On Thu, Jul 04, 2019 at 05:47:50PM +0100, Colin Ian King wrote:
> >> tmp_ulist = ulist_alloc(GFP_KERNEL);
> >> if (!roots || !tmp_ulist) {
> >> ret = -ENOMEM;
> >> + btrfs_free_path(path);
> >
> > This fixes only one leak, therere are more that I spotted while
> > reviewing this patch. The gotos from the while-loop jump to
> > out_free_list but that leave the path behind>
> > That's why the exit block is a better place for the cleanups. This
> > requires proper nesting of the cleanup calls, that's slightly
> > inconvenient in this case. The free_path is before call to
> > unlock_extent_cached so when the ordre is switched and free_path moved
> > to out_free_ulist, then all the leaks are addressed in one go.
>
> Oh, yes. Even static analysis missed that too!
>
> > Bummer that the leaks escaped sight of original patch author (me), 2
> > reviewers and now 1 fix reviewer.
> >
> Given that you can see more issues, I'll leave the fix in your capable
> hands.
This
--- a/fs/btrfs/extent_io.c
+++ b/fs/btrfs/extent_io.c
@@ -4764,11 +4764,11 @@ int extent_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
ret = emit_last_fiemap_cache(fieinfo, &cache);
free_extent_map(em);
out:
- btrfs_free_path(path);
unlock_extent_cached(&BTRFS_I(inode)->io_tree, start, start + len - 1,
&cached_state);
out_free_ulist:
+ btrfs_free_path(path);
ulist_free(roots);
ulist_free(tmp_ulist);
return ret;
---
should fix it.
