NULL; @@ -1509,6 +1521,8 @@ afr_post_op_unlock_do (call_frame_t *frame, xlator_t *this, dict_t *xattr, } } + local->c_args = args; + for (i = 0; i < priv->child_count; i++) { /* pre_op[i] has to be true for all nodes that were * successfully locked. */ @@ -1524,7 +1538,10 @@ afr_post_op_unlock_do (call_frame_t *frame, xlator_t *this, dict_t *xattr, break; } out: - afr_compound_cleanup (args, xdata, newloc_xdata); + if (xdata) + dict_unref (xdata); + if (newloc_xdata) + dict_unref (newloc_xdata); return 0; } diff --git a/xlators/cluster/afr/src/afr.h b/xlators/cluster/afr/src/afr.h index dcc162f97c3..eaad64a4f40 100644 --- a/xlators/cluster/afr/src/afr.h +++ b/xlators/cluster/afr/src/afr.h @@ -805,6 +805,7 @@ typedef struct _afr_local { gf_boolean_t need_full_crawl; gf_boolean_t compound; afr_fop_lock_state_t fop_lock_state; + compound_args_t *c_args; } afr_local_t; @@ -1233,10 +1234,6 @@ afr_is_inodelk_transaction(afr_local_t *local); afr_fd_ctx_t * __afr_fd_ctx_get (fd_t *fd, xlator_t *this); -void -afr_compound_cleanup (compound_args_t *args, dict_t *xdata, - dict_t *newloc_xdata); - gf_boolean_t afr_is_inode_refresh_reqd (inode_t *inode, xlator_t *this, int event_gen1, int event_gen2); |