Skip to content

Commit

Permalink
btrfs: fix transaction leak in btrfs_recover_relocation
Browse files Browse the repository at this point in the history 
btrfs_recover_relocation() invokes btrfs_join_transaction(), which joins
a btrfs_trans_handle object into transactions and returns a reference of
it with increased refcount to "trans".

When btrfs_recover_relocation() returns, "trans" becomes invalid, so the
refcount should be decreased to keep refcount balanced.

The reference counting issue happens in one exception handling path of
btrfs_recover_relocation(). When read_fs_root() failed, the refcnt
increased by btrfs_join_transaction() is not decreased, causing a refcnt
leak.

Fix this issue by calling btrfs_end_transaction() on this error path
when read_fs_root() failed.

Fixes: 79787ea ("btrfs: replace many BUG_ONs with proper error handling")
CC: [email protected] # 4.4+
Reviewed-by: Filipe Manana <[email protected]>
Signed-off-by: Xiyu Yang <[email protected]>
Signed-off-by: Xin Tan <[email protected]>
Signed-off-by: David Sterba <[email protected]>
  • Loading branch information
@sherlly @kdave
sherlly authored and kdave committed Apr 23, 2020
1 parent f6033c5 commit 1402d17
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions fs/btrfs/relocation.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4559,6 +4559,7 @@ int btrfs_recover_relocation(struct btrfs_root *root)
if (IS_ERR(fs_root)) {
err = PTR_ERR(fs_root);
list_add_tail(&reloc_root->root_list, &reloc_roots);
btrfs_end_transaction(trans);
goto out_unset;
}

Expand Down

0 comments on commit 1402d17

Please sign in to comment.