[LU-5177] object leak in mdt_open_by_fid_lock() Created: 11/Jun/14 Updated: 26/Jun/14 Resolved: 26/Jun/14 |
|
| Status: | Resolved |
| Project: | Lustre |
| Component/s: | None |
| Affects Version/s: | Lustre 2.6.0 |
| Fix Version/s: | Lustre 2.6.0 |
| Type: | Bug | Priority: | Blocker |
| Reporter: | John Hammond | Assignee: | Mikhail Pershin |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | mdt | ||
| Issue Links: |
|
||||||||||||
| Severity: | 3 | ||||||||||||
| Rank (Obsolete): | 14371 | ||||||||||||
| Description |
|
In mdt_open_by_fid_lock() parent may be leaked if the second call to mdt_object_find() fails. int mdt_open_by_fid_lock(struct mdt_thread_info *info, struct ldlm_reply *rep,
struct mdt_lock_handle *lhc)
{
const struct lu_env *env = info->mti_env;
struct mdt_device *mdt = info->mti_mdt;
__u64 flags = info->mti_spec.sp_cr_flags;
struct mdt_reint_record *rr = &info->mti_rr;
struct md_attr *ma = &info->mti_attr;
struct mdt_object *parent= NULL;
struct mdt_object *o;
int rc;
__u64 ibits = 0;
ENTRY;
if (md_should_create(flags) && !(flags & MDS_OPEN_HAS_EA)) {
if (!lu_fid_eq(rr->rr_fid1, rr->rr_fid2)) {
parent = mdt_object_find(env, mdt, rr->rr_fid1);
if (IS_ERR(parent)) {
CDEBUG(D_INODE, "Fail to find parent "DFID
" for anonymous created %ld, try to"
" use server-side parent.\n",
PFID(rr->rr_fid1), PTR_ERR(parent));
parent = NULL;
}
}
if (parent == NULL)
ma->ma_need |= MA_PFID;
}
o = mdt_object_find(env, mdt, rr->rr_fid2);
if (IS_ERR(o))
RETURN(rc = PTR_ERR(o));
|
| Comments |
| Comment by John Hammond [ 11/Jun/14 ] |
|
Also in mdt_intent_layout() static int mdt_intent_layout(enum mdt_it_code opcode,
struct mdt_thread_info *info,
struct ldlm_lock **lockp,
__u64 flags)
{
...
struct mdt_object *obj = NULL;
...
fid = &info->mti_tmp_fid2;
fid_extract_from_res_name(fid, &(*lockp)->l_resource->lr_name);
obj = mdt_object_find(info->mti_env, info->mti_mdt, fid);
if (IS_ERR(obj))
RETURN(PTR_ERR(obj));
if (mdt_object_exists(obj) && !mdt_object_remote(obj)) {
/* get the length of lsm */
rc = mdt_attr_get_eabuf_size(info, obj);
if (rc < 0)
RETURN(rc); /* <---------------------------------- HERE */
if (rc > info->mti_mdt->mdt_max_mdsize)
info->mti_mdt->mdt_max_mdsize = rc;
}
mdt_object_put(info->mti_env, obj);
|
| Comment by John Hammond [ 11/Jun/14 ] |
|
In mdt_md_create() child is passed to mdt_create_pack_capa() after being released. |
| Comment by Andreas Dilger [ 17/Jun/14 ] |
|
Mike, any progress on this issue? It is listed as a 2.6.0 blocker. |
| Comment by Mikhail Pershin [ 19/Jun/14 ] |
| Comment by Jodi Levi (Inactive) [ 26/Jun/14 ] |
|
Patch landed to Master. |